From 448d753fe4c2608ff9f2cd02d5d35c7e553f5adf Mon Sep 17 00:00:00 2001
From: Jon Cope <jcope@redhat.com>
Date: Mon, 24 Apr 2023 10:39:54 -0500
Subject: [PATCH 1/3] set max container-selinux version

---
 packaging/rpm/microshift.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packaging/rpm/microshift.spec b/packaging/rpm/microshift.spec
index 7f7756533b..02eec43879 100644
--- a/packaging/rpm/microshift.spec
+++ b/packaging/rpm/microshift.spec
@@ -79,7 +79,7 @@ MicroShift and can be used to embed those images into osbuilder blueprints.
 Summary: SELinux policies for MicroShift
 BuildRequires: selinux-policy >= %{selinux_policyver}
 BuildRequires: selinux-policy-devel >= %{selinux_policyver}
-Requires: container-selinux >= %{container_policy_epoch}:%{container_policyver}
+Requires: container-selinux <= %{container_policy_epoch}:%{container_policyver}
 BuildArch: noarch
 Requires: selinux-policy >= %{selinux_policyver}
 

From 9bfcf5fe22cab6babc9e3f273f514fb719079937 Mon Sep 17 00:00:00 2001
From: Jon Cope <jcope@redhat.com>
Date: Mon, 24 Apr 2023 12:52:20 -0500
Subject: [PATCH 2/3] epoc 3 is the only available epoch on rhel 9.1

Signed-off-by: Jon Cope <jcope@redhat.com>
---
 packaging/rpm/microshift.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packaging/rpm/microshift.spec b/packaging/rpm/microshift.spec
index 02eec43879..8011e224d0 100644
--- a/packaging/rpm/microshift.spec
+++ b/packaging/rpm/microshift.spec
@@ -19,7 +19,7 @@
 %global selinuxtype targeted
 %define selinux_policyver 3.14.3-67
 %define container_policyver 2.167.0-1
-%define container_policy_epoch 2
+%define container_policy_epoch 3
 %define microshift_relabel_files() \
    mkdir -p /var/hpvolumes; \
    mkdir -p /var/run/kubelet; \

From 5d5453e4bd9aa914727cc33ad75ba2ee2ee55754 Mon Sep 17 00:00:00 2001
From: Jon Cope <jcope@redhat.com>
Date: Mon, 24 Apr 2023 13:11:11 -0500
Subject: [PATCH 3/3] excluded from 2.189.0 and up

Signed-off-by: Jon Cope <jcope@redhat.com>
---
 packaging/rpm/microshift.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packaging/rpm/microshift.spec b/packaging/rpm/microshift.spec
index 8011e224d0..bbfaef1884 100644
--- a/packaging/rpm/microshift.spec
+++ b/packaging/rpm/microshift.spec
@@ -18,7 +18,7 @@
 # SELinux specifics
 %global selinuxtype targeted
 %define selinux_policyver 3.14.3-67
-%define container_policyver 2.167.0-1
+%define container_policyver 2.189.0
 %define container_policy_epoch 3
 %define microshift_relabel_files() \
    mkdir -p /var/hpvolumes; \
@@ -79,7 +79,7 @@ MicroShift and can be used to embed those images into osbuilder blueprints.
 Summary: SELinux policies for MicroShift
 BuildRequires: selinux-policy >= %{selinux_policyver}
 BuildRequires: selinux-policy-devel >= %{selinux_policyver}
-Requires: container-selinux <= %{container_policy_epoch}:%{container_policyver}
+Requires: container-selinux < %{container_policy_epoch}:%{container_policyver}
 BuildArch: noarch
 Requires: selinux-policy >= %{selinux_policyver}