diff --git a/tee.te b/tee.te
index 79f8d13cfb84425b43034965f0d0c4aa4f96f4b0..2fab2820cf65103b27a9c972361d34cb8fe12e6e 100644
--- a/tee.te
+++ b/tee.te
@@ -7,5 +7,5 @@ type tee_device, dev_type;
 type tee_data_file, file_type, data_file_type;
 
 permissive tee;
-unconfined_domain(netd)
+unconfined_domain(tee)
 init_daemon_domain(tee)
diff --git a/unconfined.te b/unconfined.te
index 3dbfb59d03f03f2bea15c322fef2a03d537e6814..9f100a3e26597a25ebca6b6782973c79f44fcecf 100644
--- a/unconfined.te
+++ b/unconfined.te
@@ -14,7 +14,7 @@ allow unconfineddomain fs_type:filesystem *;
 allow unconfineddomain {fs_type dev_type file_type}:{ dir blk_file lnk_file sock_file fifo_file } *;
 allow unconfineddomain {fs_type dev_type file_type}:{ chr_file file } ~entrypoint;
 allow unconfineddomain node_type:node *;
-allow unconfineddomain node_type:{ tcp_socket udp_socket } node_bind;
+allow unconfineddomain node_type:{ tcp_socket udp_socket rawip_socket } node_bind;
 allow unconfineddomain netif_type:netif *;
 allow unconfineddomain port_type:socket_class_set name_bind;
 allow unconfineddomain port_type:{ tcp_socket dccp_socket } name_connect;
diff --git a/watchdogd.te b/watchdogd.te
index 1c14d8f00510d5c22d59d10451caf6b8658ff0eb..3bf9aae1db009b02099080118c497eb633aaba52 100644
--- a/watchdogd.te
+++ b/watchdogd.te
@@ -2,3 +2,4 @@
 type watchdogd, domain;
 permissive watchdogd;
 unconfined_domain(watchdogd)
+allow watchdogd rootfs:file entrypoint;