diff --git a/private/system_server.te b/private/system_server.te
index 6a11448bbaf090445e88e6d468c37359cd66a842..5ada67e4da1ae6e4eaf878d98599f7e4449faf64 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -62,16 +62,13 @@ allow system_server self:capability {
     net_raw
     sys_boot
     sys_nice
-    sys_resource
+    sys_ptrace
     sys_time
     sys_tty_config
 };
 
 wakelock_use(system_server)
 
-# Triggered by /proc/pid accesses, not allowed.
-dontaudit system_server self:capability sys_ptrace;
-
 # Trigger module auto-load.
 allow system_server kernel:system module_request;