SELinux labels in NFS shares

[yakatz]

I am running ZoL on Redhat 8.6, with a client on Redhat 9.2. I am mounting /var/spool/cron with NFS and crond is complaining about the SELinux labels on the files. I found where I can set SELinux options on the dataset and the rootcontext does change, but I still can't set the context on the files themselves. Am I missing something obvious or is this just not supported?

On the client:

root@krispykreme:fs # ls -laZ /fs/usercron/root
-rw-------. 1 root root system_u:object_r:nfs_t:s0 16 May 16 17:46 /fs/usercron/root
root@c:fs # chcon -v -t user_cron_spool_t /fs/usercron/root
changing security context of '/fs/usercron/root'
chcon: failed to change context of '/fs/usercron/root' to ‘system_u:object_r:user_cron_spool_t:s0’: Operation not supported
root@krispykreme:fs # mount | grep usercron
zfs00.example.com:/raid/usercron on /fs/usercron type nfs4 (rw,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.168.0.10,local_lock=none,addr=192.168.0.2)

On the server:

[root@hazfs ~]# zfs get sharenfs,mountpoint,xattr,context,defcontext,fscontext,acltype tank/usercron
NAME           PROPERTY    VALUE                                                               SOURCE
tank/usercron  sharenfs  sec=sys,crossmnt,no_root_squash,[email protected]/24  local
tank/usercron  mountpoint  /raid/usercron                                                      local
tank/usercron  xattr       sa                                                                  local
tank/usercron  context     none                                                                default
tank/usercron  defcontext  unconfined_u:object_r:user_cron_spool_t:s0                          local
tank/usercron  fscontext   none                                                                default
tank/usercron  rootcontext  none                                                                local
tank/usercron  acltype     posix                                                               local
[root@zfs00 ~]# ls -laZ /raid/usercron/root
-rw-------. 1 root root system_u:object_r:user_cron_spool_t:s0 16 May 16 17:46 /raid/usercron/root