diff --git a/.container-selinux.metadata b/.container-selinux.metadata
index 1604f83..9cb12a0 100644
--- a/.container-selinux.metadata
+++ b/.container-selinux.metadata
@@ -1 +1 @@
-1ce330e5a0753c231717cea9a619faecef0bc338 SOURCES/container-selinux-661a904.tar.gz
+b1b7c2f65716bc8e5a7911494ea19c0792cc13ad SOURCES/container-selinux-f958d0c.tar.gz
diff --git a/.gitignore b/.gitignore
index f7111f0..44da998 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/container-selinux-661a904.tar.gz
+SOURCES/container-selinux-f958d0c.tar.gz
diff --git a/SPECS/container-selinux.spec b/SPECS/container-selinux.spec
index 7338256..48355f0 100644
--- a/SPECS/container-selinux.spec
+++ b/SPECS/container-selinux.spec
@@ -2,7 +2,7 @@
 
 # container-selinux
 %global git0 https://github.com/containers/container-selinux
-%global commit0 661a9045800eb200bfbf8d6dd345b941ed0897f8
+%global commit0 f958d0cee4099f79890247ec64b57502b3acdb9f
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # container-selinux stuff (prefix with ds_ for version/release etc.)
@@ -16,16 +16,13 @@
 # Format must contain '$x' somewhere to do anything useful
 %global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
 
-# Relabel files
-%global relabel_files() %{_sbindir}/restorecon -R %{_bindir}/*podman* %{_bindir}/*runc* %{_bindir}/*crio %{_bindir}/docker* %{_localstatedir}/run/containerd.sock %{_localstatedir}/run/docker.sock %{_localstatedir}/run/docker.pid %{_sysconfdir}/docker %{_sysconfdir}/crio %{_localstatedir}/log/docker %{_localstatedir}/log/lxc %{_localstatedir}/lock/lxc %{_unitdir}/docker.service %{_unitdir}/docker-containerd.service %{_unitdir}/docker-latest.service %{_unitdir}/docker-latest-containerd.service %{_sysconfdir}/docker %{_libexecdir}/docker* &> /dev/null || :
-
 # Version of SELinux we were using
 %global selinux_policyver 3.14.3-9.el8
 
 Epoch: 2
 Name: container-selinux
-Version: 2.123.0
-Release: 2%{?dist}
+Version: 2.124.0
+Release: 1%{?dist}
 License: GPLv2
 URL: %{git0}
 Summary: SELinux policies for container runtimes
@@ -74,6 +71,9 @@ rm -rf %{name}.spec
 
 %check
 
+%pre
+%selinux_relabel_pre -s %{selinuxtype}
+
 %post
 # Install all modules in a single transaction
 if [ $1 -eq 1 ]; then
@@ -83,32 +83,19 @@ fi
 %{_sbindir}/semodule -n -s %{selinuxtype} -r container 2> /dev/null
 %{_sbindir}/semodule -n -s %{selinuxtype} -d docker 2> /dev/null
 %{_sbindir}/semodule -n -s %{selinuxtype} -d gear 2> /dev/null
-%{_sbindir}/semodule -n -X 200 -s %{selinuxtype} -i $MODULES > /dev/null
-if [ $? -ne 0 ]; then
-   echo "Error loading SELinux module." >&2
-   return 1
-fi
-if %{_sbindir}/selinuxenabled ; then
-    %{_sbindir}/load_policy
-    %relabel_files
-    if [ $1 -eq 1 ]; then
-      restorecon -R %{_sharedstatedir}/docker &> /dev/null || :
-      restorecon -R %{_sharedstatedir}/containers &> /dev/null || :
-    fi
-fi
+%selinux_modules_install -s %{selinuxtype} $MODULES
 . %{_sysconfdir}/selinux/config
 sed -e "\|container_file_t|h; \${x;s|container_file_t||;{g;t};a\\" -e "container_file_t" -e "}" -i /etc/selinux/${SELINUXTYPE}/contexts/customizable_types
 matchpathcon -qV %{_sharedstatedir}/containers || restorecon -R %{_sharedstatedir}/containers &> /dev/null || :
 
 %postun
 if [ $1 -eq 0 ]; then
-%{_sbindir}/semodule -n -r %{modulenames} docker &> /dev/null || :
-if %{_sbindir}/selinuxenabled ; then
-%{_sbindir}/load_policy
-%relabel_files
-fi
+%selinux_modules_uninstall -s %{selinuxtype} %{modulenames} docker
 fi
 
+%posttrans
+%selinux_relabel_post -s %{selinuxtype}
+
 #define license tag if not already defined
 %{!?_licensedir:%global license %doc}
 
@@ -117,21 +104,41 @@ fi
 %{_datadir}/selinux/*
 
 %changelog
+* Wed Dec 11 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.124.0-1
+- update to 2.124.0
+- Related: RHELPLAN-25138
+
+* Fri Dec 06 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.123.0-2
+- implement spec file refactoring by Zdenek Pytela, namely:
+  Change the uninstall command in the %postun section of the specfile
+  to use the %selinux_modules_uninstall macro which uses priority 200.
+  Change the install command in the %post section if the specfile
+  to use the %selinux_modules_install macro.
+  Replace relabel commands with using the %selinux_relabel_pre and
+  %selinux_relabel_post macros.
+  Change formatting so that the lines are vertically aligned
+  in the %postun section.
+  (https://github.com/containers/container-selinux/pull/85)
+- Related: RHELPLAN-25138
+
 * Tue Nov 26 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.123.0-1
 - update to 2.123.0
-- Related: #1774382
+- Related: RHELPLAN-25138
 
 * Mon Nov 25 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.122.0-1
 - update to 2.122.0
-- Resolves: #1774382
 
 * Thu Nov 21 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.119.0-3.gita233788
-- update to 2.119.0 master branch
-- Resolves: #1764318
+- update to master container-selinux - bug 1769469
+
+* Tue Nov 19 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.119.0-2
+- fix post scriptlet - fail if semodule fails - bug 1729272
+
+* Fri Nov 08 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.119.0-1
+- update to 2.119.0
 
 * Thu Oct 17 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.116-1
-- update to 2.116
-  Resolves: #1764318
+- update to 2.116, bug 1748519
 
 * Tue Aug 13 2019 Jindrich Novy <jnovy@redhat.com> - 2:2.107-2
 - Use at least selinux policy 3.14.3-9.el8,