Add rules to allow container runtimes to run with unconfined disabled

Add rules to support cgroup file systems mounted into container.

.gitignore

@@ -7,3 +7,4 @@
 /container-selinux-ce95ddb.tar.gz
 /container-selinux-f7333f9.tar.gz
 /container-selinux-08bb6e0.tar.gz
+/container-selinux-8f8caa6.tar.gz

container-selinux.spec

@@ -3,7 +3,7 @@
 # container-selinux
 %global git0 https://github.com/projectatomic/container-selinux
 %if 0%{?fedora}
-%global commit0 08bb6e0a1a63b1312c88c2e201b58aeb0ffd5467
+%global commit0 8f8caa66c11f8657ebf8ae50d7221ee3a97ac7d3
 %else
 # use upstream's RHEL-1.12 branch for CentOS 7
 %global commit0 56c32da8a72f9e7af5daeaebac5b887830d123b1
@@ -35,7 +35,7 @@ Name: container-selinux
 %if 0%{?fedora} || 0%{?centos}
 Epoch: 2
 %endif
-Version: 2.9
+Version: 2.10
 Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
@@ -118,7 +118,11 @@ fi
 %{_datadir}/selinux/*
 
 %changelog
-* Mon Feb 13 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:9.1-1
+* Tue Feb 28 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.10-1
+- Add rules to allow container runtimes to run with unconfined disabled
+- Add rules to support cgroup file systems mounted into container.
+
+* Mon Feb 13 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2.9-1
 - Add rules to allow container_runtimes to run with unconfined disabled
 
 * Thu Feb 9 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:8.1-1

sources

@@ -1 +1,2 @@
 SHA512 (container-selinux-08bb6e0.tar.gz) = bba16bd77c6d34982637e4fc874ef1a741df7ca73a85ad1edfece5ae2838409efbe00ea44653acb63c22c6939c7afc72f7882715c9c4657d4427eff6f77d2a35
+SHA512 (container-selinux-8f8caa6.tar.gz) = b273cb85c6afece175d917b043f92d4c126d03eaa4b2ad5c36c0a6430465a127ad25961d26b66730190723a6aefba4a8ffb694ea942c6b4eb5d6ee950b780856