Staging for a rollout of EL 6, and ran into a very strange permissions issue with xinetd that defies all (my) logic. It's a script called "spfiled" that we use for messaging between our server cluster servers. I'm trying to get it to run with "least permissions necessary". Because it reads/writes files in conjunction with a web-based service, it runs as user "apache". Here's my xinet.d/spfiled.conf: (this is in dev, each developer has his own number) #################### spfiled.conf ################## service spfiled461 { socket_type = stream wait = no user = apache group = apache server = /path/to/filed.php protocol = tcp disable = no bind = 192.168.3.2 port = 12461 banner_fail = /path/to/banner_fail.txt cps = 10000 0 max_load = 10.0 } #################### spfiled.conf ################## Here's the permissions of the script: # ls -laFd /path/to/filed.php -rwxr-xr-- 1 bens apache 18042 Jan 7 2011 filed.php When I restart xinetd, I see in system log: #################### /var/log/messages ################## Jul 18 16:32:25 bender xinetd[17830]: Server /path/to/filed.php is not executable [file=/etc/xinetd.d/spfiled461] [line=11] Jul 18 16:32:25 bender xinetd[17830]: Error parsing attribute server - DISABLING SERVICE [file=/etc/xinetd.d/spfiled461] [line=11] I've turned off SELinux completely. # setenforce 0; Strangely, setting permissions to o+x and it starts up fine, but I don't want to leave permissions that open. What am I missing? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110718/020d8fae/attachment-0004.html>