From 6fc6359b101c0b3752a7bf4ce25371a089e9153b Mon Sep 17 00:00:00 2001
From: Lukas Vrabec <lvrabec@redhat.com>
Date: Mon, 10 Jul 2017 09:27:35 +0200
Subject: [PATCH] * Mon Jul 10 2017 Lukas Vrabec <lvrabec@redhat.com> -
 3.13.1-262 - Allow cluster_t and glusterd_t domains to dbus chat with ganesha
 service - Allow iptables to read container runtime files

---
 container-selinux.tgz        | Bin 6831 -> 6890 bytes
 policy-rawhide-base.patch    |  15 ++++++++-----
 policy-rawhide-contrib.patch |  40 +++++++++++++++++++----------------
 selinux-policy.spec          |   6 +++++-
 4 files changed, 37 insertions(+), 24 deletions(-)

diff --git a/container-selinux.tgz b/container-selinux.tgz
index 30bcc9dfc4b55308fd9e8cc73451c2869189ce75..400e55dad28d65baf73e3a5ff315779d95b4981c 100644
GIT binary patch
delta 6644
zcmV<Q84KpGHR?5gABzY8hAU%P00Zq^ZI9eGlFrxZUm@55JQLV6_BeI`Pj(NBWP!U6
z2L!td+=t6uM=hzlmC;)y^}L+n{q0v(d=W*F6s1<%vw#~&+S96fNEXRru~;lcWzmLd
zk<^#z_L~!ZUc=}8`|t7l%@6NhtKaZ>`~K~lH{ZN@`{wO`>-X31-oJkT&FeRBui-0r
zeX0tnpF`7zbr5`$-PPeHiL7*E&;La~tLM*yADcs-hxOy1|FKVkvPz0qO?jxJBnYc2
zOQWz&%OZ%xKnap!2j7=JUJ14pfcSlSrNJL(e|<=zLz^h*X%V!0^@q63;UAa8dZq9N
zKUQHK=0OpE=E<L)F{)>O9+dDiJqW@qEANvyXv?6j!=g#CQ6|tULWO^?(xOf3Z5Soz
zzscIH>qF6|d9sG`2<OGi-&SY4q*&L<ABVIC+SS=v`&cP0kUZ^6!;c9_VBOw0xbkY-
z5XFm&)#@xN>m<tKb(4g3v|n%1;{4k;7ppT-p>-91woq^U)n1(GNqe!v0v7B_j;wU)
zPJ6<7&A)5UCUxzZt!uRc>M~0V@PC7!C3qM`Nz;s>B2pAqSEIuRz9)^GuJ^?w(ci51
zv0&);I^AFwe0y!iK!{V!RS?pXov1kAr-)k4N9Syd!h$HBv+T$T^|vI9NxoHG;@}Hl
zr2_GPm)qeKTWAJ(404OGp{i@D-mFnwf!1Pe9MN9KiuCW)jf(uTbQ8o-&8RKwG-)Ob
z-qQ$@k29#2k09^D8c91rQu)ERZ%i~Fpq&B7hkvfCq|O^)+@@L5h=Msa4f2IogQq5H
znxmgn&=#E``Ib-@eQ{IQesMvQa=;c+b!Lfw+d4+i2%J4Os}70v8D!q<!#a6NQl|>}
z%bk&XNIgrN7RR<t=p4xKlTVk8b7#fvYy|%fA9VL$Xx8JB+*C=FZd2$W){$tgBm<R4
zWyWkkApeo}(h2q8aRbGo*=C5`AoTwXi*TneBu`_G<y5tk={633jCK<kV-x12T5`~T
zgHNjWynBwxPxhNf?{E&oPyRjQ!dSLfo|19Kg@a4X{H}2<P@hk#PtELAbe6Alr>iW7
z<WH(;egf+Nx5%5{LEa7eCqktwpp;&BJR-||+U|o82oEhtxJ{#gTHpB|U};CXP+9Y<
zI=#bkkn%HjsD{jIvBp{$@X?t|O)0m3WOXp1prI0xl%^ELc-K)DHjSkydNwR;lkno=
zDdpk+p9N)w@(;5=J!|WOt%*pg6}w5&V&_$?d5Vbj+}puxoFFc5tTG9{y@vnZ!hhc{
zyBGQ8KYo59>nvI9RT@vTk?KQXQ8)nAOxXMpknzXGT^vnP-z{>4v5=qJ;$wP$Y}zD`
z+H9(?PJebN(w4;Ebri#n`KCe?#Cj`5@;b>%+?ax-QW#J4B;X&x%)514GVlr%%YBSB
zVK@fgi&B#h_!Y>JA-yjnT)aX7U%>dEg8MVNC}|ppMI7AMscAErCpoNKUw%^GgN*W7
z-d;mbNE+yeJYd*D_7kM33o{5yG->vyWz{}TUBUwm-zv^v;&H{Hfx*^3l6u6s&=;zh
zA)098<gRMT?!|{FDEv0aR}g-P_RP>l8AC0W5i)+5Yov3Au+>))HvTJ<o&+BQ=`X>P
zzyud2gF?&Fh$JtAXY$!4@IAYjjT4vA?R=01xYvUk;jeShz|>c9UPY7r1U(H^2I{U+
zN0z7kZ*W?7lSc(k0?^Zwmjxw%U)+9XwLyCWYdt%P%(%g|M2=ZD(fyjt+DKdWL4MF$
zZKpmmZwNKc55mhH^o|c_SijDJ_xE3Z>gv!u<<VC~-Xjoc(Jq58U%w3dnYLVOs4E#L
ztmTcig(vV2C?QcFMi=mEwdIk$1N#!;9jp&ftAMwU+$f~8QYaYKZu0Se_QPE7(z-12
zNt>3_bQjh0SZ|Hh@h*DQ?cN#gTEI>>KiC<6XXcEj8$g7-eS}SV4bljjbXSBKo3O#B
zn`sUiD2!GoGoh%M`((p~pd4RV=foI4_eg5|C}j@-))~kxta-`5^J3@CH#iB$xs`D;
z?wu2UHdG4(C!28iud6bDOQS~`;le4%y?`OifK~(>Tqw^+oQ5x!cJ{8rL%ZjJo&%3B
zJ$zyTu~gqFVe7=u(-umTj|@jwkOn^=7o%hDsAEHwPo&p{6ui6RsOV$`;n;IlgR#xz
z{B&&|YW;MxdpHZK>;Nj(+ZggPf^|&aXVWK)p*Qt|DsnJx%0m%<H#A}JG<6wW#twuf
z{1IXOT@`1YL8vVpQo-_dyx9q>U|2jF;Q5-tWC128ENJy(RYG%_rJ6R&-iulI>PlDL
zxz{ROrXQnYhj?8{tT&WuF{fKUhPwk3Kg%%oA*V4sR;iBm*nwn>pVaE&hhz*V?2z=w
z63GoEqkN1=_|#E<rC}(9Vl@uDq<SoaMeO}p08Qxfp`%v)6KtE&YUWiB+7wptv#ZqM
z+F|qOxKPYnZ`a=Z_}duvt3*(m;<EVCYc#gq=PnVs4MuJc5zQj;WDTuY4V@!1C&IQw
zBWDvfY1Cgpg?#;%%c@Sc>4QO@zt96J279eTv&$0(euZa$5UMyC-&#B}%CoyQsPn07
zB`E8@;UP&x89;Q7L>KZW^bDi=%V}4)Zo_()w1Otjnl<Q+9d|}+52FUhK00Qguvq+z
zOB4?hS=YQz@DZ&JU-}~TzvxHy=w+Lnstou2|M%~Hc=!F_{{P!|U+@2ajt}#+tn)Gk
z#da=7!^_}*`tthq<?D-;rY~5SC-bfZby>FM?Nn2F^*s1F0i2o=3&5JQB2^YAO~gZN
zDjr;uV2BD-C%E4ypa*L;oFpXkSon#_o1109KYscpsLHyPF*p_1lMEdj(;kX&qqbFU
z&A?oL8EnI>NiMW1@ftC!o*yHso_;7j=Yik5x;#{W!8vzJU2rY!Q44OAF@UZfww(+#
zHw|&2A*%v(pwsZ~Qww99BJ$!e$w56crG0KF$#ub*tNP}!`F#zBTeL@&-YI<(oMb|E
z?#Uq?8m8*mYv)?qR;nSPE@IqnFfBHmS{F6jg!e_vejD_P>NFhEd-aRcEq9@`OL0*2
z<3!GXdryaBOuDoCRaC;9_+1GUm)Q$$3{mRCiLfPcfK28B{fK<9_dD15hq%IZ-$(9F
z8dyE~-_&%Y+uwM!(Z>|W9SkuOK}zR3mkDi9L4HJ{N8X%kOpe)~R|5@zKgphfKQzQ1
zs}mUyOb6KPAX%crpLYChV;fa8;D)2hJW9=f=OY@b?i}lb4_$TEGIY{mQOYq!zm(oV
znK+M-Kb{*AhVUXrvya_{c(QQK_VIkkG6drh8+|Mpg~)`Em(XS8UO68y8Uzii>Oj2o
z+sz97&_&YH-{(3DuBGWVPPXU2CA8+P!Mw+<$a5YMjtfA1%rXRfz1P930Cx>c`ulW$
zw}+LNHsJk|Gq&$vtYF;6sAW#JggT1`^hcNl%pQYB%tvNg_?sl#eu%;<+@x9BJ_a9y
zXkXqJ!EFi#&=&rMH!Pc^P2(WHEy_5+uAu`w`qw5cWc)q-P={dCB<&U;alu<-@D-(h
z`gAi^3$S9ufqk81U>|3AU_Zhn_Q?N#ghHc34MV3L=jj`qBh=d%!;;3y(8)-%phSaU
zl$xI{V(heX(8vxiy_uD3qn^BZv!mlu`1a($AbJ*ntp?JMG3`61y)P5g=?}q$|Mp}v
z1$^+L)gL|4+NfFp<q!{0rm%Mt@;ca%EzlgADk)+Yr>-m2rl5<6Cac#tW=bf3fN4@j
zDOBELMp5IAXz>xOpmNeB`V7=pmKL|`TYf?DklbN-z!5bQh|m#n8tybG@pKlXt5$Le
z#Q{JX8a9bZoknX=;6^j+LbBk%oyY?6pUOfb6NYo0M0YHx3%A+hHJigjRr92m0-HcD
zH~emvmA1vwyz*uquHQGAeyx9h#Ij&!;qaFWfhaFVECA`Fk$AukCNuiT7x!&l=G{V1
z2~YAe1~Xx0OolL0JrN2#+~%2Xksk{-%(E~XaWv%F6WI_0EueX&U3+4~pqnBvvHdki
z!p-SVHzI=qi_c$99iVn^<k`F?vmLrAZf;I<?P!{hz^knS?IX68qV$7*Px7wKyvFVf
zKg?~a6KnF+vf-JpBKd(Sf|J4CpZqi(A$$;1m}NPDb*lwTv*P>2w$S|mw~=ZZ!*6-r
z_3Li0es9X+5*|KtHQ=MsWjFKzd>TemJP-a7$1J8W4{wuRz|TI3ZiD->zP$vpe=n<K
zd&sg!bhv{A^74+n@kMZdp9K35{s@Cjf&vJdGCQCL7r6e56Ch7q(h=si#CAaEzGM+D
z_vImrdExkX4$Cu`ORyhI0KgfZ!`-Ls3kYvK89IN5@PKq8AydHU5YbEs47bzRSl%!6
zFWBse8Pm7tuCqRvH=QS9PoCbs_<dic*JRhAEtCF8fsb56Ia=s{zWB!o-oFjpF>%U5
z#I5sFmND7jo>GR-Dxxuw;jAnlH||3$SLs{T<vw+qu(qjY#k}Uo%mJOlY{o2eC1#vE
zSUfN%4-OB^rST@ub{D2k4|C#)hL7(kmQ`8CQZiq=JqdPq2ltfl*URIZ?v0<O2<6WA
z=?cJW+N<XsO;=KXFIUHMHrH5cx;Ycy6LYfC^TeI3_&jl^JEJ^-Cu_kmTpvx?OWi$j
z6KKj9;a}wi4cM_<XLCod7v@wW(i3>zF!KPOHOySN{kQ_}VZb3x!$7v3287Qr9%gyc
z#_qk;GyEbgjBkvQ(trNMqYd~`ML+1k*p@C5ffzBG9=FDSEk@Lv_46$VJ;`{qHw&|(
zpl>s|N?jx^x+i?e>89yp6SbM8DuVbPk-bPkY)!OJV!y)iyxSs#E>e0;@$g~Prgt!(
zVoUj)KE`K<n9}L-LfDhWB@_{>m+qo{*5h*0Pp#aHD((0%9IcWbjoJnHiLkyG&bh*<
zW*_AXb{<}T&^d(A!L%_)k6iSrnthUG9&~<=r6W!ad*^wAE#1ywnpu_>EVS^^-o9-s
z&msg%ROWe=B@b&FljFR-(@kFq8kzjgcxRua&NxaQI~irm9Zhwv?pOr5g<c_#x?oHv
zai`;Y+5xYtP39UcjGtus5%U|qp=};3jXgAYDJ{o;<9{DWmhHi-d541hFq+@m)?MgA
zV$!GRa%USkCG-1?RNg}vO}{4`rQWa0f+dILsbb7+Y1*<z6Aoh-NPRzG5MSEdTIlKM
z9v88qY3|cD+MDTkdIWv=z{WH#?=8?gqpi5FW~L${e15RBh!d2Ro8P96=(*TN@)J|a
z6M>O`FpiF1b*Vyd!c(jBW@n-95rd6{Cs#mi+kB@@q)Y<}ZA||!v<LWi3|$wnTZC&m
zkXlEHt^FoeVb^Zq7eELB!=XB~+7go&<^Dbn+t4wO$o3YK&R&7%!I0X~bB?_L<CRH}
z74P$k=?nSVK+EJx4sFV9*ErdRhpc6OmIs@ENK_6s{A|#V4K6V;_us5pjz7z!;lyML
zrCTSiA!$t0?7IuSMy?lT#=6R_&dm$<n2BcNps)j2O5MWbFSBN(Z!FAd#Vo{m-1xTF
zJEj)B!kZ|*8OCe&5V5PUczeq~RQaDDDZ-f93Lf#rYEUKc=3%r(_i3HR3H`yMn!Rv;
zD3+#Z=2YQY;k8%6H|+Ui0BZ}yTFWmSG5B5W(l`*C%R$O3-#9~10W!WYV7uC3(4u$L
z;={JqV|0&-g5(PNctDCFj(2qzLj2JbTN&Vr#oTq%gOWcwf>VP?q^KL|9E+c^J4l<x
zIy{K;J(5u`XmP8(w`7j{G<M8Ea+g+rpq7hmIpP5M<B&A%nru4#f~kR?w`ZNhECFN2
z?Sc`+ZU>8j*vG#^ueb9;K9z?FNZD}opjG>jjB(+mB3@6{p0PFB?4hNFEH0bH&1g4`
z27D~5Br0SWQprBaU^2SQ@6{?!?$kYq#S^6vf#C44-R9;3O6qo4Y%Q}zk{mpLXtFz6
zbKAOfR1IH=fVFZ`WMx@-LHQMll>?KacDewB%+e-}DH>~Zi_W(yM=*@;&<7kod+-61
zJd>NmB~RSO{0)p}ya2AdklKf?fd43tE;W1YO}PE`+WMRGjP2u9&xC8cpLme@N}%cA
zo_7r?opi(%0xG-VkvFck$c@&2`hjgc{fNoQvWOpsmaP2&ren5oKzjOO2rVtjHr+nD
zT{da4Pf#PrN{G@(i)1aAcSDWH^WLxQRd<Lboz>Qzq$I7{{J}vYBo9bd$rGXQ1B?=i
zd2uMvfQ&-w1p9#-T41nK?>36icMbe#->%a=X6Ct~0VA(3+gt%1OWm%2<zM1ePfnhA
zb3p4OM00VM+7?ZDKf-6PDrwo+@VrYQxTIx=KR6GuIu6!xT|o|68JR>V>{K4Rx>J%X
zC{vX&Qf`&dW?Zg#h7##4xJ#i^$&b2am#8~c3con&pb<J6s8O;oAE!51<8bSVGr5En
zwuyD7EMQI|TEWMf(;4%BR5yny|H38kCd@aXCh{ot7A28-bq`TalRB}Ci=D(ZR%fda
zc*Y$P#uom!m9NR_D#Ctuw9`oLsEv`{-BQ6q!-sJ=3B^eBASD5gSK936Lkxvn&u!WC
zgv<`PFEpk>8cQFhepHl+LrLC4NARuk0w^6#dUSn?He^w>vu&GyUPuM&6lP1<nQ)KP
zaf!v4?b6I#79VU_(fI^P*m;U7C`HVSdm*!wwyQc@1paOH5Lno0o#yd6v}Dr@wJh~z
zd5px$?jm9)Lw9b4riNu*a%PG5Gb2p&IfynbZ2m8n3DH#YHm#F;uoL3ZhQ6>075C$_
z-1i5$QMa8)*cgiq2+vdsJUX=|KDk&uSCgX@FBUmv|I8jD4$$TPU-z_&+3711m&s(y
zljsy30<yf52NffKsrg7RD;+%?Fj+QTX;GJdP}nsyvK6Ro{ZOIMVan-+`34zHPIQEc
zhK(tXD5>5tmswqz`UbC|FwT}iF*1AbRDLD2n<F?zIKBI*I~KGa{23A)n<u?riF}+I
zBHUrLs`0`&a<wI#7hybfw=b!j%f3o0xteV@2a$J%hs0EW9)f^SJt|LqSHE>pk{Q>b
zvY*+@hk9|TZsbn0^z|3%&5JQrE?%|ODQ}xz6ZO=Uq$BWrRz7SsLm7L)$4Htoo(pqE
z#w?X{Vty!ThFjp22n3l6?M6-SVzn#8`!z-`WQ@Ng#Pw|SZpK3J&f63VmEpQracmLp
zI~G3Z<M%9oEN^QWQTxZfzJ>hlQ!e{V6P#ZtzZ~n@WebDnN|L&QD<zQ<F(>lB7{UCa
z1||7;K$#?+sqk7|+dU6{VhIbgN0zoCWpBuVMH|d%RK}P1Cc(g9yUHy5UHvY2;tG~i
zQ!SSL!WIX#J;^$|(QiL!89G@Wd;&D&J?>o;;+G|Vye<{ZxiaC}Un~YRn&ffV2yt=4
zv|#X}^aX=u(loCzW|r%qp8znp=})P&{=+b(gp;V}vL{EqcJ?F*M{JGWZ!}T#jee^K
z0UP6b`Ppw#vXf0M=`-`%@eo#-eUKln_I#Rx(m05D+$y`jBb^$0$b%y?!4a6@3dqpZ
zll3ltLu<HJ#2VC(xgDlqG^Fhnk{I=MqmQq9_orU|(72KGH!f-s&8SeDZcUlO7P*N{
zxpx}a=-;v&a7k_ouN#&aE5VaDd;rTRW6_LM7rbF=n><mi8a!2_`*$$M+VN1VwjbJM
zh(&AtZX@z(<GOW0N6o%hxLW^<J*|JD$96)0g2#5kbtF@5N9dfly;}bSj;5(PGsWw1
z`DKSWlBX1EjOLvbFFQZc>x=}i$0l}NE}`pE@ykQ?B@%6`YD^^DrsUgTD)0#I1N*8l
zz}ud58;@}InA4gk>Q*8gWkzl#yQV8iL~jQmj?#upjz?MuPo$x^bQ*O*{K%q}1Ae%F
zMy)bl+-PF^X58*}@i_jmoG*6-y|6I-wA~n1rk#XamHY|LwSCXCC!AxCo?m;MTl<|?
z`-+6mQ<w4MlUsR=cS@?~F{}xC>&469x9)x2YGAbOI-alGh?%4|e#Orl6INPKM~$Z?
zI=E#s&NFhu$HSnVQmEgZ9xu_5?)H>_3(<NthEu*6COx1Xlf3rD_DqV6+<%E?M`wOT
zo@Bh-p6uOb?)SgFdHwzMJN^A{Z+>|H_5E+3<8y`P$JMWw?2Rt;c1Ro&$wSLuVYWVe
z;5x1T(2X*l!n%14!}IFU)K^)$L6v{SaIP-DJA3uY8%^x%_*+#F)db4EmVpL;gRH|_
z3NU+!ULo9)Z3oP&1*-_pqGc+GXp-u`|M%*DzGIH(Wqaopx=fpPu^Mw!{@$6TVT<yv
z%no_-YPu+tm$-G%4GFnU%cVxuDe%fDjhDh}RKR6sQD1v3-bG3Y%T0m~n(u7*_dJ!Q
zympMEC#_Jb=b&6J{_V^gD-t<>`AGmB4xgvT!{O*W3T1V57c$vla1TTB1?s{#s6GOy
zC#prT0P2d>`d3WU=?yC4Q%sPOszLP2?|#J$^8P|(x#-7%Mea|3WdBN2+RtTxF>qz-
zICA0fw5<~dfd}IC5s)2bC&y)msnRcDTjuH1nPhCZ0?M=aEGbqy`Y|GZmhiYLEhAe*
zy5c*?WNLqzyZ<O9?9@~o^8^Y@Ae;5p(Q3;Kzo_=I7qN^I6Zi}3G6B1|O4ERk*KA-K
z&9qax$QW5q1d{}Frm_K#RqofzDvc+ZWFv6sDFnP`8N65glEyM3<f|96bDOE4gTN(4
yj{&e^vrW(d^y(xPXg3cZM`)5S?UecY`TF_#`TF_#`T9BW=l=n2mTjZ}$N&IX+aeqQ

delta 6616
zcmV;}87JoIHLo>)ABzY8elJZ~00Zq^ZI9eGlFrxZUm@55JQLV6_Bc*(p6nhL$pUvD
z4hVJ^xDS`Rj#^T8E2Fna>Up_=_qShF@kJCxQj}Wl_<(7^o|#tFL$XK~i^XCoDvLHu
zi=@6xw_ly;^A<keefKT?eE0o_x9U&$y#Mz5_aDA`_x{~~_517V?>~J1;j6dr;J5c*
z1#eGPA@y@;+OQ6Sud=&3+$52eZtVI0)6eSV%ixFRkmq6j_~(D@lc21U;!RT?>L>}q
zs>;$RY}2v`A~8^cq}ajF%O9=;+X_JZKE2Z5kF&o%B+;Qw6!f$R+P(TkT;}l0C9z&9
zyulAuSciFkP=tB%rx%Rs#h(Wy{6r6eFw4sOBo5j#XzQ?OQf!n7^omg7_f=Z7NxcoD
z<os7zn{|CC+B8qrP#)pDdj0F_Y?l=4I{E#O)<C;DJ8K^+r3I3weQo$M0ST<z8wXcj
zZ5yI^b+KBVMP;2tdAx3tu#WcYO<J6P{qACQCMvXluEG}Tjo;dfGd*c9R#?D-UCEJ^
zF5PKQSg-ka?b)QRJ+pPKRzO{5i2?p^@U;XFqbO;bF;ql~!s=>t_`uIeBd6<q@ksPH
z>wPR3`n^s!*acr-n=ugL6mu1X^u<n89Pm>_E$5?iwnbq<l+Iap<b?WL62>IosxEQx
z1+Y?of%wbqaEdK7gFFVgMc7c)HC1ocsIEY3u{MrquVY2}cj`t(ep$K+VyI@+mUWsm
z69(^T1j)x4RLe(@cVUgBogk_F;OloLnvc-VfaAlj>nf@91{k+#mNcSZPECV+;nm<v
z6E)4z&nak&&X9adsEfY1scZjmL6dU87E*P8W{KN6M$ZVGJvOTjiS-#|-t5CV`I4kg
z74nxmBlnPcmNqSpZJW?Jkl`zzE*t00ird);{vAH(?!VBi$0fO`k|^D#&_S#t(OgLe
zDv!#H*?>U)BkiRV>cQg%ibb={5V=9<{}C49PG3mAj5(H5)lR0{IQ%i%O<;^on3HNC
zNn;OwNv43(kEqm6(~S;wc~a^B2pSW&4V&LU-VN^AlRpC)f9=OW-6375=)tN^@30)C
z{EQu{A@f?Su@(k=bZ}8qU=xL!m<a`ycSKT}QWWD|M_Jf3mZIp{u&hnOi;Jg}hyT9_
z$_nKlW`BCo)(2Y?kyI;olcdGYt61|C5jxJ>>1CWCE)SJ53BJCDfA8Vnx69gRKmYqr
zU&zWqR!o(~f78|t*alk^4nQ>%3}ON@e!2LzuSx2=Mcldz`Ti{X?#HH0@~F+G`Y-fn
zhazoB{9Q*e?3f!`q9E2=DU#PoR-&;El1gDb(UX9G1T*i}ZOOnZP%QT`)`a00_M=Ko
zKH`r+jtsdY9pT~?3itxX{}kMx(QQN1I4t7ezD`XBe|DbauyXzJllmTHl+W^j8G1s}
zKtJRG!xpliAWdDEL7+*qKP{{Faq1EtX!urf1`}PlhXw{)`$*~$=R#koVuom<jgz~o
zrSlSeh=RhO2KfrYkI}wfvk7v)hFUBmWc;x0Vz)tLtFIz#{4FWkDWb;Duq21biD8o1
zyM-FdO^?^Sme>pa-JmT077DqC#Ao^h$;zFBRapxy6#Fty^fAB}MZV~Y!xPKWh$OFr
z7xLL9@V&U0jT4vA?R=01xYvUk;kR?pz|>c9-b9lj1w9Q-2I{U+N0z7kZ*b&wlWPS|
z0wBnfy9FhGf4Ke3YJ>I$)_Qhijd6o(iKek^qWd+OwUM^$gZ!Yi+D?6B-Vkb>AB9gi
z=pCuduzsBb@9#hV*wvx=l1E<^d5=J(MY{}s`1)no*R<tYLtV*0VJ&a8Ej)pLL<x!d
zFuH(Ot1XZ09oUx$?_hm^S_Qm)<VGQ#l|sR=c9V~Pw;%d<m)2#GPujGcrn{(~$9ik5
zj(5?cZuib`*8+CB`N7WkJu_!K-2fsC=m|FIHAo|9(p?c|Y{CYgZl*b8pfFmU%!Hz1
z?vo7{f^vLeofBjH+#{*+qm(@WSZ5%&u;wNI&WoKl-{2%1=T^qaxOYzY*-$MEoNU73
zzpl!EER7y%gbSx2_X37616pwad!alZaT>l_+S$7f5AB`@zYRRT^zaJ{5~TW03FRe*
zp0-e$d}N5Of;9O0xVQy#M;#l!c_O_oq~P5hM@4KZ2*;kY8jNiw=P%dhq1I0~yN9!&
z$_}7ny^SF+BUs1ueKvi<7<yAbs3HgBraTmXaYGXZPg9rCW$Zv$!XFXp+*NVb8HC!x
zAr&lN$D5t73Wmj_0iLfJOcr2r!h%*mRwXo-S*mHX>|KF{!}+`F&J8tpnSP9p9pZH*
zvEERs#hh;axYiC#d@VzJhn&WcL8Us{V+WEkrcA4gACfV|szcHrOC&dxjPfxe;ZsL{
zm4=}Ziq$yqlIpPx7P0qZ0W_h@hmKnHPq1x9tC?3lXj53l*RE2BYlqFB<3cfSy<L0r
z<0I7V*DIhj#bxnFuhH0cpZgW$HW;~4K{SiRlQpzrHFS>5oCw<zjhs!`q)~qX74r34
zE~`4(rVj>r{!9<380@tU%`Q(E_!XXiL8#(nd~5N@D9`RDmCmQGm7uKqhKD2(WdPAR
z5?#oz&@+tcFQ;AIx((}H(h8b9Yu2DQcH9}QJ&YP0`{<Z~!ea3?E>S#4WL@(<!AG<@
zc-;S#wZCkWQ{6Fj-~avY!*}oB4(|WHf4=|wSw76Gu+GaECh@r(4X=ai%Xj~Oa{2aR
zrOgc%(#SjsL0y(@c{|lCT)hl_N&u&(i^ZT{S2S(oq=|SqNyP(65)8+H>IC=u1m=9L
zhE9ZJ3JRYnc`mao_{Wbw2US_OGTx-(I)R~MW7<OzZq&BQZ3vjAuY+xvHOYlmC0-+D
z!SW+B)vFDq=RC-HSC@w>IOi^Zm<z6vJZixW5C+iI!)CQZbJGx&Dy^U}-<?KgpIR86
z6nz$lNe-%rDX4QpNv;cyT&*>S&2MWkQldSouTH_4;3N~OE>8}*c{f$hUOSf_U#W|x
zs<8PQX;Q45S{F6jaP~#az8mz4>L44^d-aRc1$CjcOWBO~V<OIbPlscFOuBCSRa8QH
z7#@ks?C~{*<MiP~h>kccrKOR+L_XN(oa_8UT;ZnfBX?ePR!{ynHQngqHoEcqn8LNs
z5Hk^wbFOol&;}Lc#{qhj$+^blnEiP*&;a<A>>2n&L+r6Sk@0YFfXxm~B|7|R$46T8
zsG<Qk998B~YCa3lP<2OtP#=8gma>+ilMahgT=xA^dWS;7_b$IYHzEw-MLc33y9;Mz
zp^5F|`H*D@#-kJZSTf>{2_Y|`%gB{*K43Hm8dlYTc<H;F75ZF@q@};lbrxJp(`}q=
z&wov5&0B*hi)Qyr9{r39Kzz(H1pAt|!J7arWG4N6y4%CbOPkGqe#sfz<1SV(n(S(s
zlP#gnq5=I8W&yLu;1Tl&nHK&g$+jP(unIS6mbQ<<QxNUT`y#ka!2sIAZveJ!k~WQl
z{I)3L0K0|`tLV2)TF6*)`l1fOrb*f@K;nY8#y}%V|MKZ(tQKI!h{NeR$-q9&@NjyB
zN$dyz357<78ir1PJI>QLI7g_rF^1rblc7V6W<iMt!6-F9N5eQ_<xq_s)Oj;2m-;+;
z^JYg!gYeUn0|Ulcu(296KE|}~nD)L*P^aGo7yj<aW(scLMXO(WqP0=A0LmdApiE)!
zCggRnAzPq1G*wc>E>2xns!c(62u)V6am<uZ0Mn$5QmDLt$Bd%J9ns<=SV85aOY|A2
zuPiNY*SGvK-XXceqwphYCJ><`;xyc8P~zz<NLQ`o5{d(WG&F1ylRAyopuml0)`euj
zfjf}}<Uf^#MkWmBI*IOB026Mr$7?o+hpOgDF9kM%UT*l^EGun`rFo#uJY2tTGX28!
zh-Jad!r?c67XndU0$2djM<emz6ijCF#25E%UFO|FPYDn5G6pkYWxT3BQaus&I^5=&
zZcHBwHoO5p8*wze*Av+g?<=5rrCobs!=RfYFtPnLM}5udPd6fi0*lXIP930jN8-i2
zCbJ#7DMoBgbM0uFkHD*~0__RgN)hS7CwZ@AUSoHEhA-we)rmEEYT5A2*KYj46v4^B
z=1+c_ju1YIDa>y4!@AW1rdjcQVq55bFxN;mjiIKz?)ufPH@`JyaS0D!xEk<eblDAk
z0H21D122QW#4(GX%fs8G7u>Q>qTArUtZy%Y?BB{N*&ed&5gqOzfxNsUZ+sElC&501
zKf+*tlb`^CrpylL!3D1W<OIkQmvmgWEwLTYxvyC?$9;LoVqQ4@ox}1B<`V1&6990A
zqHy;q`vHVEo(!G8LwG<sk&r21bckps1csJrY%K2&`WI|=#Ej|NbJtlP%$v>=u_sS&
zU;MtW(rdD7(3VMmq`*h6TpTTQU;JYP@81T0?wB}bA>xMhDa)8_a8D`2XBE+y$Z%Gc
zj~n+PmaFuw>T;htO<3DhvtnLz<SqHmVK!ryxe~L@9V{N0lLv<f=F)hRXS)m2r-wQ5
zM8n5-6w9hCV=0-hn4Sc?yKj0*`0M5IO?RYEQ-pHA`E&)~mE_gSj;1TAmzQEWn`<n8
z4cnZF?}<5C>3QN#R(zhg)16VCz>~G$7_N^d?4|CVxCu06NAR!mf(GnZUaz^M*9&v1
z5$Op$Z<u)i&l+Yf+<shv_b}j)rePr4P6NVc7!NZVX=C?Z>KT4%6vj8kNa<gH;?V~D
zsG=WqU~Eeli9n1PIgVT77Nf__`uP@rgq~zPvYCZhQGm0VT%|6O7TpuR<aDd@v5DHu
zQWZgbkH}u6AhssjC$V4Qc;0OhLKhXhrr7T=YSTNIPqC$ZP9Nj5LrkgTcp>ab;}VL9
z)k}BLKI?Hg>8Dn1MwNDa7>-s+k4EhR{6tvaE9YEcRI`ur1v?Kf=o~`mVA_~}qem|K
zRLwrgG7maG$I=m}hQ0GV!Io}kFwHDW3l>`VXm8)Pm1hxxB`Wj0%94jQjmdG|-sz^V
z1dU97XS}mdQfC|`kDZLN<&LI0S9dIe+(NIAM_n+clep7yJ?(&3vnF$m7RFC9{fPN(
z*3dSOmBt<#ynvPC@xKow%WU9()x1MNei+SfZR;*{Au;Jwbh)#QoRax{Mk?<ijHcfc
zj#BT}Wx*1m^0X-Cwlr;7qX~yG45YpvFo-X0ZY}h5bdQTz(KPpI8|}?>JQaXGd|+c5
zm-iNEp1oDv%`#IF5k5ayTEq#;%FS<6NAz55Bl(Fb<wU?p7)M91y0jR7IN_<)d9$-n
z_lUtp!jmhYwr#%CCQ_yWg*K-D8`=Z>JBF?c*p0b09Z0RC#MXWjtFUXg@C_h@fZ<Rb
zT5XBRi*kP-hi&MXM`U}8NoTLX%V0?D=sCw;fbq(Nzl!&H#q@=IZJ1?pC5JZUwriYh
z!$a0GKg)wnBq|3Rem3ZT#|D>}nEP+mET5fa(r{ujh0?7P*N`BkY4+XaRU_9cGh<!l
zR_Epgd(1?$aZuO+ETwK?@|RgN(l-|7v|<+GJZ^m3;~i6rUg1p?-wfk5dx+SzPrSY5
zAFBM%CyFp;wt`1|u^Lnfym=U{(S2H{aYBEvsAex5ilr%<IaRoSR(S1I@C|!@3Se!a
zSZnzMM-2X~c4-`l&E+7ylW&|Mr~nyX7_eRKFlf;`YVl!P>oK}VML}`}eLNt=5XZZ^
z3n6|o#a0HmVlj8!^q}M?M{sHoiF9luon!Gcb_Z$GSceC3zDF|Z1ubs1_m<3YpT>?k
zNbb@K)N-*cM;su3zaNsOU6W0xUobV$^Y*NBm?dD$xLq)U*zI635c~Ld==D}!$fxo!
z0Vx}f9<*v7k})p4RK)Aa+B3FBn?1C&ki})QxEbxH(SVO-P(+0cLn_%P8B9i(`Mp}j
z$(_0fv3Q~sA`l!Nw%goXKuO&Wi>+n0NRopGO?F3XZd;dsj;dk$f2@_0A}h<v3(BuZ
ztQ?pWwbKP4WR^B*Owm}QTXeovIf7wyhd$u&*@F+5<eA(gE_vcM=5Js;;{|Zth15QD
z1^lBpy438oH{tf%YwK^$Gq#UcJrl0&e&RvqD}kned)_sqbkY%52&n9aN8Y&FA~#y=
z2e$F_BPJ(*%OZXlTC(;Bn2y=T0qN<BA+)q8+jRTrcG;xGK0%EfD<MiFEt0id-VHS(
z&wIbJSKT3&bXHq;l9IG)^9KiskUSt+B~OIH4=_q7=Eb2v12PJ!6YK|WXo0~_z1t{4
z-!<^1eY;Ngn3?B_28_JEY;y&4EOon<e~H%`IeFrL%>k{C5Y5G1YFjkr{Rp4Es-$IO
z!}BhM;F6Xde&IaC>Nr@(bp<(OWn>beuv2;L>P|_npiEW9NV!!)n{m0~8A_zH;4Xzu
zB|qwxU83$(DSYFogGT6Rphn5Ue4O53jl-=c&g2qS*e2GQvVb{>Xayf@PG`(h-5jR;
zE0@53n=s#mn#iNnTa-lV)jdQxP3pulE_M>vSe>mx;2C#F7+d&nD_;rKRfK)-Xs40f
zQ5z$@yQPAKh7aR#5{i-LK}rG~ue90ChZqXEp2xB237H*oUuaB&l#M=2{irAthmyR9
zj^JD6Wk))i^yvB&ZO9mCXWKTtkP6l*%$Be<GvOYo;}VN8+ohSgEI!z<qVoxou=5mE
zP>Prt_d;eVZC7=+2>fpK5Lno0o#yd6v}DuEqmzIX6*@%sGb2p&IfynbZ2m8n_0LrD
zHm#F;uoL3ZhQ6{275C$_-1i5$QMa8)*cgil&r}LLI<+P~xmdkalg|_{H6>-b%pM{R
z(B-*b_q2=I=_?YK$;84Yjbw5;%it#7Orh44YTJeiF@RnP@hpkcV}h8JGMbY!6(fIS
zd7>9{jvfw}ESs*hsLMYn?3x+b3RJd!s8HxI<@CaQgN!C8I>My7#uP`CRPUI}tgcLb
zgI6vXXUm`%nJITFzY^Nb5ga3&-t*HP3tA8U49R@WlisgHK28l0?l4-_cwrp5+7ix-
zFdn+wmsHMWU!|42#5S9Q$UDPBVk&<RK|rV;m8ZU|-?}KtjO$R@*X%_*y|`32a;I7P
z`iu1D#h5A=ua)YQw@t5!dg@Bj5qLf;_p_RzjJ?caBuyF5g*hW*mdZIXKa@1XEpSQ%
zg3N_>qo#MU+7;qm5+fHf#$SlxdNz7DV<C9wZHk4;a9yl8wg~qf3m^3Hdlr9|H<OI0
z{bOHMLjLwCmwl!Q&M%Z-j&<#_g~4+rNnOE}l1Pb|6Zv0^V17}9l6*X%Op?x2c&)DO
zUIst1goW87OIwk$x52=o4dyf|<4b&NUSP0YWyblgeiuA(1<R?a7R$b2iv!x8WS!mU
zw;!|&oh;`&0UGii_bv+Y%MyQHmx|_GnQ-kd76Teh@;GdSxVT|jFnCe=g26Irn%5XJ
z%XQFC02ti#r&L=1ZkSTSNz`-MlcQccdy<4Bwnpzenkf24ztw|)jd8vF?6)Y{$)=X{
znR)Ga2&>FK$PZV0K21Ss9K<|smEGTwP7OWe!4a9@2+VK=WN7NidY6BpHC!uV4eH0-
z4%09i()J2TjQYCK$Jf2*QZIjK+(`Nx7qy6HRH#k2rUqe)=pboecYn(gza_aTrfyhF
ztVB%S@KGy6i$&d2UD}5EY;r%fYQ$8HKHtH_YRBWR+I~EjApouQyMoB)itDNcoiF>|
z+iLx9^R)ii9oq?69ov5icaTiA9iekx@oN3EHk#(=%)GA0C6yf}MxIirF@$$gknH^I
zt~0W_9-GZ|xh$?r1uYNNm&mTIsxgsen=)>LeZa%E59~*UQQh`T+jwrX$3)gVJGT<n
zDARB&DK%Z0A$n%NI6oV%Gak7hJduXt(rMIH@QH;e2mC~hT4jH{t<l8x9k|`s;&J9<
zIaKZlda+>o5xX&#OgsLzD)|!}X8RsuPdL0DJ+$^XtoA#k_7w@Ar!I@fC!z8f@09$`
zV^|aP)~naSuiXo&)o5tj9XwyT5i?0`{9d0oCakoejv7z%b8xk0oM+@(kB1dIrBJ_%
zJYJ$9-R&tCqV<1j45##ab=x8zS)0r4$=+?|e*fFMx8GiW7`*@O?eqKJKFj9{Es?8V
zF4-Gh=uL<?B$9`gzrt*N_{h~;{jnRmJcV`h7Us&;p{cL3bc5Reis4*ceslKbjW?Ru
z;_<htAgT$J{a6MXY_kq;DZuO@dV_FFwjD697OWyXi<W<>AfidC|N5V+|Ne$Ko|o;N
zH|R2L+Qn+jQTcmkmWD0LyD~fE$(!k-P+sEJK{q7iIxUwPRj0r!qcmO$uTcS)nMHl=
zv3M6LB`h}yI%vMh;Xmi8EakOh96f1;QauOda`CTc-dK^y$xj04aQHku9u7z6Q7Egc
zyO7BagL{7%k}psfzCra7Ks`|{f(1}ltk%C^qE2s65uaj$lvE9(Uw-ooW{~$6BFjZT
z4lHti`Xl>Sn$mtQ1B`(yQ^%1DkEd;&I0!rtuaAK2FgrOeGfb6!3EMJHr_Ll}!xd1T
z#b-&e+R={@v4qD}X&Kof(iPuKCR6*%-2F!>VW)ql;+Q8;SOVFsw~kg@X81+5m%WH(
zl$gL@SeFUd#Z{UHe7t4@(`crh(nZF|dLo!4m@}0Pc&u{2Tvlm3$s`+rL#H9&HOt_=
z;g>X)5g}i_n4Q~91swz~DS8Zm6`O5>2B23bsX)7VI6{;B(N3A?&-3T`^Za@KJb#`)
W&z}(I&-3R*pZ^0s6Kh@o$N&KP+W<EJ

diff --git a/policy-rawhide-base.patch b/policy-rawhide-base.patch
index 7d99ec3a..4b194df5 100644
--- a/policy-rawhide-base.patch
+++ b/policy-rawhide-base.patch
@@ -38430,7 +38430,7 @@ index c42fbc3..bf211db 100644
 +	files_pid_filetrans($1, iptables_var_run_t, file, "xtables.lock")
 +')
 diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te
-index be8ed1e..fc9fd0a 100644
+index be8ed1e..91d1296 100644
 --- a/policy/modules/system/iptables.te
 +++ b/policy/modules/system/iptables.te
 @@ -16,15 +16,21 @@ role iptables_roles types iptables_t;
@@ -38543,9 +38543,14 @@ index be8ed1e..fc9fd0a 100644
  userdom_use_all_users_fds(iptables_t)
  
  ifdef(`hide_broken_symptoms',`
-@@ -102,6 +123,9 @@ ifdef(`hide_broken_symptoms',`
+@@ -101,7 +122,14 @@ ifdef(`hide_broken_symptoms',`
+ ')
  
  optional_policy(`
++	container_read_state(iptables_t)
++')
++
++optional_policy(`
  	fail2ban_append_log(iptables_t)
 +    fail2ban_read_log(iptables_t)
 +	fail2ban_dontaudit_leaks(iptables_t)
@@ -38553,7 +38558,7 @@ index be8ed1e..fc9fd0a 100644
  ')
  
  optional_policy(`
-@@ -110,7 +134,15 @@ optional_policy(`
+@@ -110,7 +138,15 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -38569,7 +38574,7 @@ index be8ed1e..fc9fd0a 100644
  ')
  
  optional_policy(`
-@@ -119,11 +151,25 @@ optional_policy(`
+@@ -119,11 +155,25 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -38595,7 +38600,7 @@ index be8ed1e..fc9fd0a 100644
  ')
  
  optional_policy(`
-@@ -135,9 +181,9 @@ optional_policy(`
+@@ -135,9 +185,9 @@ optional_policy(`
  ')
  
  optional_policy(`
diff --git a/policy-rawhide-contrib.patch b/policy-rawhide-contrib.patch
index 832df906..ba887b82 100644
--- a/policy-rawhide-contrib.patch
+++ b/policy-rawhide-contrib.patch
@@ -33050,10 +33050,10 @@ index 0000000..4501460
 +
 diff --git a/glusterd.te b/glusterd.te
 new file mode 100644
-index 0000000..ce9dd75
+index 0000000..d474c09
 --- /dev/null
 +++ b/glusterd.te
-@@ -0,0 +1,312 @@
+@@ -0,0 +1,313 @@
 +policy_module(glusterd, 1.1.3)
 +
 +## <desc>
@@ -33306,6 +33306,7 @@ index 0000000..ce9dd75
 +
 +optional_policy(`
 +    ganesha_systemctl(glusterd_t)
++    ganesha_dbus_chat(glusterd_t)
 +')
 +
 +optional_policy(`
@@ -88942,7 +88943,7 @@ index c8bdea2..beb2872 100644
 +	allow $1 haproxy_unit_file_t:service {status start};
  ')
 diff --git a/rhcs.te b/rhcs.te
-index 6cf79c4..5279416 100644
+index 6cf79c4..5e106cf 100644
 --- a/rhcs.te
 +++ b/rhcs.te
 @@ -20,6 +20,35 @@ gen_tunable(fenced_can_network_connect, false)
@@ -88981,7 +88982,7 @@ index 6cf79c4..5279416 100644
  attribute cluster_domain;
  attribute cluster_log;
  attribute cluster_pid;
-@@ -44,34 +73,288 @@ type foghorn_initrc_exec_t;
+@@ -44,34 +73,291 @@ type foghorn_initrc_exec_t;
  init_script_file(foghorn_initrc_exec_t)
  
  rhcs_domain_template(gfs_controld)
@@ -89180,6 +89181,9 @@ index 6cf79c4..5279416 100644
 +    fstools_domtrans(cluster_t)
 +')
 +
++optional_policy(`
++    ganesha_dbus_chat(cluster_t)
++')
 +
 +optional_policy(`
 +    hostname_exec(cluster_t)
@@ -89274,7 +89278,7 @@ index 6cf79c4..5279416 100644
  ')
  
  #####################################
-@@ -79,13 +362,14 @@ optional_policy(`
+@@ -79,13 +365,14 @@ optional_policy(`
  # dlm_controld local policy
  #
  
@@ -89291,7 +89295,7 @@ index 6cf79c4..5279416 100644
  kernel_rw_net_sysctls(dlm_controld_t)
  
  corecmd_exec_bin(dlm_controld_t)
-@@ -98,16 +382,30 @@ fs_manage_configfs_dirs(dlm_controld_t)
+@@ -98,16 +385,30 @@ fs_manage_configfs_dirs(dlm_controld_t)
  
  init_rw_script_tmp_files(dlm_controld_t)
  
@@ -89325,7 +89329,7 @@ index 6cf79c4..5279416 100644
  manage_files_pattern(fenced_t, fenced_lock_t, fenced_lock_t)
  files_lock_filetrans(fenced_t, fenced_lock_t, file)
  
-@@ -118,9 +416,8 @@ files_tmp_filetrans(fenced_t, fenced_tmp_t, { file fifo_file dir })
+@@ -118,9 +419,8 @@ files_tmp_filetrans(fenced_t, fenced_tmp_t, { file fifo_file dir })
  
  stream_connect_pattern(fenced_t, groupd_var_run_t, groupd_var_run_t, groupd_t)
  
@@ -89337,7 +89341,7 @@ index 6cf79c4..5279416 100644
  
  corecmd_exec_bin(fenced_t)
  corecmd_exec_shell(fenced_t)
-@@ -140,6 +437,8 @@ corenet_udp_sendrecv_ionixnetmon_port(fenced_t)
+@@ -140,6 +440,8 @@ corenet_udp_sendrecv_ionixnetmon_port(fenced_t)
  
  corenet_sendrecv_zented_server_packets(fenced_t)
  corenet_tcp_bind_zented_port(fenced_t)
@@ -89346,7 +89350,7 @@ index 6cf79c4..5279416 100644
  corenet_tcp_sendrecv_zented_port(fenced_t)
  
  corenet_sendrecv_http_client_packets(fenced_t)
-@@ -148,9 +447,8 @@ corenet_tcp_sendrecv_http_port(fenced_t)
+@@ -148,9 +450,8 @@ corenet_tcp_sendrecv_http_port(fenced_t)
  
  dev_read_sysfs(fenced_t)
  dev_read_urand(fenced_t)
@@ -89358,7 +89362,7 @@ index 6cf79c4..5279416 100644
  
  storage_raw_read_fixed_disk(fenced_t)
  storage_raw_write_fixed_disk(fenced_t)
-@@ -160,7 +458,7 @@ term_getattr_pty_fs(fenced_t)
+@@ -160,7 +461,7 @@ term_getattr_pty_fs(fenced_t)
  term_use_generic_ptys(fenced_t)
  term_use_ptmx(fenced_t)
  
@@ -89367,7 +89371,7 @@ index 6cf79c4..5279416 100644
  
  tunable_policy(`fenced_can_network_connect',`
  	corenet_sendrecv_all_client_packets(fenced_t)
-@@ -182,7 +480,8 @@ optional_policy(`
+@@ -182,7 +483,8 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -89377,7 +89381,7 @@ index 6cf79c4..5279416 100644
  ')
  
  optional_policy(`
-@@ -190,12 +489,17 @@ optional_policy(`
+@@ -190,12 +492,17 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -89396,7 +89400,7 @@ index 6cf79c4..5279416 100644
  ')
  
  optional_policy(`
-@@ -203,6 +507,21 @@ optional_policy(`
+@@ -203,6 +510,21 @@ optional_policy(`
  	snmp_manage_var_lib_dirs(fenced_t)
  ')
  
@@ -89418,7 +89422,7 @@ index 6cf79c4..5279416 100644
  #######################################
  #
  # foghorn local policy
-@@ -221,16 +540,22 @@ corenet_sendrecv_agentx_client_packets(foghorn_t)
+@@ -221,16 +543,22 @@ corenet_sendrecv_agentx_client_packets(foghorn_t)
  corenet_tcp_connect_agentx_port(foghorn_t)
  corenet_tcp_sendrecv_agentx_port(foghorn_t)
  
@@ -89443,7 +89447,7 @@ index 6cf79c4..5279416 100644
  	snmp_stream_connect(foghorn_t)
  ')
  
-@@ -247,16 +572,20 @@ stream_connect_pattern(gfs_controld_t, dlm_controld_var_run_t, dlm_controld_var_
+@@ -247,16 +575,20 @@ stream_connect_pattern(gfs_controld_t, dlm_controld_var_run_t, dlm_controld_var_
  stream_connect_pattern(gfs_controld_t, fenced_var_run_t, fenced_var_run_t, fenced_t)
  stream_connect_pattern(gfs_controld_t, groupd_var_run_t, groupd_var_run_t, groupd_t)
  
@@ -89465,7 +89469,7 @@ index 6cf79c4..5279416 100644
  optional_policy(`
  	lvm_exec(gfs_controld_t)
  	dev_rw_lvm_control(gfs_controld_t)
-@@ -275,10 +604,57 @@ domtrans_pattern(groupd_t, fenced_exec_t, fenced_t)
+@@ -275,10 +607,57 @@ domtrans_pattern(groupd_t, fenced_exec_t, fenced_t)
  
  dev_list_sysfs(groupd_t)
  
@@ -89525,7 +89529,7 @@ index 6cf79c4..5279416 100644
  ######################################
  #
  # qdiskd local policy
-@@ -292,7 +668,6 @@ manage_dirs_pattern(qdiskd_t, qdiskd_var_lib_t, qdiskd_var_lib_t)
+@@ -292,7 +671,6 @@ manage_dirs_pattern(qdiskd_t, qdiskd_var_lib_t, qdiskd_var_lib_t)
  manage_sock_files_pattern(qdiskd_t, qdiskd_var_lib_t, qdiskd_var_lib_t)
  files_var_lib_filetrans(qdiskd_t, qdiskd_var_lib_t, { file dir sock_file })
  
@@ -89533,7 +89537,7 @@ index 6cf79c4..5279416 100644
  kernel_read_software_raid_state(qdiskd_t)
  kernel_getattr_core_if(qdiskd_t)
  
-@@ -321,6 +696,8 @@ storage_raw_write_fixed_disk(qdiskd_t)
+@@ -321,6 +699,8 @@ storage_raw_write_fixed_disk(qdiskd_t)
  
  auth_use_nsswitch(qdiskd_t)
  
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 2d9d0d17..f7fedd95 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 261%{?dist}
+Release: 262%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -690,6 +690,10 @@ exit 0
 %endif
 
 %changelog
+* Mon Jul 10 2017 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-262
+- Allow cluster_t and glusterd_t domains to dbus chat with ganesha service
+- Allow iptables to read container runtime files
+
 * Fri Jun 23 2017 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-261
 - Allow boinc_t nsswitch
 - Dontaudit firewalld to write to lib_t dirs