* Thu Sep 29 2022 Zdenek Pytela <zpytela@redhat.com> - 36.16-1
- Allow init map its private tmp files
- Allow xenstored change its hard resource limits
- Allow init remount all file_type filesystems
- Add bgpd sys_chroot capability
- Allow samba-dcerpcd work with sssd
- Allow smbd_t process noatsecure permission for winbind_rpcd_t
- Allow samba-bgqd to read a printer list
- Allow winbind-rpcd write to winbind pid files
- Allow samba-bgqd get a printer list
- added policy for systemd-socket-proxyd
- nut-upsd: kernel_read_system_state, fs_getattr_cgroup
- Add numad the ipc_owner capability
- Allow gst-plugin-scanner read virtual memory sysctls
- Allow init read/write inherited user fifo files
- Add the new 'cmd' permission to the 'io_uring' class
- Allow winbind-rpcd read and write its key ring
- Label /run/NetworkManager/no-stub-resolv.conf net_conf_t
- Do not run restorecon /etc/NetworkManager/dispatcher.d in mls and minimum
- Run restorecon for nm-dispatcher directory only if it exists