Hi Andrew, On Fri, 2 May 2008, Andrew Elwell wrote: > Hi folks, > > does anyone have the magic incantation to hand (apart from 'setenforce > permissive') to stop ntpd being blocked from writing to the driftfile etc. On > our enforcing machines we see large fluctuations in NTP stability unless you are willing to modify the policy (which is rather painful on SL4), you probably want to "setsebool -P ntpd_disable_trans 1". Ntpd will run in the initrc_t domain after the next restart, which should be sufficient on SL4. Hope this helps, Stephan -- Stephan Wiesand DESY - DV - Platanenallee 6 15738 Zeuthen, Germany