From 5d02df2737f9f5faa3468984865e80ca13a7541f Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Jul 28 2021 05:20:39 +0000
Subject: import container-selinux-2.164.1-1.module+el8.5.0+11957+18363336


---

diff --git a/.container-selinux.metadata b/.container-selinux.metadata
index 04580f6..b3d51cd 100644
--- a/.container-selinux.metadata
+++ b/.container-selinux.metadata
@@ -1 +1 @@
-bb18101c1ab06b47a88b51df2fd87dcfa3d51412 SOURCES/v2.158.0.tar.gz
+4e780a028c19e415ec9bb5543e808273d9468b66 SOURCES/v2.164.1.tar.gz
diff --git a/.gitignore b/.gitignore
index ba31b2b..7b0d03f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/v2.158.0.tar.gz
+SOURCES/v2.164.1.tar.gz
diff --git a/SOURCES/container-selinux-1957904.patch b/SOURCES/container-selinux-1957904.patch
new file mode 100644
index 0000000..9efeeea
--- /dev/null
+++ b/SOURCES/container-selinux-1957904.patch
@@ -0,0 +1,12 @@
+diff -up container-selinux-2.163.0/container.te.orig container-selinux-2.163.0/container.te
+--- container-selinux-2.163.0/container.te.orig	2021-06-16 16:14:04.107700701 +0200
++++ container-selinux-2.163.0/container.te	2021-06-16 16:14:29.756010679 +0200
+@@ -454,7 +454,7 @@ modutils_domtrans_kmod(container_runtime
+ systemd_status_all_unit_files(container_runtime_domain)
+ systemd_start_systemd_services(container_runtime_domain)
+ systemd_dbus_chat_logind(container_runtime_domain)
+-systemd_chat_resolved(container_runtime_domain)
++#systemd_chat_resolved(container_runtime_domain)
+ 
+ userdom_stream_connect(container_runtime_domain)
+ userdom_search_user_home_content(container_runtime_domain)
diff --git a/SOURCES/rhel-fix.patch b/SOURCES/rhel-fix.patch
new file mode 100644
index 0000000..90293df
--- /dev/null
+++ b/SOURCES/rhel-fix.patch
@@ -0,0 +1,12 @@
+diff -up container-selinux-2.161.1/container.te.orig container-selinux-2.161.1/container.te
+--- container-selinux-2.161.1/container.te.orig	2021-05-06 14:55:57.952216763 +0200
++++ container-selinux-2.161.1/container.te	2021-05-06 14:56:02.027287991 +0200
+@@ -114,7 +114,7 @@ mls_trusted_object(container_runtime_t)
+ #
+ allow container_runtime_domain self:capability { chown kill fowner fsetid mknod net_admin net_bind_service net_raw setfcap sys_resource };
+ allow container_runtime_domain self:tun_socket { create_socket_perms relabelto };
+-allow container_runtime_domain self:lockdown { confidentiality integrity };
++#allow container_runtime_domain self:lockdown { confidentiality integrity };
+ allow container_runtime_domain self:process ~setcurrent;
+ allow container_runtime_domain self:passwd rootok;
+ allow container_runtime_domain self:fd use;
diff --git a/SPECS/container-selinux.spec b/SPECS/container-selinux.spec
index 0c541aa..f91be46 100644
--- a/SPECS/container-selinux.spec
+++ b/SPECS/container-selinux.spec
@@ -19,12 +19,14 @@
 
 Epoch: 2
 Name: container-selinux
-Version: 2.158.0
+Version: 2.164.1
 Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
 Summary: SELinux policies for container runtimes
 Source0: %{git0}/archive/v%{version}.tar.gz
+Patch0: rhel-fix.patch
+Patch1: container-selinux-1957904.patch
 BuildArch: noarch
 BuildRequires: git
 BuildRequires: pkgconfig(systemd)
@@ -106,6 +108,55 @@ fi
 %{_datadir}/containers/selinux/contexts
 
 %changelog
+* Wed Jul 21 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.164.1-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.164.1
+- Related: #1934415
+
+* Thu Jun 17 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.163.0-2
+- fix the build of 2.163.0
+- Resolves: #1957904
+
+* Tue Jun 15 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.163.0-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.163.0
+- Related: #1934415
+
+* Tue May 25 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.162.2-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.162.2
+- Related: #1934415
+
+* Wed May 19 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.162.1-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.162.1
+- Related: #1934415
+
+* Tue May 11 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.162.0-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.162.0
+- Related: #1934415
+
+* Thu May 06 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.161.1-2
+- do not use lockdown class yet - it is not available in RHEL
+- Related: #1934415
+
+* Thu May 06 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.161.1-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.161.1
+- Related: #1934415
+
+* Wed Apr 28 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.160.2-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.160.2
+- Related: #1934415
+
+* Mon Apr 26 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.160.1-1
+- update to
+  https://github.com/containers/container-selinux/releases/tag/v2.160.1
+- Related: #1934415
+
+* Wed Mar 31 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.160.0-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.160.0
+- Related: #1934415
+
+* Tue Mar 23 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.159.0-1
+- update to https://github.com/containers/container-selinux/releases/tag/v2.159.0
+- Related: #1934415
+
 * Fri Feb 12 2021 Jindrich Novy <jnovy@redhat.com> - 2:2.158.0-1
 - update to https://github.com/containers/container-selinux/releases/tag/v2.158.0
 - Related: #1883490