* Mon Nov 18 2013 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-5

- Add back /dev/shm labeling

policy-rawhide-base.patch

@@ -12639,10 +12639,10 @@ index 1a03abd..92d1a8f 100644
  	allow files_unconfined_type file_type:file execmod;
  ')
 diff --git a/policy/modules/kernel/filesystem.fc b/policy/modules/kernel/filesystem.fc
-index d7c11a0..1fb5480 100644
+index d7c11a0..2fc3436 100644
 --- a/policy/modules/kernel/filesystem.fc
 +++ b/policy/modules/kernel/filesystem.fc
-@@ -1,23 +1,23 @@
+@@ -1,23 +1,26 @@
 -/cgroup			-d	gen_context(system_u:object_r:cgroup_t,s0)
 -/cgroup/.*			<<none>>
 +# ecryptfs does not support xattr
@@ -12658,13 +12658,16 @@ index d7c11a0..1fb5480 100644
 -/lib/udev/devices/hugepages/.*	<<none>>
 -/lib/udev/devices/shm	-d	gen_context(system_u:object_r:tmpfs_t,s0)
 -/lib/udev/devices/shm/.*	<<none>>
++/dev/shm                -d      gen_context(system_u:object_r:tmpfs_t,s0-mls_systemhigh)
++/dev/shm/.*                     <<none>>
+ 
 +/usr/lib/udev/devices/hugepages -d	gen_context(system_u:object_r:hugetlbfs_t,s0)
 +/usr/lib/udev/devices/hugepages/.*	<<none>>
 +/usr/lib/udev/devices/shm	-d	gen_context(system_u:object_r:tmpfs_t,s0)
 +/usr/lib/udev/devices/shm/.*	<<none>>
 +/var/run/[^/]*/gvfs		-d	gen_context(system_u:object_r:fusefs_t,s0)
 +/var/run/[^/]*/gvfs/.*	<<none>>
- 
++
 +# for systemd systems:
  /sys/fs/cgroup	-d	gen_context(system_u:object_r:cgroup_t,s0)
  /sys/fs/cgroup/.*	<<none>>

selinux-policy.spec

@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -575,6 +575,9 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Mon Nov 18 2013 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-5
+- Add back /dev/shm labeling
+
 * Mon Nov 18 2013 Miroslav Grepl<mgrepl@redhat.com> 3.13.1-4
 - Fix gnome_role_template() interface