* Thu May 16 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.6-1

- New rebase with upstream adding new tests

.gitignore

@@ -3,3 +3,4 @@
 /v0.1.3.tar.gz
 /v0.1.4.tar.gz
 /v0.1.5.tar.gz
+/v0.1.6.tar.gz

0001-Add-allow-rules-for-container_runtime_t-to-base_cont.patch

@@ -1,29 +0,0 @@
-From 129555625ceca2d73faf862501c10fb3ee49b473 Mon Sep 17 00:00:00 2001
-From: Jan Zarsky <jzarsky@redhat.com>
-Date: Tue, 30 Apr 2019 11:41:10 +0200
-Subject: [PATCH] Add allow rules for container_runtime_t to base_container.cil
-
-Podman version 1.2.0 requires new allow rules.
-
-Fixes:
-type=AVC msg=audit(1556617434.540:447): avc:  denied  { create } for  pid=4692 comm="runc:[2:INIT]" scontext=unconfined_u:system_r:container_runtime_t:s0 tcontext=system_u:system_r:my_container.process:s0:c157,c366 tclass=key permissive=1
-type=AVC msg=audit(1556617434.541:448): avc:  denied  { search } for  pid=4692 comm="runc:[2:INIT]" scontext=unconfined_u:system_r:container_runtime_t:s0 tcontext=system_u:system_r:my_container.process:s0:c157,c366 tclass=key permissive=1
-type=AVC msg=audit(1556617434.541:449): avc:  denied  { view } for  pid=4692 comm="runc:[2:INIT]" scontext=unconfined_u:system_r:container_runtime_t:s0 tcontext=system_u:system_r:my_container.process:s0:c157,c366 tclass=key permissive=1
-type=AVC msg=audit(1556617434.541:450): avc:  denied  { setattr } for  pid=4692 comm="runc:[2:INIT]" scontext=unconfined_u:system_r:container_runtime_t:s0 tcontext=system_u:system_r:my_container.process:s0:c157,c366 tclass=key permissive=1
----
- udica/templates/base_container.cil | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/udica/templates/base_container.cil b/udica/templates/base_container.cil
-index 88bb39b..ab9b776 100644
---- a/udica/templates/base_container.cil
-+++ b/udica/templates/base_container.cil
-@@ -5,4 +5,5 @@
- (typeattributeset container_domain (process ))
- (allow process proc_type (file (getattr open read)))
- (allow process cpu_online_t (file (getattr open read)))
-+(allow container_runtime_t process (key (create link read search setattr view write)))
- )
--- 
-2.20.1
-

sources

@@ -1 +1 @@
-SHA512 (v0.1.5.tar.gz) = 38cb9b0c9d42f807d05811631d460af80e65db5631e53230ea129d79d9844eeddc9c3f63ff17c121150afb1319b08cf6da085ce3e18945f4bf76b844365f741c
+SHA512 (v0.1.6.tar.gz) = 1da3cd6e6c4a70b9ad76f3ccc6eb5f2418544ab778ec07145d1c44a7df6092d769a0afe4335e3b8afac444399e7fa720de65d1dfe2badb9a232ed70a3ea36386

udica.spec

@@ -1,7 +1,7 @@
 Summary: A tool for generating SELinux security policies for containers
 Name: udica
-Version: 0.1.5
+Version: 0.1.6
-Release: 2%{?dist}
+Release: 1%{?dist}
 Source0: https://github.com/containers/udica/archive/v%{version}.tar.gz
 License: GPLv3+
 BuildArch: noarch
@@ -13,7 +13,6 @@ Requires: python3 python3-libsemanage python3-libselinux
 BuildRequires: python2 python2-devel python2-setuptools
 Requires: python2 libsemanage-python libselinux-python
 %endif
-patch1: 0001-Add-allow-rules-for-container_runtime_t-to-base_cont.patch
 
 %description
 Tool for generating SELinux security profiles for containers based on
@@ -59,6 +58,9 @@ install -m 0644 udica/man/man8/udica.8 %{buildroot}%{_mandir}/man8/udica.8
 %endif
 
 %changelog
+* Thu May 16 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.6-1
+- New rebase with upstream adding new tests
+
 * Tue Apr 30 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.5-2
 - Add allow rules for container_runtime_t to base_container.cil, Podman version 1.2.0 requires new allow rules.
 * Fri Apr 19 2019 Lukas Vrabec <lvrabec@redhat.com> - 0.1.5-1