Sebastian Schubert wrote on Mon, 30 Jan 2006 20:36:56 +0100:
while in permissive mode, selinux just reports policy violations of the avc .. but doesn't block the action.
That is what I thought.
the symlink in /etc/sysconfig should point to /etc/selinux/config and not to /etc/syslinux ..
Ooops, I accidentally copied the selinux file that I got from /etc/sysconfig/selinux to /etc/selinux after I saw that it's a symlink. I overlooked that the name is config, not selinux. Thanks!
what does the output of `getenforce` tell you ??
getenforce says Permissive, which makes sense now, since config still shows Permissive.
btw: are you sure that selinux is the problem ??
As I said: no, but I can only rule it out for sure if I disable it. There is no other error output and SELinux preventing the server from su'ing to a non-root user would indeed make it fail.
Thanks so far, I'm now going to disable it.
Kai