diff --git a/mysql.te b/mysql.te
index d9dcb32..e1e87d5 100644
--- a/mysql.te
+++ b/mysql.te
@@ -67,8 +67,8 @@ files_pid_file(mysqlmanagerd_var_run_t)
 # Local policy
 #
 
-allow mysqld_t self:capability { dac_read_search  ipc_lock setgid setuid sys_nice sys_resource net_bind_service };
-dontaudit mysqld_t self:capability sys_tty_config;
+allow mysqld_t self:capability { dac_read_search  ipc_lock sys_nice sys_resource net_bind_service };
+dontaudit mysqld_t self:capability sys_tty_config
 allow mysqld_t self:process { setsched getsched setrlimit signal_perms rlimitinh };
 allow mysqld_t self:fifo_file rw_fifo_file_perms;
 allow mysqld_t self:shm create_shm_perms;
@@ -196,6 +196,7 @@ optional_policy(`
 # Local mysqld_safe policy
 #
 
+# setuig/setgid may be used in mysqld_safe and mysqld_safe_helper
 allow mysqld_safe_t self:capability { chown dac_read_search setgid setuid fowner kill sys_nice sys_resource };
 dontaudit mysqld_safe_t self:capability sys_ptrace;
 allow mysqld_safe_t self:process { setsched getsched setrlimit };