diff --git a/domain.te b/domain.te
index 34faafda83be0ab917f819aa1bcde7181e3fd907..32a89712b7891fa35be9ba4bb8ae4fdc7d311080 100644
--- a/domain.te
+++ b/domain.te
@@ -510,7 +510,7 @@ neverallow * ~servicemanager:service_manager list;
 neverallow * ~service_manager_type:service_manager { add find };
 
 # logpersist is only allowed on userdebug/eng builds
-neverallow { domain userdebug_or_eng(`-logd -shell') } misc_logd_file:file rw_file_perms;
+neverallow { domain userdebug_or_eng(`-logd -shell -init') } misc_logd_file:file rw_file_perms;
 
 # Prevent assigning non property types to properties
 neverallow * ~property_type:property_service set;
diff --git a/init.te b/init.te
index efe3911d78b053e1e90684e607fd64bdf17aae58..eb3dc88b06edfcd343e7f31b7ce2a3755822e741 100644
--- a/init.te
+++ b/init.te
@@ -104,7 +104,7 @@ allow init rootfs:{ dir file } relabelfrom;
 allow init self:capability { chown fowner fsetid };
 allow init {file_type -system_file -exec_type -app_data_file}:dir { create search getattr open read setattr ioctl };
 allow init {file_type -system_file -exec_type -keystore_data_file -security_file -app_data_file -shell_data_file -vold_data_file}:dir { write add_name remove_name rmdir relabelfrom };
-allow init {file_type -system_file -exec_type -keystore_data_file -security_file -app_data_file -shell_data_file -vold_data_file -misc_logd_file }:file { create getattr open read write setattr relabelfrom unlink };
+allow init {file_type -system_file -exec_type -keystore_data_file -security_file -app_data_file -shell_data_file -vold_data_file not_userdebug_nor_eng(`-misc_logd_file') }:file { create getattr open read write setattr relabelfrom unlink };
 allow init {file_type -system_file -exec_type -keystore_data_file -security_file -app_data_file -shell_data_file -vold_data_file}:{ sock_file fifo_file } { create getattr open read setattr relabelfrom unlink };
 allow init {file_type -system_file -exec_type -keystore_data_file -security_file -app_data_file -shell_data_file -vold_data_file}:lnk_file { create getattr setattr relabelfrom unlink };
 allow init {file_type -system_file -exec_type}:dir_file_class_set relabelto;
diff --git a/te_macros b/te_macros
index 4d18973f4e0b6885475880d6b19d2f9c7858a60b..c97cd2d86a723977a2b854e9febdb0f6c29cae53 100644
--- a/te_macros
+++ b/te_macros
@@ -299,6 +299,7 @@ define(`recovery_only', ifelse(target_recovery, `true', $1, ))
 # SELinux rules which apply only to userdebug or eng builds
 #
 define(`userdebug_or_eng', ifelse(target_build_variant, `eng', $1, ifelse(target_build_variant, `userdebug', $1)))
+define(`not_userdebug_nor_eng', ifelse(target_build_variant, `eng', , ifelse(target_build_variant, `userdebug', , $1)))
 define(`eng', ifelse(target_build_variant, `eng', $1))
 
 #####################################