From 89fc5f15afa2402db6a51358064c888cc5d8e72d Mon Sep 17 00:00:00 2001
From: Lukas Vrabec <lvrabec@redhat.com>
Date: Tue, 8 Nov 2016 12:47:22 +0100
Subject: [PATCH] * Tue Nov 08 2016 Lukas Vrabec  <lvrabec@redhat.com> -
 3.13.1-224 - Allow watching netflix using Firefox

---
 container-selinux.tgz        | Bin 4908 -> 4911 bytes
 policy-rawhide-contrib.patch |  20 ++++++++++++--------
 selinux-policy.spec          |   5 ++++-
 3 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/container-selinux.tgz b/container-selinux.tgz
index cafd41f5e1b7c5b88e952c16a9a5891d6beedd49..7a78fdfc9244b531df1ecd72c3ef0dfe0bfecec2 100644
GIT binary patch
literal 4911
zcmV+~6VU7*iwFSYx*=Eq1MOYwkKDMC_t)vaLa-O`%)*|B$MFK=O@d%IAM)XlMY7*+
z?-aGf?$%nbh}1mJ@c({Qd`Of;QdGCvo;$PvySt^TAITzFtSS~Yaaph^El7QtZeASe
zx`yk+hxhn-^TQvm^-s8NuWvrwzPN#p>)YEu+`hkkaeZ@p^TUT1!S%5!q+bnXQ5^&?
zvimw(lh{f(_5A<nwR-g`_>new9@S5O`gKQwvLeM>S~hh|f~cypG>%wW7D22AN<fM&
zd|v)|rPx*g;&=5*gCA#qeI#+ih=!gP0o&;}k}`)cmz?!V;|+eSqB_chBFf1hUka+1
ze;SqWGk*|7Syn!fBw%I0>ZqV8Hp&Eg#Zlq=DlHhPH&IN^|JBweteb+RISHXWj`RA>
zzgA~kQiL`6cazpYyE;2#PnFh!mWRDD+$11@kbPX8y}nqj&f>Brah`;fM0LCi*J*M7
z-Oa`7OcfVa5rbOcT|1cR3A<Qf0Y~U4knFSVC6vdU9`fsqI4U@$vl9-K_dj`=nz*xc
z9VAfwn3Z)(=nP4pxg;IMF`*poY@UdvP@q~q0=|!GB<*C&%MZT0G11&XI|GRiU&D&j
zIR(Z|nh~lBmejmQ79QEpP1JlqeN91I26)SNpv3<{qGTX$-nHLc&^1(yw~$w7FL7JP
z=otqWkIhQF#rg^|r@N>o&q?aMLjH0W<Q`JbQp#{_+k`HG47Yr`Y??bOKJAU*-{GU~
z{tKV=xIWX0#OWr54iX)SYbzP4JYHrZ1_bgSxVRrt4<0s9EShZ(ksE~mA5jr)hYQK`
zm}5Dw+R=2Igg->PDU7KJb5t#9?7`<`3TXX^O6@q^=unqOmHtnlF+nSp>)%1%6djC6
z>k25P*BwvD@{qD!5CLJsK*B7I1K#@1c>r~Xbdjb9t2({Ma**;XcIW_E)*{4O81T^*
z=S?X$ToVhSpz@Bnl;#vAc*8i0D76&DpN-2}6Iom`r#$@sWl&Zq|0w(8OIA0wCL-ye
z*fmLutyi(;DWY_ow|j1!ATDoPn*`szgMYX1@BOm&*)M<l`I)R7+={8vWZt>~zOY5%
z02G~J5OW~o&Bfh5O6vPX0#MG57=<?G`rS{IkvwMEtjN>H@w28#85e)oQ35-WhL$Qw
z^j3=GHOWde)<IG!j3@pike6bX-MT3Scm;~(A;Fpm9D_fq)#MI8f_7xI9_a*^tWY2q
zF!@t)ug)qMVs(i#U?PCFh?^A^N$^moCIdSsIjmgYeo{YxjPki7$QDm%X`mnSKwvA`
z&yeO&m_aa*W`9~%>}l>29t`lU;tXcS8ygCPjXiPoh;yMYR5e2eqD{zs#VAS^AEKb}
z(;#0(co*;LP)v}A5NffEkns}kV&@==)mIZXej^2&BWk?HB{@XS8D@#STd1-8B$Tzp
zUhwY*ZTYuQv_2$08%~g{-15m`L6!@l1$kHIWH<oiiYQlH-aPxdh$L@<m+iAl;Cp#7
zABUE)aJzb7cy}K(Fwu3Kw{ez2w@4%q*cL22E;t(&7plU^9^+mmREN1LBF(cwMKl;s
z`_2%k>7=wtx0j^2UlMg!Qbv~s<o5W2m^Gngc7KTySOiw|5*ip14%BH4x+IK}JT1f|
z!SJ-L!^JF8IG1{NALfsiMWLLoRuh(JBSryOACCcLpeJ)ac?kRFi@K-{DnYFE-W!v?
z=6k=my-fIHSYTSG{qvWfx&r8P?zt-V?meVMg$*CRJtb~)8!CjlaxE@eP6swQ2fsrJ
zsrm@IKvs*Dvy2U6Tw1yNbpy2uWc#>Z#HV`-1%vIugEsxFgZs2Di+q+9a-8ns^*q%5
zvPRNWkGlP}u^9pjxcR}>cwekvo_4)-o`TO{b=M$`fTr6b%7pzHeEB%f!-B%NVmA}2
zin&9TE(9$eX`K^O{4&Ha;72KY0Eo^&Ze{GW{97+}*?fc7Kh3R;lWBKbInJmSMqaau
z;DuG0rSTIV;mXUGZasM01yegJ7uxfQD8TEbqc>sHu$@f37=>{7!)KPF!s|OHi-<Gy
zw1w8>1M`P8q|xoeHX_X(b!hU?k@UKff_HZulrN+q9Klc(a(=!x4{!Z^lXW}`s;mJO
zyR6wd#PoeOf5I4ga~OH%L4$SK6ba=M2De9+(Pd(Xr-eTt(XOlFUO`2@g<~pMz797#
zVHJ#uCj-1(GlVR_<b(ySeyU1nuCP>7Dy9APW(<6<%Z$WPbu}sZuDbgsI=W0hK_{Z}
zT}h%hv}z@&QwE7@9hkb^=IV_(jX6MrO(^ZL1Id^qGN_9mk}+qZLmEDAk=#)2w!IMv
zpE{~E-rKb7dvbj?+?=$Cy}!9<+xc_Us=p;=Gg{5OdgNSVRkvNGj@J%bEX0LkcD-G`
z`Qa(2d|w0YALUn3#uFbl=zwb>i*LO~W81~l!}?9cB$O_<c!HdU%k5hqc{p9#)dl+*
zIaV3&^FQyeZ-2NRp8t7wb8|ZX^EEEv+J||WG#NQ>N5h-o=JNXTdX|z~y$XINaRwR%
zU1CsPE3RV_LSwo4TFGr!f}596Oz^NHpayGwqcP%kmI^rXuwa%2zy9<~P?a@ncV{c9
zzyvyKCDs(tT5m&Z<AdGzCfGz7CD0z5DGJ4;5t@2@SpaS3w4D0X%9`Ri5=lhzvIvE8
zJ~x!)Ix`};LfWi<4`JnvcTutBPjeoNF~PM=Xfk?otaP<4+40u7)Y1qg6FS10I|x)!
z59K0Up1wT9y^#p@5Y3q0ONh=Oh~6&E9qeyip7)-P2Sgh@>{n6SB^G#GT;`agag(<X
zr#61oP8WWPo3Yr#J|FUraaEwSkKDy|MLp$j-gIM-)fh<bW2)e?K+M!$@%fO;gf^<6
z3`h^RfzJm_j;Wegqv?vb+Ma<Q1H>My6L~`o*c;kIho5$Qq&1H!KH$cq$~;QV(dYr{
zFci@T9|uOPWeiEjMQK6fekr|e2^IZqZ=M?w#_%e|rH|cZ$cStg_H;gG8H34<<vv!M
z#36)`m(XS0nLQsd8UzhX&q%!d-p3V2{R+bP@ADzc+y%5-2w_G=Ss<2YcqDvu)4D}T
zwz-R=Dq5#m%ASJHLA)y;ir`ZU>*fZ&0oaBTmL@^|sVI{GE6X<!__uXhv<ZFuMjbr>
zCffic?(9qy46Cl%BdkdV7E*?LgcD5NcG8xBXTj?JeiD>kXK9`?UJojhk*4d?ZZ}|l
zl(zRE_A@4!O`D#);QmcdG!|D2pft${We$5cDBcBYuAyl|D^esb&fy5wn}Tj9A247B
zI3u|htHXFqWWqvH$sObM&~#eiP_Xgolf4lqlUO{F4OuPwG+nLu=B?I!dd7_?pa_fo
zTigMT^S1VBvM@?a8?*Z~*N!$Yi@e&Z&^}{ZdHz)JrOkEQud!RhjeVQy#F{-xY<T8W
zKtC`|aH>ARmkTe&#u4t+WEAIOU<qV^Dc7(~UFO|-hD*;l!)>CP#{3Rh_hF*t+uvzf
zT*AXW`@U!1S|98;7G`449vi;+ecRq^qzs@fBj!MXqrLBVbg<BU@edKae;cGtb<9Fk
zlKU~sSZ7BRmX8V=F!2{LXu1cy3Y9Z3uVOGybQg8*G!bpn*QEWL(;igdZdO@*+-sJ(
z&c^RMSUfOi4-OB^rSWFZb{D2k4@=^itETTLZmY7)GHcE(KMFP`*ksYuk>TGhk8e80
zaGWBvBM8SU01r*9UUf8<qd{)RbdGYGItjne#P`IUt@J!`XDdEW-1czM(!jH|;1sTp
zChWaEX{HBZI=tjx<pmAcsiW2Vj$SX!xkjWX@P5P019-1t=E5}{rt^n14THArd_edN
z<ME-=!PtFh^-LF*#aQj|_7@qQml4W-klxr9Epq<}q)9TFWFqz(d9I0BPwUhLVGm{f
z$(NibxIfXDWkykV#1Dw<MGEqu@s1>Zg=5UyviiskSj>6iX*f~L(tDUFiKTo=pWw45
z;m7i2A>s*j31y|Sl=+_N+Pp=5(Wjz2l4TA!lo*DI`Ch^ne%5Im7G+|og3dxokw8iJ
zEnB+TgK5vQ23s~3Hr^`Ug_wXaO&`m&gB@d)XAz1eF7v#~$YaPmc$$}Q5X_aJk!f0j
zJvL8qAkWM}(XvbwA(bc}`f<0%ZJ`##-Heg@PGZtv&gE<_M`7rLi+XMAvZ<W)l9a-6
zrcZg67N6|2GMhcJ%|;;U)zMZ#%E}s7wmNzU`Ci#0n8-;=KUwJc77yyDg3^bS#XB>d
zJkv517uf4b`Cx&T?-fx=hGr^GgwGpWi@JkWICOaNIo(>Qd&HpXF)RzzHs>Ivu{PNF
z#%%gOkt4f?M?KoZJ+?j|4NK($k&sQ)WK4J|kG3JNbBG~tgMOkol@jUwgyO)qMYfWd
zEBbWf#5EiUtE=4V;a`ZyqJ?V*g&p9vxzr5|;4-5VBDOH66~jcaJ-PAy*!N-*cx`&}
zMB&w|AbX6(kyp%%o3oprL~)2=fI3YG+F;u>!H){}=i#%#pHEco=;OC_Su*|w3^nyt
z9@_+4ZPwnrEJJ=^H}Rrn6}a^?Itn^f01P%%av`Y3c0)T5W*5KT+v1+w<5pZ^%J(<R
zjfh@(0LixQ(f~f2Hs1r(9m27jpIGqOkrWWb>ZtXEFfATw7jm7)Iu6<T2JiILH)-{D
zYk-%LycHJreOiGEDmLYWMg8xFP!{qxQ4RA}4fL`-VGg4j);zaOuZZ0iyMfs0Fs#7i
z(HCZmS+5ZR9ER|14ggSct=fS4vWT{&$?my^Vs+^#7hl?hMLH?6vaGzICX1Aom1=ED
z!4<}ot4Ui-dgKQ%Od5$JjtQ&G%+$u{W^uI<I2V^#scCyK$5ntFp-AmRSHM3?;-*f`
zUc3pn-(I^#EQ}(TSqel=;YC&x4>Df~wEZB>b;pnzk~%uz6;=~gH7d8_Y-GW&fB*UK
z!9Sou_ayigPaE=7EqmJFYH$RHrz-Md#JN0f&rb%c1cUmNLT#fz;Uk}y&K~H9x%0A!
zf5YF_y=y=(WNWMQ!lO;-jI?e%9uzauwxkuy9~~r05do65(VS2=dzw&<yQaWpIL3FG
zhRj;e6|Q4o+jll8tb-J8+6{c3XDeJHJ`LLRTATCGvD7SVf2lV)n#)l+Y(9o=ODlX-
zS4O*ms|{h{4QBwW;}BiZ7365Wkx3<!%;m8w2$RFGt-A3A-|;x)9DgHOH&lg2@vC^3
zn#GwCXD2w>E^-oyVIbaMfv@nu;bUo&^F1JKVVK*L+KdqseICU-ptEtjww1gAz4rhk
zC7EpKYpYPvK-tUtYg)6)=Fr+03+`DL7-zAb41(oAC+tqe&noIZt=V*tK#)0HcmCXG
z;+rT#3Wn*rwCLQfY(?jqhk{yd^7zuLS=(dagV4hDD%g}Yy6F<2d%H_WMGNgsdea`3
zYLC<Rcx0cOoUyx2g73TgsG2F)4ZYg7p~4wJuS6J%ko1_3pYn6O=2kkKRYQdh>HQ)-
z>8wZGy&1q*>KPxY@_b%9P&>-FJEx~!plS+^PXvT@wtk#C60bU&<m&AaOq4e7{5P0+
zc(U7grh}iW!;rw(p&sWv1YgGQVsIVS8@=~u!k2GTE961Ix%}F0wM1|XIR3J^F5YB~
zC>c(ao9Ccki89(^*tBP5ZwnOTF9!YUSjuD#?5ksU3f{WbbMkJ%Z!xupAPH1U+Ed?E
z2Ru9;m+4T&Z4n>T_YfzLrOt2GedQ?h)y0$wRWC8@l%`FesCo{SlVj6dtN4Cruf(g9
zCJtc9bFX_GJkmL5o;qsdY8E&xaNM5q>YdfGuIK8_MH9&+)30B0J)6ucSqR>l39?Wb
zuB4Ddi*V<M_@Gbch<GI(w4-8>d0_~5wxq7T!j?$ePg6&Pj9`9yZ!P)s#+M@f*6&?-
zE>|m=%gxc=ZQ*|Z$MuIBcsBa`zwb})|M(i$6>bq;{dOr1HS^c|@OaH5EWKiNZtmpY
z5329FX(SIPQhY<mRYU75F#6D+yAn88E#-gy_tk%WFZ9#d+qd5MYB`thq{MPe#fXo~
z@0WmHr$vXi6yUMs&{g(r2G#;)XNy%?!p2PvUeWTnMR{LlO-|lQVa$QoUsI|NiT-dH
z6|rCmN9fP44Cyt<&;16Y_Lc>S4(qFgI={O7{^HMP-dM3ZkIN;|;m9F(5ZvkttQAeN
zbHO@ClUJ?}23S|3wBPV#gEy%1eoc@q6-D&R?|;Mdn*Q|_CqJiw)nN&LWdBO@a}vt{
zV+?t2m$~rdITs1JAmY0NAcvTHj(g`&m6%5uu?pEda1S20X81*iuf2$6MzO+QcrYv2
z#mDpj`0$|(tI+}KSGbyOJrS%WNM_c}f+s5X8~#<JS*zd#9D2flN0-5qf8J;z5lZzX
zOba>}bQB5D^cVnNWsmV(NcpA;9ca5Bj?yIG+UGf4r|Wc`uG4k8PS@!=U8n1Govzb$
hx=z>WI$fvhbe*o#b-GU1>H7bC{Vx<y;R*nt005wCm>2*6

literal 4908
zcmV+{6VvP;iwFSY_#jvS1MOYwkKDEq_t)FMLa+n)F0k)my9sbkS`<k?^h430&9|mi
zv=Vn$v0fFad(`m%-Wfh5N+Kz0S8HF36=3hKH1i`lB!@G@p)M{97NrHLFVoGlBVE^U
zee=yb{Ji=0ch~wSTyL*$zIprX20q~KySMM&KD)kod-LtL&w}e?RY<=Y%Az_5o@IA+
zv?j5YZtD5}=(T$BBKVFrc^=h|zyEnhg0dpTYg#sSOoFJYvNVoZS{6a921-DREqq>n
zccs`?0OEJ`N`oI~e|jKs!-$5S76IGoH<B`kFPEJ4O5+W_tD-u}gCfew_s<2@^WTq3
z_>n&dqAV-#NfNL!V0Bc`6dPp%z2d0weU%oB)SD<K=fAeK3G1d{X-+~YkK??2_3P?v
zONy{2|8CM6Xjf-v?6J~X(DJZXhMNQ=5VH5HvzHgE)mdEDB+iqNlBkY%;W{nOzq+|t
zovGr&Dq>J8ylV$DJz*CsEZ_(o1(JQTy@c|Z(?fop5l025baujl^8Pz7QxkWVu7d=s
zAG5Mf37sM7Gnb^JI3|>%oy`-m6be+!N5FScjijAydHKOtHzt}}XlEet;cHltI;X(6
zNi#xK!IGNy$igH0sfn5osLv^A%K&fr4wU%cNR$l3&AaxC3%Z7i@fPyx>?LmN7(L_Q
z;;~tYw^*M+=5!a;<S9v=SIA%Pg4{#uSxOm>ZJW>~kl~h3mrZkL#fQBS{5yQq-GAh>
z9@l4DkvQF?&_SXjacw0dmB-6W#DGBl0~hxr>cPVXibb>SA##Jz{}L6^cDRr{jX9R{
zsvS+YN%%vwo5GlyFh|vr#vXi1rhwLusML<rjSh8rRO$Z!8WXfqx&960P0_)Kw61_s
zdfoAeEcYqf1rZQ73?$6bIN+`CoCi>MNEc~(u&UELEC(q+V}}lqWi3Lig#jO3ao&`2
z!!@xG3M%iIOKDC~f;Wt_h*C>Y{MopyHIc<7bIQa2p9f`y@{h9bpR>BLH4#Y%#jZ(O
zY`uy#PZ6c#yxnu-1aW!W+9deu4g7lx|K2TYpZ)abAD_s|!L67oP3El|;0s$64nWZv
z1~CUR-dx=6qolrDBmm{?h*4-`uHXGg8OdXo&5As|A3tk~lyUKQ9VM_6X=tf}L~o@?
zUX!duV;v-w!g%6O0(mKB*{z#WfLEYc?h~wuz%lrvT1{^8BWOoP>yb`y$qEH>0h2!!
z_v);IAy$_-1117!i?~@)kp%a3YBI2MlEcdN<tOz$$S9vXf^6}GmInGE4+OT7{S0Xi
zg&70`Y4)dO#UAG_;lTjkD$ZbLys@D$*w`aik2n|lLRB+lAlii7Rg9u!@gWKdKMnF#
zgtzgo4#fny51|&z2pKQoE_M#0Sba5N<2O>UIikjET#`fNoMD#OyM-FdPeNHs>;?aB
z(3XD-Me9T2v*85E$}OK97G${)T99{TPKE<Ou84BQ<;}CNi%9Y+c-}s{1it4N^Koby
z3%9EWhIjWt0~1}xc^zjdbc;j+fo;LU<ASqcaiJ=l>>=(|LUov{BGNn?R78XEwC@ao
znodfabbCpPyCqR~C1rGJKyHsOh*=X_W_On;fkj|NFQI`U;Xs|%pi9Ci$<sni5)4n<
zI$X>mg>$KQ_hJ5MSrp3YYBgbrHewWj_3;o;26{5*lZUV`zNm}Zpc2Gd@4YeUYrgl3
z+slMMh6Sc|+TVZrp(}ts<({iz@7_aNRM_z0+f(8;x1mC)E7#(p<#b?^bMRY~kgAWM
z3uLueIm_5E#-)|JUpG*zK(>$jMSQxaP%zjYJZRI;I=D;gvdCvyA;;-1Ue80_FKZ-C
z^{Crl8=E1pfSVs|jrYa+<!RST=PCFIR(B232xz)3qD<JI!Ke50JS-@TD|R!Xs+c=e
z=|a%rk=8je#V<n)1AdgU2Y~1d<W|N`%fIzvm(4eL{nOmqIGJ|0mE(+RVdOQd2wqr~
zSsFj`5w5&^>DGg{T`;wya-lt+hyuJ^I(idE4cp1oi%|%NKYU^-D!jgPvWPfCPg`hB
zJ}`esLmJ&aY$MX#QHLfE9Z9b%DR_6sLHR-&!VwHrA?K%S^YGTsH(AHCpvoFhvCEpR
zLrmXi^Cyg<H;0jD9yC~&O_5MOVQ_n78C@oJcv|=a679Mw?iEzjTR5hI<?C>>6IQ{f
zcr?JvHABb(OiozP>c^^t<_b$SrBd3TZ^pp)y39x%RacXe@2b0RqNB_76Lcaf-<2eK
zL#tMTI%SZk)`6+pZLZ#!)0hJ^*o4v^JCKY?B7?g4AsKTfI;7#_7Re3OZrdA?@TsFp
z<GoGGz9-jb!_7&H*!!D%ww*smt@>M1Hlx+dt4Gc?R(0D|>Uiz2#X?*tX4l*0n;)KX
z%J((U{!xAvWjyg=gATYBviQ<#G`3w#J*?kEOhV~$izmowxZJ+<k%!ZzU0txBkz<wN
zKL7LX`t7&Z!}C9HZr+^E|9p;1xb|UQCQU}p+tKhUxVgN(yq=}xRxg4dNt}U3L6;bm
z*NW?ygwR-SzE*PEmEh(j6cgO<2&lnY-)M}uouvYfJS>=H!OuVZ6jWu++TGboDlmbL
zT8TA9wAS0u+W27iy$Uu_MhUdXW{N^FX@sU8Ulu@{IW4C?wX&vojzkiXyevYYoX-s<
zxz3CTu8=nC-$Gb<<6Ts2`O}=oVoY!?6Pk>k94lRIOLn|<F10j5$%Kxu<_-c?)I+%l
zm!~feac?9-Jw!96_Y$Hr2%@)3a|iodm*>5w;{nkI5BpWrc8LWZ7neEaXx!xO!>Ns5
zwbO;4;$|%Nu+NA5V_X#|?IU+_T~SZ@n>XDUWHkno`<N=YED$rbSA0I?GNFwsC<D^N
zZQ%0(lVhsp)o8lnt+r?2#{jX%>O|g91NMgY(BY>YA8E~_iVwK)s4|aIb2NH@It)eh
z!N-9SYZ*h*aZy^(xL-<dTS7&D+neV`gfYBIap_}s88RZ<g*~2+S;k;;W4VvjCUFQM
z<Rx?&cV^E=j0Qo&(lZh-zxRHHQNMyP{`-8$GIs&(7DAX&Q5J~h86F8A-L!5|l5K9|
zsEXEUma@m-V-WAk`y%*|!n(PEZveKTgr!N4e<;c%z{>Is1paNE7HvWwzfni`fXOxh
zi90(J1;eVV_6Tc|frXUe9^nL2x1F>l;90P`zn=u9*IAmUjMsz8WTff3wA&4sAEoU*
zi2aNSX49r8FSvix6OF~y0w_%~LYc$f4T?9xnrmp<(25j^i*q=F^`@ZP$p;LW0nSLS
z#p*B~6Pd7(RC337Jv5zGI23Gr`ebj!$s`s}WJ6ZVK229EzIm&4pPq3e3Mj&2{}y+E
z<GihXnk<YG)5h#R&9$Qq%p$M0DzuN-R-Qi<d}?#u_G|3caAV)5I<aO?5*wa570?e%
z6P&6~@ae)!v2lc3H5tXZ7+3-sV9GUYQ<r(Sp5f9n&TyNkrZK-m)_s_0`T93n7MJjF
z&%W=Ox7G*yjfI)mv&V)ne&4qD8Yu&4%ZNEp;ArnV9vv)nU;IM^@81S#QysGqmE?ZR
zGS=A<h2^7y22A`#44Uo%uR`Sv%&Qp86Wv9fJ55B}^fhU}=ClVDxSLfL@AsNzuCwv`
z4i*p0*@MFab7{QUv)zU1)5DT@=BnvCircCzv&@<^%a4MM2{u{ucx3oD%j27lF&w7|
z?Fhp03cy1Xs}~)O<!F%GF`c8FrcT1|Gx0q!XDdBV+}VoH6SqBFv^4N+EjWeiqX~O&
zPnzjLm<})bS9w7LcIs&LzN6O*bFLBT3B2Dh^8ns!n7MFGhw1zwO~asVJ0B1}!+3nC
zbTD@BTRqc-WieJey!}Z==VgSlAEY<7MT^{j0BMp;CYgx+MxJY8*3&w5LD+p+fAA&e
z3GR<HW|>jc9q~OPdy#@XXuKndU*Q<@wyZvK0~T|hcp6R=v-A!oN@6Kr(kJ+=N%*mR
zS%`Q-T|!x@EM>lDx;Af7U-YTyj%1kw4kd<RV!oHKg`agAheerKs-Uw_QY28)UCWkk
z_F&qxtihIzg^jn0cOfPqOw-3Q?O?}P<ynMciOW2%GV&1e4xZ-a8w7JDXk?m}V2{mH
z9LO_sP_!%)MMx#ehko4caa*VbaW`Y+zLS_Vm~%Os%TXBm;G$mJx@;<Ey(Fb@oatkp
zrNsw3t;}YRY_kzadUdo_kg~GIm938ML%vt`048#h(hnATzQu$3si5>eW%15TC(pDD
z#Rc|yQr=sj<$Fa`lA)Q36XEm5)}rp96%HL<d``C(>K-wudJM|~waqz5X{-%4zA>Br
zCvs%h@Tf<7xX0E9q+zLCAQG~Pnv4lA<-s=Obq+D)ZP1Str&1!lpHLjww#Zfzb48zS
zoVbPqVRe;TJ^TytShR5Mps)kHG?%)80bFKuLc|v4v|^YjwkJ2fANx*B0<TR^o+!L}
z5o8asIP!{ladUR_lPC@`3{a;DK^ttFCiqd|{ycm(`16s<9ew<^E=$J0fT5<o%43^g
ztIgV*mu1Kg>?U5ctOB=wMn^%X3V^|eN-hM|*luVC!tCPrdt2O-d)$gkO!@w1xe?JT
z4<OmrT^hhg)8>1Cx<fd2^Aig`I+6l{SRJ*V5T?Z=?Lw~eSjQn--{75|`X;U3ZVm7<
zlDER*zDp}mLB*z=u&Dpt5XwUSCaPiHs)1g%C(L0~!<y%|=@qftVmA;w9flQnJo>_H
zG3zxVfWr{J%>e*Pu2maQUl!4}G}#^3P^>N;<>E`5ut+CGR+g0))MSy;vQn*0DY(Lz
zay4m-Nss&hhDjrF#4%x&nVH%c-7Ky)0_WlqD>ZEo=C}%wBNVB9=nD8pN!-+_*^4*f
z_S<W>h=oz)GE0G|DZI#P;z8ysfwmu{x$YQJLsCZvyufP0sz&8joQ*8_`L93zHTWAe
z=#B(G<7q>ls%1|bTn&!k@Ki-!j5wFa?fJ=Im0(bxQmAe8Cw$=Z(%AzYF?U`T@o)Is
zx_1reg=}qgUU;+#osrg!$Ae-<+Lp9p`GbQ*DI!3!HkuR4W=|8Uan}^M49EB`(~w!~
zxx#e}Z2Qh8g>{g^O}l~5^K6An#HT@<UTbq6I+mJ+?JxBvM{_wUht0>(ZE1y%>dI(0
zaJ3;Uyx|OBbsVBAx`G_7H!`VYlDRx~1z~a+wpBO2;5#0Noa1jK>xQb(D1H_1QnNTy
z;_L(`+eJ<yF$}~TEbtW`ID9N^a=r(oEevy;QkyYiqR*pv2Xr=$m$s5Op!e=!q$HCK
zeQ6ac8Yp{te@$yv*&JFMW5GS^0^=;!lR>Z?=!D&=_*q5Wr8S!l5(qMf>&~D1Oneh%
zNWm~&mlmDdm96Mp^H5N$O&(u*HEVked=Of=UId%6MmJpobZ>VFsc50SNw3<&Qtfg2
z9*^vElQVX^N$`Dl?^QG9x}jIwHdHtR=#>aV5t1JB@l$?|*W5~nvudcYA-!LuC!O_(
zyEg+EOFiQwRi4jl2Wm$dcjxrf3sg<P@ri)2&eo4pN8(jylU%($f{D`Ro&N?i4^MU*
z&vfu}br=#DJJjQxhv3urT@0?ndZYLLO!)F`YK1%qIG11Bt(FLm0mol9*TtKx5hcTk
za`PPYD^W&U44d|>>}`Q!{KcSO9ZQ+4fqixCPQhE(dQRRg_${XP5F~+WNqg$M>VSvG
z<1!tpxGmy?`X1s0vefy_y009CzPgxFq3R`uozk@F6IIWla&l~%YZc$`?3H+R(!>EQ
zdG2+OgGV~&%u`2gT+ITf1&-TOUcIwA*7aPyxo9GpWcu|>u4j{ZB@4kjGeH(A!<7_r
zXc6xG5FhmE91*XigLYI5GA|6_&X&}*SJ)D1`)TTkkP*yp@2w@D-uP0aU;4cZPvvSQ
zbGbR%yDi-B|G56<2A+-n{_pQj@BjE5*A;FNUj1?@4mI=F`|x<p11!B_b#89u-w&#9
zyJ;j3CsKSv$W=q@D=_-dpSuz`S1si~{&n@wuZ4a(d;QuQUoGeIos?LPsTlEb`SlXe
z>$K?bmI6GM9J<QB&cIrr>};_rOW3%n!7ExGw<zz*tjWo1DU3Pr`fEz{A<-WWqaqe8
z;RyZNl_9+b`MKX<)ZVfn(P4d+Q0G^dUtj#;%o{6K=W)3tIvhFV4uV@<fwiJZb}m@w
zX!6SS!2s(@l=cgrZ14tE-meL=rJ{&_`SmY&Uemw6;^gNvusST^kL+J*eokT;V2mNp
z?J^ghJm(@I7est>0OSyJ&vEY@suJ@EBUT}s2kyb+)(pSs@U<7Q%qUj)3lC-myZD$M
z03SZIVKq8H{R&sJttW!D1j)?0S@1;Ve!;(LG;0-{fJ09h@aQsl^3NMBBtogaglR$N
zf{r2qnjQn-tL!133n|}Jp#yFA!%>>#OZz;h>vWy2({;K|*XcT4r|Wc`uG4k8PS@!=
eU8n1Govzb$x=z>WI$i(I*M9-IsZp2!pa1|3bD((u

diff --git a/policy-rawhide-contrib.patch b/policy-rawhide-contrib.patch
index b4f8d8fa..811c8b8c 100644
--- a/policy-rawhide-contrib.patch
+++ b/policy-rawhide-contrib.patch
@@ -52309,7 +52309,7 @@ index 6194b80..e27c53d 100644
  ')
 +
 diff --git a/mozilla.te b/mozilla.te
-index 11ac8e4..653ba10 100644
+index 11ac8e4..9336364 100644
 --- a/mozilla.te
 +++ b/mozilla.te
 @@ -6,17 +6,56 @@ policy_module(mozilla, 2.8.0)
@@ -52762,7 +52762,7 @@ index 11ac8e4..653ba10 100644
  ')
  
  optional_policy(`
-@@ -300,259 +339,254 @@ optional_policy(`
+@@ -300,259 +339,257 @@ optional_policy(`
  
  ########################################
  #
@@ -52777,6 +52777,8 @@ index 11ac8e4..653ba10 100644
 +dontaudit mozilla_plugin_t self:capability2 block_suspend;
 +dontaudit mozilla_plugin_t self:cap_userns {sys_ptrace };
 +
++
++allow mozilla_plugin_t self:cap_userns {sys_admin sys_chroot};
 +allow mozilla_plugin_t self:process { getsession setcap setpgid getsched setsched signal_perms execmem execstack setrlimit transition };
 +allow mozilla_plugin_t self:netlink_route_socket r_netlink_socket_perms;
 +allow mozilla_plugin_t self:netlink_socket create_socket_perms;
@@ -52836,21 +52838,23 @@ index 11ac8e4..653ba10 100644
 +can_exec(mozilla_plugin_t, mozilla_plugin_tmp_t)
  
  manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
++manage_dirs_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
  manage_lnk_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
  manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
  manage_sock_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
- fs_tmpfs_filetrans(mozilla_plugin_t, mozilla_plugin_tmpfs_t, { file lnk_file sock_file fifo_file })
+-fs_tmpfs_filetrans(mozilla_plugin_t, mozilla_plugin_tmpfs_t, { file lnk_file sock_file fifo_file })
++fs_tmpfs_filetrans(mozilla_plugin_t, mozilla_plugin_tmpfs_t, { file dir lnk_file sock_file fifo_file })
 +userdom_manage_home_texlive(mozilla_plugin_t)
  
  allow mozilla_plugin_t mozilla_plugin_rw_t:dir list_dir_perms;
 -allow mozilla_plugin_t mozilla_plugin_rw_t:file read_file_perms;
 -allow mozilla_plugin_t mozilla_plugin_rw_t:lnk_file read_lnk_file_perms;
+-
+-dgram_send_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_t)
+-stream_connect_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_t)
 +read_lnk_files_pattern(mozilla_plugin_t, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
 +read_files_pattern(mozilla_plugin_t, mozilla_plugin_rw_t, mozilla_plugin_rw_t)
  
--dgram_send_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_t)
--stream_connect_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t, mozilla_t)
--
 -can_exec(mozilla_plugin_t, { mozilla_exec_t mozilla_plugin_home_t mozilla_plugin_tmp_t })
 +can_exec(mozilla_plugin_t, mozilla_exec_t)
  
@@ -53162,7 +53166,7 @@ index 11ac8e4..653ba10 100644
  ')
  
  optional_policy(`
-@@ -560,7 +594,11 @@ optional_policy(`
+@@ -560,7 +597,11 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -53175,7 +53179,7 @@ index 11ac8e4..653ba10 100644
  ')
  
  optional_policy(`
-@@ -568,108 +606,144 @@ optional_policy(`
+@@ -568,108 +609,144 @@ optional_policy(`
  ')
  
  optional_policy(`
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 09d7df10..872bf61a 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 223%{?dist}
+Release: 224%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -675,6 +675,9 @@ exit 0
 %endif
 
 %changelog
+* Tue Nov 08 2016 Lukas Vrabec  <lvrabec@redhat.com> - 3.13.1-224
+- Allow watching netflix using Firefox
+
 * Mon Nov 07 2016 Lukas Vrabec  <lvrabec@redhat.com> - 3.13.1-223
 - nmbd_t needs net_admin capability like smbd
 - Add interface chronyd_manage_pid() Allow logrotate to manage chrony pids