From 9a06cc233c876f55d8ee709bb220db8cd99a572e Mon Sep 17 00:00:00 2001
From: Topi Miettinen <toiwoton@gmail.com>
Date: Sat, 12 Jun 2021 11:34:36 +0300
Subject: [PATCH] mount.8.adoc: document SELinux use of nosuid mount flag

Using mount flag `nosuid` also affects SELinux domain transitions but
this has not been documented well.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
---
 sys-utils/mount.8.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys-utils/mount.8.adoc b/sys-utils/mount.8.adoc
index 37fb49d87..8e5c443f1 100644
--- a/sys-utils/mount.8.adoc
+++ b/sys-utils/mount.8.adoc
@@ -568,7 +568,7 @@ Do not use the lazytime feature.
 Honor set-user-ID and set-group-ID bits or file capabilities when executing programs from this filesystem.
 
 *nosuid*::
-Do not honor set-user-ID and set-group-ID bits or file capabilities when executing programs from this filesystem.
+Do not honor set-user-ID and set-group-ID bits or file capabilities when executing programs from this filesystem. In addition, SELinux domain transitions require permission nosuid_transition, which in turn needs also policy capability nnp_nosuid_transition.
 
 *silent*::
 Turn on the silent flag.