#!/bin/sh
# Service start/stop avc finder utility
# Copyright (c) 2006 Steve Grubb. ALL RIGHTS RESERVED.
# sgrubb@redhat.com
#
# This software may be freely redistributed under the terms of the GNU
# public license Version 2.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

# This program will scan all files in /etc/rc.d/init.d and check the
# status of each service. If its on, it will turn it off and then on. If
# its off, it will turn it on and off. After each one, it will check for
# avcs.

# List of services that we should skip for various reasons
serv_skip_list="auditd|firstboot|functions|halt|killall|single|ypbind"
files=`ls /etc/rc.d/init.d/ | egrep -v $serv_skip_list`

for f in $files
do
	# get time
	ts=`date +"%T"`
	service $f status | grep -i running >/dev/null 2>&1
	if [ "$?" -ne 0 ] ; then
		# service is stopped
		service $f start >/dev/null 2>&1
		sleep 5
		service $f stop >/dev/null 2>&1
	else
		# service is running
		service $f stop >/dev/null 2>&1
		sleep 5
		service $f start >/dev/null 2>&1
	fi
	sleep 1
	te=`date +"%T"`
	avcs=`ausearch -m avc,user_avc -ts $ts -te $te 2>/dev/null` 
	if [ $? -eq 0 ] ; then
		echo "AVCs found for service $f - audit2allow:"
		echo $avcs | audit2allow 1>&2
	else
		echo "Service $f is OK" 
	fi
done

echo "This test may have made daemons unstable, do you want to reboot? [y/n]"
read ANS
if [ x"`echo $ANS | grep [Yy]`" != "x" ] ; then
	reboot
fi