Allow the container runtime to dbus chat with dnsmasq

add dontaudit rules for container trying to write to /proc
2017-10-26 11:38:02 +00:00 · 2017-10-26 11:38:02 +00:00 · 31963a3bb5
commit 31963a3bb5
parent b99f18b8ce
3 changed files with 8 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -22,3 +22,4 @@
 /container-selinux-e37e93d.tar.gz
 /container-selinux-de38c07.tar.gz
 /container-selinux-0620186.tar.gz
+/container-selinux-47e0448.tar.gz
--- a/container-selinux.spec
+++ b/container-selinux.spec
@ -3,7 +3,7 @@
 # container-selinux
 %global git0 https://github.com/projectatomic/container-selinux
 %if 0%{?fedora} || 0%{?rhel} > 7
-%global commit0 0620186b7396af617fa0f570e82e875e5b3ac8d7
+%global commit0 47e0448a47a97cddbb66fd35d8ae536f980307f1
 %else
 # use upstream's RHEL-1.12 branch for CentOS 7
 %global commit0 56c32da8a72f9e7af5daeaebac5b887830d123b1
@ -35,7 +35,7 @@ Name: container-selinux
 %if 0%{?fedora} || 0%{?centos} || 0%{?rhel} > 7
 Epoch: 2
 %endif
-Version: 2.29
+Version: 2.31
 Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
@ -118,6 +118,10 @@ fi
 %{_datadir}/selinux/*

 %changelog
+* Thu Oct 26 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.31-1
+- Allow the container runtime to dbus chat with dnsmasq
+- add dontaudit rules for container trying to write to /proc
+
 * Tue Oct 10 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.29-1
 - Add support for lxcd
 - Add support for labeling of tmpfs storage created within a container.
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (container-selinux-0620186.tar.gz) = e28dfec9ae2444714314eb77fd74b5ddb41cb044b1806d8096a796f3a9b765d78cbf2d2b156ef7e16f87e7ee0fcbf511074042b6fe6cde09cc989c6b23ea1bea
+SHA512 (container-selinux-47e0448.tar.gz) = 675b11109c33a2e7ecfbf67828f80c4f7a7245605024f76394d4b55351de2d8f3009058f7842d6f20eb9845b5a0d56cb395c48f9e5387935b8ad973e342397fe