* Thu Jun 14 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.2-25
    - Merge pull request #60 from vmojzis/rawhide
    - Allow tangd_t domain stream connect to sssd
    - Allow oddjob_t domain to chat with systemd via dbus
    - Allow freeipmi domains to mmap sysfs files
    - Fix typo in logwatch interface file
    - Allow spamd_t to manage logwatch_cache_t files/dirs
    - Allow dnsmasw_t domain to create own tmp files and manage mnt files
    - Allow fail2ban_client_t to inherit rlimit information from parent process
    - Allow nscd_t to read kernel sysctls
    - Label /var/log/conman.d as conman_log_t
    - Add dac_override capability to tor_t domain
    - Allow certmonger_t to readwrite to user_tmp_t dirs
    - Allow abrt_upload_watch_t domain to read general certs
    - Allow chornyd_t read phc2sys_t shared memory
    - Add several allow rules for pesign policy:
    - Add setgid and setuid capabilities to mysqlfd_safe_t domain
    - Add tomcat_can_network_connect_db boolean
    - Update virt_use_sanlock() boolean to read sanlock state
    - Add sanlock_read_state() interface
    - Allow zoneminder_t to getattr of fs_t
    - Allow rhsmcertd_t domain to send signull to postgresql_t domain
    - Add log file type to collectd and allow corresponding access
    - Allow policykit_t domain to dbus chat with dhcpc_t
    - Allow traceroute_t domain to exec bin_t binaries
    - Allow systemd_passwd_agent_t domain to list sysfs Allow systemd_passwd_agent_t domain to dac_override
    - Add new interface dev_map_sysfs()
    - Allow sshd_keygen_t to execute plymouthd
    - Allow systemd_networkd_t create and relabel tun sockets
    - Add new interface postgresql_signull()