diff --git a/sepolicy/base/public/domain.te b/sepolicy/base/public/domain.te
index 07f8ec8572ec8a8f35df453e170892ff5b0aa58a..37178fd9ca57e6af19fe4c816e6b005c5bda7521 100644
--- a/sepolicy/base/public/domain.te
+++ b/sepolicy/base/public/domain.te
@@ -275,7 +275,7 @@ neverallow { domain -processdump -hap_domain } domain:process ptrace;
 # TODO:debug/release
 neverallow { domain -appspawn -init -ueventd -installs -storage_daemon -cap_violator_chown } self:{ capability cap_userns } chown;
 neverallow { domain -appspawn -init -ueventd -memmgrservice
-             debug_only(`-hdcd') -installs
+             debug_only(`-hdcd') -installs -partitionslot_host
              -storage_daemon -usb_host -cap_violator_dacoverride } self:{ capability cap_userns } dac_override;
 neverallow { domain -appspawn -init -hidumper_service -storage_daemon -hiprofiler_plugins debug_only(`-hdcd  -hiperf') -cap_violator_dacreadsearch } self:{ capability cap_userns } dac_read_search;
 neverallow { domain -init -ueventd -installs -storage_daemon -cap_violator_fowner } self:{ capability cap_userns } fowner;
diff --git a/sepolicy/ohos_policy/drivers/peripheral/partitionslot/vendor/init.te b/sepolicy/ohos_policy/drivers/peripheral/partitionslot/vendor/init.te
index dd1c2d2278bec2d60ae02fe98fb0be3713986dcf..7be851d7a7a40be7850fa3e55fc90b697492e4ff 100644
--- a/sepolicy/ohos_policy/drivers/peripheral/partitionslot/vendor/init.te
+++ b/sepolicy/ohos_policy/drivers/peripheral/partitionslot/vendor/init.te
@@ -12,3 +12,4 @@
 # limitations under the License.
 
 allow init partitionslot_host:process { rlimitinh siginh transition };
+allow partitionslot_host partitionslot_host:capability { dac_override };