On Mon, Jul 20, 2020 at 10:53 AM Dominick Grift <dominick.grift@xxxxxxxxxxx> wrote: > > This was added with Linux 5.7 and SELinux 3.1 > > Signed-off-by: Dominick Grift <dominick.grift@xxxxxxxxxxx> > --- > src/lsm_selinux.md | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/src/lsm_selinux.md b/src/lsm_selinux.md > index a400c36..8e6f3ad 100644 > --- a/src/lsm_selinux.md > +++ b/src/lsm_selinux.md > @@ -676,6 +676,11 @@ interface, it is not recommended - use the **libselinux** or **libsepol** librar > <td>Enables the use of separate socket security classes for all network address families rather than the generic socket class.</td> > </tr> > <tr> > +<td>genfs_seclabel_symlinks</td> > +<td>-r--r--r--</td> > +<td>Symlinks on kernel filesystems will receive contexts based on genfscon statements like directories and files.</td> > +</tr> > +<tr> Maybe "Enables fine-grained labeling of symlinks in pseudo filesystems based on genfscon rules."
