1# Restricted domain for shell processes spawned by init 2type init_shell, domain; 3permissive init_shell; 4domain_auto_trans(init, shell_exec, init_shell) 5unconfined_domain(init_shell) 6