From c6beb7e907799e8fd38f2dd49062ae6da06c93a2 Mon Sep 17 00:00:00 2001
From: Miroslav Grepl <mgrepl@redhat.com>
Date: Nov 02 2012 08:26:09 +0000
Subject: * Fri Nov 1 2012 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-95

- Add support for OpenShift sbin labeling

---

diff --git a/policy-F16.patch b/policy-F16.patch
index 054953e..dcb3be5 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -49994,7 +49994,7 @@ index 0000000..a437f80
 +files_read_config_files(openshift_domain)
 diff --git a/policy/modules/services/openshift.fc b/policy/modules/services/openshift.fc
 new file mode 100644
-index 0000000..fbadaba
+index 0000000..c9a5f74
 --- /dev/null
 +++ b/policy/modules/services/openshift.fc
 @@ -0,0 +1,24 @@
@@ -50013,12 +50013,12 @@ index 0000000..fbadaba
 +
 +/var/log/mcollective\.log        --    gen_context(system_u:object_r:openshift_log_t,s0)
 +
-+/usr/bin/(oo|rhc)-cgroup-read        --    gen_context(system_u:object_r:openshift_cgroup_read_exec_t,s0)
++/usr/s?bin/(oo|rhc)-cgroup-read        --    gen_context(system_u:object_r:openshift_cgroup_read_exec_t,s0)
 +
-+/usr/bin/(oo|rhc)-restorer           --    gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
-+/usr/bin/(oo|rhc)-restorer-wrapper.sh    --  gen_context(unconfined_u:object_r:httpd_openshift_script_exec_t,s0)
-+/usr/bin/oo-admin-ctl-gears	--	gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
-+/usr/sbin/mcollectived			--		gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
++/usr/s?bin/(oo|rhc)-restorer           --    gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
++/usr/s?bin/(oo|rhc)-restorer-wrapper.sh    --  gen_context(unconfined_u:object_r:httpd_openshift_script_exec_t,s0)
++/usr/s?bin/oo-admin-ctl-gears	--	gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
++/usr/s?bin/mcollectived			--		gen_context(system_u:object_r:openshift_initrc_exec_t,s0)
 +
 +/var/run/stickshift(/.*)?		    	gen_context(system_u:object_r:openshift_var_run_t,s0)
 +/var/run/openshift(/.*)?               gen_context(system_u:object_r:openshift_var_run_t,s0)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 2c8b14a..9605a00 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.10.0
-Release: 94%{?dist}
+Release: 95%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -466,6 +466,9 @@ SELinux Reference policy mls base module.
 %endif
 
 %changelog
+* Fri Nov 1 2012 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-95
+- Add support for OpenShift sbin labeling
+
 * Wed Oct 31 2012 Miroslav Grepl <mgrepl@redhat.com> 3.10.0-94
 - Add httpd_verify_dns boolean
 - Add label for log directory under /var/www/stickshift