Add rules for container domains to make writing custom policy easier

Allow shell_exec_t as a container_runtime_t entrypoint
2018-03-14 09:39:06 -04:00 · 2018-03-14 09:39:06 -04:00 · 37b78d28ce
commit 37b78d28ce
parent 69afd19c0a
3 changed files with 8 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -43,3 +43,4 @@
 /container-selinux-fd7d508.tar.gz
 /container-selinux-fd50128.tar.gz
 /container-selinux-bdc0137.tar.gz
+/container-selinux-55c7d4d.tar.gz
--- a/container-selinux.spec
+++ b/container-selinux.spec
@ -3,7 +3,7 @@
 # container-selinux
 %global git0 https://github.com/projectatomic/container-selinux
 %if 0%{?fedora} || 0%{?rhel} > 7
-%global commit0 bdc0137288e5fe3616c32cd0a02de9aee1503897
+%global commit0 55c7d4dfeb063bd6177ebe2e4c5b8c466facdb16
 %else
 # use upstream's RHEL-1.12 branch for CentOS 7
 %global commit0 56c32da8a72f9e7af5daeaebac5b887830d123b1
@ -35,7 +35,7 @@ Name: container-selinux
 %if 0%{?fedora} || 0%{?centos} || 0%{?rhel} > 7
 Epoch: 2
 %endif
-Version: 2.52
+Version: 2.54
 Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
@ -117,6 +117,10 @@ fi
 %{_datadir}/selinux/*

 %changelog
+* Wed Mar 14 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.54-1
+-  Add rules for container domains to make writing custom policy easier
+-  Allow shell_exec_t as a container_runtime_t entrypoint
+
 * Thu Mar 8 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.52-1
 - Add rules for container domains to make writing custom policy easier

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (container-selinux-bdc0137.tar.gz) = 011891936937ad62122f4026e4247d8dbb3ae7c9317d37e419438924e8c4f37d9092f5f3739cd9ca9de526445c4a7a147a956646c852ef1abd9e4f456e77594b
+SHA512 (container-selinux-55c7d4d.tar.gz) = d148367e0e1112cb7430e891e5e6d29ca2edfe4af8ad7ca495938b2e1aed4354f41e5e0426c3ff96bf8f8c06a86ae6ef7f88207970009fe0cb1a6b67a5e75e3a