diff --git a/adbd.te b/adbd.te
index c565bd75ebb0624f2c3b13734140c9558e36e033..bbca4d93398d78b1687d02395bce066f77130394 100644
--- a/adbd.te
+++ b/adbd.te
@@ -3,7 +3,7 @@
 type adbd, domain, mlstrustedsubject;
 allow adbd adb_device:chr_file rw_file_perms;
 allow adbd qemu_device:chr_file rw_file_perms;
-allow adbd self:capability { net_raw setgid setuid dac_override sys_boot sys_admin };
+allow adbd self:capability { net_raw setgid setuid dac_override sys_admin };
 allow adbd rootfs:file { r_file_perms entrypoint };
 allow adbd init:process sigchld;
 allow adbd self:tcp_socket *;
diff --git a/system.te b/system.te
index 66a7afc4ea9110d2e2bc5cfc8d01b18dff448c10..4d963c4c1cb1a63425f6d90910e05a6023c70222 100644
--- a/system.te
+++ b/system.te
@@ -48,7 +48,7 @@ bluetooth_domain(system)
 # These are the capabilities assigned by the zygote to the
 # system server.
 # XXX See if we can remove some of these.
-allow system self:capability { kill net_bind_service net_broadcast net_admin net_raw sys_module sys_boot sys_nice sys_resource sys_time sys_tty_config };
+allow system self:capability { kill net_bind_service net_broadcast net_admin net_raw sys_module sys_nice sys_resource sys_time sys_tty_config };
 
 # Triggered by /proc/pid accesses, not allowed.
 dontaudit system self:capability sys_ptrace;