Merge "grant bpfloader CAP_CHOWN"
diff --git a/private/bpfloader.te b/private/bpfloader.te
index 34921e6..8271add 100644
--- a/private/bpfloader.te
+++ b/private/bpfloader.te
@@ -12,7 +12,7 @@
 # for retrieving a pinned map when bpfloader do a run time restart.
 allow bpfloader self:bpf { prog_load prog_run map_read map_write map_create };
 
-allow bpfloader self:global_capability_class_set sys_admin;
+allow bpfloader self:capability { chown sys_admin };
 
 ###
 ### Neverallow rules