From d0df13240222315ac58b920a372540fbb7ce734d Mon Sep 17 00:00:00 2001
From: Jon Cope <jcope@redhat.com>
Date: Mon, 24 Apr 2023 10:39:54 -0500
Subject: [PATCH 1/3] set max container-selinux version

---
 packaging/rpm/microshift.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packaging/rpm/microshift.spec b/packaging/rpm/microshift.spec
index 7f7756533b..02eec43879 100644
--- a/packaging/rpm/microshift.spec
+++ b/packaging/rpm/microshift.spec
@@ -79,7 +79,7 @@ MicroShift and can be used to embed those images into osbuilder blueprints.
 Summary: SELinux policies for MicroShift
 BuildRequires: selinux-policy >= %{selinux_policyver}
 BuildRequires: selinux-policy-devel >= %{selinux_policyver}
-Requires: container-selinux >= %{container_policy_epoch}:%{container_policyver}
+Requires: container-selinux <= %{container_policy_epoch}:%{container_policyver}
 BuildArch: noarch
 Requires: selinux-policy >= %{selinux_policyver}
 

From e07b5f666498e123e4b933e5a5eb05f188514388 Mon Sep 17 00:00:00 2001
From: Jon Cope <jcope@redhat.com>
Date: Mon, 24 Apr 2023 12:52:20 -0500
Subject: [PATCH 2/3] epoc 3 is the only available epoch on rhel 9.1

Signed-off-by: Jon Cope <jcope@redhat.com>
---
 packaging/rpm/microshift.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packaging/rpm/microshift.spec b/packaging/rpm/microshift.spec
index 02eec43879..8011e224d0 100644
--- a/packaging/rpm/microshift.spec
+++ b/packaging/rpm/microshift.spec
@@ -19,7 +19,7 @@
 %global selinuxtype targeted
 %define selinux_policyver 3.14.3-67
 %define container_policyver 2.167.0-1
-%define container_policy_epoch 2
+%define container_policy_epoch 3
 %define microshift_relabel_files() \
    mkdir -p /var/hpvolumes; \
    mkdir -p /var/run/kubelet; \

From 6fefb34558078ed31073a61cd13f6c5958e92f11 Mon Sep 17 00:00:00 2001
From: Jon Cope <jcope@redhat.com>
Date: Mon, 24 Apr 2023 13:11:11 -0500
Subject: [PATCH 3/3] excluded from 2.189.0 and up

Signed-off-by: Jon Cope <jcope@redhat.com>
---
 packaging/rpm/microshift.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packaging/rpm/microshift.spec b/packaging/rpm/microshift.spec
index 8011e224d0..bbfaef1884 100644
--- a/packaging/rpm/microshift.spec
+++ b/packaging/rpm/microshift.spec
@@ -18,7 +18,7 @@
 # SELinux specifics
 %global selinuxtype targeted
 %define selinux_policyver 3.14.3-67
-%define container_policyver 2.167.0-1
+%define container_policyver 2.189.0
 %define container_policy_epoch 3
 %define microshift_relabel_files() \
    mkdir -p /var/hpvolumes; \
@@ -79,7 +79,7 @@ MicroShift and can be used to embed those images into osbuilder blueprints.
 Summary: SELinux policies for MicroShift
 BuildRequires: selinux-policy >= %{selinux_policyver}
 BuildRequires: selinux-policy-devel >= %{selinux_policyver}
-Requires: container-selinux <= %{container_policy_epoch}:%{container_policyver}
+Requires: container-selinux < %{container_policy_epoch}:%{container_policyver}
 BuildArch: noarch
 Requires: selinux-policy >= %{selinux_policyver}