* Tue Aug 12 2014 Lukas Vrabec <lvrabec@redhat.com> 3.12.1-180
    - label /usr/libexec/cockpit-agent as shell_exec_t
    - sysadm_t should be allowed to communicate with networkmanager
    - Allow sysadm_t to create netlink_tcpdiag socket
    - Label also /var/run/glusterd.socket file as gluster_var_run_t
    - Label conmans pid file as conman_var_run_t
    - Allow certmonger to stream connect to dirsrv to make
    ipa-server-install working.
    - Allow sensord to send a signal.
    - Dontaudit attempts to access check cert dirs/files for sssd.
    - Label keystone var run dir (#1123013)
    - Label neutron var run dir (#1123013)
    - Allow bacula manage bacula_log_t dirs
    - Fix typo in bacula.te and add filetrans also for bacula log files.
    - docker needs more access, need back port to RHEL7
    - Allow alsa to create lock file to see if it fixes #1123423.
    - Add new mozilla_plugin_bind_unreserved_ports boolean to allow mozilla
    plugin to use tcp/udp unreserved ports
    - Dontaudit write access on generic cert files. We don't audit also
    access check.
    - Allow nacl_helper_boo running in :chrome_sandbox_t to send SIGCHLD to
    chrome_sandbox_nacl_t.
    - Back port modemmanager for F21.
    - docker does a getattr on all file systems
    - Allow denyhosts to enable synchronization which needs to connect to
    tcp/9911 port.
    - shell_exec_t should not be in cockip.fc
    - Allow smokeping cgi script to send syslog messages (#1122163)
    - Allow cachefilesd_t to send itself signals
    - Allow svirt domains to manage chr files and blk files for mknod
    commands
    - docker needs setfcap