# Restricted domain for shell processes spawned by init
type init_shell, domain;
permissive init_shell;
domain_auto_trans(init, shell_exec, init_shell)
unconfined_domain(init_shell)