From c89e0b4d2008e930af4fe428ef4a954384e150ce Mon Sep 17 00:00:00 2001
From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Sun, 16 Jul 2023 02:00:01 +0200
Subject: [PATCH] guix-install.sh: Install SELinux policy only if tools are
 present.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* etc/guix-install.sh (sys_maybe_setup_selinux): Silently return if
the ‘semodule’ or ‘restorecon’ commands are missing.
---
 etc/guix-install.sh | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/etc/guix-install.sh b/etc/guix-install.sh
index fc14471f1a..10645ac7ac 100755
--- a/etc/guix-install.sh
+++ b/etc/guix-install.sh
@@ -600,15 +600,26 @@ fi
 
 sys_maybe_setup_selinux()
 {
-    if [ -f /sys/fs/selinux/policy ]
+    if ! [ -f /sys/fs/selinux/policy ]
     then
-	prompt_yes_no "Install SELinux policy required to run guix-daemon?" \
-	    || return
-
-	local var_guix=/var/guix/profiles/per-user/root/current-guix
-	semodule -i "${var_guix}/share/selinux/guix-daemon.cil"
-	restorecon -R /gnu /var/guix
+	return
     fi
+
+    local c
+    for c in semodule restorecon
+    do
+        if ! command -v "$c" &>/dev/null
+	then
+	    return
+	fi
+    done
+
+    prompt_yes_no "Install SELinux policy that might be required to run guix-daemon?" \
+	|| return
+
+    local var_guix=/var/guix/profiles/per-user/root/current-guix
+    semodule -i "${var_guix}/share/selinux/guix-daemon.cil"
+    restorecon -R /gnu /var/guix
 }
 
 welcome()