#!/bin/sh -efu
#
# Configures the system bootloader to load the kernel in
# IMA off mode and reboots the system.
#
# Copyright (C) 2023  Denis Medvedev.
# Copyright (C) 2024  Paul Wolneykien.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
. shell-error
. shell-make-config

PROG="${0##*/}"
VERSION="0.7.7"

#shellcheck disable=SC2034
verbose=y

usage()
{
    [ "$1" = 0 ] || exec >&2
    echo "Usage: $PROG -h | --help, -V | --version"
    exit "${1:-0}"
}

TEMP="$(getopt -n "$PROG" -o hV -l help,version -- "$@")" || usage 1
eval set -- "$TEMP"

while :; do
    case "$1" in
        -h|--help)
	    usage 0
            ;;
	-V|--version)
	    cat <<EOF
$VERSION 2024
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
EOF
	    exit 0
	    ;;
        --)
	    shift
	    break
            ;;
        *)
	    message "$PROG: unrecognized option: $1" >&2
	    usage 1
            ;;
    esac
    shift
done

verbose  "Applying changes to the bootloader configuration..."
control ima_appraise off

verbose  "Removing integrity feature from initrd..."
del_make_value /etc/initrd.mk FEATURES integrity
del_make_value /etc/initrd.mk INTEGRITY_FEATURES
make-initrd

verbose "Rebooting..."
reboot -fp
