diff --git a/system_server.te b/system_server.te
index 03a7ef39dc52cd10bdc35757936e7e4dbb53fb22..db59b657379f479e1a12f0afa736e2be2640e94e 100644
--- a/system_server.te
+++ b/system_server.te
@@ -54,16 +54,13 @@ allow system_server self:capability {
     net_raw
     sys_boot
     sys_nice
-    sys_resource
+    sys_ptrace
     sys_time
     sys_tty_config
 };
 
 wakelock_use(system_server)
 
-# Triggered by /proc/pid accesses, not allowed.
-dontaudit system_server self:capability sys_ptrace;
-
 # Trigger module auto-load.
 allow system_server kernel:system module_request;