Remember to do the echo 0 > enforce part, otherwise Aegis is kept in enforce mode.

Yes. In the initial version, I modified restok.conf to give the unknown source all of the privileges I wanted (dac_admin, setuid, setgid, and sys_module). But then I realized develsh already has all of those tokens... so I deduced you could already load modules; only the hashes were missing, but develsh also had the privileges to load those.

Therefore, I used develsh as a replacement for the restok.conf trick.