diff --git a/domain.te b/domain.te
index aab5f5c61684f3b115ec77f99ca200f448d0e265..b2b6d2ccd5680d4273f51c9f2ca118bdaf239dbd 100644
--- a/domain.te
+++ b/domain.te
@@ -185,7 +185,7 @@ neverallow {
 } self:capability sys_ptrace;
 
 # Limit device node creation to these whitelisted domains.
-neverallow { domain -kernel -init -recovery -ueventd -watchdogd -healthd -vold -uncrypt -slideshow } self:capability mknod;
+neverallow { domain -kernel -init -ueventd -watchdogd -healthd -vold -uncrypt -slideshow } self:capability mknod;
 
 # Limit raw I/O to these whitelisted domains.
 neverallow { domain -kernel -init -recovery -ueventd -watchdogd -healthd -vold -uncrypt -tee } self:capability sys_rawio;