diff --git a/system_server.te b/system_server.te
index e74f58cebe7fe6eb7898e56d27abcd9ff8077e60..558770ba2bb6c5e2b110e2263322735ecae9ccef 100644
--- a/system_server.te
+++ b/system_server.te
@@ -54,16 +54,13 @@ allow system_server self:capability {
     net_raw
     sys_boot
     sys_nice
-    sys_resource
+    sys_ptrace
     sys_time
     sys_tty_config
 };
 
 wakelock_use(system_server)
 
-# Triggered by /proc/pid accesses, not allowed.
-dontaudit system_server self:capability sys_ptrace;
-
 # Trigger module auto-load.
 allow system_server kernel:system module_request;