Add typebounds statement for container_t from container_runtime_t

We should only label runc not runc*
2017-01-19 12:00:49 -05:00 · 2017-01-19 12:00:49 -05:00 · c06c926b64
commit c06c926b64
parent 6c8c18196a
3 changed files with 8 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
 /container-selinux-513572d.tar.gz
 /container-selinux-bcdcb9a.tar.gz
 /container-selinux-3bbbad5.tar.gz
+/container-selinux-b9809fa.tar.gz
--- a/container-selinux.spec
+++ b/container-selinux.spec
@ -3,7 +3,7 @@
 # container-selinux
 %global git0 https://github.com/projectatomic/container-selinux
 %if 0%{?fedora}
-%global commit0 3bbbad57f5827b02f91f847eb559a59cca7967af
+%global commit0 b9809fa7156c043e4306c0a14e0b20f72d0a31fa
 %else
 # use upstream's RHEL-1.12 branch for CentOS 7
 %global commit0 56c32da8a72f9e7af5daeaebac5b887830d123b1
@ -35,7 +35,7 @@ Name: container-selinux
 %if 0%{?fedora} || 0%{?centos}
 Epoch: 2
 %endif
-Version: 2.3
+Version: 2.4
 Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
@ -118,6 +118,10 @@ fi
 %{_datadir}/selinux/*

 %changelog
+* Thu Jan 19 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:4.1-1
+- Add typebounds statement for container_t from container_runtime_t
+- We should only label runc not runc*
+
 * Tue Jan 17 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:3.1-1
 - Fix labeling on /usr/bin/runc.*
 - Add sandbox_net_domain access to container.te
--- a/1
+++ b/1
@ -1,2 +1,3 @@
 SHA512 (container-selinux-bcdcb9a.tar.gz) = 382ed177ac878e56a7a4819b30362f0f797657ae4b87847e624124d06e4f56463a44c8a4d0ba60ebe02bf53128b43ec5d0ce5a6f9e0d6450594a9cef60531806
 SHA512 (container-selinux-3bbbad5.tar.gz) = d255c5993bff90fb90030d6d0ced11eeed9a620878e24b99fdba7e8c66e130fcc88ac6f839fd84a96863f3d0fb57a41d4d4a59e30eb383ad999a75d22d8533a2
+SHA512 (container-selinux-b9809fa.tar.gz) = 796403b5951daaaf1de932d02d42be9a62ba877fcf67f5cbd9e489427e886cb9dcb990810d46a0359dabfe5ce132139c869c278d4a17b3690530e7cfd0f0575b