From efdc52c0308e0d13d038dbc535408e672a3206cf Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 17 Feb 2021 15:04:11 -0500 Subject: [PATCH 01/34] Rebuilt to use latest selinux-policy interfaces --- container-selinux.spec | 9 ++++++--- sources | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index 9c6abbb..38d4b42 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -2,7 +2,7 @@ # container-selinux %global git0 https://github.com/containers/container-selinux -%global commit0 6d13bf9ff9f45431f064ba63794fa97d565641d9 +%global commit0 e78ac4f5b982112a1f018fb5964c3a8b27f0b65d %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag @@ -23,8 +23,8 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.157.0 -Release: 3.dev.git%{shortcommit0}%{?dist} +Version: 2.158.0 +Release: 1.git%{shortcommit0}%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Wed Feb 17 2021 Dan Walsh - 2:2.158.0-1.gite78ac4f +- Rebuilt to use latest selinux-policy interfaces + * Mon Feb 08 2021 RH Container Bot - 2:2.157.0-3.dev.git6d13bf9 - autobuilt 6d13bf9 diff --git a/sources b/sources index 1bb3aa7..62b5cae 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (container-selinux-6d13bf9.tar.gz) = c48b94bb8ec965b8b1222d87d335840649b7b62a8a8e626283f0b2c439da75dcd2119e9f39fdfcf72f36f3fbfe9609bea094e43d901be81b4302791dff454526 +SHA512 (container-selinux-e78ac4f.tar.gz) = 82417b07ade92711563ece1a7b0df0c33d035507bf28e93f9d613e7e3b92a288960929ed00063fcc77fd09acddf504f8a04a3fadc61d35d4287a7569bec84116 From d8ebc1c344fcc4f381a22a3a3c5ef71e07e53476 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Thu, 4 Mar 2021 19:15:10 +0000 Subject: [PATCH 02/34] container-selinux-2:2.158.0-1 autobuilt v2.158.0 Signed-off-by: RH Container Bot --- .gitignore | 1 + container-selinux.spec | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index f19b7fe..9061621 100644 --- a/.gitignore +++ b/.gitignore @@ -152,3 +152,4 @@ /container-selinux-75f193a.tar.gz /container-selinux-f330e81.tar.gz /container-selinux-6d13bf9.tar.gz +/container-selinux-e78ac4f.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 38d4b42..ab92df6 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.156.0 +%define built_tag v2.158.0 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -24,7 +24,7 @@ Name: container-selinux Epoch: 2 Version: 2.158.0 -Release: 1.git%{shortcommit0}%{?dist} +Release: 1%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Thu Mar 04 2021 RH Container Bot - 2:2.158.0-1 +- autobuilt v2.158.0 + * Wed Feb 17 2021 Dan Walsh - 2:2.158.0-1.gite78ac4f - Rebuilt to use latest selinux-policy interfaces From 1433d1f5afc5e44e19f65bfd3e92a4f2281f6066 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Tue, 23 Mar 2021 22:27:42 +0000 Subject: [PATCH 03/34] container-selinux-2:2.159.0-1 autobuilt v2.159.0 Signed-off-by: RH Container Bot --- container-selinux.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index ab92df6..87adad0 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.158.0 +%define built_tag v2.159.0 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,7 +23,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.158.0 +Version: 2.159.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Tue Mar 23 2021 RH Container Bot - 2:2.159.0-1 +- autobuilt v2.159.0 + * Thu Mar 04 2021 RH Container Bot - 2:2.158.0-1 - autobuilt v2.158.0 From a442f91693f5ff272c56a495732c697c5171e3db Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 31 Mar 2021 18:52:13 +0000 Subject: [PATCH 04/34] container-selinux-2:2.160.0-1 autobuilt v2.160.0 Signed-off-by: RH Container Bot --- container-selinux.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index 87adad0..c14bb0f 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.159.0 +%define built_tag v2.160.0 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,7 +23,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.159.0 +Version: 2.160.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Wed Mar 31 2021 RH Container Bot - 2:2.160.0-1 +- autobuilt v2.160.0 + * Tue Mar 23 2021 RH Container Bot - 2:2.159.0-1 - autobuilt v2.159.0 From 180685a3343b006c1d388b2e3df1ee4528cf45c0 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 21 Apr 2021 10:48:39 -0400 Subject: [PATCH 05/34] container-selinux-2:2.160.0-2 - rebuild for podman, buildah gating tests Signed-off-by: Lokesh Mandvekar --- container-selinux.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/container-selinux.spec b/container-selinux.spec index c14bb0f..3e03977 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -24,7 +24,7 @@ Name: container-selinux Epoch: 2 Version: 2.160.0 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Wed Apr 21 2021 Lokesh Mandvekar - 2:2.160.0-2 +- rebuild for podman, buildah gating tests + * Wed Mar 31 2021 RH Container Bot - 2:2.160.0-1 - autobuilt v2.160.0 From d386f6eca17d934c298558f7ba3a96ebc44836ab Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Mon, 3 May 2021 14:54:10 +0000 Subject: [PATCH 06/34] container-selinux-2:2.160.2-1 autobuilt v2.160.2 Signed-off-by: RH Container Bot --- container-selinux.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index 3e03977..f91beed 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.160.0 +%define built_tag v2.160.2 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,8 +23,8 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.160.0 -Release: 2%{?dist} +Version: 2.160.2 +Release: 1%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Mon May 03 2021 RH Container Bot - 2:2.160.2-1 +- autobuilt v2.160.2 + * Wed Apr 21 2021 Lokesh Mandvekar - 2:2.160.0-2 - rebuild for podman, buildah gating tests From ea68836e19864fbb3ee3aed72269cb9ba7ad400a Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Fri, 7 May 2021 17:47:51 +0000 Subject: [PATCH 07/34] container-selinux-2:2.161.1-1 autobuilt v2.161.1 Signed-off-by: RH Container Bot --- container-selinux.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index f91beed..d0c35c6 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.160.2 +%define built_tag v2.161.1 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,7 +23,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.160.2 +Version: 2.161.1 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Fri May 07 2021 RH Container Bot - 2:2.161.1-1 +- autobuilt v2.161.1 + * Mon May 03 2021 RH Container Bot - 2:2.160.2-1 - autobuilt v2.160.2 From 8c0428dabb3475b0cf6082b5f3ce9526bbfa8650 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Tue, 11 May 2021 14:50:02 +0000 Subject: [PATCH 08/34] container-selinux-2:2.162.0-1 autobuilt v2.162.0 Signed-off-by: RH Container Bot --- container-selinux.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index d0c35c6..ad84a22 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.161.1 +%define built_tag v2.162.0 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,7 +23,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.161.1 +Version: 2.162.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -105,6 +105,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Tue May 11 2021 RH Container Bot - 2:2.162.0-1 +- autobuilt v2.162.0 + * Fri May 07 2021 RH Container Bot - 2:2.161.1-1 - autobuilt v2.161.1 From 8c46b201cfa8166e2ffcc1de4af52f4008f2f3df Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 17 May 2021 06:04:19 -0400 Subject: [PATCH 09/34] Fix labels in users homedirs, before overlayfs is supported by default for non root users --- container-selinux.spec | 13 +++++++++++-- sources | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index ad84a22..eecb017 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -2,7 +2,7 @@ # container-selinux %global git0 https://github.com/containers/container-selinux -%global commit0 e78ac4f5b982112a1f018fb5964c3a8b27f0b65d +%global commit0 233e620d6d0e4dc357e58908a9e8abd6e9e94a94 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag @@ -23,7 +23,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.162.0 +Version: 2.162.1 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -103,8 +103,17 @@ fi # Currently shipped in selinux-policy-doc #%%{_datadir}/man/man8/container_selinux.8.gz +%triggerpostun -- container-selinux < 2:2.162.1-3 +if %{_sbindir}/selinuxenabled ; then + echo "Fixing Rootless SELinux labels in homedir" + %{_sbindir}/restorecon -R /home/*/.local/share/containers/storage/overlay* 2> /dev/null +fi + # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Mon May 17 2021 Dan Walsh - 2:2.162.1-3.dev.git233e620 +- Fix labels in users homedirs, before overlayfs is supported by default for non root users + * Tue May 11 2021 RH Container Bot - 2:2.162.0-1 - autobuilt v2.162.0 diff --git a/sources b/sources index 62b5cae..6b0ed13 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (container-selinux-e78ac4f.tar.gz) = 82417b07ade92711563ece1a7b0df0c33d035507bf28e93f9d613e7e3b92a288960929ed00063fcc77fd09acddf504f8a04a3fadc61d35d4287a7569bec84116 +SHA512 (container-selinux-233e620.tar.gz) = d249e5645dadc95a7b2e073f6ae4d137a06674fb7ebfee48a46db7bc83ea20c6f3148b0ea879c3f291ea17938d0bbe75c0fd385e5e24c904b326622a46404b22 From 38266c803486c729730baf1f4a093a4d3da3947a Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 17 May 2021 09:28:46 -0400 Subject: [PATCH 10/34] correct changelog entry Signed-off-by: Lokesh Mandvekar --- container-selinux.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container-selinux.spec b/container-selinux.spec index eecb017..cb0dd22 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -111,7 +111,7 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog -* Mon May 17 2021 Dan Walsh - 2:2.162.1-3.dev.git233e620 +* Mon May 17 2021 Dan Walsh - 2:2.162.1-1 - Fix labels in users homedirs, before overlayfs is supported by default for non root users * Tue May 11 2021 RH Container Bot - 2:2.162.0-1 From 6b12c380725f940a22a52628bdc8b45115f3aef0 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 17 May 2021 09:36:01 -0400 Subject: [PATCH 11/34] container-selinux-2:2.162.1-2 - bump release tag Signed-off-by: Lokesh Mandvekar --- container-selinux.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/container-selinux.spec b/container-selinux.spec index cb0dd22..4e098fc 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -24,7 +24,7 @@ Name: container-selinux Epoch: 2 Version: 2.162.1 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Mon May 17 2021 Lokesh Mandvekar - 2:2.162.1-2 +- bump release tag + * Mon May 17 2021 Dan Walsh - 2:2.162.1-1 - Fix labels in users homedirs, before overlayfs is supported by default for non root users From bde8f7fc1fb5d1929eb910dd142247bcc189ebcc Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 17 May 2021 10:02:22 -0400 Subject: [PATCH 12/34] container-selinux-2:2.162.1-3 - bump release tag for rootless label fixing to actually take effect Signed-off-by: Lokesh Mandvekar --- container-selinux.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/container-selinux.spec b/container-selinux.spec index 4e098fc..ae5db45 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -24,7 +24,7 @@ Name: container-selinux Epoch: 2 Version: 2.162.1 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Mon May 17 2021 Lokesh Mandvekar - 2:2.162.1-3 +- bump release tag for rootless label fixing to actually take effect + * Mon May 17 2021 Lokesh Mandvekar - 2:2.162.1-2 - bump release tag From c887b528d1dd2c8516546aa535bb82e35d8d4448 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Fri, 21 May 2021 01:56:05 +0000 Subject: [PATCH 13/34] container-selinux-2:2.162.1-1 autobuilt v2.162.1 Signed-off-by: RH Container Bot --- .gitignore | 1 + container-selinux.spec | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 9061621..f7985c2 100644 --- a/.gitignore +++ b/.gitignore @@ -153,3 +153,4 @@ /container-selinux-f330e81.tar.gz /container-selinux-6d13bf9.tar.gz /container-selinux-e78ac4f.tar.gz +/container-selinux-233e620.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index ae5db45..caab029 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.162.0 +%define built_tag v2.162.1 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -24,7 +24,7 @@ Name: container-selinux Epoch: 2 Version: 2.162.1 -Release: 3%{?dist} +Release: 1%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Fri May 21 2021 RH Container Bot - 2:2.162.1-1 +- autobuilt v2.162.1 + * Mon May 17 2021 Lokesh Mandvekar - 2:2.162.1-3 - bump release tag for rootless label fixing to actually take effect From ade32b38d4f2690a48dba2c6b5319cc0904fd25b Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 26 May 2021 13:58:29 +0000 Subject: [PATCH 14/34] container-selinux-2:2.162.2-1 autobuilt v2.162.2 Signed-off-by: RH Container Bot --- container-selinux.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index caab029..ccb6570 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.162.1 +%define built_tag v2.162.2 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,7 +23,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.162.1 +Version: 2.162.2 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Wed May 26 2021 RH Container Bot - 2:2.162.2-1 +- autobuilt v2.162.2 + * Fri May 21 2021 RH Container Bot - 2:2.162.1-1 - autobuilt v2.162.1 From 9f04c29297d375862c4c1fa282ff91d23bf7838e Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Fri, 11 Jun 2021 19:08:50 +0000 Subject: [PATCH 15/34] container-selinux-2:2.163.0-1 autobuilt v2.163.0 Signed-off-by: RH Container Bot --- container-selinux.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index ccb6570..5557cec 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.162.2 +%define built_tag v2.163.0 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,7 +23,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.162.2 +Version: 2.163.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Fri Jun 11 2021 RH Container Bot - 2:2.163.0-1 +- autobuilt v2.163.0 + * Wed May 26 2021 RH Container Bot - 2:2.162.2-1 - autobuilt v2.162.2 From 73e77aa4c300a86b0c679a4c77c0093ce987da46 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 19 Jul 2021 11:33:27 -0400 Subject: [PATCH 16/34] Allow spc_t domains to set bpf rules on any domain --- .gitignore | 11 +++++++ container-selinux.spec | 74 +++++++++++++++++++++++------------------- sources | 2 +- 3 files changed, 53 insertions(+), 34 deletions(-) diff --git a/.gitignore b/.gitignore index f7985c2..3651e6b 100644 --- a/.gitignore +++ b/.gitignore @@ -152,5 +152,16 @@ /container-selinux-75f193a.tar.gz /container-selinux-f330e81.tar.gz /container-selinux-6d13bf9.tar.gz +/container-selinux-eb6dad0.tar.gz +/container-selinux-aeb85c4.tar.gz /container-selinux-e78ac4f.tar.gz +/container-selinux-d89a599.tar.gz +/container-selinux-c9f0cb6.tar.gz +/v2.155.0.tar.gz +/container-selinux-5a60716.tar.gz +/container-selinux-e1092cd.tar.gz +/container-selinux-da28288.tar.gz /container-selinux-233e620.tar.gz +/container-selinux-61b862a.tar.gz +/container-selinux-99b40c5.tar.gz +/container-selinux-563ba3f.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 5557cec..6da4011 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -2,12 +2,12 @@ # container-selinux %global git0 https://github.com/containers/container-selinux -%global commit0 233e620d6d0e4dc357e58908a9e8abd6e9e94a94 +%global commit0 563ba3f2693f98de5e79a7fbf5889222ab9a454a %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) -%define built_tag v2.163.0 +%define built_tag v2.164.1 # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,8 +23,8 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.163.0 -Release: 1%{?dist} +Version: 2.164.1 +Release: 0.dev.git%{shortcommit0}%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -109,50 +109,58 @@ if %{_sbindir}/selinuxenabled ; then %{_sbindir}/restorecon -R /home/*/.local/share/containers/storage/overlay* 2> /dev/null fi + # Hooked up to autobuilder, please check with @lsm5 before updating %changelog -* Fri Jun 11 2021 RH Container Bot - 2:2.163.0-1 -- autobuilt v2.163.0 +* Mon Jul 19 2021 Dan Walsh - 2:2.164.1-0.dev +- Allow spc_t domains to set bpf rules on any domain -* Wed May 26 2021 RH Container Bot - 2:2.162.2-1 -- autobuilt v2.162.2 +* Sat Jun 12 2021 RH Container Bot - 2:2.163.0-2.dev.git99b40c5 +- bump to 2.163.0 +- autobuilt 99b40c5 -* Fri May 21 2021 RH Container Bot - 2:2.162.1-1 -- autobuilt v2.162.1 +* Tue May 25 2021 RH Container Bot - 2:2.162.2-2.dev.git61b862a +- bump to 2.162.2 +- autobuilt 61b862a -* Mon May 17 2021 Lokesh Mandvekar - 2:2.162.1-3 -- bump release tag for rootless label fixing to actually take effect - -* Mon May 17 2021 Lokesh Mandvekar - 2:2.162.1-2 -- bump release tag - -* Mon May 17 2021 Dan Walsh - 2:2.162.1-1 +* Mon May 17 2021 Dan Walsh - 2:2.162.1-3.dev.git233e620 - Fix labels in users homedirs, before overlayfs is supported by default for non root users -* Tue May 11 2021 RH Container Bot - 2:2.162.0-1 -- autobuilt v2.162.0 +* Sun May 16 2021 RH Container Bot - 2:2.162.1-2.dev.git233e620 +- bump to 2.162.1 +- autobuilt 233e620 -* Fri May 07 2021 RH Container Bot - 2:2.161.1-1 -- autobuilt v2.161.1 +* Wed May 12 2021 RH Container Bot - 2:2.162.0-2.dev.gitda28288 +- bump to 2.162.0 +- autobuilt da28288 -* Mon May 03 2021 RH Container Bot - 2:2.160.2-1 -- autobuilt v2.160.2 +* Fri May 07 2021 RH Container Bot - 2:2.161.1-2.dev.gite1092cd +- bump to 2.161.1 +- autobuilt e1092cd -* Wed Apr 21 2021 Lokesh Mandvekar - 2:2.160.0-2 -- rebuild for podman, buildah gating tests +* Tue Apr 20 2021 RH Container Bot - 2:2.160.0-3.dev.git5a60716 +- autobuilt 5a60716 -* Wed Mar 31 2021 RH Container Bot - 2:2.160.0-1 -- autobuilt v2.160.0 +* Wed Mar 31 2021 Lokesh Mandvekar - 2:2.160.0-2.dev.gitc9f0cb6 +- bump to v2.160.0 -* Tue Mar 23 2021 RH Container Bot - 2:2.159.0-1 -- autobuilt v2.159.0 +* Mon Mar 29 2021 RH Container Bot - 2:2.159.0-2.dev.gitd89a599 +- bump to 2.159.0 +- autobuilt d89a599 -* Thu Mar 04 2021 RH Container Bot - 2:2.158.0-1 -- autobuilt v2.158.0 - -* Wed Feb 17 2021 Dan Walsh - 2:2.158.0-1.gite78ac4f +* Wed Feb 17 2021 Dan Walsh - 2:2.158.0-5.dev.gite78ac4f - Rebuilt to use latest selinux-policy interfaces +* Tue Feb 16 2021 RH Container Bot - 2:2.158.0-4.dev.gite78ac4f +- autobuilt e78ac4f + +* Fri Feb 12 2021 RH Container Bot - 2:2.158.0-3.dev.gitaeb85c4 +- autobuilt aeb85c4 + +* Thu Feb 11 2021 RH Container Bot - 2:2.158.0-2.dev.giteb6dad0 +- bump to 2.158.0 +- autobuilt eb6dad0 + * Mon Feb 08 2021 RH Container Bot - 2:2.157.0-3.dev.git6d13bf9 - autobuilt 6d13bf9 diff --git a/sources b/sources index 6b0ed13..f738a28 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (container-selinux-233e620.tar.gz) = d249e5645dadc95a7b2e073f6ae4d137a06674fb7ebfee48a46db7bc83ea20c6f3148b0ea879c3f291ea17938d0bbe75c0fd385e5e24c904b326622a46404b22 +SHA512 (container-selinux-563ba3f.tar.gz) = fdafd3ca1094fb009893e664a2c59b81b7b95ba796ea7e960c0c2def45a0ed229f4dece63cd87faf14e6c1094848614633b322526bb2625c5df6df6abb568a50 From 3c4d9aaee38afbf6c789a15b703ca5197f4a5886 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 19 Jul 2021 11:42:21 -0400 Subject: [PATCH 17/34] Allow spc_t domains to set bpf rules on any domain --- container-selinux.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index 6da4011..d71e96a 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -24,7 +24,7 @@ Name: container-selinux Epoch: 2 Version: 2.164.1 -Release: 0.dev.git%{shortcommit0}%{?dist} +Release: 1.git%{shortcommit0}%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -112,7 +112,7 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog -* Mon Jul 19 2021 Dan Walsh - 2:2.164.1-0.dev +* Mon Jul 19 2021 Dan Walsh - 2:2.164.1-1 - Allow spc_t domains to set bpf rules on any domain * Sat Jun 12 2021 RH Container Bot - 2:2.163.0-2.dev.git99b40c5 From 1711df79706e1864154c164f771d000247cacd28 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Tue, 27 Jul 2021 11:05:36 -0400 Subject: [PATCH 18/34] update build macros Signed-off-by: Lokesh Mandvekar --- container-selinux.spec | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index d71e96a..4547d94 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -6,8 +6,9 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag -# to decide whether to autobuild (non-rawhide only) -%define built_tag v2.164.1 +# to decide whether to autobuild +%global built_tag v2.164.1 +%global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -28,7 +29,7 @@ Release: 1.git%{shortcommit0}%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes -Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz +Source0: %{git0}/archive/%{built_tag}.tar.gz BuildArch: noarch BuildRequires: make BuildRequires: git-core @@ -50,7 +51,7 @@ Provides: docker-selinux = %{?epoch:%{epoch}:}%{version}-%{release} SELinux policy modules for use with container runtimes. %prep -%autosetup -Sgit -n %{name}-%{commit0} +%autosetup -Sgit -n %{name}-%{built_tag_strip} %build make From cee7ef90996adcd4534247aa8c81a8106ddbb534 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Tue, 3 Aug 2021 20:00:00 +0000 Subject: [PATCH 19/34] container-selinux-2:2.164.2-1 autobuilt v2.164.2 Signed-off-by: RH Container Bot --- .gitignore | 1 + container-selinux.spec | 9 ++++++--- sources | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 3651e6b..a5d65b3 100644 --- a/.gitignore +++ b/.gitignore @@ -165,3 +165,4 @@ /container-selinux-61b862a.tar.gz /container-selinux-99b40c5.tar.gz /container-selinux-563ba3f.tar.gz +/v2.164.2.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 4547d94..ea59f46 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.164.1 +%global built_tag v2.164.2 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -24,8 +24,8 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.164.1 -Release: 1.git%{shortcommit0}%{?dist} +Version: 2.164.2 +Release: 1%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -113,6 +113,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Tue Aug 03 2021 RH Container Bot - 2:2.164.2-1 +- autobuilt v2.164.2 + * Mon Jul 19 2021 Dan Walsh - 2:2.164.1-1 - Allow spc_t domains to set bpf rules on any domain diff --git a/sources b/sources index f738a28..926697b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (container-selinux-563ba3f.tar.gz) = fdafd3ca1094fb009893e664a2c59b81b7b95ba796ea7e960c0c2def45a0ed229f4dece63cd87faf14e6c1094848614633b322526bb2625c5df6df6abb568a50 +SHA512 (v2.164.2.tar.gz) = edd821d5c8db176f257304e4ecd1cf4a59caf688c83d929e8ae31372047f9ba868ef9c35ccced90fa3a1d11e1ffce0271863e7220b3509c0d150b0a34cadc909 From 060fe2cd738c0f90b7b65be513097befcfba618a Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 25 Aug 2021 17:19:44 +0000 Subject: [PATCH 20/34] container-selinux-2:2.165.1-1 autobuilt v2.165.1 Signed-off-by: RH Container Bot --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index a5d65b3..32f6756 100644 --- a/.gitignore +++ b/.gitignore @@ -166,3 +166,4 @@ /container-selinux-99b40c5.tar.gz /container-selinux-563ba3f.tar.gz /v2.164.2.tar.gz +/v2.165.1.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index ea59f46..0b3bca7 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.164.2 +%global built_tag v2.165.1 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -24,7 +24,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.164.2 +Version: 2.165.1 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -113,6 +113,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Wed Aug 25 2021 RH Container Bot - 2:2.165.1-1 +- autobuilt v2.165.1 + * Tue Aug 03 2021 RH Container Bot - 2:2.164.2-1 - autobuilt v2.164.2 diff --git a/sources b/sources index 926697b..db8523f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.164.2.tar.gz) = edd821d5c8db176f257304e4ecd1cf4a59caf688c83d929e8ae31372047f9ba868ef9c35ccced90fa3a1d11e1ffce0271863e7220b3509c0d150b0a34cadc909 +SHA512 (v2.165.1.tar.gz) = 43800111b4a040b444b1b6c9ea46b0f4c2b1cbb166e1114e14c1930dd6c2255175df54883d2fbcdae51bfbb5e909fdf29ec5ade07dc29e28cf4c9d97a992251c From ac1501c06b1932434d988d31f924fcf192859249 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Thu, 26 Aug 2021 20:03:37 +0000 Subject: [PATCH 21/34] container-selinux-2:2.167.0-1 autobuilt v2.167.0 Signed-off-by: RH Container Bot --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 32f6756..980bcc2 100644 --- a/.gitignore +++ b/.gitignore @@ -167,3 +167,4 @@ /container-selinux-563ba3f.tar.gz /v2.164.2.tar.gz /v2.165.1.tar.gz +/v2.167.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 0b3bca7..f8e4f7d 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -7,7 +7,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.165.1 +%global built_tag v2.167.0 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -24,7 +24,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.165.1 +Version: 2.167.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -113,6 +113,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Thu Aug 26 2021 RH Container Bot - 2:2.167.0-1 +- autobuilt v2.167.0 + * Wed Aug 25 2021 RH Container Bot - 2:2.165.1-1 - autobuilt v2.165.1 diff --git a/sources b/sources index db8523f..45d2aa8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.165.1.tar.gz) = 43800111b4a040b444b1b6c9ea46b0f4c2b1cbb166e1114e14c1930dd6c2255175df54883d2fbcdae51bfbb5e909fdf29ec5ade07dc29e28cf4c9d97a992251c +SHA512 (v2.167.0.tar.gz) = c46ca4ff144a976362d05cd02809b9eed95c3514a9fe7a57cbec65ec0cb42fb300f4a086981e2917f2b236f34b9754130f4e5f3c4f137b0d65ff8e85c4e0ba73 From 15139724ca43da4042a826af3d1b56c3e0f33bc8 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Fri, 10 Sep 2021 09:35:18 -0400 Subject: [PATCH 22/34] remove unused commit macros Signed-off-by: Lokesh Mandvekar --- container-selinux.spec | 2 -- 1 file changed, 2 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index f8e4f7d..4ffc464 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -2,8 +2,6 @@ # container-selinux %global git0 https://github.com/containers/container-selinux -%global commit0 563ba3f2693f98de5e79a7fbf5889222ab9a454a -%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag # to decide whether to autobuild From bd0e9a8aeab8ed949b71d6dd0fb1dc031c6800d1 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Fri, 10 Sep 2021 09:33:17 -0400 Subject: [PATCH 23/34] container-selinux-2:2.167.0-2 - use upstream tag instead of commits, fix autobuild macros Signed-off-by: Lokesh Mandvekar (cherry picked from commit c287dbae6fd486e90e51151eeeba665b2a9efb91) --- container-selinux.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/container-selinux.spec b/container-selinux.spec index 4ffc464..526053a 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -23,7 +23,7 @@ Name: container-selinux Epoch: 2 Version: 2.167.0 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Fri Sep 10 2021 Lokesh Mandvekar - 2:2.167.0-2 +- use upstream tag instead of commits, fix autobuild macros + * Thu Aug 26 2021 RH Container Bot - 2:2.167.0-1 - autobuilt v2.167.0 From 013ace4f6004f71f9ec1dc9c9a1333ac7645cda6 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Mon, 13 Sep 2021 18:02:56 +0000 Subject: [PATCH 24/34] container-selinux-2:2.168.0-1 autobuilt v2.168.0 Signed-off-by: RH Container Bot (cherry picked from commit f9aa97e6da5179015572647e79ec439b81b2bf6c) --- .gitignore | 1 + container-selinux.spec | 9 ++++++--- sources | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 980bcc2..ff84d69 100644 --- a/.gitignore +++ b/.gitignore @@ -168,3 +168,4 @@ /v2.164.2.tar.gz /v2.165.1.tar.gz /v2.167.0.tar.gz +/v2.168.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 526053a..80c5027 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.167.0 +%global built_tag v2.168.0 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,8 +22,8 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.167.0 -Release: 2%{?dist} +Version: 2.168.0 +Release: 1%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Mon Sep 13 2021 RH Container Bot - 2:2.168.0-1 +- autobuilt v2.168.0 + * Fri Sep 10 2021 Lokesh Mandvekar - 2:2.167.0-2 - use upstream tag instead of commits, fix autobuild macros diff --git a/sources b/sources index 45d2aa8..48caae7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.167.0.tar.gz) = c46ca4ff144a976362d05cd02809b9eed95c3514a9fe7a57cbec65ec0cb42fb300f4a086981e2917f2b236f34b9754130f4e5f3c4f137b0d65ff8e85c4e0ba73 +SHA512 (v2.168.0.tar.gz) = c66a71802c8f65cb253d51067408c6d8d6dc853ca7e1874e073c517d9a74acad85e7605bda4ce7b397278ab3734b3c1617b0fa6d8cb36e94ba67d6d6803f587b From 60e0fbe4ac8247b9507a2c7cfe0f9698ed83a020 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Fri, 24 Sep 2021 21:04:32 +0000 Subject: [PATCH 25/34] container-selinux-2:2.169.0-1 autobuilt v2.169.0 Signed-off-by: RH Container Bot (cherry picked from commit 04f47a764a81868e1038f2327e608a8e9796b1b7) --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index ff84d69..f2c9946 100644 --- a/.gitignore +++ b/.gitignore @@ -169,3 +169,4 @@ /v2.165.1.tar.gz /v2.167.0.tar.gz /v2.168.0.tar.gz +/v2.169.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 80c5027..32b28a4 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.168.0 +%global built_tag v2.169.0 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,7 +22,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.168.0 +Version: 2.169.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Fri Sep 24 2021 RH Container Bot - 2:2.169.0-1 +- autobuilt v2.169.0 + * Mon Sep 13 2021 RH Container Bot - 2:2.168.0-1 - autobuilt v2.168.0 diff --git a/sources b/sources index 48caae7..8c1fa76 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.168.0.tar.gz) = c66a71802c8f65cb253d51067408c6d8d6dc853ca7e1874e073c517d9a74acad85e7605bda4ce7b397278ab3734b3c1617b0fa6d8cb36e94ba67d6d6803f587b +SHA512 (v2.169.0.tar.gz) = a0beec62004c94f9eb6279e385ab41143a691dd21849cdd31bd6e2a3f45cb28714f56fe1186b5ddb0b114148e1e63387d0eeff331691adc8e745ba803a96d73c From e51b7725b6477f24efb9ae5f5c6ecd40106f92f9 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Tue, 5 Oct 2021 19:47:48 +0000 Subject: [PATCH 26/34] container-selinux-2:2.170.0-1 autobuilt v2.170.0 Signed-off-by: RH Container Bot (cherry picked from commit 156b58ad36077d57ab802e8bfa147c4b3a9e8498) --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index f2c9946..14a72ea 100644 --- a/.gitignore +++ b/.gitignore @@ -170,3 +170,4 @@ /v2.167.0.tar.gz /v2.168.0.tar.gz /v2.169.0.tar.gz +/v2.170.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 32b28a4..d1ac55c 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.169.0 +%global built_tag v2.170.0 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,7 +22,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.169.0 +Version: 2.170.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -111,6 +111,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Tue Oct 05 2021 RH Container Bot - 2:2.170.0-1 +- autobuilt v2.170.0 + * Fri Sep 24 2021 RH Container Bot - 2:2.169.0-1 - autobuilt v2.169.0 diff --git a/sources b/sources index 8c1fa76..80360b8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.169.0.tar.gz) = a0beec62004c94f9eb6279e385ab41143a691dd21849cdd31bd6e2a3f45cb28714f56fe1186b5ddb0b114148e1e63387d0eeff331691adc8e745ba803a96d73c +SHA512 (v2.170.0.tar.gz) = 416faa66c192764326a8b7b8f695aa5b0b82603c366f8b0bc53387c75bfaa50535103229eccfb1c2273aebeb8d08255ef18ba5cc9b10cc738baf5b216b883705 From 9afda8c40bc50a4665ae154e4c35eb74aac8c3bd Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 15 Oct 2021 14:55:57 -0400 Subject: [PATCH 27/34] Add conflicts k3s-selinux <= 0.4-1 to force upgrade --- container-selinux.spec | 53 +++++++++++++++++++++++++++++++++++------- sources | 2 +- 2 files changed, 45 insertions(+), 10 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index d71e96a..cdee5a3 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -2,12 +2,11 @@ # container-selinux %global git0 https://github.com/containers/container-selinux -%global commit0 563ba3f2693f98de5e79a7fbf5889222ab9a454a -%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # Used for comparing with latest upstream tag -# to decide whether to autobuild (non-rawhide only) -%define built_tag v2.164.1 +# to decide whether to autobuild +%global built_tag v2.170.0 +%global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package @@ -23,12 +22,12 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.164.1 -Release: 1.git%{shortcommit0}%{?dist} +Version: 2.170.0 +Release: 2%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes -Source0: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz +Source0: %{git0}/archive/%{built_tag}.tar.gz BuildArch: noarch BuildRequires: make BuildRequires: git-core @@ -45,12 +44,14 @@ Requires(post): sed Obsoletes: %{name} <= 2:1.12.5-13 Obsoletes: docker-selinux <= 2:1.12.4-28 Provides: docker-selinux = %{?epoch:%{epoch}:}%{version}-%{release} +Conflicts: udica < 0.2.6-1 +Conflicts: k3s-selinux <= 0.4-1 %description SELinux policy modules for use with container runtimes. %prep -%autosetup -Sgit -n %{name}-%{commit0} +%autosetup -Sgit -n %{name}-%{built_tag_strip} %build make @@ -64,6 +65,8 @@ install -p -m 644 container.if %{buildroot}%{_datadir}/selinux/devel/include/ser install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages install -d %{buildroot}/%{_datadir}/containers/selinux install -m 644 container_contexts %{buildroot}/%{_datadir}/containers/selinux/contexts +install -d %{buildroot}%{_datadir}/udica/templates +install -m 0644 udica-templates/*.cil %{buildroot}%{_datadir}/udica/templates %check @@ -100,6 +103,8 @@ fi %{_datadir}/selinux/* %dir %{_datadir}/containers/selinux %{_datadir}/containers/selinux/contexts +%dir %{_datadir}/udica/templates/ +%{_datadir}/udica/templates/* # Currently shipped in selinux-policy-doc #%%{_datadir}/man/man8/container_selinux.8.gz @@ -112,7 +117,37 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog -* Mon Jul 19 2021 Dan Walsh - 2:2.164.1-1 +* Fri Oct 15 2021 Dan Walsh - 2:2.170.0-2 +- Add conflicts k3s-selinux <= 0.4-1 to force upgrade + +* Tue Oct 05 2021 RH Container Bot - 2:2.170.0-1 +- autobuilt v2.170.0 + +* Fri Sep 24 2021 RH Container Bot - 2:2.169.0-1 +- autobuilt v2.169.0 + +* Tue Sep 14 2021 Vit Mojzis - 2:2.168.0-2 +- Start shipping udica templates + +* Mon Sep 13 2021 RH Container Bot - 2:2.168.0-1 +- autobuilt v2.168.0 + +* Fri Sep 10 2021 Lokesh Mandvekar - 2:2.167.0-2 +- use upstream tag instead of commits, fix autobuild macros + +* Thu Aug 26 2021 RH Container Bot - 2:2.167.0-1 +- autobuilt v2.167.0 + +* Wed Aug 25 2021 RH Container Bot - 2:2.165.1-1 +- autobuilt v2.165.1 + +* Wed Aug 04 2021 RH Container Bot - 2:2.164.2-1 +- autobuilt v2.164.2 + +* Wed Jul 21 2021 Fedora Release Engineering - 2:2.164.1-0.dev.git563ba3f.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon Jul 19 2021 Dan Walsh - 2:2.164.1-0.dev - Allow spc_t domains to set bpf rules on any domain * Sat Jun 12 2021 RH Container Bot - 2:2.163.0-2.dev.git99b40c5 diff --git a/sources b/sources index f738a28..80360b8 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (container-selinux-563ba3f.tar.gz) = fdafd3ca1094fb009893e664a2c59b81b7b95ba796ea7e960c0c2def45a0ed229f4dece63cd87faf14e6c1094848614633b322526bb2625c5df6df6abb568a50 +SHA512 (v2.170.0.tar.gz) = 416faa66c192764326a8b7b8f695aa5b0b82603c366f8b0bc53387c75bfaa50535103229eccfb1c2273aebeb8d08255ef18ba5cc9b10cc738baf5b216b883705 From d08739a79ca60b56c44aa16c632ac5782b812de2 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Fri, 15 Oct 2021 14:56:48 -0400 Subject: [PATCH 28/34] Add conflicts k3s-selinux <= 0.4-1 to force upgrade --- container-selinux.spec | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/container-selinux.spec b/container-selinux.spec index ce002d4..cdee5a3 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -23,11 +23,7 @@ Name: container-selinux Epoch: 2 Version: 2.170.0 -<<<<<<< HEAD Release: 2%{?dist} -======= -Release: 1%{?dist} ->>>>>>> e51b7725b6477f24efb9ae5f5c6ecd40106f92f9 License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -121,24 +117,18 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog -<<<<<<< HEAD * Fri Oct 15 2021 Dan Walsh - 2:2.170.0-2 - Add conflicts k3s-selinux <= 0.4-1 to force upgrade -======= ->>>>>>> e51b7725b6477f24efb9ae5f5c6ecd40106f92f9 * Tue Oct 05 2021 RH Container Bot - 2:2.170.0-1 - autobuilt v2.170.0 * Fri Sep 24 2021 RH Container Bot - 2:2.169.0-1 - autobuilt v2.169.0 -<<<<<<< HEAD * Tue Sep 14 2021 Vit Mojzis - 2:2.168.0-2 - Start shipping udica templates -======= ->>>>>>> e51b7725b6477f24efb9ae5f5c6ecd40106f92f9 * Mon Sep 13 2021 RH Container Bot - 2:2.168.0-1 - autobuilt v2.168.0 @@ -151,7 +141,6 @@ fi * Wed Aug 25 2021 RH Container Bot - 2:2.165.1-1 - autobuilt v2.165.1 -<<<<<<< HEAD * Wed Aug 04 2021 RH Container Bot - 2:2.164.2-1 - autobuilt v2.164.2 @@ -159,12 +148,6 @@ fi - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Mon Jul 19 2021 Dan Walsh - 2:2.164.1-0.dev -======= -* Tue Aug 03 2021 RH Container Bot - 2:2.164.2-1 -- autobuilt v2.164.2 - -* Mon Jul 19 2021 Dan Walsh - 2:2.164.1-1 ->>>>>>> e51b7725b6477f24efb9ae5f5c6ecd40106f92f9 - Allow spc_t domains to set bpf rules on any domain * Sat Jun 12 2021 RH Container Bot - 2:2.163.0-2.dev.git99b40c5 From 102ba4a29a1ec46717cb921b3ab1ebcedc19279c Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Wed, 10 Nov 2021 23:03:48 +0000 Subject: [PATCH 29/34] container-selinux-2:2.171.0-1 autobuilt v2.171.0 Signed-off-by: RH Container Bot (cherry picked from commit fd5c0b5da2ce5216c724c254fd1ed5b36ca9a5e4) --- .gitignore | 1 + container-selinux.spec | 9 ++++++--- sources | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 14a72ea..fa74ce6 100644 --- a/.gitignore +++ b/.gitignore @@ -171,3 +171,4 @@ /v2.168.0.tar.gz /v2.169.0.tar.gz /v2.170.0.tar.gz +/v2.171.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index cdee5a3..ab410f5 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.170.0 +%global built_tag v2.171.0 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,8 +22,8 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.170.0 -Release: 2%{?dist} +Version: 2.171.0 +Release: 1%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -117,6 +117,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Wed Nov 10 2021 RH Container Bot - 2:2.171.0-1 +- autobuilt v2.171.0 + * Fri Oct 15 2021 Dan Walsh - 2:2.170.0-2 - Add conflicts k3s-selinux <= 0.4-1 to force upgrade diff --git a/sources b/sources index 80360b8..90a0f9a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.170.0.tar.gz) = 416faa66c192764326a8b7b8f695aa5b0b82603c366f8b0bc53387c75bfaa50535103229eccfb1c2273aebeb8d08255ef18ba5cc9b10cc738baf5b216b883705 +SHA512 (v2.171.0.tar.gz) = c701ab7d4f60d9f243cc3e93880cc34d8160a889cba9f331338e9544edb69f389983cf3572136d904a69201fa4b2bee1eb379626cb84a04d59771318b223413e From 073d730ce3d2b934e8e25d114a9ffa22656f9b1e Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Mon, 22 Nov 2021 23:03:22 +0000 Subject: [PATCH 30/34] container-selinux-2:2.172.0-1 autobuilt v2.172.0 Signed-off-by: RH Container Bot (cherry picked from commit 8bae2f2e518c1c85afd7a30ab59888cdfe0faf56) --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index fa74ce6..42387ce 100644 --- a/.gitignore +++ b/.gitignore @@ -172,3 +172,4 @@ /v2.169.0.tar.gz /v2.170.0.tar.gz /v2.171.0.tar.gz +/v2.172.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index ab410f5..ba2b7d4 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.171.0 +%global built_tag v2.172.0 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,7 +22,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.171.0 +Version: 2.172.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -117,6 +117,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Mon Nov 22 2021 RH Container Bot - 2:2.172.0-1 +- autobuilt v2.172.0 + * Wed Nov 10 2021 RH Container Bot - 2:2.171.0-1 - autobuilt v2.171.0 diff --git a/sources b/sources index 90a0f9a..b72d59c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.171.0.tar.gz) = c701ab7d4f60d9f243cc3e93880cc34d8160a889cba9f331338e9544edb69f389983cf3572136d904a69201fa4b2bee1eb379626cb84a04d59771318b223413e +SHA512 (v2.172.0.tar.gz) = 5e61d0eefdb062ca15fedac72a5acd44ce7975e3ef070a6fac65ab38b6d052692c5f7e63fcdd73ed0b5293d6674dda52816a8037758a89f81a749e3b51b43370 From 1c0955c77fb5a19f57756817c9ddac0baf6e41c1 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Thu, 6 Jan 2022 21:03:59 +0000 Subject: [PATCH 31/34] container-selinux-2:2.172.1-1 autobuilt v2.172.1 Signed-off-by: RH Container Bot (cherry picked from commit a57b6ae9954dbf66f2e711874fac09edf11f4946) --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 42387ce..de2259f 100644 --- a/.gitignore +++ b/.gitignore @@ -173,3 +173,4 @@ /v2.170.0.tar.gz /v2.171.0.tar.gz /v2.172.0.tar.gz +/v2.172.1.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index ba2b7d4..f7134c7 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.172.0 +%global built_tag v2.172.1 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,7 +22,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.172.0 +Version: 2.172.1 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -117,6 +117,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Thu Jan 06 2022 RH Container Bot - 2:2.172.1-1 +- autobuilt v2.172.1 + * Mon Nov 22 2021 RH Container Bot - 2:2.172.0-1 - autobuilt v2.172.0 diff --git a/sources b/sources index b72d59c..936de72 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.172.0.tar.gz) = 5e61d0eefdb062ca15fedac72a5acd44ce7975e3ef070a6fac65ab38b6d052692c5f7e63fcdd73ed0b5293d6674dda52816a8037758a89f81a749e3b51b43370 +SHA512 (v2.172.1.tar.gz) = 96578d02fd15b41d7c1da400871b0b861d6091b7d04acb546e2856cf7da6abefaf847b8579c05af5fca1f10501f6ab6c0ce0baab0bb6b7afd7939e3f3ed8a339 From eed4ceda37744555200c22db6fb40b64c8bf61d6 Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Tue, 11 Jan 2022 12:04:22 +0000 Subject: [PATCH 32/34] container-selinux-2:2.173.0-1 autobuilt v2.173.0 Signed-off-by: RH Container Bot (cherry picked from commit 237d59707cb47f3da2c3ae314cb4116453c2b61f) --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index de2259f..a7e56d6 100644 --- a/.gitignore +++ b/.gitignore @@ -174,3 +174,4 @@ /v2.171.0.tar.gz /v2.172.0.tar.gz /v2.172.1.tar.gz +/v2.173.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index f7134c7..890bf32 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.172.1 +%global built_tag v2.173.0 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,7 +22,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.172.1 +Version: 2.173.0 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -117,6 +117,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Tue Jan 11 2022 RH Container Bot - 2:2.173.0-1 +- autobuilt v2.173.0 + * Thu Jan 06 2022 RH Container Bot - 2:2.172.1-1 - autobuilt v2.172.1 diff --git a/sources b/sources index 936de72..b87132f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.172.1.tar.gz) = 96578d02fd15b41d7c1da400871b0b861d6091b7d04acb546e2856cf7da6abefaf847b8579c05af5fca1f10501f6ab6c0ce0baab0bb6b7afd7939e3f3ed8a339 +SHA512 (v2.173.0.tar.gz) = e77836306ceb6b5b2f350cbc18f4c79a7d8b368ec84955bac2f1e3bedc4903b5a5dfd23bdb7289f2bdca177736d02897ed4700654387a76ff77a623d3386d104 From 7778dcc70b39e84bb5633aad814300a22b1c730f Mon Sep 17 00:00:00 2001 From: RH Container Bot Date: Tue, 18 Jan 2022 16:04:46 +0000 Subject: [PATCH 33/34] container-selinux-2:2.173.1-1 autobuilt v2.173.1 Signed-off-by: RH Container Bot (cherry picked from commit 258efbfe5ef399dca7fb36bff91fc5d0a4e32885) --- .gitignore | 1 + container-selinux.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index a7e56d6..cec5421 100644 --- a/.gitignore +++ b/.gitignore @@ -175,3 +175,4 @@ /v2.172.0.tar.gz /v2.172.1.tar.gz /v2.173.0.tar.gz +/v2.173.1.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 890bf32..66cd599 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -5,7 +5,7 @@ # Used for comparing with latest upstream tag # to decide whether to autobuild -%global built_tag v2.173.0 +%global built_tag v2.173.1 %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) # container-selinux stuff (prefix with ds_ for version/release etc.) @@ -22,7 +22,7 @@ # Hooked up to autobuilder, please check with @lsm5 before updating Name: container-selinux Epoch: 2 -Version: 2.173.0 +Version: 2.173.1 Release: 1%{?dist} License: GPLv2 URL: %{git0} @@ -117,6 +117,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Tue Jan 18 2022 RH Container Bot - 2:2.173.1-1 +- autobuilt v2.173.1 + * Tue Jan 11 2022 RH Container Bot - 2:2.173.0-1 - autobuilt v2.173.0 diff --git a/sources b/sources index b87132f..90fae30 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.173.0.tar.gz) = e77836306ceb6b5b2f350cbc18f4c79a7d8b368ec84955bac2f1e3bedc4903b5a5dfd23bdb7289f2bdca177736d02897ed4700654387a76ff77a623d3386d104 +SHA512 (v2.173.1.tar.gz) = 0dce3af485b404ba4d29b3c5e23c1fe9d230722c1f3e3317cf1b8de21c0663deae3863852b61e6e08d3b62764dde93d5dfc99d3a86c73038ab6e0297b057261d From 3675c656879712645ace730ee7542e70d7c2ea8a Mon Sep 17 00:00:00 2001 From: David King Date: Fri, 15 Apr 2022 14:47:59 +0100 Subject: [PATCH 34/34] Rebuild against selinux-policy (#2070764) --- container-selinux.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/container-selinux.spec b/container-selinux.spec index 66cd599..e7d7159 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -23,7 +23,7 @@ Name: container-selinux Epoch: 2 Version: 2.173.1 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2 URL: %{git0} Summary: SELinux policies for container runtimes @@ -117,6 +117,9 @@ fi # Hooked up to autobuilder, please check with @lsm5 before updating %changelog +* Fri Apr 15 2022 David King - 2:2.173.1-2 +- Rebuild against selinux-policy (#2070764) + * Tue Jan 18 2022 RH Container Bot - 2:2.173.1-1 - autobuilt v2.173.1