1 # DHCP client 2 type dhcpclient, domain; 3 type dhcpclient_exec, exec_type, vendor_file_type, file_type; 4 5 init_daemon_domain(dhcpclient) 6 net_domain(dhcpclient) 7 8 allow dhcpclient execns:fd use; 9 10 set_prop(dhcpclient, net_eth0_prop); 11 allow dhcpclient self:capability { net_admin net_raw }; 12 allow dhcpclient self:udp_socket create; 13 allow dhcpclient self:netlink_route_socket { write nlmsg_write }; 14 allow dhcpclient varrun_file:dir search; 15 allow dhcpclient self:packet_socket { create bind write read }; 16 allowxperm dhcpclient self:udp_socket ioctl { SIOCSIFFLAGS 17 SIOCSIFADDR 18 SIOCSIFNETMASK 19 SIOCSIFMTU 20 SIOCGIFHWADDR }; 21
