1typeattribute netd coredomain; 2 3init_daemon_domain(netd) 4 5# Allow netd to spawn dnsmasq in it's own domain 6domain_auto_trans(netd, dnsmasq_exec, dnsmasq) 7 8# Allow netd to start clatd in its own domain 9domain_auto_trans(netd, clatd_exec, clatd) 10 11# Allow netd to start bpfloader_exec in its own domain 12domain_auto_trans(netd, bpfloader_exec, bpfloader) 13 14# give netd permission to setup iptables rule with xt_bpf 15allow netd bpfloader:bpf prog_run; 16