diff --git a/healthd.te b/healthd.te
index 125ced0962f55d508848f2832141fa739bef38b6..02c7ba8144956bf118e9f7e14f8230c830ed2c0e 100644
--- a/healthd.te
+++ b/healthd.te
@@ -1,9 +1,7 @@
 # healthd seclabel is specified in init.rc since
 # it lives in the rootfs and has no unique file type.
 type healthd, domain;
-type healthd_exec, exec_type, file_type;
 
-init_daemon_domain(healthd)
 allow healthd rootfs:file { read entrypoint };
 write_klog(healthd)
 # /dev/__null__ created by init prior to policy load,
diff --git a/init.te b/init.te
index abe5e78a61451e94ac7b8262dd23edecaca06037..bab0df369fb57d289a1606595a049195630acf7f 100644
--- a/init.te
+++ b/init.te
@@ -11,3 +11,11 @@ allow init {fs_type dev_type file_type}:dir_file_class_set relabelto;
 allow init kernel:security load_policy;
 allow init usermodehelper:file rw_file_perms;
 allow init proc_security:file rw_file_perms;
+
+# Transitions to seclabel processes in init.rc
+allow init adbd:process transition;
+allow init healthd:process transition;
+allow init recovery:process transition;
+allow init shell:process transition;
+allow init ueventd:process transition;
+allow init watchdogd:process transition;
diff --git a/kernel.te b/kernel.te
index 4ccce20f169022e1178e2898c0b46c654777fcc9..dfc6258252021e92c20bf414acb54e8a1aa92c0d 100644
--- a/kernel.te
+++ b/kernel.te
@@ -1,5 +1,8 @@
 # Life begins with the kernel.
 type kernel, domain;
+
+allow kernel init:process dyntransition;
+
 # The kernel is unconfined.
 unconfined_domain(kernel)
 relabelto_domain(kernel)
diff --git a/unconfined.te b/unconfined.te
index 44ba04676c452e3849e558a19615dffcc1e3979b..9facc2e181568d272029f0f783c72ddf3665a4a3 100644
--- a/unconfined.te
+++ b/unconfined.te
@@ -19,7 +19,7 @@
 allow unconfineddomain self:capability_class_set *;
 allow unconfineddomain kernel:security ~{ load_policy setenforce setcheckreqprot };
 allow unconfineddomain kernel:system *;
-allow unconfineddomain domain:process ~{ execmem execstack execheap ptrace };
+allow unconfineddomain domain:process ~{ execmem execstack execheap ptrace transition dyntransition };
 allow unconfineddomain domain:fd *;
 allow unconfineddomain domain:dir r_dir_perms;
 allow unconfineddomain domain:lnk_file r_file_perms;