diff --git a/domain_deprecated.te b/domain_deprecated.te
index 6943ffd5c5320e54eb5b2e049c56f618b6bc2792..bc511f46a68a46588ce869f8e3b64883dcec94cf 100644
--- a/domain_deprecated.te
+++ b/domain_deprecated.te
@@ -14,7 +14,7 @@ auditallow { domain_deprecated -appdomain -init -sdcardd -surfaceflinger -system
 
 # Inherit or receive open files from others.
 allow domain_deprecated system_server:fd use;
-auditallow { domain_deprecated -appdomain -mediaextractor -mediaserver -netd -surfaceflinger } system_server:fd use;
+auditallow { domain_deprecated -appdomain -mediaserver -netd -surfaceflinger } system_server:fd use;
 
 # Connect to adbd and use a socket transferred from it.
 # This is used for e.g. adb backup/restore.
@@ -96,9 +96,9 @@ auditallow { domain_deprecated -bluetooth -fingerprintd -healthd -init -netd -pr
 auditallow { domain_deprecated -bluetooth -fingerprintd -healthd -init -netd -priv_app -rild -system_app -surfaceflinger -system_server -tee -ueventd -vold -wpa } sysfs:lnk_file { getattr open ioctl lock }; # read granted in domain
 auditallow domain_deprecated inotify:dir r_dir_perms;
 auditallow domain_deprecated inotify:{ file lnk_file } r_file_perms;
-auditallow { domain_deprecated -appdomain -drmserver -fingerprintd -gatekeeperd -healthd -init -inputflinger -installd -keystore -logd -mediaextractor -mediaserver -netd -rild -surfaceflinger -system_server -zygote } cgroup:dir r_dir_perms;
-auditallow { domain_deprecated -appdomain -drmserver -fingerprintd -gatekeeperd -healthd -init -inputflinger -installd -keystore -logd -mediaextractor -mediaserver -netd -rild -surfaceflinger -system_server -zygote } cgroup:{ file lnk_file } r_file_perms;
-auditallow { domain_deprecated -appdomain -init -logd -mediaextractor -priv_app -surfaceflinger -system_server -vold } proc_meminfo:file r_file_perms;
+auditallow { domain_deprecated -appdomain -drmserver -fingerprintd -gatekeeperd -healthd -init -inputflinger -installd -keystore -logd -mediaserver -netd -rild -surfaceflinger -system_server -zygote } cgroup:dir r_dir_perms;
+auditallow { domain_deprecated -appdomain -drmserver -fingerprintd -gatekeeperd -healthd -init -inputflinger -installd -keystore -logd -mediaserver -netd -rild -surfaceflinger -system_server -zygote } cgroup:{ file lnk_file } r_file_perms;
+auditallow { domain_deprecated -appdomain -init -logd -priv_app -surfaceflinger -system_server -vold } proc_meminfo:file r_file_perms;
 auditallow { domain_deprecated -appdomain -clatd -init -logd -netd -system_server -vold -wpa -zygote } proc_net:dir { open getattr read ioctl lock }; # search granted in domain
 auditallow { domain_deprecated -appdomain -clatd -init -logd -netd -system_server -vold -wpa -zygote } proc_net:{ file lnk_file } r_file_perms;
 
diff --git a/mediaextractor.te b/mediaextractor.te
index 7b873d621f4e91db98b5ceef67332c94feb8ea25..fe874479d577f651c9c7cca90c1a76bee2f3754a 100644
--- a/mediaextractor.te
+++ b/mediaextractor.te
@@ -1,5 +1,5 @@
 # mediaextractor - multimedia daemon
-type mediaextractor, domain, domain_deprecated;
+type mediaextractor, domain;
 type mediaextractor_exec, exec_type, file_type;
 
 typeattribute mediaextractor mlstrustedsubject;