diff --git a/policy/modules/system/getty.te b/policy/modules/system/getty.te
index f6743ea19..80fec66b8 100644
--- a/policy/modules/system/getty.te
+++ b/policy/modules/system/getty.te
@@ -33,7 +33,7 @@ files_pid_file(getty_var_run_t)
 #
 
 # Use capabilities.
-allow getty_t self:capability { dac_override chown setgid sys_resource sys_tty_config fowner fsetid };
+allow getty_t self:capability { dac_override chown setgid sys_admin sys_resource sys_tty_config fowner fsetid };
 dontaudit getty_t self:capability sys_tty_config;
 allow getty_t self:process { getpgid setpgid getsession signal_perms };
 allow getty_t self:fifo_file rw_fifo_file_perms;
@@ -102,11 +102,6 @@ ifdef(`distro_gentoo',`
 	sysnet_dns_name_resolve(getty_t)
 ')
 
-ifdef(`distro_redhat',`
-	# getty requires sys_admin #209426
-	allow getty_t self:capability sys_admin;
-')
-
 ifdef(`distro_ubuntu',`
 	optional_policy(`
 		unconfined_domain(getty_t)