diff --git a/.gitignore b/.gitignore
index f19b7fe..cec5421 100644
--- a/.gitignore
+++ b/.gitignore
@@ -152,3 +152,27 @@
 /container-selinux-75f193a.tar.gz
 /container-selinux-f330e81.tar.gz
 /container-selinux-6d13bf9.tar.gz
+/container-selinux-eb6dad0.tar.gz
+/container-selinux-aeb85c4.tar.gz
+/container-selinux-e78ac4f.tar.gz
+/container-selinux-d89a599.tar.gz
+/container-selinux-c9f0cb6.tar.gz
+/v2.155.0.tar.gz
+/container-selinux-5a60716.tar.gz
+/container-selinux-e1092cd.tar.gz
+/container-selinux-da28288.tar.gz
+/container-selinux-233e620.tar.gz
+/container-selinux-61b862a.tar.gz
+/container-selinux-99b40c5.tar.gz
+/container-selinux-563ba3f.tar.gz
+/v2.164.2.tar.gz
+/v2.165.1.tar.gz
+/v2.167.0.tar.gz
+/v2.168.0.tar.gz
+/v2.169.0.tar.gz
+/v2.170.0.tar.gz
+/v2.171.0.tar.gz
+/v2.172.0.tar.gz
+/v2.172.1.tar.gz
+/v2.173.0.tar.gz
+/v2.173.1.tar.gz
diff --git a/container-selinux.spec b/container-selinux.spec
index 9c6abbb..e7d7159 100644
--- a/container-selinux.spec
+++ b/container-selinux.spec
@@ -2,12 +2,11 @@
 
 # container-selinux
 %global git0 https://github.com/containers/container-selinux
-%global commit0 6d13bf9ff9f45431f064ba63794fa97d565641d9
-%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # Used for comparing with latest upstream tag
-# to decide whether to autobuild (non-rawhide only)
-%define built_tag v2.156.0
+# to decide whether to autobuild
+%global built_tag v2.173.1
+%global built_tag_strip %(b=%{built_tag}; echo ${b:1})
 
 # container-selinux stuff (prefix with ds_ for version/release etc.)
 # Some bits borrowed from the openstack-selinux package
@@ -23,12 +22,12 @@
 # Hooked up to autobuilder, please check with @lsm5 before updating
 Name: container-selinux
 Epoch: 2
-Version: 2.157.0
-Release: 3.dev.git%{shortcommit0}%{?dist}
+Version: 2.173.1
+Release: 2%{?dist}
 License: GPLv2
 URL: %{git0}
 Summary: SELinux policies for container runtimes
-Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
+Source0: %{git0}/archive/%{built_tag}.tar.gz
 BuildArch: noarch
 BuildRequires: make
 BuildRequires: git-core
@@ -45,12 +44,14 @@ Requires(post): sed
 Obsoletes: %{name} <= 2:1.12.5-13
 Obsoletes: docker-selinux <= 2:1.12.4-28
 Provides: docker-selinux = %{?epoch:%{epoch}:}%{version}-%{release}
+Conflicts: udica < 0.2.6-1
+Conflicts: k3s-selinux <= 0.4-1
 
 %description
 SELinux policy modules for use with container runtimes.
 
 %prep
-%autosetup -Sgit -n %{name}-%{commit0}
+%autosetup -Sgit -n %{name}-%{built_tag_strip}
 
 %build
 make
@@ -64,6 +65,8 @@ install -p -m 644 container.if %{buildroot}%{_datadir}/selinux/devel/include/ser
 install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages
 install -d %{buildroot}/%{_datadir}/containers/selinux
 install -m 644 container_contexts %{buildroot}/%{_datadir}/containers/selinux/contexts
+install -d %{buildroot}%{_datadir}/udica/templates
+install -m 0644 udica-templates/*.cil %{buildroot}%{_datadir}/udica/templates
 
 %check
 
@@ -100,11 +103,117 @@ fi
 %{_datadir}/selinux/*
 %dir %{_datadir}/containers/selinux
 %{_datadir}/containers/selinux/contexts
+%dir %{_datadir}/udica/templates/
+%{_datadir}/udica/templates/*
 # Currently shipped in selinux-policy-doc
 #%%{_datadir}/man/man8/container_selinux.8.gz
 
+%triggerpostun -- container-selinux < 2:2.162.1-3
+if %{_sbindir}/selinuxenabled ; then
+    echo "Fixing Rootless SELinux labels in homedir"
+    %{_sbindir}/restorecon -R /home/*/.local/share/containers/storage/overlay*  2> /dev/null
+fi
+
+
 # Hooked up to autobuilder, please check with @lsm5 before updating
 %changelog
+* Fri Apr 15 2022 David King <amigadave@amigadave.com> - 2:2.173.1-2
+- Rebuild against selinux-policy (#2070764)
+
+* Tue Jan 18 2022 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.173.1-1
+- autobuilt v2.173.1
+
+* Tue Jan 11 2022 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.173.0-1
+- autobuilt v2.173.0
+
+* Thu Jan 06 2022 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.172.1-1
+- autobuilt v2.172.1
+
+* Mon Nov 22 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.172.0-1
+- autobuilt v2.172.0
+
+* Wed Nov 10 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.171.0-1
+- autobuilt v2.171.0
+
+* Fri Oct 15 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.170.0-2
+- Add conflicts  k3s-selinux <= 0.4-1 to force upgrade
+
+* Tue Oct 05 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.170.0-1
+- autobuilt v2.170.0
+
+* Fri Sep 24 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.169.0-1
+- autobuilt v2.169.0
+
+* Tue Sep 14 2021 Vit Mojzis <vmojzis@redhat.com> - 2:2.168.0-2
+- Start shipping udica templates
+
+* Mon Sep 13 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.168.0-1
+- autobuilt v2.168.0
+
+* Fri Sep 10 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.167.0-2
+- use upstream tag instead of commits, fix autobuild macros
+
+* Thu Aug 26 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.167.0-1
+- autobuilt v2.167.0
+
+* Wed Aug 25 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.165.1-1
+- autobuilt v2.165.1
+
+* Wed Aug 04 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.164.2-1
+- autobuilt v2.164.2
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.164.1-0.dev.git563ba3f.1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Mon Jul 19 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.164.1-0.dev
+- Allow spc_t domains to set bpf rules on any domain
+
+* Sat Jun 12 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.163.0-2.dev.git99b40c5
+- bump to 2.163.0
+- autobuilt 99b40c5
+
+* Tue May 25 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.162.2-2.dev.git61b862a
+- bump to 2.162.2
+- autobuilt 61b862a
+
+* Mon May 17 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.162.1-3.dev.git233e620
+- Fix labels in users homedirs, before overlayfs is supported by default for non root users
+
+* Sun May 16 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.162.1-2.dev.git233e620
+- bump to 2.162.1
+- autobuilt 233e620
+
+* Wed May 12 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.162.0-2.dev.gitda28288
+- bump to 2.162.0
+- autobuilt da28288
+
+* Fri May 07 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.161.1-2.dev.gite1092cd
+- bump to 2.161.1
+- autobuilt e1092cd
+
+* Tue Apr 20 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.160.0-3.dev.git5a60716
+- autobuilt 5a60716
+
+* Wed Mar 31 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.160.0-2.dev.gitc9f0cb6
+- bump to v2.160.0
+
+* Mon Mar 29 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.159.0-2.dev.gitd89a599
+- bump to 2.159.0
+- autobuilt d89a599
+
+* Wed Feb 17 2021 Dan Walsh <dwalsh@fedoraproject.org> - 2:2.158.0-5.dev.gite78ac4f
+- Rebuilt to use latest selinux-policy interfaces
+
+* Tue Feb 16 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.158.0-4.dev.gite78ac4f
+- autobuilt e78ac4f
+
+* Fri Feb 12 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.158.0-3.dev.gitaeb85c4
+- autobuilt aeb85c4
+
+* Thu Feb 11 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.158.0-2.dev.giteb6dad0
+- bump to 2.158.0
+- autobuilt eb6dad0
+
 * Mon Feb 08 2021 RH Container Bot <rhcontainerbot@fedoraproject.org> - 2:2.157.0-3.dev.git6d13bf9
 - autobuilt 6d13bf9
 
diff --git a/sources b/sources
index 1bb3aa7..90fae30 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (container-selinux-6d13bf9.tar.gz) = c48b94bb8ec965b8b1222d87d335840649b7b62a8a8e626283f0b2c439da75dcd2119e9f39fdfcf72f36f3fbfe9609bea094e43d901be81b4302791dff454526
+SHA512 (v2.173.1.tar.gz) = 0dce3af485b404ba4d29b3c5e23c1fe9d230722c1f3e3317cf1b8de21c0663deae3863852b61e6e08d3b62764dde93d5dfc99d3a86c73038ab6e0297b057261d