diff --git a/public/shell.te b/public/shell.te
index 1318c35f4ef086bf65259f7dda0383d127a7c562..81f4bf0cacb551139ff39d1962b647b6e005a1af 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -123,6 +123,9 @@ allow shell {
   proc_zoneinfo
 }:file r_file_perms;
 
+# allow listing network interfaces under /sys/class/net.
+allow shell sysfs_net:dir r_dir_perms;
+
 r_dir_file(shell, cgroup)
 allow shell domain:dir { search open read getattr };
 allow shell domain:{ file lnk_file } { open read getattr };