diff --git a/isolated_app.te b/isolated_app.te
index 1e40a7f57911a2f8f3f32d0fd712f1466f3d3438..c155b12b741cd0fd5a1b47215bb05f434957fd99 100644
--- a/isolated_app.te
+++ b/isolated_app.te
@@ -52,5 +52,5 @@ neverallow isolated_app cache_file:dir ~{ r_dir_perms };
 neverallow isolated_app cache_file:file ~{ read getattr };
 
 # do not allow privileged socket ioctl commands
-neverallowxperm isolated_app self:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;
+neverallowxperm isolated_app domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;
 
diff --git a/shell.te b/shell.te
index 46656c293a8a8dbd7e6af47adc95b5be2cd2bd4b..28e713889afbf76f3e92fc7eccae1f56b85cd6b9 100644
--- a/shell.te
+++ b/shell.te
@@ -138,4 +138,4 @@ allowxperm shell self:{ rawip_socket tcp_socket udp_socket } ioctl unpriv_sock_i
 neverallow shell file_type:file link;
 
 # Do not allow privileged socket ioctl commands
-neverallowxperm shell self:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;
+neverallowxperm shell domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;
diff --git a/untrusted_app.te b/untrusted_app.te
index 9e418731c2a0c7a9dd65dfcfa42c8ec0bdfc8912..bb5477371e3da9a7b1b75699a668db0c01bc297d 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -152,7 +152,7 @@ neverallow untrusted_app file_type:file link;
 neverallow untrusted_app sysfs_mac_address:file no_rw_file_perms;
 
 # do not allow privileged socket ioctl commands
-neverallowxperm untrusted_app self:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;
+neverallowxperm untrusted_app domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;
 
 # Do not allow untrusted_app access to /cache
 neverallow untrusted_app { cache_file cache_recovery_file }:dir ~{ r_dir_perms };