diff --git a/container-selinux.spec b/container-selinux.spec
index 2ef86990849150611492393010a1f5ced33148b0..608c3cb3b8cd62d89172e6c7aca928282d0e7afb 100644
--- a/container-selinux.spec
+++ b/container-selinux.spec
@@ -1,38 +1,60 @@
 %define anolis_release 1
 
-%global debug_package   %{nil}
-%global selinux_type targeted
-%global module_names container
-
-%global _format() export %1=""; for x in %{module_names}; do %1+=%2; %1+=" "; done;
-%global selinux_policyver 3.13.1-220
-
-Name:    container-selinux
-Epoch:   2
-Version: 2.210.0
-Release: %{anolis_release}%{dist}
+%global debug_package %{nil}
+
+# container-selinux stuff (prefix with ds_ for version/release etc.)
+# Some bits borrowed from the openstack-selinux package
+%global moduletype services
+%global modulenames container
+
+# Usage: _format var format
+# Expand 'modulenames' into various formats as needed
+# Format must contain '$x' somewhere to do anything useful
+%global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
+
+# copr_build is more intuitive than copr_username
+%if %{defined copr_username}
+%define copr_build 1
+%endif
+
+Name: container-selinux
+# Set different Epochs for copr and koji
+%if %{defined copr_build}
+Epoch: 102
+%else
+Epoch: 3
+%endif
+# Keep Version in upstream specfile at 0. It will be automatically set
+# to the correct value by Packit for copr and koji builds.
+# IGNORE this comment if you're looking at it in dist-git.
+Version: 2.234.2
+Release: %{anolis_release}%{?dist}
+License: GPL-2.0-only
+URL: https://github.com/containers/%{name}
 Summary: SELinux policies for container runtimes
-License: GPLv2
-URL:     https://github.com/containers/container-selinux
-Source0: https://github.com/containers/container-selinux/archive/refs/tags/v%{version}.tar.gz
+Source0: %{url}/archive/v%{version}.tar.gz
 BuildArch: noarch
-
-BuildRequires: make pkgconfig(systemd)
-BuildRequires: selinux-policy >= %selinux_policyver
-BuildRequires: selinux-policy-devel >= %selinux_policyver
-
-Requires: selinux-policy >= %selinux_policyver
-Requires(post): policycoreutils sed selinux-policy-base >= %selinux_policyver
-Requires(post): libselinux-utils selinux-policy-targeted >= %selinux_policyver
-
-Obsoletes: %{name} <= %{?epoch:%{epoch}:}1.12.5-13
-Obsoletes: docker-selinux <= %{?epoch:%{epoch}:}1.12.4-28
+BuildRequires: make
+BuildRequires: git-core
+BuildRequires: pkgconfig(systemd)
+BuildRequires: selinux-policy >= %_selinux_policy_version
+BuildRequires: selinux-policy-devel >= %_selinux_policy_version
+# RE: rhbz#1195804 - ensure min NVR for selinux-policy
+Requires: selinux-policy >= %_selinux_policy_version
+Requires(post): selinux-policy-base >= %_selinux_policy_version
+Requires(post): selinux-policy-any >= %_selinux_policy_version
+Recommends: selinux-policy-targeted >= %_selinux_policy_version
+Requires(post): policycoreutils
+Requires(post): libselinux-utils
+Requires(post): sed
+Obsoletes: %{name} <= 2:1.12.5-13
+Obsoletes: docker-selinux <= 2:1.12.4-28
 Provides: docker-selinux = %{?epoch:%{epoch}:}%{version}-%{release}
 Conflicts: udica < 0.2.6-1
 Conflicts: k3s-selinux <= 0.4-1
 
 %description
-SELinux policy files for Container Runtimes
+SELinux policy modules for use with container runtimes.
 
 %package doc
 Summary:        Documentation files for %{name}
@@ -42,60 +64,58 @@ Requires:       %{name} = %{epoch}:%{version}-%{release}
 The %{name}-doc package contains documentation files for %{name}.
 
 %prep
-%autosetup -n %{name}-%{version} -p1
-sed -i '/user_namespace/d' container.te
+%autosetup -Sgit %{name}-%{version}
+
+sed -i 's/^man: install-policy/man:/' Makefile
+sed -i 's/^install: man/install:/' Makefile
 
 %build
-%make_build
+make
 
 %install
 # install policy modules
 %_format MODULES $x.pp.bz2
-mkdir -p %{buildroot}%{_datadir}/selinux/packages
-install -m 0644 $MODULES %{buildroot}%{_datadir}/selinux/packages
-mkdir -p %{buildroot}%{_datadir}/selinux/devel/include/services
-install -p -m 644 container.if %{buildroot}%{_datadir}/selinux/devel/include/services
-mkdir -p %{buildroot}/%{_datadir}/containers/selinux
-install -m 644 container_contexts %{buildroot}/%{_datadir}/containers/selinux/contexts
-mkdir -p %{buildroot}%{_datadir}/udica/templates
-install -m 0644 udica-templates/*.cil %{buildroot}%{_datadir}/udica/templates
-
-%check
+%{__make} DATADIR=%{buildroot}%{_datadir} SYSCONFDIR=%{buildroot}%{_sysconfdir} install install.udica-templates install.selinux-user
 
 %pre
-%selinux_relabel_pre -s %{selinux_type}
+%selinux_relabel_pre
 
 %post
+# Install all modules in a single transaction
 if [ $1 -eq 1 ]; then
    %{_sbindir}/setsebool -P -N virt_use_nfs=1 virt_sandbox_use_all_caps=1
 fi
 %_format MODULES %{_datadir}/selinux/packages/$x.pp.bz2
-for file in container docker gear; do
-   if [ $file == "container" ]; then
-      %{_sbindir}/semodule -n -s %{selinux_type} -r $file 2> /dev/null
-   else
-      %{_sbindir}/semodule -n -s %{selinux_type} -d $file 2> /dev/null
-   fi
-done
-%selinux_modules_install -s %{selinux_type} $MODULES
 . %{_sysconfdir}/selinux/config
-sed -e "\|container_file_t|h; \${x;s|container_file_t||;{g;t};a\\" -e "container_file_t" -e "}" -i /etc/selinux/%{selinux_type}/contexts/customizable_types 
+%{_sbindir}/semodule -n -s ${SELINUXTYPE} -r container 2> /dev/null
+%{_sbindir}/semodule -n -s ${SELINUXTYPE} -d docker 2> /dev/null
+%{_sbindir}/semodule -n -s ${SELINUXTYPE} -d gear 2> /dev/null
+%selinux_modules_install -s ${SELINUXTYPE} $MODULES
+sed -e "\|container_file_t|h; \${x;s|container_file_t||;{g;t};a\\" -e "container_file_t" -e "}" -i /etc/selinux/${SELINUXTYPE}/contexts/customizable_types
 matchpathcon -qV %{_sharedstatedir}/containers || restorecon -R %{_sharedstatedir}/containers &> /dev/null || :
 
 %postun
 if [ $1 -eq 0 ]; then
-   %selinux_modules_uninstall -s %{selinux_type} %{module_names} docker
+   %selinux_modules_uninstall %{modulenames} docker
 fi
 
 %posttrans
-%selinux_relabel_post -s %{selinux_type}
+%selinux_relabel_post
+
+#define license tag if not already defined
+%{!?_licensedir:%global license %doc}
 
 %files
+%{_datadir}/selinux/*
 %dir %{_datadir}/containers/selinux
 %{_datadir}/containers/selinux/contexts
+%dir %{_datadir}/udica
 %dir %{_datadir}/udica/templates/
 %{_datadir}/udica/templates/*
-%{_datadir}/selinux/*
+%{_mandir}/man8/container_selinux.8.gz
+%{_sysconfdir}/selinux/targeted/contexts/users/container_u
+%ghost %verify(not mode) %{_selinux_store_path}/targeted/active/modules/200/%{modulenames}
+%ghost %verify(not mode) %{_selinux_store_path}/mls/active/modules/200/%{modulenames}
 
 %triggerpostun -- container-selinux < 2:2.162.1-3
 if %{_sbindir}/selinuxenabled ; then
@@ -106,7 +126,11 @@ fi
 %files doc
 %doc CODE-OF-CONDUCT.md README.md SECURITY.md
 
-%changelog 
+%changelog
+* Fri Feb 28 2025 Zhao Hang <wb-zh951434@alibaba-inc.com> - 2.234.2-1
+- Refer to CentOS Stream container-selinux-2.234.2-4 (zpytela@redhat.com)
+- Add doc sub package
+
 * Mon Apr 10 2023 yuanhui <yuanhui@linux.alibaba.com> - 2.210.0-1
 - Optimize the spec file
 - Update to v2.210.0
diff --git a/v2.210.0.tar.gz b/v2.210.0.tar.gz
deleted file mode 100644
index de6a5d493e29cabce46cc450e2fb50aed53b1128..0000000000000000000000000000000000000000
Binary files a/v2.210.0.tar.gz and /dev/null differ
diff --git a/v2.234.2.tar.gz b/v2.234.2.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..492f6650ad3069eae544cb9ba720ef20776d060b
Binary files /dev/null and b/v2.234.2.tar.gz differ