rpms/container-selinux
6
0
Fork 0
Code Issues Pull Requests Releases Activity
252 Commits 27 Branches 132 Tags 606 KiB
c07db367f7
Commit Graph

234 Commits

Author SHA1 Message Date
Daniel J Walsh
e2b52d2d49
Allow iptables to append to container_file_t 2019-04-15 09:14:34 -04:00
Daniel J Walsh
7bfa450762
Allow containers to read/write sysctl_kernel_ns_last_pid_t 
Allow containers to manage fusefs sockets and named pipes
 2019-04-12 12:48:55 -04:00
Daniel J Walsh
83c147430e
Allow containers to create fusefs sockets and named pipes 2019-04-01 17:46:19 -04:00
Daniel J Walsh
e0dcd250c0
Allow init_t to manage container content 
Allow container domains to create fifo_files on fusefs file systems
Add boolean to allow containers to use ceph file systems
 2019-03-28 08:00:26 -04:00
Daniel J Walsh
81c6f71fc4
Allow container runtimes to create unlabeled keyrings 2019-03-26 08:15:18 -04:00
Daniel J Walsh
4b3e8ccdf7
Allow containers to mount and umount fuse file systems. This will allow us 
to use buidlah within a user namespace separated container.
 2019-03-20 15:41:00 -04:00
Daniel J Walsh
728707509f
Merge branch 'master' of ssh://pkgs.fedoraproject.org/rpms/container-selinux 2019-03-09 08:40:53 -05:00
Daniel J Walsh
c650254748
Allow all container domains to have container file types entrypoint 
Add new release to fix issues with udica
Allow container_runtime_t to dyntransition to container domains
 2019-03-09 08:38:21 -05:00
Lokesh Mandvekar (Bot)
8285069315 container-selinux-2:2.89-5.git2521d0d 
- bump to 2.89
- autobuilt 2521d0d

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2019-03-09 05:21:39 +00:00
Lokesh Mandvekar (Bot)
8200ea022e container-selinux-2:2.88-4.git5c98b56 
- bump to 2.88
- autobuilt 5c98b56

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2019-03-07 05:22:18 +00:00
Lokesh Mandvekar (Bot)
bee8aaf051 container-selinux-2:2.87-3.git2c1a2ab 
- autobuilt 2c1a2ab

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2019-03-06 05:18:39 +00:00
Lokesh Mandvekar (Bot)
17ada63853 container-selinux-2:2.87-2.git891a85f 
- bump to 2.87
- autobuilt 891a85f

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2019-03-02 05:05:56 +00:00
Daniel J Walsh
7ef0bf8d6f
Allow unconfined user and services to dyntrans to container domains, needed for CRIU 
Allow containers exectue hugetlb files.
 2019-03-01 09:00:53 -05:00
Daniel J Walsh
cdbdbb8ff6
More allow rules to allow containers to run within containers 2019-02-28 14:51:59 -05:00
Daniel J Walsh
9481eed87d
More allow rules to allow containers to run within containers 2019-02-28 08:15:40 -05:00
Lokesh Mandvekar (Bot)
0a83311798 container-selinux-2:2.82-2.git5e1f62f 
- bump to 2.82
- autobuilt 5e1f62f

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2019-02-26 05:15:09 +00:00
Daniel J Walsh
a2d2cf7715
Allow containers to mounton cgroup and container_file_t 2019-02-25 10:08:25 -05:00
Daniel J Walsh
9c1bcaed9f
Allow confined users to use containers 2019-02-10 07:36:32 -07:00
Lokesh Mandvekar (Bot)
e791d82a98 container-selinux-2:2.80-3.git21c2be6 
- bump to 2.80
- autobuilt 21c2be6

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2019-02-08 05:02:18 +00:00
Daniel J Walsh
2ae0570400
Add new labels for paths for containerd 2019-02-07 10:02:09 -07:00
Fedora Release Engineering
6355b5e774 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-01-31 16:13:35 +00:00
Daniel J Walsh
f7bd24fd60
Don't allow containers to talk to contianer runtime sockets 2019-01-22 15:04:58 +01:00
Daniel J Walsh
a562ce586f
Don't allow containers to talk to contianer runtime sockets 2019-01-22 14:54:38 +01:00
Daniel J Walsh
d4eda46462
Fix labeling on /var/lib/registries 2019-01-11 11:05:46 -05:00
Lokesh Mandvekar (Bot)
3899d72021 container-selinux-2:2.77-2.git2c57a17 
- bump to 2.77
- autobuilt 2c57a17

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2019-01-11 04:55:44 +00:00
Daniel J Walsh
5e8d437aba
Fix labeling for images in docker daemon user namespace 2019-01-10 15:17:44 -05:00
Daniel J Walsh
22b5b2899f
Allow container-runtime to setattr on fifo_file handed into container runtime. 2018-12-17 15:47:41 -05:00
Daniel J Walsh
6065af86d3
Allow container-runtime to setattr on fifo_file handed into container runtime. 2018-12-17 14:23:41 -05:00
Lokesh Mandvekar (Bot)
fbbda7e411 container-selinux-2:2.752.75-1.dev.git99e2cfd1 
- bump to 2.75
- autobuilt 99e2cfd

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-11-13 04:05:43 +00:00
Daniel J Walsh
b66e01696f
Allow containers to sendto dgram socket of container runtimes 
Needed to run container runtimes in notify socket unit files.
 2018-11-12 15:48:19 -05:00
Daniel J Walsh
20e37ffd79
Allow containers to use fuse file systems by default 2018-10-30 08:34:06 -04:00
Daniel J Walsh
5df1d6fc43
Allow containers to setexec themselves 2018-10-19 17:45:33 -04:00
Daniel J Walsh
2efd385d7d
Remove requires for policycoreutils-python-utils we don't need it. 2018-09-22 06:39:25 -04:00
Daniel J Walsh
88328244ed
Define spc_t as a container_domain, so that container_runtime will transition 
to spc_t even when setup with nosuid.
 2018-09-13 09:33:50 -04:00
Daniel J Walsh
90d38a296a
Allow container_runtimes to setattr on callers fifo_files 2018-09-12 07:45:24 -04:00
Daniel J Walsh
5c39536b9a
Fix restorecon to not error on missing directory 2018-08-27 09:17:30 -04:00
Daniel J Walsh
1c6b7ec5b2
Allow unconfined_r to transition to system_r over container_runtime_exec_t 2018-08-22 18:20:47 -07:00
Daniel J Walsh
e6bf4b2eb8
Allow unconfined_t to transition to container_runtime_t over container_runtime_exec_t 2018-08-22 07:30:54 -07:00
Lokesh Mandvekar
efac8b1c4b remove unnecessary distro conditionals 
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-08-12 01:45:38 -04:00
Daniel J Walsh
4ed36528d0
dontaudit attempts to write to sysctl_kernel_t 2018-07-25 17:35:22 -04:00
Lokesh Mandvekar (Bot)
08b0e73601 container-selinux-2:2.68-2.gitc139a3d 
- autobuilt c139a3d

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-07-18 02:04:23 +00:00
Daniel J Walsh
be54b1d5ac
Add labels for /var/lib/origin directory 
Add container_file_t as a customizable_type

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2018-07-16 12:21:16 -04:00
Fedora Release Engineering
49aa687d4c - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-12 22:12:40 +00:00
Lokesh Mandvekar
aa27ac4a74 update release tag to reflect unreleased status 
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-07-09 12:07:01 -04:00
Lokesh Mandvekar (Bot)
814ce627ca container-selinux-2:2.67-2.git042f7cf 
- autobuilt 042f7cf

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-07-09 15:15:01 +00:00
Lokesh Mandvekar (Bot)
da11a8106d container-selinux-2:2.67-1.git0407867 
- bump to 2.67
- autobuilt 0407867

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-07-07 04:53:53 +00:00
Daniel J Walsh
e3d623436f
Allow container runtimes to dbus chat with systemd-resolved 2018-06-30 07:25:12 -04:00
Lokesh Mandvekar (Bot)
ee88cda7eb container-selinux-2:2.64-1.gitdfaf8fd 
- bump to 2.64
- autobuilt dfaf8fd

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-06-12 04:41:04 +00:00
Daniel J Walsh
781a8d1c0d
Add new type to handle containers running with a non priv user in a userns 
allow containers to map all sockets
 2018-06-11 08:55:28 -04:00
Daniel J Walsh
91cc6aa535 Allow containers to create all socket classes 2018-06-03 06:09:33 -04:00
Daniel J Walsh
71d8662692 Allow containers to create icmp packets 2018-05-30 11:10:00 -04:00
Lokesh Mandvekar (Bot)
c2346462ef container-selinux-2:2.62-1.git1ecf953 
- bump to 2.62
- autobuilt 1ecf953

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-05-25 18:35:07 +00:00
Daniel J Walsh
25c4cb361a Allow spc_t to load kernel modules from inside of container 2018-05-21 17:13:15 -04:00
Daniel J Walsh
59df2c8753 Allow containers to list cgroup directories 2018-05-21 13:19:17 -04:00
Daniel J Walsh
2be9204393 Transition for unconfined_service_t to container_runtime_t when executing container_runtime_exec_t. 2018-05-21 12:49:37 -04:00
Daniel J Walsh
cbb3d2bf04 Run restorecon /usr/bin/podman in postinstall 2018-05-21 11:03:42 -04:00
Daniel J Walsh
1f65dab452 Add labels to allow podman to be run from a systemd unit file 2018-05-18 11:53:51 -04:00
Lokesh Mandvekar (Bot)
cbb99afa99 container-selinux-2:2.55-12.gitd248f91 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-17 18:32:42 +00:00
Lokesh Mandvekar (Bot)
68364ba992 container-selinux-2:2.55-11.gitd248f91 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-17 17:53:26 +00:00
Lokesh Mandvekar
e87f128825 correct Source0 if centos 
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-04-16 15:59:39 -04:00
Lokesh Mandvekar (Bot)
654515c525 container-selinux-2:2.55-10.gitd248f91 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-16 19:10:54 +00:00
Lokesh Mandvekar (Bot)
6d73abcf30 container-selinux-2:2.55-9.gitd248f91 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-16 14:49:04 +00:00
Lokesh Mandvekar
7506926843 add shortcommit0 in release string 
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-04-15 23:42:42 -04:00
Lokesh Mandvekar (Bot)
95b2b1d800 container-selinux-2:2.55-8 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-16 03:31:26 +00:00
Lokesh Mandvekar (Bot)
357bc56e2f container-selinux-2:2.55-7 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-16 03:21:09 +00:00
Lokesh Mandvekar (Bot)
03bdc46668 container-selinux-2:2.55-6 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-16 02:57:50 +00:00
Lokesh Mandvekar (Bot)
e49a7cae6a container-selinux-2:2.55-5 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-09 19:29:53 +00:00
Lokesh Mandvekar (Bot)
af36061d14 container-selinux-2:2.55-4 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar (Bot) <lsm5+bot@fedoraproject.org>
 2018-04-09 15:30:25 +00:00
Lokesh Mandvekar
7c61638200 container-selinux-2:2.55-3 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-04-09 07:56:05 -04:00
Lokesh Mandvekar
c9ddfc8c4a change case cause it messes up my autobuilder script :D 
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-04-09 07:55:39 -04:00
Lokesh Mandvekar
802379f601 container-selinux- 
- autobuilt commit d248f91

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-04-09 07:50:15 -04:00
Lokesh Mandvekar
4c7ed6951b packaging changes for centos v/s fedora 
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2018-04-09 07:47:49 -04:00
Daniel J Walsh
c46266a878 Dontaudit attempts by containers to write to /proc/self 2018-03-15 07:14:36 -04:00
Daniel J Walsh
37b78d28ce Add rules for container domains to make writing custom policy easier 
Allow shell_exec_t as a container_runtime_t entrypoint
 2018-03-14 09:39:06 -04:00
Daniel J Walsh
69afd19c0a Add rules for container domains to make writing custom policy easier 2018-03-08 14:33:17 +00:00
Daniel J Walsh
b658aee2f1 Allow shell_exec_t as a container_runtime_t entrypoint 2018-03-08 07:54:07 +00:00
Daniel J Walsh
5a5bf66b86 Allow bin_t as a container_runtime_t entrypoint 
Add rules for running container runtimes on mls
 2018-03-07 05:59:10 +00:00
Daniel J Walsh
9a7a65d0b5 Allow container domains to map container_file_t directories 2018-02-15 12:55:50 -05:00
Daniel J Walsh
f8193b5e32 Change default label of /exports to container_var_lib_t 2018-02-10 07:18:48 -05:00
Igor Gnatenko
a7071bc06f
Escape macros in %changelog 
Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-09 09:04:17 +01:00
Fedora Release Engineering
07b6801caf - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 05:40:38 +00:00
Daniel J Walsh
3b45b2783a Add support for nosuid_transition flags for container_runtime and unconfined domains 2018-02-03 06:17:13 -05:00
Daniel J Walsh
1b20654010 Allow containers to sendto their own stream sockets 2018-02-02 13:40:54 -05:00
Daniel J Walsh
5b2867045c Allow container domains to read kernel ipc info 2018-01-29 06:58:52 +01:00
Daniel J Walsh
a7ce3135c2 Allow containers to memory map the fifo_files leaked into container from 
container runtimes.
 2018-01-22 09:40:35 -05:00
Daniel J Walsh
a4c374a14d Allow unconfined domains to transition to container types, when no-new-privs is set. 2018-01-16 13:56:33 -05:00
Daniel J Walsh
15578313e4 Add support to nnp_transition for container domains 
Eliminates need for typebounds.
 2018-01-09 11:47:20 -05:00
Daniel J Walsh
a8518096d5 Allow container_runtime_t to use user ttys 
Fixes bounds check for container_t
 2018-01-09 09:30:05 -05:00
Daniel J Walsh
64fe9d8cb1 Allow container runtimes to use interited terminals. This helps 
satisfy the bounds check of container_t versus container_runtime_t.
 2018-01-08 08:41:05 -05:00
Daniel J Walsh
98e715e396 Allow container runtimes to mmap container_file_t devices 
Add labeling for rhel push plugin
 2018-01-06 07:34:20 -05:00
Daniel J Walsh
aaa91fd2cc Merge branch 'master' of ssh://pkgs.fedoraproject.org/rpms/container-selinux 2017-12-12 13:11:36 +00:00
Daniel J Walsh
e0502dafa3 Allow containers to use inherited ttys 
Allow ostree to handle labels under /var/lib/containers/ostree
 2017-12-12 13:11:14 +00:00
Lokesh Mandvekar
0ce8700159
remove git from builddep 
can't find git in the module ecosystem and git isn't critical for
package build.

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2017-12-03 21:38:21 -05:00
Daniel J Walsh
7f79cfab64 Allow containers to relabelto/from all file types to container_file_t 2017-11-27 14:57:52 +00:00
Daniel J Walsh
751a4e3fee Allow container to map chr_files labeled container_file_t 2017-11-27 14:43:49 +00:00
Daniel J Walsh
8ed545a6c5 Allow container to map chr_files labeled container_file_t 2017-11-27 13:21:48 +00:00
Daniel J Walsh
4e9b7c333a Dontaudit container processes getattr on kernel file systems 2017-11-22 15:35:20 +00:00
Daniel J Walsh
cc32bab0b3 Allow containers to read /etc/resolv.conf and /etc/hosts if volume 
mounted into container.
 2017-11-19 11:41:27 +00:00
Daniel J Walsh
be0a39a792 Make sure users creating content in /var/lib with right labels 2017-11-08 21:10:33 +00:00
Daniel J Walsh
31963a3bb5 Allow the container runtime to dbus chat with dnsmasq 
add dontaudit rules for container trying to write to /proc
 2017-10-26 11:38:02 +00:00
Daniel J Walsh
b99f18b8ce Add support for lxcd 
Add support for labeling of tmpfs storage created within a container.
 2017-10-10 16:17:55 +00:00
Daniel J Walsh
ecb1760cbb Allow a container to umount a container_file_t filesystem 2017-10-09 13:29:39 +00:00
Daniel J Walsh
5a61b6808a Allow container runtimes to work with the netfilter sockets 
Allow container_file_t to be an entrypoint for VM's
 Allow spc_t domains to transition to svirt_t
 2017-10-04 09:10:48 +00:00
Daniel J Walsh
c6e706af6d Make sure container_runtime_t has all access of container_t 2017-09-22 11:08:40 +00:00
Daniel J Walsh
b74f4a298b Allow container runtimes to create sockets in tmp dirs 2017-09-07 08:43:48 +00:00
Daniel J Walsh
1aad223080 Add additonal support for crio labeling. 2017-09-05 20:40:09 +00:00
Troy Dawson
9a3633bb6b Fixup spec file conditionals 2017-08-14 13:16:08 -07:00
Fedora Release Engineering
5cb66e7ed3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 05:26:19 +00:00
Daniel J Walsh
bb6875d358 Allow containers to execmod on container_share_t files. 2017-07-11 17:36:41 +00:00
Daniel J Walsh
852a09a52f Relabel runc and crio executables 2017-07-06 10:47:14 +00:00
Daniel J Walsh
ef7772c664 Allow container processes to getsession 2017-06-30 15:53:25 +00:00
Daniel J Walsh
fbb3cfcf9a Allow containers to create tun sockets 2017-06-12 18:13:46 +00:00
Daniel J Walsh
35b5399d15 Fix labeling for CRI-O files in overlay subdirs 2017-06-06 19:28:56 +00:00
Daniel J Walsh
590defb1b5 Revert change to run the container_runtime as ranged 2017-06-05 20:10:25 +00:00
Daniel J Walsh
4868764a43 Add default labeling for cri-o in /etc/crio directories 2017-06-01 21:47:32 +00:00
Daniel J Walsh
379ddc4b04 Allow container types to read/write container_runtime fifo files 
Allow a container runtime to mount on top of its own /proc
 2017-05-31 12:28:03 +00:00
Dan Walsh
ed21ef74dc Add labels for crio rename 
Break container_t rules out to use a separate container_domain
Allow containers to be able to set namespaced SYCTLS
Allow sandbox containers manage fuse files.
Fixes to make container_runtimes work on MLS machines
Bump version to allow handling of container_file_t filesystems
Allow containers to mount, remount and umount container_file_t file systems
Fixes to handle cap_userns
Give container_t access to XFRM sockets
Allow spc_t to dbus chat with init system
Allow spc_t to dbus chat with init system
Add rules to allow container runtimes to run with unconfined disabled
Add rules to support cgroup file systems mounted into container.
Fix typebounds entrypoint problems
Fix typebounds problems
Add typebounds statement for container_t from container_runtime_t
We should only label runc not runc*
 2017-05-19 07:19:44 -04:00
Daniel J Walsh
d6c9f15f16 Add rules to allow container runtimes to run with unconfined disabled 
Add rules to support cgroup file systems mounted into container.
 2017-02-28 13:47:46 -05:00
Daniel J Walsh
4e04f9adef Add rules to allow container_runtimes to run with unconfined disabled 2017-02-13 05:33:06 -08:00
Daniel J Walsh
e6af9053a7 Allow container_file_t to be stored on cgroup_t file systems 2017-02-09 08:59:37 -05:00
Daniel J Walsh
afcdd30e26 Fix type in container interface file 2017-02-07 09:24:46 -05:00
Daniel J Walsh
761ca4f112 Fix typebounds entrypoint problems 2017-02-06 10:28:33 -05:00
Daniel J Walsh
a2fe41cd44 Fix typebounds problems 2017-01-27 13:15:25 +01:00
Daniel J Walsh
3fcf74cdce Fix typebounds problems 2017-01-27 13:14:10 +01:00
Daniel J Walsh
c06c926b64 Add typebounds statement for container_t from container_runtime_t 
We should only label runc not runc*
 2017-01-19 12:00:49 -05:00
Daniel J Walsh
6c8c18196a Fix labeling on /usr/bin/runc.* 
Add sandbox_net_domain access to container.te
Remove containers ability to look at /etc content
 2017-01-18 08:20:57 -05:00
Daniel J Walsh
c8e82ceefa Fix labeling on /usr/bin/runc.* 
Add sandbox_net_domain access to container.te
Remove containers ability to look at /etc content
 2017-01-17 17:10:15 -05:00
Lokesh Mandvekar
dc5c3985ab container-selinux-2:2.2-4 
- use upstream's RHEL-1.12 branch, commit 56c32da for CentOS 7

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2017-01-11 12:13:04 -05:00
Jonathan Lebon
6028ccc721 container-selinux-2:2.2-3 2017-01-10 13:39:03 -05:00
Lokesh Mandvekar
8602eba442 container-selinux-2:2.2-2 
- depend on selinux-policy-targeted
- relabel docker-latest* files as well

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2017-01-07 14:34:01 -05:00
Lokesh Mandvekar
98c88e3954 container-selinux-2:2.2-1 
- bump to v2.2
- additional labeling for ocid

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2017-01-06 16:29:04 -05:00
Lokesh Mandvekar
57ea4c4351 container-selinux-2:2.0-2 
- install policy at level 200

From: Dan Walsh <dwalsh@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2017-01-06 15:41:09 -05:00
Daniel J Walsh
85f5b33ced Resolves: #1406517 - bump to v2.0 (first upload to Fedora as a 
standalone package)
include projectatomic/RHEL-1.12 branch commit for building on centos/rhel
 2017-01-06 15:21:04 -05:00
Lokesh Mandvekar
7fa12a4c94 container-selinux-2:2.0-1 
- Resolves: #1406517 - bump to v2.0 (first upload to Fedora as a
standalone package)
- include projectatomic/RHEL-1.12 branch commit for building on centos/rhel

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2017-01-06 14:34:31 -05:00