diff --git a/client/driver/docker.go b/client/driver/docker.go
index 1ce37f20a..b6145ae57 100644
--- a/client/driver/docker.go
+++ b/client/driver/docker.go
@@ -319,7 +319,7 @@ func (d *DockerDriver) containerBinds(alloc *allocdir.AllocDir, task *structs.Ta
 	allocDirBind := fmt.Sprintf("%s:/%s", shared, allocdir.SharedAllocName)
 	taskLocalBind := fmt.Sprintf("%s:/%s", local, allocdir.TaskLocal)
 
-	if selinuxLabel := d.config.Read("driver.docker.volumes.selinuxlabel"); selinuxLabel != "" {
+	if selinuxLabel := d.config.Read("docker.volumes.selinuxlabel"); selinuxLabel != "" {
 		allocDirBind = fmt.Sprintf("%s:%s", allocDirBind, selinuxLabel)
 		taskLocalBind = fmt.Sprintf("%s:%s", taskLocalBind, selinuxLabel)
 	}
diff --git a/website/source/docs/agent/config.html.md b/website/source/docs/agent/config.html.md
index db66b8b7d..4df2895d4 100644
--- a/website/source/docs/agent/config.html.md
+++ b/website/source/docs/agent/config.html.md
@@ -352,9 +352,6 @@ documentation [here](/docs/drivers/index.html)
 * `consul.verifyssl`: This option enables SSL verification when the transport
  scheme for the Consul API client is `https`. This is set to true by default.
 
-* `driver.docker.volumes.selinuxlabel`: Allows the operator to set a SELinux
-  label to the allocation and task local bind-mounts to containers.
-
 * `driver.whitelist`: A comma separated list of whitelisted drivers (e.g.
   "docker,qemu"). If specified, drivers not in the whitelist will be disabled.
   If the whitelist is empty, all drivers are fingerprinted and enabled where
diff --git a/website/source/docs/drivers/docker.html.md b/website/source/docs/drivers/docker.html.md
index ea14e151c..5f6d51c9d 100644
--- a/website/source/docs/drivers/docker.html.md
+++ b/website/source/docs/drivers/docker.html.md
@@ -289,6 +289,9 @@ options](/docs/agent/config.html#options):
 * `docker.cleanup.image` Defaults to `true`. Changing this to `false` will
   prevent Nomad from removing images from stopped tasks.
 
+* `docker.volumes.selinuxlabel`: Allows the operator to set a SELinux
+  label to the allocation and task local bind-mounts to containers.
+
 * `docker.privileged.enabled` Defaults to `false`. Changing this to `true` will
   allow containers to use `privileged` mode, which gives the containers full
   access to the host's devices. Note that you must set a similar setting on the