Hi, I forgot something in my last mail: What about an ENABLE_FEATURE_FAKEIDENTD_SETUID config-option which optionally allows to drop privileges to a specified uid/gid? I would do the patch if appreciated. -- Dominik