Allow containers to name_bind to rawip_sockets.

2019-08-09 15:10:42 -04:00 · 2019-08-09 15:10:42 -04:00 · 3125beb1b1
commit 3125beb1b1
parent 7390ff8b05
3 changed files with 7 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -100,3 +100,4 @@
 /container-selinux-544d71f.tar.gz
 /container-selinux-9a75deb.tar.gz
 /container-selinux-b68cf19.tar.gz
+/container-selinux-4f7d6bb.tar.gz
--- a/container-selinux.spec
+++ b/container-selinux.spec
@ -2,7 +2,7 @@

 # container-selinux
 %global git0 https://github.com/containers/container-selinux
-%global commit0 b68cf19f1c6c920994becf8aa0dc141dec77de2a
+%global commit0 4f7d6bb78724eb2fccd40bbaf96a668a94acc5ce
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})

 # container-selinux stuff (prefix with ds_ for version/release etc.)
@ -27,7 +27,7 @@ Name: container-selinux
 %if 0%{?fedora}
 Epoch: 2
 %endif
-Version: 2.112.0
+Version: 2.113.0
 Release: 1.dev.git%{shortcommit0}%{?dist}
 License: GPLv2
 URL: %{git0}
@ -111,6 +111,9 @@ fi

 # Hooked up to autobuilder, please check with @lsm5 before updating
 %changelog
+* Fri Aug 9 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.113-1
+- Allow containers to name_bind to rawip_sockets.
+
 * Thu Aug 8 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.112-1
 - Allow containers to use fusefs_t entrypoint
 - Dontaudit attempts to setattr on devicenodes.
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (container-selinux-b68cf19.tar.gz) = 25c3133277f55935ca19bdb1703079ba245def284d00c749464626d16d9ca2056dc7e9b6d806ccdf65825e3defc32540c7fbf6acdfc50c430c0da5a80a39e20f
+SHA512 (container-selinux-4f7d6bb.tar.gz) = 74c509d0bec92d693f6673610f09346cb8b82520f178a8713064d020f1428e28e23a36200e40fe8db2fff2d1d6117f6ea33cb823a5114ad3041b222066779061