1type eth_mac_addr, domain, coredomain; 2type eth_mac_addr_exec, exec_type, system_file_type, file_type; 3init_daemon_domain(eth_mac_addr); 4 5allow eth_mac_addr proc_cmdline:file { open read }; 6allow eth_mac_addr rootfs:dir { open read }; 7allow eth_mac_addr self:capability net_admin; 8allow eth_mac_addr self:netlink_route_socket { bind create getattr nlmsg_readpriv nlmsg_write read setopt write }; 9allow eth_mac_addr self:udp_socket { create ioctl }; 10allow eth_mac_addr shell_exec:file { execute getattr map read }; 11allow eth_mac_addr system_file:file execute_no_trans; 12allow eth_mac_addr toolbox_exec:file { execute execute_no_trans getattr map open read }; 13