diff --git a/bind.spec b/bind.spec
index b667632bb15ec1c63fb6401027aeb076e06cbd28..3933f4c003347d0894e9ffddc3f119b3876b4de2 100644
--- a/bind.spec
+++ b/bind.spec
@@ -30,7 +30,7 @@ Summary:  The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv
 Name:     bind
 License:  MPLv2.0
 Version:  9.16.23
-Release:  13
+Release:  14
 Epoch:    32
 Url:      https://www.isc.org/downloads/bind/
 #
@@ -183,10 +183,7 @@ Requires:       glibc-common
 Requires:       grep
 Requires:       bind-libs%{?_isa} = %{epoch}:%{version}-%{release}
 Requires:       systemd
-# This wild require should satisfy %%selinux_set_boolean macro only
-# in case it needs to be used
-Requires: policycoreutils-python-utils libselinux-utils
-Requires: selinux-policy selinux-policy-base libuv
+Requires:       libuv
 Recommends:     bind-utils bind-dnssec-utils
 BuildRequires:  gcc, make
 BuildRequires:  openssl-devel, libtool, autoconf, pkgconfig, libcap-devel
@@ -849,10 +846,6 @@ fi;
 
 %post
 %?ldconfig
-if [ -e "%{_sysconfdir}/selinux/config" ]; then
-  %selinux_set_booleans -s targeted %{selinuxbooleans}
-  %selinux_set_booleans -s mls %{selinuxbooleans}
-fi
 if [ "$1" -eq 1 ]; then
   # Initial installation
   [ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.* /etc/named.* >/dev/null 2>&1 ;
@@ -886,10 +879,6 @@ fi
 %?ldconfig
 # Package upgrade, not uninstall
 %systemd_postun_with_restart named.service
-if [ -e "%{_sysconfdir}/selinux/config" ]; then
-  %selinux_unset_booleans -s targeted %{selinuxbooleans}
-  %selinux_unset_booleans -s mls %{selinuxbooleans}
-fi
 
 %if %{with PKCS11}
 %post pkcs11
@@ -921,6 +910,17 @@ fi
 /sbin/chkconfig --del named >/dev/null 2>&1 || :
 /bin/systemctl try-restart named.service >/dev/null 2>&1 || :
 
+%triggerpostun -- bind < 32:9.16.23-14, selinux-policy, policycoreutils            
+if [ -x %{_sbindir}/selinuxenabled ] && [ -x %{_sbindir}/getsebool ] && [ -x %{_sbindir}/setsebool ] \            
+   && %{_sbindir}/selinuxenabled && [ -x %{_sbindir}/named ]; then            
+  # Return master zones after upgrade from selinux_booleans version            
+  WRITEBOOL="$(LC_ALL=C %{_sbindir}/getsebool named_write_master_zones)"            
+  if [ "echo ${WRITEBOOL#named_write_master_zones --> }" = "off" ]; then            
+    echo "Restoring new sebool default of named_write_master_zones..."            
+    %{_sbindir}/setsebool -P named_write_master_zones=1 || :            
+  fi            
+fi            
+
 %ldconfig_scriptlets libs
 
 %if %{with PKCS11}
@@ -1182,6 +1182,12 @@ fi;
 %endif
 
 %changelog
+* Fri Jan 13 2023 jiangheng <jiangheng14@huawei.com> - 32:9.16.23-14
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC: stop enabling selinux booleans on every upgrade
+
 * Wed Jan 4 2023 zhanghao <zhanghao383@huawei.com> - 32:9.16.23-13
 - Type:bugfix
 - CVE:NA