From f4d9f077b45ee10f6848dd06a63e3bb60cf3ba60 Mon Sep 17 00:00:00 2001
From: Catherine Luse <catherine.luse@gmail.com>
Date: Mon, 14 Sep 2020 20:49:33 -0700
Subject: [PATCH] Document change to K3s SELinux option

---
 content/k3s/latest/en/advanced/_index.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/content/k3s/latest/en/advanced/_index.md b/content/k3s/latest/en/advanced/_index.md
index 3be2eaa91ce..7ee1c8cd5ea 100644
--- a/content/k3s/latest/en/advanced/_index.md
+++ b/content/k3s/latest/en/advanced/_index.md
@@ -314,6 +314,19 @@ rpm -i https://rpm.rancher.io/k3s-selinux-0.1.1-rc1.el7.noarch.rpm
 
 To force the install script to log a warning rather than fail, you can set the following environment variable: `INSTALL_K3S_SELINUX_WARN=true`.
 
+The way that SELinux enforcement is enabled or disabled depends on the K3s version.
+
+{{% tabs %}}
+{{% tab "K3s v1.19.1+k3s1" %}}
+
+To leverage experimental SELinux, specify the `--selinux` flag when starting K3s servers and agents.
+
+{{%/tab%}}
+{{% tab "K3s prior to v1.19.1+k3s1" %}}
+
 You can turn off SELinux enforcement in the embedded containerd by launching K3s with the `--disable-selinux` flag.
 
+{{%/tab%}}
+{{% /tabs %}}
+
 Note that support for SELinux in containerd is still under development. Progress can be tracked in [this pull request](https://github.com/containerd/cri/pull/1246).