diff --git a/.container-selinux.metadata b/.container-selinux.metadata
index 32c6b7a..aa7e010 100644
--- a/.container-selinux.metadata
+++ b/.container-selinux.metadata
@@ -1 +1 @@
-355f0da45919fcb1faaff58acfc1149bbfc6cb97 SOURCES/container-selinux-b470fa2.tar.gz
+41172fcf997aec4d4742fadde34d2fb2ff4d7ab3 SOURCES/container-selinux-fe41bf1.tar.gz
diff --git a/.gitignore b/.gitignore
index 9b37480..ea2428c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/container-selinux-b470fa2.tar.gz
+SOURCES/container-selinux-fe41bf1.tar.gz
diff --git a/SPECS/container-selinux.spec b/SPECS/container-selinux.spec
index 2c63312..fd9585d 100644
--- a/SPECS/container-selinux.spec
+++ b/SPECS/container-selinux.spec
@@ -2,7 +2,7 @@
 
 # container-selinux
 %global git0 https://github.com/projectatomic/%{name}
-%global commit0 b470fa275ac57bfa2a82e3526291881dfcab6e44
+%global commit0 fe41bf19b0a03c1747f4a5425a83a09b96c46012
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # container-selinux stuff (prefix with ds_ for version/release etc.)
@@ -20,12 +20,12 @@
 %global relabel_files() %{_sbindir}/restorecon -R %{_bindir}/*podman* %{_bindir}/*runc* %{_bindir}/*crio %{_bindir}/docker* %{_localstatedir}/run/containerd.sock %{_localstatedir}/run/docker.sock %{_localstatedir}/run/docker.pid %{_sysconfdir}/docker %{_sysconfdir}/crio %{_localstatedir}/log/docker %{_localstatedir}/log/lxc %{_localstatedir}/lock/lxc %{_unitdir}/docker.service %{_unitdir}/docker-containerd.service %{_unitdir}/docker-latest.service %{_unitdir}/docker-latest-containerd.service %{_sysconfdir}/docker %{_libexecdir}/docker* &> /dev/null || :
 
 # Version of SELinux we were using
-%global selinux_policyver 3.13.1-192
+%global selinux_policyver 3.13.1-216.el7
 
 Name: container-selinux
 Epoch: 2
-Version: 2.68
-Release: 1%{?dist}
+Version: 2.73
+Release: 2%{?dist}
 License: GPLv2
 URL: %{git0}
 Summary: SELinux policies for container runtimes
@@ -94,6 +94,7 @@ if %{_sbindir}/selinuxenabled ; then
 fi
 . %{_sysconfdir}/selinux/config
 sed -e "\|container_file_t|h; \${x;s|container_file_t||;{g;t};a\\" -e "container_file_t" -e "}" -i /etc/selinux/${SELINUXTYPE}/contexts/customizable_types
+matchpathcon -qV %{_sharedstatedir}/containers || restorecon -R %{_sharedstatedir}/containers &> /dev/null || :
 
 %postun
 if [ $1 -eq 0 ]; then
@@ -112,6 +113,20 @@ fi
 %{_datadir}/selinux/*
 
 %changelog
+* Mon Sep 17 2018 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:2.73-2
+- moved changelog entries:
+- Define spc_t as a container_domain, so that container_runtime will transition
+to spc_t even when setup with nosuid.
+- Allow container_runtimes to setattr on callers fifo_files
+- Fix restorecon to not error on missing directory
+
+* Thu Sep 6 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.69-3
+- Make sure we pull in the latest selinux-policy
+
+* Wed Jul 25 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.69-2
+- Add map support to container-selinux for RHEL 7.5
+- Dontudit attempts to write to kernel_sysctl_t
+
 * Mon Jul 16 2018 Dan Walsh <dwalsh@fedoraproject.org> - 2.68-1
 - Add label for /var/lib/origin
 - Add customizable_file_t to customizable_types