container-selinux-2.151.0-1.el9

- update to
  https://github.com/containers/container-selinux/releases/tag/v2.151.0

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
This commit is contained in:
Jindrich Novy 2020-12-04 17:38:47 +01:00
parent 79c578ecda
commit 92ff5a34fa
3 changed files with 131 additions and 669 deletions

148
.gitignore vendored
View File

@ -1,147 +1 @@
/container-selinux-513572d.tar.gz
/container-selinux-bcdcb9a.tar.gz
/container-selinux-3bbbad5.tar.gz
/container-selinux-b9809fa.tar.gz
/container-selinux-ba28054.tar.gz
/container-selinux-9e004af.tar.gz
/container-selinux-ce95ddb.tar.gz
/container-selinux-f7333f9.tar.gz
/container-selinux-08bb6e0.tar.gz
/container-selinux-8f8caa6.tar.gz
/container-selinux-14f7c51.tar.gz
/container-selinux-c81ea26.tar.gz
/container-selinux-9027f8e.tar.gz
/container-selinux-ed3082b.tar.gz
/container-selinux-5212fea.tar.gz
/container-selinux-a80afba.tar.gz
/container-selinux-c5fd77f.tar.gz
/container-selinux-c89e9b5.tar.gz
/container-selinux-58324f3.tar.gz
/container-selinux-81ff96c.tar.gz
/container-selinux-a9260d4.tar.gz
/container-selinux-e37e93d.tar.gz
/container-selinux-de38c07.tar.gz
/container-selinux-0620186.tar.gz
/container-selinux-47e0448.tar.gz
/container-selinux-b430a71.tar.gz
/container-selinux-0b666c4.tar.gz
/container-selinux-7fe0136.tar.gz
/container-selinux-dca3b87.tar.gz
/container-selinux-f9a30e8.tar.gz
/container-selinux-d985665.tar.gz
/container-selinux-8ba32a4.tar.gz
/container-selinux-26c642a.tar.gz
/container-selinux-96e58bf.tar.gz
/container-selinux-599072a.tar.gz
/container-selinux-231b213.tar.gz
/container-selinux-d148550.tar.gz
/container-selinux-dfcc97d.tar.gz
/container-selinux-38a982b.tar.gz
/container-selinux-2377c73.tar.gz
/container-selinux-aece4ff.tar.gz
/container-selinux-663e003.tar.gz
/container-selinux-fd7d508.tar.gz
/container-selinux-fd50128.tar.gz
/container-selinux-bdc0137.tar.gz
/container-selinux-55c7d4d.tar.gz
/container-selinux-d248f91.tar.gz
/container-selinux-d213769.tar.gz
/container-selinux-701557f.tar.gz
/container-selinux-97f8dfc.tar.gz
/container-selinux-9b55129.tar.gz
/container-selinux-1ecf953.tar.gz
/container-selinux-284f9e7.tar.gz
/container-selinux-d346375.tar.gz
/container-selinux-bf5b26b.tar.gz
/container-selinux-dfaf8fd.tar.gz
/container-selinux-8ecc282.tar.gz
/container-selinux-0407867.tar.gz
/container-selinux-042f7cf.tar.gz
/container-selinux-25277c8.tar.gz
/container-selinux-c139a3d.tar.gz
/container-selinux-452b90d.tar.gz
/container-selinux-4e73492.tar.gz
/container-selinux-5721d74.tar.gz
/container-selinux-d7a3f33.tar.gz
/container-selinux-a62c2db.tar.gz
/container-selinux-99e2cfd.tar.gz
/container-selinux-87fae85.tar.gz
/container-selinux-5133af6.tar.gz
/container-selinux-2c57a17.tar.gz
/container-selinux-1362777.tar.gz
/container-selinux-6f01752.tar.gz
/container-selinux-1b655d9.tar.gz
/container-selinux-484806a.tar.gz
/container-selinux-21c2be6.tar.gz
/container-selinux-5e1f62f.tar.gz
/container-selinux-ec6fcad.tar.gz
/container-selinux-eb60838.tar.gz
/container-selinux-92af7fd.tar.gz
/container-selinux-c178849.tar.gz
/container-selinux-891a85f.tar.gz
/container-selinux-2c1a2ab.tar.gz
/container-selinux-5c98b56.tar.gz
/container-selinux-2521d0d.tar.gz
/container-selinux-619db17.tar.gz
/container-selinux-acc6941.tar.gz
/container-selinux-1e99f1d.tar.gz
/container-selinux-e3ebc68.tar.gz
/container-selinux-a6c9822.tar.gz
/container-selinux-aa7b807.tar.gz
/container-selinux-9a53d6c.tar.gz
/container-selinux-3b78187.tar.gz
/container-selinux-b0061dc.tar.gz
/container-selinux-1c24dcb.tar.gz
/container-selinux-b275a1f.tar.gz
/container-selinux-7baad79.tar.gz
/container-selinux-fc7111d.tar.gz
/container-selinux-453b816.tar.gz
/container-selinux-db771da.tar.gz
/container-selinux-544d71f.tar.gz
/container-selinux-9a75deb.tar.gz
/container-selinux-b68cf19.tar.gz
/container-selinux-4f7d6bb.tar.gz
/container-selinux-028ab00.tar.gz
/container-selinux-fddfbbb.tar.gz
/container-selinux-c5ef5ac.tar.gz
/container-selinux-bfde70a.tar.gz
/container-selinux-79bdcb5.tar.gz
/container-selinux-b383f07.tar.gz
/container-selinux-2ecb2a8.tar.gz
/container-selinux-6fb6dcf.tar.gz
/container-selinux-a233788.tar.gz
/container-selinux-4560dd4.tar.gz
/container-selinux-661a904.tar.gz
/container-selinux-0b25a4a.tar.gz
/container-selinux-f958d0c.tar.gz
/container-selinux-5624558.tar.gz
/container-selinux-b321ea4.tar.gz
/container-selinux-fde876b.tar.gz
/container-selinux-ae0720d.tar.gz
/container-selinux-867a377.tar.gz
/container-selinux-6caf15d.tar.gz
/container-selinux-363646f.tar.gz
/container-selinux-f00d1f4.tar.gz
/container-selinux-fd55ae0.tar.gz
/container-selinux-9ce0dac.tar.gz
/container-selinux-448dfbf.tar.gz
/container-selinux-0a878bd.tar.gz
/container-selinux-ff26015.tar.gz
/container-selinux-0d99e89.tar.gz
/container-selinux-441172a.tar.gz
/container-selinux-6b721da.tar.gz
/container-selinux-9884317.tar.gz
/container-selinux-8c26927.tar.gz
/container-selinux-965c7fb.tar.gz
/container-selinux-2750e78.tar.gz
/container-selinux-fe6a25c.tar.gz
/container-selinux-e2d5a9e.tar.gz
/container-selinux-746ea7a.tar.gz
/container-selinux-5d929d4.tar.gz
/container-selinux-464e922.tar.gz
/container-selinux-2908536.tar.gz
/container-selinux-9fb1698.tar.gz
/container-selinux-3c361a2.tar.gz
/container-selinux-9b3b66f.tar.gz
/container-selinux-0ef4703.tar.gz
/container-selinux-5d3c461.tar.gz
/*.tar.gz

View File

@ -2,8 +2,6 @@
# container-selinux
%global git0 https://github.com/containers/container-selinux
%global commit0 5d3c4619490947240f648330ce0c51a1a1830911
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
# container-selinux stuff (prefix with ds_ for version/release etc.)
# Some bits borrowed from the openstack-selinux package
@ -16,38 +14,44 @@
# Format must contain '$x' somewhere to do anything useful
%global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
# Hooked up to autobuilder, please check with @lsm5 before updating
Name: container-selinux
%if 0%{?fedora}
# Version of SELinux we were using
%global selinux_policyver 3.14.3-9.el8
Epoch: 2
%endif
Name: container-selinux
Version: 2.151.0
Release: 2.dev.git%{shortcommit0}%{?dist}
Release: 1%{?dist}
License: GPLv2
URL: %{git0}
Summary: SELinux policies for container runtimes
Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
Source0: %{git0}/archive/v%{version}.tar.gz
BuildArch: noarch
BuildRequires: git
BuildRequires: pkgconfig(systemd)
BuildRequires: selinux-policy >= %_selinux_policy_version
BuildRequires: selinux-policy-devel >= %_selinux_policy_version
BuildRequires: selinux-policy >= %{selinux_policyver}
BuildRequires: selinux-policy-devel >= %{selinux_policyver}
# RE: rhbz#1195804 - ensure min NVR for selinux-policy
Requires: selinux-policy >= %_selinux_policy_version
Requires(post): selinux-policy-base >= %_selinux_policy_version
Requires(post): selinux-policy-targeted >= %_selinux_policy_version
Requires(post): policycoreutils
Requires: selinux-policy >= %{selinux_policyver}
Requires(post): selinux-policy-base >= %{selinux_policyver}
Requires(post): selinux-policy-targeted >= %{selinux_policyver}
Requires(post): policycoreutils >= 2.5-11
%if 0%{?rhel} > 7 || 0%{?fedora}
Requires(post): policycoreutils-python-utils
%else
Requires(post): policycoreutils-python
%endif
Requires(post): libselinux-utils
Requires(post): sed
Obsoletes: %{name} <= 2:1.12.5-13
Obsoletes: %{name} <= 2:1.12.5-14
Obsoletes: docker-selinux <= 2:1.12.4-28
Provides: docker-selinux = %{?epoch:%{epoch}:}%{version}-%{release}
Provides: docker-selinux = %{epoch}:%{version}-%{release}
Provides: docker-engine-selinux = %{epoch}:%{version}-%{release}
%description
SELinux policy modules for use with container runtimes.
%prep
%autosetup -Sgit -n %{name}-%{commit0}
%autosetup -Sgit
%build
make
@ -62,6 +66,9 @@ install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages
install -d %{buildroot}/%{_datadir}/containers/selinux
install -m 644 container_contexts %{buildroot}/%{_datadir}/containers/selinux/contexts
# remove spec file
rm -rf %{name}.spec
%check
%pre
@ -78,12 +85,12 @@ fi
%{_sbindir}/semodule -n -s %{selinuxtype} -d gear 2> /dev/null
%selinux_modules_install -s %{selinuxtype} $MODULES
. %{_sysconfdir}/selinux/config
sed -e "\|container_file_t|h; \${x;s|container_file_t||;{g;t};a\\" -e "container_file_t" -e "}" -i /etc/selinux/${SELINUXTYPE}/contexts/customizable_types
sed -e "\|container_file_t|h; \${x;s|container_file_t||;{g;t};a\\" -e "container_file_t" -e "}" -i /etc/selinux/${SELINUXTYPE}/contexts/customizable_types > /dev/null 2>&1
matchpathcon -qV %{_sharedstatedir}/containers || restorecon -R %{_sharedstatedir}/containers &> /dev/null || :
%postun
if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s %{selinuxtype} %{modulenames} docker
%selinux_modules_uninstall -s %{selinuxtype} %{modulenames} docker
fi
%posttrans
@ -97,430 +104,91 @@ fi
%{_datadir}/selinux/*
%dir %{_datadir}/containers/selinux
%{_datadir}/containers/selinux/contexts
# Currently shipped in selinux-policy-doc
#%%{_datadir}/man/man8/container_selinux.8.gz
# Hooked up to autobuilder, please check with @lsm5 before updating
%changelog
* Thu Nov 5 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.151.0-2.dev.git5d3c461
- bump to 2.151.0
- autobuilt 5d3c461
* Tue Nov 03 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.151.0-1
- update to
https://github.com/containers/container-selinux/releases/tag/v2.151.0
* Fri Oct 23 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.150.0-2.dev.git0ef4703
- bump to 2.150.0
- autobuilt 0ef4703
* Fri Oct 23 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.150.0-1
- update to
https://github.com/containers/container-selinux/releases/tag/v2.150.0
* Thu Oct 15 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.148.0-3.dev.git9b3b66f
- autobuilt 9b3b66f
* Fri Sep 18 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.145.0-1
- update to
https://github.com/containers/container-selinux/releases/tag/v2.145.0
* Wed Oct 14 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.148.0-2.dev.git3c361a2
- bump to 2.148.0
- autobuilt 3c361a2
* Thu Sep 17 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.144.0-2
- sync with rhel8-8.3.0
* Mon Oct 12 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.147.0-2.dev.git9fb1698
- bump to 2.147.0
- autobuilt 9fb1698
* Thu Sep 17 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.144.0-1
- update to https://github.com/containers/container-selinux/releases/tag/v2.144.0
- Related: #1821193
* Thu Oct 8 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.146.0-2.dev.git2908536
- bump to 2.146.0
- autobuilt 2908536
* Fri Jun 14 2019 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.107-1
- Resolves: #1720654 - rebase to v2.107
* Thu Sep 10 18:12:36 UTC 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.145.0-2.dev.git464e922
- bump to 2.145.0
- autobuilt 464e922
* Tue Apr 30 2019 Eduardo Santiago <santiago@redhat.com> - 2:2.99-3.git9a53d6c
- strip away fs_manage_fusefs_* to resolve build-time error
* Mon Aug 31 2020 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.144.0-5.dev.git5d929d4
- Resolves: #1797554 - use _selinux_policy_version macro
* Tue Apr 23 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:2.99-2.git9a53d6c
- rebase
* Fri Aug 28 2020 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.144.0-4.dev.git5d929d4
- Resolves: #1780129 - bump min selinux-policy
* Mon Mar 11 2019 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.89-1.git2521d0d
- bump to v2.89
* Thu Aug 13 14:10:45 GMT 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.144.0-3.dev.git5d929d4
- autobuilt 5d929d4
* Fri Mar 01 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:2.87-3.git891a85f
- fix fersion number
* Wed Aug 12 15:10:04 GMT 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.144.0-2.dev.git746ea7a
- bump to 2.144.0
- autobuilt 746ea7a
* Fri Mar 01 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:2.75-2.git891a85f
- rebase
* Wed Aug 05 22:10:34 GMT 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.143.0-2.dev.gite2d5a9e
- bump to 2.143.0
- autobuilt e2d5a9e
* Tue Nov 13 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.75-1.git99e2cfd
- bump to v2.75
- built commit 99e2cfd
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.142.0-3.dev.gitfe6a25c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Oct 22 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.74-1
- Resolves: #1641655 - bump to v2.74
- built commit a62c2db
* Fri Jul 24 11:09:45 GMT 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.142.0-2.dev.gitfe6a25c
- bump to 2.142.0
- autobuilt fe6a25c
* Tue Sep 18 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:2.73-3
- tweak macro for fedora - applies to rhel8 as well
* Fri Jul 24 10:09:44 GMT 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.141.0-2.dev.git2750e78
- bump to 2.141.0
- autobuilt 2750e78
* Thu Jul 23 2020 Merlin Mathesius <mmathesi@redhat.com> - 2:2.140.0-2.dev.git965c7fb
- Cleanup usage of %%{epoch} macro to allow building for ELN
* Thu Jul 23 19:10:26 GMT 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.140.0-2.dev.git965c7fb
- bump to 2.140.0
- autobuilt 965c7fb
* Sat Jul 18 11:10:04 GMT 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.139.0-2.dev.git8c26927
- bump to 2.139.0
- autobuilt 8c26927
* Thu Jul 09 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.138.0-2.dev.git9884317
- bump to 2.138.0
- autobuilt 9884317
* Thu Jun 11 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.137.0-2.dev.git6b721da
- bump to 2.137.0
- autobuilt 6b721da
* Thu Jun 11 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.136.0-2.dev.git441172a
- bump to 2.136.0
- autobuilt 441172a
* Fri May 29 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.135.0-2.dev.git0d99e89
- bump to 2.135.0
- autobuilt 0d99e89
* Thu May 28 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.134.0-2.dev.gitff26015
- bump to 2.134.0
- autobuilt ff26015
* Mon May 11 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.132.0-3.dev.git0a878bd
- autobuilt 0a878bd
* Wed Apr 15 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.132.0-2.dev.git448dfbf
- bump to 2.132.0
- autobuilt 448dfbf
* Thu Apr 09 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.131.0-2.dev.git9ce0dac
- bump to 2.131.0
- autobuilt 9ce0dac
* Mon Apr 06 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.130.0-2.dev.gitfd55ae0
- bump to 2.130.0
- autobuilt fd55ae0
* Sun Mar 29 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.129.0-2.dev.gitf00d1f4
- bump to 2.129.0
- autobuilt f00d1f4
* Sun Mar 29 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.128.0-2.dev.git363646f
- bump to 2.128.0
- autobuilt 363646f
* Fri Mar 27 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.127.0-2.dev.git6caf15d
- bump to 2.127.0
- autobuilt 6caf15d
* Thu Mar 26 2020 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.126.0-2.dev.git867a377
- Install selinux contexts file into /usr/share/containers/selinux/contexts
* Thu Mar 26 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.126.0-2.dev.git867a377
- bump to 2.126.0
- autobuilt 867a377
* Mon Mar 23 2020 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.125.2-2.dev.gitae0720d
- bump release tag
* Mon Mar 23 2020 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.125.2-1.dev.gitae0720d
- Install container_contexts file
* Mon Mar 23 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.125.0-3.1.dev.gitfde876b
- autobuilt fde876b
* Mon Mar 23 2020 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.125.0-2.1.dev.gitb321ea4
- bump release tag for smooth upgrade path
* Fri Mar 20 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.125.0-0.1.dev.gitb321ea4
- bump to 2.125.0
- autobuilt b321ea4
* Tue Feb 11 2020 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.124.0-4.dev.git5624558
- keep functional upgrade path from f31
* Tue Feb 11 2020 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.124.0-0.4.dev.git5624558
- autobuilt 5624558
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.124.0-0.3.dev.gitf958d0c
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jan 03 2020 Jindrich Novy <jnovy@redhat.com> - 2:2.124.0-0.2.dev.gitf958d0c
- use more current selinux policy version
* Wed Dec 11 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.124.0-0.1.dev.gitf958d0c
- bump to 2.124.0
- autobuilt f958d0c
* Mon Dec 09 2019 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.123.0-0.4.dev.git0b25a4a
- run selinux_relabel_pre
* Fri Nov 29 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.123.0-0.3.dev.git0b25a4a
- autobuilt 0b25a4a
* Fri Nov 29 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.123.0-0.2.dev.git661a904
- Use selinux macros in post install scripts
* Mon Nov 25 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.123.0-0.1.dev.git661a904
- bump to 2.123.0
- autobuilt 661a904
* Fri Nov 22 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.122.0-0.1.dev.git4560dd4
- bump to 2.122.0
- autobuilt 4560dd4
* Tue Nov 19 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.120.1-0.2.dev.gita233788
- autobuilt a233788
* Wed Nov 06 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.120.1-0.1.dev.git6fb6dcf
- bump to 2.120.1
- autobuilt 6fb6dcf
* Sun Oct 27 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.119.1-0.1.dev.git2ecb2a8
- bump to 2.119.1
- autobuilt 2ecb2a8
* Thu Oct 24 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.119.0-0.1.dev.gitb383f07
- bump to 2.119.0
- autobuilt b383f07
* Fri Oct 11 2019 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.118.0-0.1.dev.git79bdcb5
- bump to 2.118.0
- autobuilt 79bdcb5
* Fri Sep 20 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.117.0-0.1.dev.gitbfde70a
- bump to 2.117.0
- autobuilt bfde70a
* Thu Sep 05 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.116.0-0.1.dev.gitc5ef5ac
- bump to 2.116.0
- autobuilt c5ef5ac
* Wed Aug 21 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.115.0-0.1.dev.gitfddfbbb
- bump to 2.115.0
- autobuilt fddfbbb
* Mon Aug 19 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.114.0-0.1.dev.git028ab00
- bump to 2.114.0
- autobuilt 028ab00
* Fri Aug 9 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.113-1
- Allow containers to name_bind to rawip_sockets.
* Thu Aug 8 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.112-1
- Allow containers to use fusefs_t entrypoint
- Dontaudit attempts to setattr on devicenodes.
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.111.0-3.1.dev.git9a75deb
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Thu Jul 18 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.111.0-2.1.dev.git9a75deb
- bump to 2.111.0
- autobuilt 9a75deb
* Wed Jul 10 2019 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2.110.0-1.1.dev.git544d71f
- bump to v2.110.0
- hook up to autobuild
* Mon Jul 8 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.109-1
- Allow containers to accept connections on all socket types
- Allow containers to connect to gssproxy stream sockets if added to container
* Fri Jun 14 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.107-1
- Allow containers to manipulate Onload files.
* Tue Jun 11 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.106-1
- Allow all unconfined domains to manage unlabeled keyrings
- Add labeling for kubernetes pods
* Mon Jun 3 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.104-1
- Set proper labeling for container volumes in SilverBlue
* Fri May 17 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.103-1
- Set proper labeling for container volumes
* Sun May 12 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.102-1
- Allow all container domains to be entered from container_file_t
* Fri May 3 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.101-1
- Allow containers to read rpm cache and rpm databse
* Tue Apr 23 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.100-1
- Allow containers running as spc_t to create unlabeled_t kernel keyrings
* Mon Apr 22 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.99-1
- Fix labeling on /var/lib/containers/storage/overlay-layers,images to be sharable.
* Mon Apr 15 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.98-1
- Allow iptables to append to container_file_t
* Fri Apr 12 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.97-1
- Allow containers to read/write sysctl_kernel_ns_last_pid_t
- Allow containers to manage fusefs sockets and named pipes
* Thu Apr 4 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.96-1
- Allow containers to read/write sysctl_kernel_ns_last_pid_t
* Mon Apr 1 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.95-1
- Allow containers to create fusefs sockets and named pipes
* Thu Mar 28 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.94-1
- Allow init_t to manage container content
- Allow container domains to create fifo_files on fusefs file systems
- Add boolean to allow containers to use ceph file systems
* Tue Mar 26 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.91-1
- Allow container runtimes to create unlabeled keyrings
* Wed Mar 20 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.90-1
- Allow containers to mount and umount fuse file systems. This will allow us
- to use buidlah within a user namespace separated container.
* Sat Mar 9 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.89-1
- Allow all container domains to have container file types entrypoint
- Add new release to fix issues with udica
- Allow container_runtime_t to dyntransition to container domains
* Sat Mar 09 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.89-5.git2521d0d
- bump to 2.89
- autobuilt 2521d0d
* Thu Mar 07 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.88-4.git5c98b56
- bump to 2.88
- autobuilt 5c98b56
* Wed Mar 06 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.87-3.git2c1a2ab
- autobuilt 2c1a2ab
* Sat Mar 02 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.87-2.git891a85f
- bump to 2.87
- autobuilt 891a85f
* Fri Mar 1 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.86-1
- Allow unconfined user and services to dyntrans to container domains, needed for CRIU
- Allow containers exectue hugetlb files.
* Thu Feb 28 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.85-1
- More allow rules to allow containers to run within containers
* Thu Feb 28 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.84-1
- More allow rules to allow containers to run within containers
* Tue Feb 26 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.82-2.git5e1f62f
- bump to 2.82
- autobuilt 5e1f62f
* Mon Feb 25 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.83-1
- Allow containers to mounton cgroup and container_file_t
* Sun Feb 10 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.82-1.nightly.git5e1f62f
- Allow confined users to use containers
* Fri Feb 08 2019 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.80-3.git21c2be6
- bump to 2.80
- autobuilt 21c2be6
* Thu Feb 7 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.81-1
- Add new labels for paths for containerd
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.80-2.git1b655d9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 22 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.80-1.nightly.git21c2be6
- Don't allow containers to talk to contianer runtime sockets
* Fri Jan 11 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.79-1
- Fix labeling on /var/lib/registries
* Thu Jan 10 2019 Dan Walsh <dwalsh@fedoraproject.org> - 2.78-1
- Fix labeling for images in docker daemon user namespace
* Mon Dec 17 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.77-1
- Allow container-runtime to setattr on fifo_file handed into container runtime.
* Tue Nov 13 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.752.75-1.dev.git99e2cfd1
- bump to 2.75
- autobuilt 99e2cfd
* Mon Nov 12 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.76-1
- Allow containers to sendto dgram socket of container runtimes
- Needed to run container runtimes in notify socket unit files.
* Tue Oct 30 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.75-1.dev.git99e2cfd
- Allow containers to use fuse file systems by default
* Fri Oct 19 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.74-1
- Allow containers to setexec themselves
* Sat Sep 22 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.73-2
- Remove requires for policycoreutils-python-utils we don't need it.
* Wed Sep 12 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.73-1
* Mon Sep 17 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:2.73-2
- moved changelog entries:
- Define spc_t as a container_domain, so that container_runtime will transition
to spc_t even when setup with nosuid.
* Wed Sep 12 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.72-1
- Allow container_runtimes to setattr on callers fifo_files
github.com/opencontainers/selinux
* Mon Aug 27 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.71-2
- Fix restorecon to not error on missing directory
* Wed Aug 22 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.71-1
- Allow unconfined_r to transition to system_r over container_runtime_exec_t
* Thu Sep 6 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.69-3
- Make sure we pull in the latest selinux-policy
* Wed Aug 22 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.70-1
- Allow unconfined_t to transition to container_runtime_t over container_runtime_exec_t
* Wed Jul 25 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.69-2
- Add map support to container-selinux for RHEL 7.5
- Dontudit attempts to write to kernel_sysctl_t
* Wed Jul 25 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.69-1
- dontaudit attempts to write to sysctl_kernel_t
* Wed Jul 18 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.68-2.gitc139a3d
- autobuilt c139a3d
* Mon Jul 16 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.67-1
* Mon Jul 16 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.68-1
- Add label for /var/lib/origin
- Add customizable_file_t to customizable_types
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.67-3.dev.git042f7cf
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Sun Jul 15 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.67-1
- Add policy for container_logreader_t
* Mon Jul 09 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.67-2.git042f7cf
- autobuilt 042f7cf
* Thu Jun 14 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.66-1
- Allow dnsmasq to dbus chat with spc_t
* Sat Jul 07 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.67-1.git0407867
- bump to 2.67
- autobuilt 0407867
* Sat Jun 30 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.66-1
- Allow container runtimes to dbus chat with systemd-resolved
* Tue Jun 12 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.64-1.gitdfaf8fd
- bump to 2.64
- autobuilt dfaf8fd
* Mon Jun 11 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.65-1
- Add new type to handle containers running with a non priv user in a userns
- allow containers to map all sockets
* Sun Jun 3 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.64-1.gitdfaf8fd
* Sun Jun 3 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.64-1
- Allow containers to create all socket classes
* Wed May 30 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.63-1
- Allow containers to create icmp packets
* Fri May 25 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.62-1.git1ecf953
- bump to 2.62
- autobuilt 1ecf953
* Thu May 24 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.62-1
- Label overlay directories under /var/lib/containers/ correctly
* Mon May 21 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.61-1
- Allow spc_t to load kernel modules from inside of container
* Mon May 21 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.60-1
- Allow containers to list cgroup directories
* Mon May 21 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.59-1
- Transition for unconfined_service_t to container_runtime_t when executing container_runtime_exec_t.
* Mon May 21 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.58-2
@ -529,82 +197,33 @@ github.com/opencontainers/selinux
* Fri May 18 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.58-1
- Add labels to allow podman to be run from a systemd unit file
* Tue Apr 17 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-12.gitd248f91
- autobuilt commit d248f91
* Mon May 7 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.57-1
- Set the version of SELinux policy required to the latest to fix build issues.
* Tue Apr 17 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-11.gitd248f91
- autobuilt commit d248f91
* Wed Apr 11 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.56-1
- Allow container_runtime_t to transition to spc_t over unlabeled files
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-10.gitd248f91
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-9.gitd248f91
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-8
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-7
- autobuilt commit d248f91
* Mon Apr 16 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-6
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-5
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org> - 2:2.55-4
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.55-3
- autobuilt commit d248f91
* Mon Apr 09 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.55-2
- autobuilt commit d248f91
* Thu Mar 15 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.55-1
- Dontaudit attempts by containers to write to /proc/self
* Wed Mar 14 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.54-1
- Add rules for container domains to make writing custom policy easier
- Allow shell_exec_t as a container_runtime_t entrypoint
* Mon Mar 26 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.55-1
Allow iptables to read container state
Dontaudit attempts from containers to write to /proc/self
Allow spc_t to change attributes on container_runtime_t fifo files
* Thu Mar 8 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.52-1
- Add rules for container domains to make writing custom policy easier
- Add better support for writing custom selinux policy for customer container domains.
* Thu Mar 8 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.51-1
- Allow shell_exec_t as a container_runtime_t entrypoint
* Wed Mar 7 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.50-1
- Allow bin_t as a container_runtime_t entrypoint
- Add rules for running container runtimes on mls
* Thu Feb 15 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.48-1
- Allow container domains to map container_file_t directories
* Fri Mar 2 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.49-1
- Add support for MLS running container runtimes
- Add missing allow rules for running systemd in a container
* Sat Feb 10 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.47-1
- Change default label of /exports to container_var_lib_t
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2:2.46-3
- Escape macros in %%CHANGELOG
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.46-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sat Feb 03 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.46-1
- Add support for nosuid_transition flags for container_runtime and unconfined domains
* Fri Feb 02 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.45-1
- Allow containers to sendto their own stream sockets
* Mon Jan 29 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.44-1
- Allow container domains to read kernel ipc info
* Mon Jan 22 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.43-1
- Allow containers to memory map the fifo_files leaked into container from
container runtimes.
* Tue Jan 16 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.42-1
- Allow unconfined domains to transition to container types, when no-new-privs is set.
* Wed Feb 21 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.48-1
- Update policy to match master branch
- Remove typebounds and replace with nnp_transition and nosuid_transition calls
* Tue Jan 9 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.41-1
- Add support to nnp_transition for container domains
@ -682,65 +301,54 @@ satisfy the bounds check of container_t versus container_runtime_t.
* Fri Jun 30 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.20-1
- Allow container processes to getsession
* Mon Jun 12 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.19-1
- Allow containers to create tun sockets
* Wed Jun 14 2017 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.19-2.1
- update release tag to isolate from 7.3
* Tue Jun 6 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.18-1
- Fix labeling for CRI-O files in overlay subdirs
* Wed Jun 14 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.19-1
- Fix mcs transition problem on stdin/stdout/stderr
- Add labels for CRI-O
- Allow containers to use tunnel sockets
* Mon Jun 5 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.17-1
- Revert change to run the container_runtime as ranged
* Tue Jun 06 2017 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.15-1.1
- Resolves: #1451289
- rebase to v2.15
- built @origin/RHEL-1.12 commit 583ca40
* Thu Jun 1 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.16-1
- Add default labeling for cri-o in /etc/crio directories
* Mon Mar 20 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.10-2.1
- Make sure we have a late enough version of policycoreutils
* Wed May 31 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.15-1
- Allow container types to read/write container_runtime fifo files
- Allow a container runtime to mount on top of its own /proc
* Fri May 19 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.14-1
- Add labels for crio rename
- Break container_t rules out to use a separate container_domain
- Allow containers to be able to set namespaced SYCTLS
- Allow sandbox containers manage fuse files.
- Fixes to make container_runtimes work on MLS machines
- Bump version to allow handling of container_file_t filesystems
- Allow containers to mount, remount and umount container_file_t file systems
- Fixes to handle cap_userns
* Mon Mar 6 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.10-1
- Update to the latest container-selinux patch from upstream
- Label files under /usr/libexec/lxc as container_runtime_exec_t
- Give container_t access to XFRM sockets
- Allow spc_t to dbus chat with init system
- Allow spc_t to dbus chat with init system
- Add rules to allow container runtimes to run with unconfined disabled
- Add rules to support cgroup file systems mounted into container.
- Fix typebounds entrypoint problems
- Fix typebounds problems
- Allow containers to read cgroup configuration mounted into a container
* Tue Feb 21 2017 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.9-4
- Resolves: #1425574
- built commit 79a6d70
* Mon Feb 20 2017 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.9-3
- Resolves: #1420591
- built @origin/RHEL-1.12 commit 8f876c4
* Mon Feb 13 2017 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.9-2
- built @origin/RHEL-1.12 commit 33cb78b
* Fri Feb 10 2017 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.8-2
-
* Tue Feb 07 2017 Lokesh Mandvekar <lsm5@redhat.com> - 2:2.7-1
- built origin/RHEL-1.12 commit 21dd37b
* Fri Jan 20 2017 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.4-2
- correct version-release in changelog entries
* Thu Jan 19 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.4-1
- Add typebounds statement for container_t from container_runtime_t
- We should only label runc not runc*
* Tue Feb 28 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.10-1
- Add rules to allow container runtimes to run with unconfined disabled
- Add rules to support cgroup file systems mounted into container.
* Mon Feb 13 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.9-1
- Add rules to allow container_runtimes to run with unconfined disabled
* Thu Feb 9 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:8.1-1
- Allow container_file_t to be stored on cgroup_t file systems
* Tue Feb 7 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:7.1-1
- Fix type in container interface file
* Mon Feb 6 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:6.1-1
- Fix typebounds entrypoint problems
* Fri Jan 27 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:5.1-1
- Fix typebounds problems
* Thu Jan 19 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:4.1-1
- Add typebounds statement for container_t from container_runtime_t
- We should only label runc not runc*
* Tue Jan 17 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:3.1-1
* Tue Jan 17 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.3-1
- Fix labeling on /usr/bin/runc.*
- Add sandbox_net_domain access to container.te
- Remove containers ability to look at /etc content

View File

@ -1 +1 @@
SHA512 (container-selinux-5d3c461.tar.gz) = ce19061ddfed5f84ecb386ce6885a7fe2ae7f93a742dddca5ad940d0716206bc1b21b6161591b5e24f9738711975d79d777ec35233c02d807e8cefb3aa26fa23
bd560a7657453a0ede6a8223fe1bc81c v2.151.0.tar.gz