From 24baaacde865fd269a3600c39c22d9a6cfd47349 Mon Sep 17 00:00:00 2001
From: Samuel Karp <skarp@amazon.com>
Date: Tue, 4 Aug 2020 17:40:15 -0700
Subject: [PATCH 1/2] aws-ecs-1: enable SELinux capability

---
 sources/api/ecs-settings-applier/src/ecs.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sources/api/ecs-settings-applier/src/ecs.rs b/sources/api/ecs-settings-applier/src/ecs.rs
index 60640914952..bb08933ca3c 100644
--- a/sources/api/ecs-settings-applier/src/ecs.rs
+++ b/sources/api/ecs-settings-applier/src/ecs.rs
@@ -38,6 +38,9 @@ struct ECSConfig {
 
     #[serde(rename = "TaskIAMRoleEnabledForNetworkHost")]
     task_iam_role_enabled_for_network_host: bool,
+
+    #[serde(rename = "SELinuxCapable")]
+    selinux_capable: bool,
 }
 
 // Returning a Result from main makes it print a Debug representation of the error, but with Snafu
@@ -76,6 +79,9 @@ fn run() -> Result<()> {
         // Task role support is always enabled
         task_iam_role_enabled: true,
         task_iam_role_enabled_for_network_host: true,
+
+        // SELinux is always available
+        selinux_capable: true,
         ..Default::default()
     };
     if let Some(os) = settings.os {

From 6a6cdf44aa01046b9a80594753119aaaeaee2b35 Mon Sep 17 00:00:00 2001
From: Samuel Karp <skarp@amazon.com>
Date: Thu, 6 Aug 2020 10:48:46 -0700
Subject: [PATCH 2/2] ecs-settings-applier: add link to ECS agent config

---
 sources/api/ecs-settings-applier/README.md  | 3 ++-
 sources/api/ecs-settings-applier/src/ecs.rs | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/sources/api/ecs-settings-applier/README.md b/sources/api/ecs-settings-applier/README.md
index 2135a8533dd..7c936ece720 100644
--- a/sources/api/ecs-settings-applier/README.md
+++ b/sources/api/ecs-settings-applier/README.md
@@ -7,7 +7,8 @@ Current version: 0.1.0
 ecs-settings-applier generates a configuration file for the ECS agent from Bottlerocket settings.
 
 The configuration file for ECS is a JSON-formatted document with conditionally-defined keys and
-embedded lists.
+embedded lists.  The structure and names of fields in the document can be found
+[here](https://github.com/aws/amazon-ecs-agent/blob/a250409cf5eb4ad84a7b889023f1e4d2e274b7ab/agent/config/types.go).
 
 ## Colophon
 
diff --git a/sources/api/ecs-settings-applier/src/ecs.rs b/sources/api/ecs-settings-applier/src/ecs.rs
index bb08933ca3c..2c6a447fdaf 100644
--- a/sources/api/ecs-settings-applier/src/ecs.rs
+++ b/sources/api/ecs-settings-applier/src/ecs.rs
@@ -4,7 +4,8 @@
 ecs-settings-applier generates a configuration file for the ECS agent from Bottlerocket settings.
 
 The configuration file for ECS is a JSON-formatted document with conditionally-defined keys and
-embedded lists.
+embedded lists.  The structure and names of fields in the document can be found
+[here](https://github.com/aws/amazon-ecs-agent/blob/a250409cf5eb4ad84a7b889023f1e4d2e274b7ab/agent/config/types.go).
 */
 use log::debug;
 use serde::Serialize;