* Thu Jan 29 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-105.1
    - Add unconfined_setsched() interface
    - Add ipsec_rw_inherited_pipes() interface.
    - Update seutil_manage_config() interface.
    - journald now reads the netlink audit socket
    - Update ipsec_manage_pid() interface.
    - Allow netutils chown capability to make tcpdump working with -w
    - Label /ostree/deploy/rhel-atomic-host/deploy directory as
      system_conf_t.
    - Allow ipsec to execute _updown.netkey script to run unbound-control.
    - Add auditing support for ipsec.
    - Allow nut_upsmon_t to read random_device_t. BZ(1186072)
    - Allow fowner capability for sssd because of selinux_child handling.
    - ALlow bind to read/write inherited ipsec pipes
    - Allow hypervkvp to read /dev/urandom and read  addition
    states/config files.
    - Allow cluster domain to dbus chat with systemd-logind.
    - Allow gluster rpm scripletto create glusterd socket with correct
    labeling. This is a workaround until we get fix in glusterd
    - Add glusterd_filetrans_named_pid() interface.
    - Allow radiusd to connect to radsec ports.
    - Allow setuid/setgid for selinux_child.
    - Allow pingd to read /dev/urandom. BZ(1181831)
    - Allow lsmd plugin to connect to tcp/5989 by default.
    - pkcsslotd_lock_t should be an alias for pkcs_slotd_lock_t.
    - Allow docker_t to changes it rlimit
    - Allow docker to setsched on unconfined_t user
    - Dontaudit couchdb search in gconf_home_t. BZ(1177717)
    - Call correct macro in virt_read_content().
    - Allow neutron to read rpm DB.
    - Add labeling for pacemaker.log.
    - Allow radius to connect/bind radsec ports.
    - Allow pm-suspend running as virt_qemu_ga to read
    /var/log/pm-suspend.log.
    - Add devicekit_read_log_files()
    - Allow  virt_qemu_ga to dbus chat with rpm.
    - Update virt_read_content() interface to allow read also char
    devices.