From 81d425d43cd21b8fb5ec159d285783180289a7ef Mon Sep 17 00:00:00 2001
From: Frederick Ding <frederick.ding@dingcorp.com>
Date: Fri, 31 Jul 2015 03:35:01 -0400
Subject: [PATCH] Add SELinux context note

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 1b724b0..392a848 100644
--- a/README.md
+++ b/README.md
@@ -55,6 +55,6 @@ For example, suppose an IMAP server uses a certificate signed by Acme Intermedia
 
 ### Mounting network storage (optional)
 
-This container by itself doesn't handle any storage configuration. Ideally, you should do so on the Docker host and pass a path to the container using `-v` to bind a volume.
+This container by itself doesn't handle any storage configuration. Ideally, you should do so on the Docker host and pass a path to the container using `-v` to bind a volume. You should note that if the Docker host has SELinux enabled, you may need to mount the NFS share with the `svirt_sandbox_file_t` context using the mount option `context="system_u:object_r:svirt_sandbox_file_t:s0"`.
 
 You could also use a data volume container for `/output` and expose this directory to another containerized daemon (e.g. HTTP server), but that is again outside the scope of this image's functionality.