diff --git a/shell.te b/shell.te
index af4ce0c29561a1499336135ee1b0b4e8cf1e622c..f5b551bb7dec4e1f37f56bdc2c069a33ef66e4f3 100644
--- a/shell.te
+++ b/shell.te
@@ -62,3 +62,7 @@ allow shell kernel:system syslog_read;
 
 # allow shell to list services
 allow shell servicemanager:service_manager list;
+
+# allow shell to look through /proc/ for ps, top
+allow shell domain:dir { search open read getattr };
+allow shell domain:{ file lnk_file } { open read getattr };