[PATCH] avc_rules.md: mention secilc with the neverallow statement

[Dominick Grift <dominick.grift@defensec.nl>]

I was unable to determine whether checkpolicy can be told to disable
neverallow checking.

v2: As the footnote is HTML, to render the man page entry it needs to be:
<em><strong>secilc</strong>(8)</em>

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
---
 src/avc_rules.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/avc_rules.md b/src/avc_rules.md
index a9dead5..5c2a491 100644
--- a/src/avc_rules.md
+++ b/src/avc_rules.md
@@ -182,8 +182,9 @@ auditallow ada_t self:process execstack;
 
 This rule specifies that an `allow` rule must not be generated for the
 operation, even if it has been previously allowed. The `neverallow`
-statement is a compiler enforced action, where the ***checkpolicy**(8)* or
+statement is a compiler enforced action, where the ***checkpolicy**(8)*,
 ***checkmodule**(8)* <a href="#fna1" class="footnote-ref" id="fnavc1"><sup>1</sup></a>
+or ***secilc**(8)* <a href="#fna2" class="footnote-ref" id="fnavc2"><sup>2</sup></a>
 compiler checks if any allow rules have been generated in the policy source,
 if so it will issue a warning and stop.
 
@@ -211,6 +212,7 @@ neverallow { domain -mmap_low_domain_type } self:memprotect mmap_zero;
 <section class="footnotes">
 <ol>
 <li id="fna1"><p><code>neverallow</code> statements are allowed in modules, however to detect these the <em>semanage.conf</em> file must have the 'expand-check=1' entry present.<a href="#fnavc1" class="footnote-back">↩</a></p></li>
+<li id="fna2"><p>The `--disable-neverallow` option can be used with <em></strong>secilc</strong>(8)</em> to disable <code>neverallow</code> rule checking.<a href="#fnavc2" class="footnote-back">↩</a></p></li>
 </ol>
 </section>
 
-- 
2.27.0