diff --git a/.gitignore b/.gitignore
index e6fcc1d..7ece8c8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,8 +13,3 @@
 /adcli-0.7.5.tar.gz
 /adcli-0.7.6.tar.gz
 /adcli-0.8.0.tar.gz
-/adcli-0.8.2.tar.gz
-/adcli-0.9.0.tar.gz
-/adcli-0.9.1.tar.gz
-/adcli-0.9.2.tar.gz
-/adcli-0.9.3.1.tar.gz
diff --git a/0001-enroll-fix-issues-if-default-keytab-is-used.patch b/0001-enroll-fix-issues-if-default-keytab-is-used.patch
deleted file mode 100644
index 953b97a..0000000
--- a/0001-enroll-fix-issues-if-default-keytab-is-used.patch
+++ /dev/null
@@ -1,117 +0,0 @@
-From 9c31bb06590f2d96a2d6d8ce87dc3273c283a671 Mon Sep 17 00:00:00 2001
-From: Sumit Bose <sbose@redhat.com>
-Date: Fri, 19 Dec 2025 14:48:13 +0100
-Subject: [PATCH] enroll: fix issues if default keytab is used
-
-librkb5 returns the default keytab with a 'FILE:' prefix which must be
-removed before calling libselinux functions to operate on the keytab
-file.
-
-Resolves: https://issues.redhat.com/browse/RHEL-78631
----
- library/adenroll.c | 32 ++++++++++++++++++++------------
- library/adenroll.h |  3 +--
- tools/computer.c   |  6 +++---
- 3 files changed, 24 insertions(+), 17 deletions(-)
-
-diff --git a/library/adenroll.c b/library/adenroll.c
-index 20ad198..9484cbf 100644
---- a/library/adenroll.c
-+++ b/library/adenroll.c
-@@ -2116,30 +2116,38 @@ ensure_host_keytab (adcli_result res,
- 	return ADCLI_SUCCESS;
- }
- 
--adcli_result
--ensure_host_keytab_selinux_context (adcli_result res,
--                                    adcli_enroll *enroll)
-+void
-+restore_host_keytab_selinux_context (adcli_enroll *enroll)
- {
- #ifdef BUILD_SELINUX_POLICY
- 	int ret;
--
--	if (res != ADCLI_SUCCESS)
--		return res;
-+	krb5_context k5;
-+	const char *name_start;
- 
- 	if (enroll->keytab_name == NULL) {
- 		_adcli_info ("No keytab name available, skipping SELinux restorecon.");
--		return ADCLI_SUCCESS;
-+		return;
-+	}
-+
-+	name_start = enroll->keytab_name;
-+	if (strncmp (name_start, "FILE:", 5) == 0) {
-+		name_start = enroll->keytab_name + 5;
- 	}
- 
--	ret = selinux_restorecon (adcli_enroll_get_keytab_name (enroll), 0);
-+	if (enroll->keytab != NULL) {
-+		k5 = adcli_conn_get_krb5_context (enroll->conn);
-+		krb5_kt_close (k5, enroll->keytab);
-+		enroll->keytab = NULL;
-+	}
-+
-+	ret = selinux_restorecon (name_start, 0);
- 	if (ret != 0) {
--		_adcli_err ("Failed to set SELinux context for %s with error %d: %s",
--		            enroll->keytab_name, ret, strerror (ret));
--		return ADCLI_ERR_FAIL;
-+		_adcli_err ("Failed to set SELinux context for %s with error %d: %s, ignored",
-+		            name_start, ret, strerror (errno));
- 	}
- #endif
- 
--	return ADCLI_SUCCESS;
-+	return;
- }
- 
- 
-diff --git a/library/adenroll.h b/library/adenroll.h
-index 79eb7a8..5aba81b 100644
---- a/library/adenroll.h
-+++ b/library/adenroll.h
-@@ -192,6 +192,5 @@ void               adcli_enroll_set_samba_data_tool     (adcli_enroll *enroll,
- 
- const char *       adcli_enroll_get_samba_data_tool     (adcli_enroll *enroll);
- 
--adcli_result        ensure_host_keytab_selinux_context  (adcli_result res,
--                                                         adcli_enroll *enroll);
-+void               restore_host_keytab_selinux_context  (adcli_enroll *enroll);
- #endif /* ADENROLL_H_ */
-diff --git a/tools/computer.c b/tools/computer.c
-index ee027dc..f056366 100644
---- a/tools/computer.c
-+++ b/tools/computer.c
-@@ -520,7 +520,7 @@ adcli_tool_computer_join (adcli_conn *conn,
- 	else if (show_password)
- 		dump_password (conn, enroll);
- 
--	ensure_host_keytab_selinux_context (ADCLI_SUCCESS, enroll);
-+	restore_host_keytab_selinux_context (enroll);
- 
- 	adcli_enroll_unref (enroll);
- 
-@@ -655,7 +655,7 @@ adcli_tool_computer_update (adcli_conn *conn,
- 	else if (show_password)
- 		dump_password (conn, enroll);
- 
--	ensure_host_keytab_selinux_context (ADCLI_SUCCESS, enroll);
-+	restore_host_keytab_selinux_context (enroll);
- 
- 	adcli_enroll_unref (enroll);
- 
-@@ -1275,7 +1275,7 @@ adcli_tool_computer_managed_service_account (adcli_conn *conn,
- 	else if (show_password)
- 		dump_password (conn, enroll);
- 
--	ensure_host_keytab_selinux_context (ADCLI_SUCCESS, enroll);
-+	restore_host_keytab_selinux_context (enroll);
- 
- 	adcli_enroll_unref (enroll);
- 
--- 
-2.52.0
-
diff --git a/adcli.spec b/adcli.spec
index 2d022ff..69cdb6e 100644
--- a/adcli.spec
+++ b/adcli.spec
@@ -1,107 +1,49 @@
-%global with_selinux 1
-%global selinuxtype targeted
-%global modulename adcli
+Name:		adcli
+Version:	0.8.0
+Release:	3%{?dist}
+Summary:	Active Directory enrollment
+License:	LGPLv2+
+URL:		http://cgit.freedesktop.org/realmd/adcli
+Source0:	http://www.freedesktop.org/software/realmd/releases/adcli-%{version}.tar.gz
 
-Name:    adcli
-Version: 0.9.3.1
-Release: 4%{?dist}
-Summary: Active Directory enrollment
-License: LGPL-2.1-or-later
-URL:     https://gitlab.freedesktop.org/realmd/adcli
-Source0: https://gitlab.freedesktop.org/-/project/1196/uploads/5a1c55410c0965835b81fbd28d820d46/adcli-%{version}.tar.gz
+BuildRequires:	intltool pkgconfig
+BuildRequires:	gettext-devel
+BuildRequires:	krb5-devel
+BuildRequires:	openldap-devel
+BuildRequires:	libxslt
+BuildRequires:	xmlto
 
-Patch1: 0001-enroll-fix-issues-if-default-keytab-is-used.patch
-
-BuildRequires: gcc
-BuildRequires: intltool pkgconfig
-BuildRequires: libtool
-BuildRequires: gettext-devel
-BuildRequires: krb5-devel
-BuildRequires: openldap-devel
-BuildRequires: libxslt
-BuildRequires: xmlto
-BuildRequires: make
-BuildRequires: libnetapi-devel
-
-# Build dependencies for SELinux policy
-%if %{with selinux}
-BuildRequires:  libselinux-devel
-BuildRequires:  selinux-policy-devel
-%endif
-
-Requires: cyrus-sasl-gssapi
-Conflicts: adcli-doc < %{version}-%{release}
+Requires:	cyrus-sasl-gssapi
 
 # adcli no longer has a library of development files
 # the adcli tool itself is to be used by callers
-Obsoletes: adcli-devel < 0.5
-
-%if %{with selinux}
-# This ensures that the *-selinux package and all it’s dependencies are not
-# pulled into containers and other systems that do not use SELinux. The
-# policy defines types and file contexts for client and server.
-Requires:       (%{name}-selinux if selinux-policy-%{selinuxtype})
-%endif
+Obsoletes:	adcli-devel < 0.5
 
 %description
 adcli is a tool for joining an Active Directory domain using
 standard LDAP and Kerberos calls.
 
-%if %{with selinux}
-# SELinux subpackage
-%package selinux
-Summary:             The adcli SELinux policy
-BuildArch:           noarch
-Requires:            selinux-policy-%{selinuxtype}
-Requires(post):      selinux-policy-%{selinuxtype}
-%{?selinux_requires_min}
-
-%description selinux
-Custom SELinux policy module for adcli to make sure generated Kerberos keytab
-files have the right SELinux context.
-%endif
-
 %define _hardened_build 1
 
 %prep
-%autosetup -p1
+%setup -q
 
 %build
-autoreconf --force --install --verbose
-%configure --disable-static --disable-silent-rules \
-%if 0%{?rhel}
-    --with-vendor-error-message='Please check\n    https://red.ht/support_rhel_ad \nto get help for common issues.' \
-%endif
-    %{nil}
-%make_build
+%configure --disable-static --disable-silent-rules
+make %{?_smp_mflags}
 
 %check
 make check
 
 %install
-%make_install
+make install DESTDIR=%{buildroot}
 find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
 
-%ldconfig_scriptlets
+%post -p /sbin/ldconfig
 
-%if %{with selinux}
-# SELinux contexts are saved so that only affected files can be
-# relabeled after the policy module installation
-%pre selinux
-%selinux_relabel_pre -s %{selinuxtype}
+%postun -p /sbin/ldconfig
 
-%post selinux
-%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp
-
-%postun selinux
-if [ $1 -eq 0 ]; then
-    %selinux_modules_uninstall -s %{selinuxtype} %{modulename}
-fi
-
-%posttrans selinux
-%selinux_relabel_post -s %{selinuxtype}
-
-%endif
+%clean
 
 %files
 %{_sbindir}/adcli
@@ -109,9 +51,8 @@ fi
 %doc %{_mandir}/*/*
 
 %package doc
-Summary: The adcli documentation package
+Summary: adcli documentation
 BuildArch: noarch
-Conflicts: adcli < %{version}-%{release}
 
 %description doc
 adcli is a tool for joining an Active Directory domain using
@@ -121,166 +62,7 @@ documentation.
 %files doc
 %doc %{_datadir}/doc/adcli/*
 
-%if %{with selinux}
-%files selinux
-%{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp
-%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
-%endif
-
 %changelog
-* Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.3.1-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
-
-* Fri Dec 19 2025 Sumit Bose <sbose@redhat.com> - 0.9.3.1-3
-- Fix issue with restoring SELinux file label
-
-* Tue Dec 16 2025 Sumit Bose <sbose@redhat.com> - 0.9.3.1-2
-- Use selinux_requires_min to avoid policycoreutils-python-utils dependency
-  Resolves: rhbz#2422451
-
-* Tue Dec 09 2025 Sumit Bose <sbose@redhat.com> - 0.9.3.1-1
-- Rebase to latest upstream version
-
-* Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.2-10
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
-
-* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.2-9
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
-
-* Wed Nov 20 2024 Sumit Bose <sbose@redhat.com> - 0.9.2-8
-- support for Samba's offline join and static analyser fixes
-
-* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.2-7
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
-
-* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.2-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.2-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Wed Oct 18 2023 Sumit Bose <sbose@redhat.com> - 0.9.2-4
-- migrated to SPDX license
-
-* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.2-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
-
-* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Thu Sep 29 2022 Sumit Bose <sbose@redhat.com> - 0.9.2-1
-- Update to upstream release 0.9.2
-
-* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.1-11
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.1-10
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Wed Jul 28 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-9
-- Add ns_get16() and ns_get32() to configure check
-  Resolves: rhbz#1984891
-
-* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.1-8
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Mon Jun 28 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-7
-- Add user-passwd sub-command
-- Add setattr/delattr option
-
-* Thu Jun 03 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-6
-- Add fix for dont-expire-password option
-
-* Wed Jun 02 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-5
-- Add dont-expire-password option and coverity fixes
-
-* Wed Apr 07 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-4
-- Add macro updates for autoconf-2.71 and downstream gating
-
-* Mon Mar 29 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-3
-- Add vendor error message
-  Resolves: rhbz#1889386
-
-* Sat Feb 20 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-2
-- Add Conflicts to avoid update/downgrade issues
-
-* Sat Feb 20 2021 Sumit Bose <sbose@redhat.com> - 0.9.1-1
-- Update to upstream release 0.9.1
-
-* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.0-7
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Fri Nov 13 2020 Sumit Bose <sbose@redhat.com> - 0.9.0-6
-- Include the latest upstream patches with use-ldaps fixes, man page
-  improvements and a new sub-command to create managed service accounts
-
-* Thu Aug 13 2020 Sumit Bose <sbose@redhat.com> - 0.9.0-5
-- man page and help output fixes
-
-* Fri Jul 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.0-4
-- Second attempt - Rebuilt for
-  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.0-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Mon Jun 08 2020 Sumit Bose <sbose@redhat.com> - 0.9.0-2
-- Include the latest upstream patches
-
-* Wed Mar 18 2020 Sumit Bose <sbose@redhat.com> - 0.9.0-1
-- Update to upstream release 0.9.0 and latest patches
-
-* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.2-9
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Mon Aug 26 2019 Sumit Bose <sbose@redhat.com> - 0.8.2-8
-- various fixes and improvements
-  Resolves: rhbz#1683745, rhbz#1738573
-
-* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.2-7
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Fri Jul  5 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.8.2-6
-- Resolves: rhbz#1727144 - adcli join fails with new krb5-libs; adcli
-                           needs to backport patches to only use permitted
-                           enctypes from upstream
-
-* Tue Apr 30 2019 Sumit Bose <sbose@redhat.com> - 0.8.2-5
-- addition patch for rhbz#1630187 and new ones for rhbz#1588596
-  Resolves: rhbz#1630187, rhbz#1588596
-
-* Fri Mar 22 2019 Sumit Bose <sbose@redhat.com> - 0.8.2-4
-- various fixes and improvements
-  Resolves: rhbz#1593240, rhbz#1608212, rhbz#1547014, rhbz#1547014,
-            rhbz#1649868, rhbz#1588596, rhbz#1642546, rhbz#1595911,
-            rhbz#1644311, rhbz#1337489, rhbz#1630187, rhbz#1622583
-
-* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.2-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Thu Jul 05 2018 Sumit Bose <sbose@redhat.com> - 0.8.0-1
-- Update to upstream release 0.8.2
-- various other fixes and improvements
-- add option to enable "Trust this computer for delegation"
-  Resolves: rhbz#988349
-- fix typos in the adcli man page
-  Resolves: rhbz#1440533
-
-* Wed Mar 07 2018 Sumit Bose <sbose@redhat.com> - 0.8.0-7
-- Added BuildRequires gcc
-
-* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-5
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
 * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.8.0-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
 
diff --git a/gating.yaml b/gating.yaml
deleted file mode 100644
index c190bde..0000000
--- a/gating.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
---- !Policy
-product_versions:
-  - rhel-9
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
diff --git a/sources b/sources
index aa241fa..ed58df1 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (adcli-0.9.3.1.tar.gz) = 3f501173b5344b38f33a3f65faec9e894da81b44b37bb161da103d8a29459d8807dfe566a5dd0a8c7eec466567b6cca4331c81dd70158b5478a61b03be37355d
+69f5f59eaf95623dc8f0c98587c15b39  adcli-0.8.0.tar.gz