Index: refpolicy/policy/modules/system/sysnetwork.fc
===================================================================
--- refpolicy.orig/policy/modules/system/sysnetwork.fc	2018-11-27 16:09:33.159358187 +0100
+++ refpolicy/policy/modules/system/sysnetwork.fc	2018-11-27 16:09:36.851417892 +0100
@@ -6,6 +6,15 @@ ifdef(`distro_debian',`
 /dev/shm/network(/.*)?		gen_context(system_u:object_r:net_conf_t,s0)
 ')
 
+# SUSE
+# sysconfig network files are stored in /dev/.sysconfig
+/dev/.sysconfig/network(/.*)?	gen_context(system_u:object_r:net_conf_t,s0)
+# label netconfig files in /var/adm and /var/lib and /var/run
+/var/adm/netconfig(/.*)?	gen_context(system_u:object_r:net_conf_t,s0)
+/var/lib/ntp/var(/.*)?		gen_context(system_u:object_r:net_conf_t,s0)
+/var/run/netconfig(/.*)?	gen_context(system_u:object_r:net_conf_t,s0)
+
+
 #
 # /etc
 #
@@ -33,6 +42,10 @@ ifdef(`distro_redhat',`
 /etc/sysconfig/network-scripts(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
 ')
 
+/etc/sysconfig/network(/.*)? gen_context(system_u:object_r:net_conf_t,s0)
+/etc/sysconfig/network/scripts/.* gen_context(system_u:object_r:bin_t,s0)
+/etc/sysconfig/scripts/.* gen_context(system_u:object_r:bin_t,s0)
+
 #
 # /usr
 #
Index: refpolicy/policy/modules/system/sysnetwork.te
===================================================================
--- refpolicy.orig/policy/modules/system/sysnetwork.te	2018-11-27 16:09:33.163358252 +0100
+++ refpolicy/policy/modules/system/sysnetwork.te	2018-11-27 16:10:36.920389270 +0100
@@ -47,7 +47,8 @@ ifdef(`distro_debian',`
 #
 # DHCP client local policy
 #
-allow dhcpc_t self:capability { dac_override fsetid net_admin net_bind_service net_raw setpcap sys_nice sys_resource sys_tty_config };
+# need sys_admin to set hostname/domainname
+allow dhcpc_t self:capability { dac_override fsetid net_admin net_bind_service net_raw setpcap sys_nice sys_resource sys_tty_config sys_admin };
 dontaudit dhcpc_t self:capability { sys_ptrace sys_tty_config };
 # for access("/etc/bashrc", X_OK) on Red Hat
 dontaudit dhcpc_t self:capability { dac_read_search sys_module };
@@ -79,6 +80,12 @@ files_pid_filetrans(dhcpc_t, dhcpc_var_r
 sysnet_manage_config(dhcpc_t)
 files_etc_filetrans(dhcpc_t, net_conf_t, file)
 
+# allow relabel of /dev/.sysconfig
+dev_associate(net_conf_t)
+
+# allow mv /etc/resolv.conf.netconfig
+allow dhcpc_t etc_runtime_t:file unlink;
+
 # create temp files
 manage_dirs_pattern(dhcpc_t, dhcpc_tmp_t, dhcpc_tmp_t)
 manage_files_pattern(dhcpc_t, dhcpc_tmp_t, dhcpc_tmp_t)
Index: refpolicy/policy/modules/kernel/devices.fc
===================================================================
--- refpolicy.orig/policy/modules/kernel/devices.fc	2018-11-27 16:09:33.163358252 +0100
+++ refpolicy/policy/modules/kernel/devices.fc	2018-11-27 16:09:36.851417892 +0100
@@ -2,6 +2,7 @@
 /dev			-d	gen_context(system_u:object_r:device_t,s0)
 /dev/.*				gen_context(system_u:object_r:device_t,s0)
 
+/dev/.sysconfig(/.*)?	-d	gen_context(system_u:object_r:net_conf_t,s0)
 /dev/.*mouse.*		-c	gen_context(system_u:object_r:mouse_device_t,s0)
 /dev/[0-9].*		-c	gen_context(system_u:object_r:usb_device_t,s0)
 /dev/3dfx		-c	gen_context(system_u:object_r:xserver_misc_device_t,s0)