From 94dc62a36dff5cbc49ae9c65db405cf812b68a79 Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Wed, 31 Jan 2018 13:53:41 +0100
Subject: [PATCH] Bump SELinux policy for DNSSEC

selinux-policy-3.13.1-283.24 fixes an AVC with OpenDNSSEC ods-signer.

See: https://bugzilla.redhat.com/show_bug.cgi?id=1537971
See: https://pagure.io/freeipa/issue/7378
Signed-off-by: Christian Heimes <cheimes@redhat.com>
---
 freeipa.spec.in | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/freeipa.spec.in b/freeipa.spec.in
index 9f57059460..b4c107619e 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -57,7 +57,8 @@
 %global python_netaddr_version 0.7.16
 # Require 4.7.0 which brings Python 3 bindings
 %global samba_version 2:4.7.0
-%global selinux_policy_version 3.13.1-158.4
+# DNSSEC AVC violation, RHBZ#1537971
+%global selinux_policy_version 3.13.1-283.24
 %global slapi_nis_version 0.56.1
 
 # Use python3-pyldap to be compatible with old python3-pyldap 2.x and new