Allow container_runtime_t to use user ttys

Fixes bounds check for container_t
2018-01-09 09:30:05 -05:00 · 2018-01-09 09:30:05 -05:00 · a8518096d5
commit a8518096d5
parent 64fe9d8cb1
3 changed files with 8 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -32,3 +32,4 @@
 /container-selinux-8ba32a4.tar.gz
 /container-selinux-26c642a.tar.gz
 /container-selinux-96e58bf.tar.gz
+/container-selinux-599072a.tar.gz
--- a/container-selinux.spec
+++ b/container-selinux.spec
@ -3,7 +3,7 @@
 # container-selinux
 %global git0 https://github.com/projectatomic/container-selinux
 %if 0%{?fedora} || 0%{?rhel} > 7
-%global commit0 96e58bf7fd152f24f6b95efc156d8cbb4446c354
+%global commit0 599072a930b995ba13ca7a4a6add7e808aa9b01f
 %else
 # use upstream's RHEL-1.12 branch for CentOS 7
 %global commit0 56c32da8a72f9e7af5daeaebac5b887830d123b1
@ -35,7 +35,7 @@ Name: container-selinux
 %if 0%{?fedora} || 0%{?centos} || 0%{?rhel} > 7
 Epoch: 2
 %endif
-Version: 2.39
+Version: 2.40
 Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
@ -117,6 +117,10 @@ fi
 %{_datadir}/selinux/*

 %changelog
+* Tue Jan 9 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.40-1
+- Allow container_runtime_t to use user ttys
+- Fixes bounds check for container_t
+
 * Mon Jan 8 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.39-1
 - Allow container runtimes to use interited terminals.  This helps
 satisfy the bounds check of container_t versus container_runtime_t.
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (container-selinux-96e58bf.tar.gz) = d496b4ba8aa1c47b47dbed644b9d8a9e97e154814b878280929108609820aa30b00aa6dba37edc83568fcd8c82343b82fae642db6c18e2deddfaf499cc8276c5
+SHA512 (container-selinux-599072a.tar.gz) = d3b21648444c83623b952ce08e4317f1400c6e2ed54923512e6e8fafdf2abd539d85d4e1e5c9f19144666bb2792ca991a3f77f6f7e9b927a5869c4be16324684