diff --git a/.docker.metadata b/.docker.metadata
index 66b1e03..2f39dc4 100644
--- a/.docker.metadata
+++ b/.docker.metadata
@@ -1,8 +1,10 @@
-e3e41a30b84108abb71af3176bc22f0cd69b52ea SOURCES/3e8e77dcb88db0530c839b249bea7d75f9cd01d7.tar.gz
-27fe386ea4378b478fa0051976d761419aa3f070 SOURCES/container-storage-setup-8276a1e.tar.gz
-9e13309de5e468d5d68208d5fd0b7aca5e9f948e SOURCES/containerd-fa8fb3d.tar.gz
+3e38eb46a96ca48b28d06945543012f804be810e SOURCES/774336db27bb8931c1705e47781b3842d290c968.tar.gz
+9e9e55d86e9df69ce17c8186d6ead913273f02cf SOURCES/container-storage-setup-e0997c3.tar.gz
+402d105d5ed40a9820d41b3f677df07c566393c9 SOURCES/containerd-296f1f8.tar.gz
 b0ba595ce2314c59ebbd53400f7f64809331a6b9 SOURCES/docker-lvm-plugin-8647404.tar.gz
 0beb6283e30f1e87e907576f4571ccb0a48b6be5 SOURCES/docker-novolume-plugin-385ec70.tar.gz
+fb49d4dd60e576f3a6412c2885256f8954fa5236 SOURCES/libnetwork-14db3c4.tar.gz
 965d64f5a81c3a428ca3b29495ecf66748c67c1f SOURCES/rhel-push-plugin-af9107b.tar.gz
-d01d661d4fb75caa219dd9ded75a7064a30d41b6 SOURCES/runc-c5d3116.tar.gz
+78795d104677625593c70e1dbe569f235b5af0c5 SOURCES/runc-e9c345b.tar.gz
+c5c3577b90edc8902f3dd888e55334ba6e9e1ddf SOURCES/tini-5b117de.tar.gz
 496f9927f4254508ea1cd94f473b5b9321d41245 SOURCES/v1.10-migrator-c417a6a.tar.gz
diff --git a/.gitignore b/.gitignore
index f5923fa..4a29b61 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,8 +1,10 @@
-SOURCES/3e8e77dcb88db0530c839b249bea7d75f9cd01d7.tar.gz
-SOURCES/container-storage-setup-8276a1e.tar.gz
-SOURCES/containerd-fa8fb3d.tar.gz
+SOURCES/774336db27bb8931c1705e47781b3842d290c968.tar.gz
+SOURCES/container-storage-setup-e0997c3.tar.gz
+SOURCES/containerd-296f1f8.tar.gz
 SOURCES/docker-lvm-plugin-8647404.tar.gz
 SOURCES/docker-novolume-plugin-385ec70.tar.gz
+SOURCES/libnetwork-14db3c4.tar.gz
 SOURCES/rhel-push-plugin-af9107b.tar.gz
-SOURCES/runc-c5d3116.tar.gz
+SOURCES/runc-e9c345b.tar.gz
+SOURCES/tini-5b117de.tar.gz
 SOURCES/v1.10-migrator-c417a6a.tar.gz
diff --git a/README.debrand b/README.debrand
deleted file mode 100644
index 01c46d2..0000000
--- a/README.debrand
+++ /dev/null
@@ -1,2 +0,0 @@
-Warning: This package was configured for automatic debranding, but the changes
-failed to apply.
diff --git a/SOURCES/docker.service b/SOURCES/docker.service
index 871f839..7a53857 100644
--- a/SOURCES/docker.service
+++ b/SOURCES/docker.service
@@ -22,12 +22,13 @@ ExecStart=/usr/bin/dockerd-current \
           --authorization-plugin=rhel-push-plugin \
           --exec-opt native.cgroupdriver=systemd \
           --userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
+          --seccomp-profile=/etc/docker/seccomp.json \
           $OPTIONS \
           $DOCKER_STORAGE_OPTIONS \
           $DOCKER_NETWORK_OPTIONS \
           $ADD_REGISTRY \
           $BLOCK_REGISTRY \
-          $INSECURE_REGISTRY\
+          $INSECURE_REGISTRY \
 	  $REGISTRIES
 ExecReload=/bin/kill -s HUP $MAINPID
 LimitNOFILE=1048576
diff --git a/SOURCES/seccomp.json b/SOURCES/seccomp.json
new file mode 100644
index 0000000..b9a4564
--- /dev/null
+++ b/SOURCES/seccomp.json
@@ -0,0 +1,701 @@
+{
+	"defaultAction": "SCMP_ACT_ERRNO",
+	"archMap": [
+		{
+			"architecture": "SCMP_ARCH_X86_64",
+			"subArchitectures": [
+				"SCMP_ARCH_X86",
+				"SCMP_ARCH_X32"
+			]
+		},
+		{
+			"architecture": "SCMP_ARCH_AARCH64",
+			"subArchitectures": [
+				"SCMP_ARCH_ARM"
+			]
+		},
+		{
+			"architecture": "SCMP_ARCH_MIPS64",
+			"subArchitectures": [
+				"SCMP_ARCH_MIPS",
+				"SCMP_ARCH_MIPS64N32"
+			]
+		},
+		{
+			"architecture": "SCMP_ARCH_MIPS64N32",
+			"subArchitectures": [
+				"SCMP_ARCH_MIPS",
+				"SCMP_ARCH_MIPS64"
+			]
+		},
+		{
+			"architecture": "SCMP_ARCH_MIPSEL64",
+			"subArchitectures": [
+				"SCMP_ARCH_MIPSEL",
+				"SCMP_ARCH_MIPSEL64N32"
+			]
+		},
+		{
+			"architecture": "SCMP_ARCH_MIPSEL64N32",
+			"subArchitectures": [
+				"SCMP_ARCH_MIPSEL",
+				"SCMP_ARCH_MIPSEL64"
+			]
+		},
+		{
+			"architecture": "SCMP_ARCH_S390X",
+			"subArchitectures": [
+				"SCMP_ARCH_S390"
+			]
+		}
+	],
+	"syscalls": [
+		{
+			"names": [
+				"accept",
+				"accept4",
+				"access",
+				"alarm",
+				"alarm",
+				"bind",
+				"brk",
+				"capget",
+				"capset",
+				"chdir",
+				"chmod",
+				"chown",
+				"chown32",
+				"clock_getres",
+				"clock_gettime",
+				"clock_nanosleep",
+				"close",
+				"connect",
+				"copy_file_range",
+				"creat",
+				"dup",
+				"dup2",
+				"dup3",
+				"epoll_create",
+				"epoll_create1",
+				"epoll_ctl",
+				"epoll_ctl_old",
+				"epoll_pwait",
+				"epoll_wait",
+				"epoll_wait_old",
+				"eventfd",
+				"eventfd2",
+				"execve",
+				"execveat",
+				"exit",
+				"exit_group",
+				"faccessat",
+				"fadvise64",
+				"fadvise64_64",
+				"fallocate",
+				"fanotify_mark",
+				"fchdir",
+				"fchmod",
+				"fchmodat",
+				"fchown",
+				"fchown32",
+				"fchownat",
+				"fcntl",
+				"fcntl64",
+				"fdatasync",
+				"fgetxattr",
+				"flistxattr",
+				"flock",
+				"fork",
+				"fremovexattr",
+				"fsetxattr",
+				"fstat",
+				"fstat64",
+				"fstatat64",
+				"fstatfs",
+				"fstatfs64",
+				"fsync",
+				"ftruncate",
+				"ftruncate64",
+				"futex",
+				"futimesat",
+				"getcpu",
+				"getcwd",
+				"getdents",
+				"getdents64",
+				"getegid",
+				"getegid32",
+				"geteuid",
+				"geteuid32",
+				"getgid",
+				"getgid32",
+				"getgroups",
+				"getgroups32",
+				"getitimer",
+				"getpeername",
+				"getpgid",
+				"getpgrp",
+				"getpid",
+				"getppid",
+				"getpriority",
+				"getrandom",
+				"getresgid",
+				"getresgid32",
+				"getresuid",
+				"getresuid32",
+				"getrlimit",
+				"get_robust_list",
+				"getrusage",
+				"getsid",
+				"getsockname",
+				"getsockopt",
+				"get_thread_area",
+				"gettid",
+				"gettimeofday",
+				"getuid",
+				"getuid32",
+				"getxattr",
+				"inotify_add_watch",
+				"inotify_init",
+				"inotify_init1",
+				"inotify_rm_watch",
+				"io_cancel",
+				"ioctl",
+				"io_destroy",
+				"io_getevents",
+				"ioprio_get",
+				"ioprio_set",
+				"io_setup",
+				"io_submit",
+				"ipc",
+				"kill",
+				"lchown",
+				"lchown32",
+				"lgetxattr",
+				"link",
+				"linkat",
+				"listen",
+				"listxattr",
+				"llistxattr",
+				"_llseek",
+				"lremovexattr",
+				"lseek",
+				"lsetxattr",
+				"lstat",
+				"lstat64",
+				"madvise",
+				"memfd_create",
+				"mincore",
+				"mkdir",
+				"mkdirat",
+				"mknod",
+				"mknodat",
+				"mlock",
+				"mlock2",
+				"mlockall",
+				"mmap",
+				"mmap2",
+				"mprotect",
+				"mq_getsetattr",
+				"mq_notify",
+				"mq_open",
+				"mq_timedreceive",
+				"mq_timedsend",
+				"mq_unlink",
+				"mremap",
+				"msgctl",
+				"msgget",
+				"msgrcv",
+				"msgsnd",
+				"msync",
+				"munlock",
+				"munlockall",
+				"munmap",
+				"nanosleep",
+				"newfstatat",
+				"_newselect",
+				"open",
+				"openat",
+				"pause",
+				"pipe",
+				"pipe2",
+				"poll",
+				"ppoll",
+				"prctl",
+				"pread64",
+				"preadv",
+				"prlimit64",
+				"pselect6",
+				"pwrite64",
+				"pwritev",
+				"read",
+				"readahead",
+				"readlink",
+				"readlinkat",
+				"readv",
+				"recv",
+				"recvfrom",
+				"recvmmsg",
+				"recvmsg",
+				"remap_file_pages",
+				"removexattr",
+				"rename",
+				"renameat",
+				"renameat2",
+				"restart_syscall",
+				"rmdir",
+				"rt_sigaction",
+				"rt_sigpending",
+				"rt_sigprocmask",
+				"rt_sigqueueinfo",
+				"rt_sigreturn",
+				"rt_sigsuspend",
+				"rt_sigtimedwait",
+				"rt_tgsigqueueinfo",
+				"sched_getaffinity",
+				"sched_getattr",
+				"sched_getparam",
+				"sched_get_priority_max",
+				"sched_get_priority_min",
+				"sched_getscheduler",
+				"sched_rr_get_interval",
+				"sched_setaffinity",
+				"sched_setattr",
+				"sched_setparam",
+				"sched_setscheduler",
+				"sched_yield",
+				"seccomp",
+				"select",
+				"semctl",
+				"semget",
+				"semop",
+				"semtimedop",
+				"send",
+				"sendfile",
+				"sendfile64",
+				"sendmmsg",
+				"sendmsg",
+				"sendto",
+				"setfsgid",
+				"setfsgid32",
+				"setfsuid",
+				"setfsuid32",
+				"setgid",
+				"setgid32",
+				"setgroups",
+				"setgroups32",
+				"setitimer",
+				"setpgid",
+				"setpriority",
+				"setregid",
+				"setregid32",
+				"setresgid",
+				"setresgid32",
+				"setresuid",
+				"setresuid32",
+				"setreuid",
+				"setreuid32",
+				"setrlimit",
+				"set_robust_list",
+				"setsid",
+				"setsockopt",
+				"set_thread_area",
+				"set_tid_address",
+				"setuid",
+				"setuid32",
+				"setxattr",
+				"shmat",
+				"shmctl",
+				"shmdt",
+				"shmget",
+				"shutdown",
+				"sigaltstack",
+				"signalfd",
+				"signalfd4",
+				"sigreturn",
+				"socket",
+				"socketcall",
+				"socketpair",
+				"splice",
+				"stat",
+				"stat64",
+				"statfs",
+				"statfs64",
+				"symlink",
+				"symlinkat",
+				"sync",
+				"sync_file_range",
+				"syncfs",
+				"sysinfo",
+				"syslog",
+				"tee",
+				"tgkill",
+				"time",
+				"timer_create",
+				"timer_delete",
+				"timerfd_create",
+				"timerfd_gettime",
+				"timerfd_settime",
+				"timer_getoverrun",
+				"timer_gettime",
+				"timer_settime",
+				"times",
+				"tkill",
+				"truncate",
+				"truncate64",
+				"ugetrlimit",
+				"umask",
+				"uname",
+				"unlink",
+				"unlinkat",
+				"utime",
+				"utimensat",
+				"utimes",
+				"vfork",
+				"vmsplice",
+				"wait4",
+				"waitid",
+				"waitpid",
+				"write",
+				"writev",
+				"mount",
+				"umount2",
+				"reboot",
+				"name_to_handle_at",
+				"unshare"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"personality"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 0,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_EQ"
+				}
+			],
+			"comment": "",
+			"includes": {},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"personality"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 8,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_EQ"
+				}
+			],
+			"comment": "",
+			"includes": {},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"personality"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 4294967295,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_EQ"
+				}
+			],
+			"comment": "",
+			"includes": {},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"breakpoint",
+				"cacheflush",
+				"set_tls"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"arches": [
+					"arm",
+					"arm64"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"arch_prctl"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"arches": [
+					"amd64",
+					"x32"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"modify_ldt"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"arches": [
+					"amd64",
+					"x32",
+					"x86"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"s390_pci_mmio_read",
+				"s390_pci_mmio_write",
+				"s390_runtime_instr"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"arches": [
+					"s390",
+					"s390x"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"open_by_handle_at"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_DAC_READ_SEARCH"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"bpf",
+				"clone",
+				"fanotify_init",
+				"lookup_dcookie",
+				"mount",
+				"name_to_handle_at",
+				"perf_event_open",
+				"setdomainname",
+				"sethostname",
+				"setns",
+				"umount",
+				"umount2",
+				"unshare"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_ADMIN"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"clone"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 0,
+					"value": 2080505856,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_MASKED_EQ"
+				}
+			],
+			"comment": "",
+			"includes": {},
+			"excludes": {
+				"caps": [
+					"CAP_SYS_ADMIN"
+				],
+				"arches": [
+					"s390",
+					"s390x"
+				]
+			}
+		},
+		{
+			"names": [
+				"clone"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [
+				{
+					"index": 1,
+					"value": 2080505856,
+					"valueTwo": 0,
+					"op": "SCMP_CMP_MASKED_EQ"
+				}
+			],
+			"comment": "s390 parameter ordering for clone is different",
+			"includes": {
+				"arches": [
+					"s390",
+					"s390x"
+				]
+			},
+			"excludes": {
+				"caps": [
+					"CAP_SYS_ADMIN"
+				]
+			}
+		},
+		{
+			"names": [
+				"reboot"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_BOOT"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"chroot"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_CHROOT"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"delete_module",
+				"init_module",
+				"finit_module",
+				"query_module"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_MODULE"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"acct"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_PACCT"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"kcmp",
+				"process_vm_readv",
+				"process_vm_writev",
+				"ptrace"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_PTRACE"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"iopl",
+				"ioperm"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_RAWIO"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"settimeofday",
+				"stime",
+				"adjtimex"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_TIME"
+				]
+			},
+			"excludes": {}
+		},
+		{
+			"names": [
+				"vhangup"
+			],
+			"action": "SCMP_ACT_ALLOW",
+			"args": [],
+			"comment": "",
+			"includes": {
+				"caps": [
+					"CAP_SYS_TTY_CONFIG"
+				]
+			},
+			"excludes": {}
+		}
+	]
+}
\ No newline at end of file
diff --git a/SPECS/docker.spec b/SPECS/docker.spec
index cc0b975..41d573c 100644
--- a/SPECS/docker.spec
+++ b/SPECS/docker.spec
@@ -24,14 +24,14 @@
 
 # docker
 %global git_docker https://github.com/projectatomic/docker
-%global commit_docker 3e8e77dcb88db0530c839b249bea7d75f9cd01d7
+%global commit_docker 774336db27bb8931c1705e47781b3842d290c968
 %global shortcommit_docker %(c=%{commit_docker}; echo ${c:0:7})
 # docker_branch used in %%check
 %global docker_branch %{name}-%{version}
 
 # d-s-s
 %global git_dss https://github.com/projectatomic/container-storage-setup
-%global commit_dss 8276a1e9abf9607e82018c96001858d04420208e
+%global commit_dss e0997c32103235a3eff8fe6917e6f2d0507c119e
 %global shortcommit_dss %(c=%{commit_dss}; echo ${c:0:7})
 %global dss_libdir %{_exec_prefix}/lib/%{name}-storage-setup
 
@@ -57,18 +57,28 @@
 
 # docker-runc
 %global git_runc https://github.com/projectatomic/runc
-%global commit_runc c5d311627d39439c5b1cc35c67a51c9c6ccda648
+%global commit_runc e9c345b3f906d5dc5e8100b05ce37073a811c74a
 %global shortcommit_runc %(c=%{commit_runc}; echo ${c:0:7})
 
 # docker-containerd
 %global git_containerd https://github.com/projectatomic/containerd
-%global commit_containerd fa8fb3d455e1baf716f3131581f0ed8b07c573a6
+%global commit_containerd 296f1f80d6c6a83cc625163f863e53d3287328ee
 %global shortcommit_containerd %(c=%{commit_containerd}; echo ${c:0:7})
 
+# docker-init
+%global git_tini https://github.com/krallin/tini
+%global commit_tini 5b117de7f824f3d3825737cf09581645abbe35d4
+%global shortcommit_tini %(c=%{commit_tini}; echo ${c:0:7})
+
+# docker-proxy
+%global git_libnetwork https://github.com/docker/libnetwork
+%global commit_libnetwork 14db3c494c259b8caa159a244a8e9708e3f4b595
+%global shortcommit_libnetwork %(c=%{commit_libnetwork}; echo ${c:0:7})
+
 Name: %{repo}
 Epoch: 2
-Version: 1.12.6
-Release: 71.git%{shortcommit_docker}%{?dist}
+Version: 1.13.1
+Release: 53.git%{shortcommit_docker}%{?dist}
 Summary: Automates deployment of containerized applications
 License: ASL 2.0
 URL: https://%{import_path}
@@ -96,6 +106,10 @@ Source25: %{name}-cleanup.service
 Source26: %{name}-cleanup.timer
 Source27: daemon.json
 Source29: 99-docker.conf
+Source30: %{git_tini}/archive/%{commit_tini}/tini-%{shortcommit_tini}.tar.gz
+Source31: %{git_libnetwork}/archive/%{commit_libnetwork}/libnetwork-%{shortcommit_libnetwork}.tar.gz
+Source32: seccomp.json
+BuildRequires: cmake
 BuildRequires: sed
 BuildRequires: git
 BuildRequires: glibc-static
@@ -163,7 +177,7 @@ running and skip checksum calculation on startup.
 Summary: Common files for docker and docker-latest
 Requires: device-mapper-libs >= 7:1.02.97
 Requires: oci-umount >= 2:2.0.0-1
-Requires: oci-register-machine >= 1:0-3.14
+Requires: oci-register-machine >= 1:0-5.13
 Requires: oci-systemd-hook >= 1:0.1.4-9
 Requires: %{name}-rhel-push-plugin = %{epoch}:%{version}-%{release}
 Requires: subscription-manager-plugin-container
@@ -176,7 +190,7 @@ Requires: lvm2 >= 2.02.112
 Requires: xfsprogs
 # rhbz#1282898 - obsolete docker-storage-setup
 Obsoletes: %{name}-storage-setup <= 0.0.4-2
-Requires: skopeo-containers >= 0.1.24-3
+Requires: skopeo-containers >= 1:0.1.26-2
 Requires: gnupg
 Requires: tar
 
@@ -286,12 +300,26 @@ tar zxf %{SOURCE19}
 # untar docker-containerd
 tar zxf %{SOURCE20}
 
+# untar docker-init
+tar zxf %{SOURCE30}
+
+# untar libnetwork
+tar zxf %{SOURCE31}
+
 %build
+# compile docker-proxy first - otherwise deps in gopath conflict with the others below and this fails. Remove libnetwork libs then.
+pushd libnetwork-%{commit_libnetwork}
+mkdir -p src/github.com/%{repo}/libnetwork
+ln -s $(pwd)/* src/github.com/%{repo}/libnetwork
+export GOPATH=$(pwd)
+go build -ldflags="-linkmode=external" -o %{repo}-proxy github.com/%{repo}/libnetwork/cmd/proxy
+popd
+
 mkdir _build
 
 %global version_tag %{name}-%{version}-%{release}.%{_arch}
-%{__sed} -r -i 's/^([\t ]*PkgVersion:[\t ]*)"<unknown>",$/\1"%{version_tag}",/' daemon/info.go
-%{__sed} -r -i 's/^([\t ]*PkgVersion:[\t ]*)"<unknown>",$/\1"%{version_tag}",/' api/client/system/version.go
+#%%{__sed} -r -i 's/^([\t ]*PkgVersion:[\t ]*)"<unknown>",$/\1"%{version_tag}",/' daemon/info.go
+#%%{__sed} -r -i 's/^([\t ]*PkgVersion:[\t ]*)"<unknown>",$/\1"%{version_tag}",/' api/client/system/version.go
 
 pushd _build
   mkdir -p src/%{provider}.%{provider_tld}/{%{name},projectatomic}
@@ -351,6 +379,12 @@ pushd containerd-%{commit_containerd}
 make
 popd
 
+# build docker-init
+pushd tini-%{commit_tini}
+cmake -DMINIMAL=ON .
+make tini-static
+popd
+
 %install
 # install binary
 install -d %{buildroot}%{_bindir}
@@ -370,11 +404,18 @@ for x in bundles/latest; do
     continue
     fi
     rm $x/dynbinary-daemon/*.{md5,sha256}
-    install -p -m 755 $x/dynbinary-daemon/%{repo}-proxy-* %{buildroot}%{_libexecdir}/%{repo}/%{repo}-proxy-current
     install -p -m 755 $x/dynbinary-daemon/%{repo}d-* %{buildroot}%{_bindir}/%{repo}d-current
     break
 done
 
+# install daemon.json and seccomp.json
+install -dp %{buildroot}%{_sysconfdir}/%{name}
+install -p -m 644 %{SOURCE32} %{buildroot}%{_sysconfdir}/%{name}
+
+#install docker-proxy
+install -d %{buildroot}%{_libexecdir}/%{repo}
+install -p -m 755 libnetwork-%{commit_libnetwork}/%{repo}-proxy %{buildroot}%{_libexecdir}/%{repo}/%{repo}-proxy-current
+
 install -dp %{buildroot}%{_sysconfdir}/%{name}
 install -p -m 644 %{SOURCE27} %{buildroot}%{_sysconfdir}/%{name}
 
@@ -502,6 +543,10 @@ install -p -m 755 containerd-%{commit_containerd}/bin/ctr %{buildroot}%{_bindir}
 install -d -p %{buildroot}%{_usr}/lib/sysctl.d
 install -p -m 644 %{SOURCE29} %{buildroot}%{_usr}/lib/sysctl.d
 
+#install tini
+install -d %{buildroot}%{_libexecdir}/%{repo}
+install -p -m 755 tini-%{commit_tini}/tini-static %{buildroot}%{_libexecdir}/%{repo}/%{repo}-init-current
+
 %check
 [ ! -w /run/%{name}.sock ] || {
     mkdir test_dir
@@ -556,6 +601,24 @@ exit 0
 %postun rhel-push-plugin
 %systemd_postun_with_restart rhel-push-plugin.service
 
+%posttrans
+# Install a default docker-storage-setup based on kernel version.
+if [ ! -e %{_sysconfdir}/sysconfig/%{name}-storage-setup ]; then
+    # Import /etc/os-release
+    . %{_sysconfdir}/os-release || :
+
+    case "$VERSION_ID" in
+        7.0 | 7.1 | 7.2 | 7.3 | 7.4)
+           echo "STORAGE_DRIVER=devicemapper" >> %{_sysconfdir}/sysconfig/%{name}-storage-setup || :
+           echo "CONTAINER_THINPOOL=docker-pool" >> %{_sysconfdir}/sysconfig/%{name}-storage-setup || :
+        ;;
+    *)
+        # 7.5 onwards, switch to overlay2 by default.
+        echo "STORAGE_DRIVER=overlay2" >> %{_sysconfdir}/sysconfig/%{name}-storage-setup || :
+    ;;
+    esac
+fi
+
 #define license tag if not already defined
 %{!?_licensedir:%global license %doc}
 
@@ -564,8 +627,11 @@ exit 0
 %doc AUTHORS CHANGELOG.md CONTRIBUTING.md MAINTAINERS NOTICE README*.md
 %config(noreplace) %attr(644, root, root) %{_sysconfdir}/sysconfig/%{name}-storage
 %config(noreplace) %{_sysconfdir}/sysconfig/%{name}-network
-%config(noreplace) %{_sysconfdir}/sysconfig/%{name}-storage-setup
+# Use ghost to not package default file installed by "make install-docker".
+# Instead we will install a default based on kernel version in %posttrans.
+%ghost %{_sysconfdir}/sysconfig/%{name}-storage-setup
 %config(noreplace) %{_sysconfdir}/%{name}/daemon.json
+%config(noreplace) %{_sysconfdir}/%{name}/seccomp.json
 %dir %{_sysconfdir}/%{name}
 %{_bindir}/%{name}d-current
 %{_bindir}/%{name}-storage-setup
@@ -591,10 +657,10 @@ exit 0
 %{_datadir}/vim/vimfiles/syntax/%{name}file.vim
 %dir %{_datadir}/zsh/site-functions
 %{_datadir}/zsh/site-functions/_%{name}
-# 1.12 specific
 %dir %{_libexecdir}/%{repo}
 %{_libexecdir}/%{repo}/%{repo}-runc-current
 %{_libexecdir}/%{repo}/%{repo}-proxy-current
+%{_libexecdir}/%{repo}/%{repo}-init-current
 %{_unitdir}/%{name}-cleanup.service
 %{_unitdir}/%{name}-cleanup.timer
 #%%{_unitdir}/%%{repo}-containerd.service
@@ -650,6 +716,71 @@ exit 0
 %{_bindir}/%{name}-v1.10-migrator-*
 
 %changelog
+* Tue Feb 20 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-53.git774336d
+- Resolves: #1540540
+- built docker @projectatomic/docker-1.13.1-rhel commit 774336d
+- built docker-novolume-plugin commit 385ec70
+- built rhel-push-plugin commit af9107b
+- built docker-lvm-plugin commit 8647404
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit e9c345b
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 296f1f8
+- built docker-init commit 5b117de
+- built libnetwork commit 14db3c4
+
+* Mon Feb 12 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-52.gitce62987
+- Resolves: #1534827, #1543575
+- built docker @projectatomic/docker-1.13.1-rhel commit ce62987
+- built docker-novolume-plugin commit 385ec70
+- built rhel-push-plugin commit af9107b
+- built docker-lvm-plugin commit 8647404
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit e9c345b
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 296f1f8
+- built docker-init commit 0effd37
+- built libnetwork commit 1ba8194
+
+* Mon Feb 05 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-48.gitec9911e
+- Resolves: #1536726 - bump skopeo-containers dependency
+
+* Mon Feb 05 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-47.gitec9911e
+- oci-register-machine >= 1:0-5.13 (RE: #1542112)
+
+* Mon Feb 05 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-46.gitec9911e
+- Resolves: #1542112 - depend on oci-register-machine (disabled in config file)
+- revert removal of oci-register-machine done in 2:1.13.1-1
+
+* Thu Feb 01 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-45.gitec9911e
+- c-s-s >= 0.7.0-1
+
+* Thu Feb 01 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-44.gitec9911e
+- built docker @projectatomic/docker-1.13.1-rhel commit ec9911e
+- built docker-novolume-plugin commit 385ec70
+- built rhel-push-plugin commit af9107b
+- built docker-lvm-plugin commit 8647404
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit 518736e
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 296f1f8
+- built docker-init commit 0effd37
+- built libnetwork commit 20dd462
+
+* Tue Jan 30 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-43.gitec9911e
+- built docker @projectatomic/docker-1.13.1-rhel commit ec9911e
+- built docker-novolume-plugin commit 385ec70
+- built rhel-push-plugin commit af9107b
+- built docker-lvm-plugin commit 8647404
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit 518736e
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 296f1f8
+- built docker-init commit 0effd37
+- built libnetwork commit 20dd462
+
+* Wed Jan 24 2018 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-1.gitddee18e
+- built docker @projectatomic/docker-1.13.1-rhel commit ddee18e
+- built docker-novolume-plugin commit 385ec70
+- built rhel-push-plugin commit af9107b
+- built docker-lvm-plugin commit 8647404
+- built docker-runc @projectatomic/docker-1.13.1-rhel commit 518736e
+- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 296f1f8
+- built docker-init commit 0effd37
+- built libnetwork commit 5ab4ab8
+
 * Wed Dec 13 2017 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:1.12.6-71.git3e8e77d
 - rebased to 3e8e77dcb88db0530c839b249bea7d75f9cd01d7
 - https://bugzilla.redhat.com/show_bug.cgi?id=1518519