1# DHCP client 2type dhcpclient, domain; 3type dhcpclient_exec, exec_type, vendor_file_type, file_type; 4 5init_daemon_domain(dhcpclient) 6net_domain(dhcpclient) 7 8allow dhcpclient execns:fd use; 9 10set_prop(dhcpclient, net_eth0_prop); 11dontaudit dhcpclient kernel:system module_request; 12allow dhcpclient self:capability { net_admin net_raw }; 13allow dhcpclient self:udp_socket create; 14allow dhcpclient self:netlink_route_socket { write nlmsg_write }; 15allow dhcpclient varrun_file:dir search; 16allow dhcpclient self:packet_socket { create bind write read }; 17allowxperm dhcpclient self:udp_socket ioctl { SIOCSIFFLAGS 18 SIOCSIFADDR 19 SIOCSIFNETMASK 20 SIOCSIFMTU 21 SIOCGIFHWADDR }; 22