Allow bin_t as a container_runtime_t entrypoint

Add rules for running container runtimes on mls
2018-03-07 05:59:10 +00:00 · 2018-03-07 05:59:10 +00:00 · 5a5bf66b86
commit 5a5bf66b86
parent 9a7a65d0b5
3 changed files with 8 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -40,3 +40,4 @@
 /container-selinux-2377c73.tar.gz
 /container-selinux-aece4ff.tar.gz
 /container-selinux-663e003.tar.gz
+/container-selinux-fd7d508.tar.gz
--- a/container-selinux.spec
+++ b/container-selinux.spec
@ -3,7 +3,7 @@
 # container-selinux
 %global git0 https://github.com/projectatomic/container-selinux
 %if 0%{?fedora} || 0%{?rhel} > 7
-%global commit0 663e003b8797564398648b20ad41cf094f87a86e
+%global commit0 fd7d5085365c3a04e601debbdb0c7f1ceb32afb7
 %else
 # use upstream's RHEL-1.12 branch for CentOS 7
 %global commit0 56c32da8a72f9e7af5daeaebac5b887830d123b1
@ -35,7 +35,7 @@ Name: container-selinux
 %if 0%{?fedora} || 0%{?centos} || 0%{?rhel} > 7
 Epoch: 2
 %endif
-Version: 2.48
+Version: 2.50
 Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
@ -117,6 +117,10 @@ fi
 %{_datadir}/selinux/*

 %changelog
+* Wed Mar 7 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.50-1
+- Allow bin_t as a container_runtime_t entrypoint
+- Add rules for running container runtimes on mls
+
 * Thu Feb 15 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.48-1
 - Allow container domains to map container_file_t directories

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (container-selinux-663e003.tar.gz) = e81b7b8e61e09ddb0ffdfe95b7135b3cf9d10719e325b9349364aad7c805e0944ee5baddb8763bf19202537ed8439c255259ec87cc32457da867a10d97cd8d4a
+SHA512 (container-selinux-fd7d508.tar.gz) = 3c627b973db2e86bdd389463fc5f2298740472117e02b76c18a35ec266b273b5e2d2b35212f3d307d80f586f24f767a78850772250d5b773969ef48568043343