How do I assign an SELinux label to a symlink with semanage so it persists after a relabel?

My apache DocumentRoot /var/www is a symbolic link to another path. The target has the appropriate file context label (httpd_sys_content_t) so that apache can read it with SELinux enabled. However, the symbolic link itself is labeled with var_t.

[root@localhost var]# ls -lZ
lrwxrwxrwx. root root unconfined_u:object_r:var_t:s0 www -> /srv/www

I need to relabel the symbolic link with httpd_sys_content_t.

Running chcon with the -h option initially seems to work:

[root@localhost var]# chcon -h -t httpd_sys_content_t /var/www
[root@localhost var]# ls -lZ
lrwxrwxrwx. root root unconfined_u:object_r:httpd_sys_content_t:s0 www -> /srv/www

However this does not survive a relabel:

[root@localhost var]# restorecon -Rv .
restorecon reset /var/www context system_u:object_r:httpd_sys_content_t:s0->syst
em_u:object_r:var_t:s0

Using semanage does not relabel the link itself; just the target:

[root@localhost var]# semanage fcontext -a -t httpd_sys_content_t /var/www
[root@localhost var]# restorecon -Rv .
[root@localhost var]# ls -lZ
lrwxrwxrwx. root root unconfined_u:object_r:var_t:s0 www -> /srv/www

semanage does not have the -h option.

How can I get semanage to set the label of the link itself so it remains as httpd_sys_content_t after a relabel?

I figured it out:

semanage has an option -f which allows you to specify a file type as shown in the mode field by ls (d for directories, -- for regular files, l for links). When -f -l is used, the link itself is targeted.

[root@localhost var]# semanage fcontext -f -l -a -t httpd_sys_content_t /var/www
[root@localhost var]# restorecon -Rv .
restorecon reset /var/www context system_u:object_r:var_t:s0->system_u:object_r:httpd_sys_content_t:s0

See the semanage-fcontext man page.