diff --git a/config/fcos/v1_6_exp/schema.go b/config/fcos/v1_6_exp/schema.go
index f05a1964..6eb3ea31 100644
--- a/config/fcos/v1_6_exp/schema.go
+++ b/config/fcos/v1_6_exp/schema.go
@@ -22,13 +22,13 @@ type Config struct {
 	base.Config `yaml:",inline"`
 	BootDevice  BootDevice `yaml:"boot_device"`
 	Grub        Grub       `yaml:"grub"`
+	Selinux     Selinux    `yaml:"selinux"`
 }
 
 type BootDevice struct {
-	Layout  *string          `yaml:"layout"`
-	Luks    BootDeviceLuks   `yaml:"luks"`
-	Mirror  BootDeviceMirror `yaml:"mirror"`
-	Selinux Selinux          `yaml:"selinux"`
+	Layout *string          `yaml:"layout"`
+	Luks   BootDeviceLuks   `yaml:"luks"`
+	Mirror BootDeviceMirror `yaml:"mirror"`
 }
 
 type BootDeviceLuks struct {
@@ -54,5 +54,4 @@ type GrubUser struct {
 type Selinux struct {
 	State *string `yaml:"state"`
 	Mode  *string `yaml:"mode"`
-	Path  *string `yaml:"path"`
 }
diff --git a/docs/config-fcos-v1_6-exp.md b/docs/config-fcos-v1_6-exp.md
index ebc21a5a..2dd7e2a0 100644
--- a/docs/config-fcos-v1_6-exp.md
+++ b/docs/config-fcos-v1_6-exp.md
@@ -224,3 +224,6 @@ The Fedora CoreOS configuration is a YAML document conforming to the following s
   * **_users_** (list of objects): the list of GRUB superusers.
     * **name** (string): the user name.
     * **password_hash** (string): the PBKDF2 password hash, generated with `grub2-mkpasswd-pbkdf2`.
+* **_selinux_** (object): describes the security framework with precise access controls
+    * **state** (boolean): wheter or not SElinux should be enabled. 
+    * **mode** (boolean): when enabled, SElinux have two modes: `enforcing`, which enforce security policies or `permissive`, which just logs policy violations.