With the help of Dominick Grift I solved the problem. Just for the records. The logfile /var/log/audit/audit.log is not the only place you might wanna look for failed resource accesses. In my case journalctl logged several (denied) attempts to DBUS which where not logged in /var/log/audit/audit.log. Once I allowed them, the application runs fine even in enforcing mode. All in all, I learned to have a look at - ausearch -m AVC,USER_AVC,SELINUX_ERR -ts today - journalctl - dmesg/messages or whatever logfile else Cheers, Stefan -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
