Sebastian Schubert wrote on Mon, 30 Jan 2006 20:36:56 +0100: > while in permissive mode, selinux just reports policy violations of the > avc .. but doesn't block the action. That is what I thought. > > the symlink in /etc/sysconfig should point to /etc/selinux/config and > not to /etc/syslinux .. Ooops, I accidentally copied the selinux file that I got from /etc/sysconfig/selinux to /etc/selinux after I saw that it's a symlink. I overlooked that the name is config, not selinux. Thanks! > what does the output of `getenforce` tell you ?? getenforce says Permissive, which makes sense now, since config still shows Permissive. > > btw: are you sure that selinux is the problem ?? As I said: no, but I can only rule it out for sure if I disable it. There is no other error output and SELinux preventing the server from su'ing to a non-root user would indeed make it fail. Thanks so far, I'm now going to disable it. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com