module ver4a-selinux 1.0;

require {
	type ifconfig_t;
	class cap_userns { net_admin sys_ptrace };
}

#============= ifconfig_t ==============

allow ifconfig_t self:cap_userns { net_admin sys_ptrace };