On Tue, Jul 21, 2020 at 3:57 PM Dominick Grift <dominick.grift@xxxxxxxxxxx> wrote: > > This was added with Linux 5.7 and SELinux 3.1 > > Signed-off-by: Dominick Grift <dominick.grift@xxxxxxxxxxx> > --- > v2: copied and pasted feedback from Stephen Smalley > > src/lsm_selinux.md | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/src/lsm_selinux.md b/src/lsm_selinux.md > index a400c36..f762614 100644 > --- a/src/lsm_selinux.md > +++ b/src/lsm_selinux.md > @@ -676,6 +676,11 @@ interface, it is not recommended - use the **libselinux** or **libsepol** librar > <td>Enables the use of separate socket security classes for all network address families rather than the generic socket class.</td> > </tr> > <tr> > +<td>genfs_seclabel_symlinks</td> > +<td>-r--r--r--</td> > +<td>Enables fine-grained labeling of symlinks in pseudo filesystems based on genfscon rules.</td> > +</tr> > +<tr> > <td>network_peer_controls</td> > <td>-r--r--r--</td> > <td><p>If true the following network_peer_controls are enabled:</p> > -- > 2.27.0 Merged into main, thanks! -- paul moore www.paul-moore.com
