* Fri Sep 02 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-213

- Label /var/lib/docker/vfs as svirt_sandbox_file_t in virt SELinux module
- Label /usr/bin/pappet as puppetagent_exec_t
- Allow amanda to create dir in /var/lib/ with amanda_var_lib_t label
- Allow run sulogin_t in range mls_systemlow-mls_systemhigh.

policy-rawhide-base.patch

@@ -40564,7 +40564,7 @@ index 0e3c2a9..ea9bd57 100644
 +	userdom_admin_home_dir_filetrans($1, local_login_home_t, file, ".hushlogin")
 +')
 diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te
-index 446fa99..22f539c 100644
+index 446fa99..d66491c 100644
 --- a/policy/modules/system/locallogin.te
 +++ b/policy/modules/system/locallogin.te
 @@ -13,9 +13,8 @@ auth_login_entry_type(local_login_t)
@@ -40588,7 +40588,7 @@ index 446fa99..22f539c 100644
 +')
 +
 +ifdef(`enable_mls',`
-+	init_ranged_daemon_domain(sulogin_t, sulogin_exec_t, mls_systemhigh)
++	init_ranged_daemon_domain(sulogin_t, sulogin_exec_t, s0 - mls_systemhigh)
 +')
 +
  ########################################

selinux-policy.spec

@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 212%{?dist}
+Release: 213%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -648,6 +648,12 @@ exit 0
 %endif
 
 %changelog
+* Fri Sep 02 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-213
+- Label /var/lib/docker/vfs as svirt_sandbox_file_t in virt SELinux module
+- Label /usr/bin/pappet as puppetagent_exec_t
+- Allow amanda to create dir in /var/lib/ with amanda_var_lib_t label
+- Allow run sulogin_t in range mls_systemlow-mls_systemhigh.
+
 * Wed Aug 31 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-212
 - udisk2 module is part of devicekit module now
 - Fix file context for /etc/pki/pki-tomcat/ca/