From 2e127627dce7251d5848718036780c91384c4396 Mon Sep 17 00:00:00 2001
From: Noel Georgi <git@frezbo.dev>
Date: Thu, 7 Nov 2024 14:01:22 +0530
Subject: [PATCH] docs: add apparmor enablement release notes

Add AppArmor release notes.

Signed-off-by: Noel Georgi <git@frezbo.dev>
---
 hack/release.toml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/hack/release.toml b/hack/release.toml
index e2fa584c54..affaa81ace 100644
--- a/hack/release.toml
+++ b/hack/release.toml
@@ -25,6 +25,22 @@ Kubernetes: 1.32.0-beta.0
 runc: 1.2.1
 
 Talos is built with Go 1.23.2.
+"""
+
+    [notes.apparmor]
+        title = "AppArmor"
+        description = """\
+Talos Linux starting with v1.9 will ship with SELinux LSM enabled by default.
+If you need to use AppArmor LSM add the following to the machine configuration:
+
+```yaml
+machine:
+  install:
+     extraKernelArgs:
+      - -selinux
+      - lsm=lockdown,capability,yama,apparmor,bpf
+      - apparmor=1
+```
 """
 
     [notes.auditd]