I successfully - or so it seems - convinced a box to work in enforcing mode, but as of today I still see these error messages whenever postfix is started: Mar 29 17:33:35 pizza kernel: audit(1080603215.577:0): avc: denied { write } for pid=5102 exe=/usr/sbin/postalias name=aliases.db dev=sda3 ino=245461 scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:postfix_etc_t tclass=file Mar 29 17:33:36 pizza kernel: audit(1080603216.592:0): avc: denied { search } for pid=5103 exe=/bin/bash dev= ino=1 scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:devpts_t tclass=dir Mar 29 17:33:36 pizza kernel: audit(1080603216.597:0): avc: denied { execute } for pid=5104 exe=/bin/bash name=master dev=sda3 ino=1407396 scontext=root:system_r:postfix_master_t tcontext=system_u:object_r:lib_t tclass=file Does this ring a bell? As far as I can tell, all contexts are properly set. To play safe, I even removed and reinstalled the postfix RPM. The system has all the latest Raw Hide packages. Rudi