From c8e82ceefaf121a832c5de5f67347a9b8185b52e Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Jan 17 2017 22:10:15 +0000
Subject: Fix labeling on /usr/bin/runc.*

Add sandbox_net_domain access to container.te
Remove containers ability to look at /etc content

---

diff --git a/.gitignore b/.gitignore
index d4e0e69..76331ee 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 /container-selinux-513572d.tar.gz
 /container-selinux-bcdcb9a.tar.gz
+/container-selinux-3bbbad5.tar.gz
diff --git a/container-selinux.spec b/container-selinux.spec
index d1bbe28..2182e07 100644
--- a/container-selinux.spec
+++ b/container-selinux.spec
@@ -3,7 +3,7 @@
 # container-selinux
 %global git0 https://github.com/projectatomic/container-selinux
 %if 0%{?fedora}
-%global commit0 bcdcb9a0aa3476e9f17fd383cf61a91921d7782c
+%global commit0 3bbbad57f5827b02f91f847eb559a59cca7967af
 %else
 # use upstream's RHEL-1.12 branch for CentOS 7
 %global commit0 56c32da8a72f9e7af5daeaebac5b887830d123b1
@@ -118,6 +118,11 @@ fi
 %{_datadir}/selinux/*
 
 %changelog
+* Tue Jan 17 2017 Dan Walsh <dwalsh@fedoraproject.org> - 2:3.1-1
+- Fix labeling on /usr/bin/runc.*
+- Add sandbox_net_domain access to container.te
+- Remove containers ability to look at /etc content
+
 * Wed Jan 11 2017 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:2.2-4
 - use upstream's RHEL-1.12 branch, commit 56c32da for CentOS 7
 
diff --git a/sources b/sources
index dcdaf9e..93826a8 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
 SHA512 (container-selinux-bcdcb9a.tar.gz) = 382ed177ac878e56a7a4819b30362f0f797657ae4b87847e624124d06e4f56463a44c8a4d0ba60ebe02bf53128b43ec5d0ce5a6f9e0d6450594a9cef60531806
+SHA512 (container-selinux-3bbbad5.tar.gz) = d255c5993bff90fb90030d6d0ced11eeed9a620878e24b99fdba7e8c66e130fcc88ac6f839fd84a96863f3d0fb57a41d4d4a59e30eb383ad999a75d22d8533a2