diff --git a/policy/policy_capabilities b/policy/policy_capabilities
index a6987a44d..206cdda9b 100644
--- a/policy/policy_capabilities
+++ b/policy/policy_capabilities
@@ -89,12 +89,12 @@ policycap extended_socket_class;
 #
 # Added checks:
 # (none)
-#policycap cgroup_seclabel;
+policycap cgroup_seclabel;
 
 # Enable NoNewPrivileges support.  Requires libsepol 2.7+
-# and kernel 4.14 (estimated).
+# and kernel 4.14.
 #
 # Checks enabled;
 # process2: nnp_transition, nosuid_transition
 #
-#policycap nnp_nosuid_transition;
+policycap nnp_nosuid_transition;