type readmac, domain;
type readmac_exec, exec_type, vendor_file_type, file_type;

# Allow for transition from init domain to readmac
init_daemon_domain(readmac)

# Allow readmac to fully access wlan_mac.bin persist file
allow readmac persist_file:dir rw_dir_perms;
allow readmac persist_file:file create_file_perms;

allow readmac self:capability dac_override;

allow readmac diag_device:chr_file rw_file_perms;
allow readmac sysfs:file r_file_perms;