Postfix fails with (error: postdrop: warning: mail_queue_enter: create file maildrop/randomfilename.xxxxx: Permission denied)

Problem: Postfix delivery fails with error

(postdrop: warning: mail_queue_enter: create file maildrop/randomfilename.xxxxx: Permission denied)


** see note below

Cause:

/usr/sbin/postdrop has incorrect permissions. 
Correct the permissions for /usr/sbin/postdrop are as follows:
# ll /usr/sbin/postdrop

-rwxr-sr-x. 1 root postdrop 180808 Aug 23  2018 /usr/sbin/postdrop

Solution:

Fix permissions with the following:

rpm --setperms postfix
rpm --setugids postfix

Source:
https://access.redhat.com/solutions/1592103

** Note: all of these steps were performed on a CentOS version 6. The same also applies to RHEL version 6

Further troubleshooting:

In order to prepare for this next part, you need to make sure that you have the yum-plugin-verify.noarch installed from your standard CentOS or RedHat YUM repository.

You can figure out the default permissions for whatever file that maybe having a permissions issue on your Linux system.

To prepare for this task, you need to make sure that you have the yum plugin
by doing the following:

• figure out which package provides the file you are troubleshooting.
• On my CentOS 6 system, this can be accomplished by running the command 
• rpm -q --whatprovides /usr/sbin/postdrop which will produce the following output indicating the package name that provided our postdrop file when it was installed:
• postfix-2.6.6-8.el6.x86_64
• Next step is to run the yum verify-all command against the package name to see the default ownership & permissions for its files as follows:
• yum verify-all postfix-2.6.6-8.el6.x86_64 
• The command above will produce something similar to the following output:

• Just please not that this screenshot is not indicative of the problem at hand because the permissions issues were fixed. This screenshot part is only complaining about checksums & mtime values since this postfix install was updated and modified multiple times.

resolv.conf reverts to old DNS entries

/etc/resolv.conf keeps reverting back to its old entries after updating your DNS server list whether manually or via the setup front-end tool for setting up your Network, authentication, services etc on RHEL or CentOS version 5,6,7.

The solution comes from Redhat's KB article entitled "How to make persistent changes to the /etc/resolv.conf?"https://access.redhat.com/solutions/7412

The issue is that DNS servers in /etc/resolv.conf changed after a reboot or network service restart.

If a single ifcfg-file both specifies a nameserver using DNS1 and also gets a nameserver via DHCP, both nameservers will be placed in resolv.conf.

Root Cause:

- From the script /etc/sysconfig/network-scripts/ifdown-post if the "RESOLV_MODS=no" or "PEERDNS=no" is not present in the relevant /etc/sysconfig/network-scripts/ifcfg-* files, the contents of /etc/resolv.conf could get overwritten with /etc/resolv.conf.save.

- /etc/sysconfig/network-scripts/ifup-post script, checks for the presence of "RESOLV_MODS=no" or "PEERDNS=no"

Resolution:

The change in my situation was due to the ifcfg-eth0 file directives DNS1 and DNS2 which lead to modification of resolv.conf

In my particular situation, the solution was to mark the /etc/resolv.conf as immutable with this command:

chattr +i /etc/resolv.conf

to prevent any tool or configuration from modifying it.

For diagnosing the issue, look for entries similar to the following in your /var/log/messages:

Oct 14 12:40:52 hostname NET[22961]: /etc/sysconfig/network-scripts/ifdown-post : updated /etc/resolv.conf
Oct 14 12:40:57 hostname NET[23256]: /etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf

Can't delete a symbolic link to a Linux directory!!

I've come across this issue once where I wanted to delete a symbolically linked directory (named foo for this example) on a CentOS box using the "rm" command, and I got this error message:

rm: cannot remove `foo/': Is a directory

which was a little frustrating although simple enough to resolve.

The mistake that led to generating this error message is that I used the autocomplete line by using the tab key to finish off the name of the directory, which is fine for most purposes, but in this particular instance of removing a symbolic link, it introduced an undesirable factor which is the forward slash tacked to the end of the directory name.
So the typed command looked like this: rm foo/ instead of just this rm foo

Basically, the RM command in bash refused to unlink the symbolic link because it saw it as a directory with content within.

So just in case someone else comes across this same issue, all you need to do is remove the trailing slash from the end of your command and the rm command will successfully remove your symbolically linked directory without any fuss.

Another approach is to use the "unlink" command followed by the name of your symbolic link and it'll also work just fine. Just note that the "unlink" command also will generate an error if it sees a trailing slash after the directory name.

So the correct syntax for removing a symbolically linked directory is this:

rm foo

Or

unlink foo

Delete Postfix queued emails From/To specific user

mailq | tail -n +2 | awk 'BEGIN { RS = "" } / user@domain\.com$/ { print $1 }' | tr -d '*!' | postsuper -d -

Or, if using sudo, just add sudo to the part immediately preceding "postsuper":

mailq | tail -n +2 | awk 'BEGIN { RS = "" } / user@domain\.com$/ { print $1 }' | tr -d '*!' | sudo postsuper -d -

Note: This command line was run on a CentOS 6.10 box with Postfix version 2.6.6

Import PEM cert or key into your keystore

Easiest way I know to import a PEM format cert or key file into your Java keystore involves two steps.

1- Convert your PEM format certificate into DER format by using the following command syntax:
openssl x509 -outform der -in yourcert.pem -out yourcert.der

2- Import your resulting DER format certificate into your "cacerts" keystore using this syntax:
keytool -import -alias youralias -keystore cacerts -file yourcert.der

How to insert charachter/text into multiple lines in the Vi Editor

1. Press <Esc> to enter command mode
2. Press <Ctrl> + <V> to enter visual block mode
3. Move <Up> / <Down> to select the columns of text in the lines you want to insert text
4. Hold down <Shift> + <i> and type the text you want to insert
5. Press <Esc> , then wait 1 second and the inserted text will appear on every line you selected in step 3
6. Press <w> (To save) And <q> (To exit Vi), if you're done editing this file

Credit: Original Tip found at https://stackoverflow.com/a/253391

How to Install JAVA 8 (JDK/JRE 8u131) on CentOS/RHEL 7/6 and Fedora

After a long wait, finally Java SE Development Kit 8 is available to download. JDK 8 has been released on Mar,18 2014 for general availability with the many featured enhancements. You can find all the enhancements in JDK 8 here.

This article will help you to Install JAVA 8 (JDK/JRE 8u131) or update on your system. Read the instruction carefully before downloading Java from Linux command line. To Install Java 8 in Ubuntu and LinuxMint read This Article.

Downloading Latest Java Archive

Download latest Java SE Development Kit 8 release from its official download page or use following commands to download from shell.

For 64Bit

# cd /opt/
# wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.tar.gz"

# tar xzf jdk-8u131-linux-x64.tar.gz

For 32Bit

# cd /opt/
# wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-i586.tar.gz"

# tar xzf jdk-8u131-linux-i586.tar.gz 

Install Java with Alternatives

After extracting archive file use alternatives command to install it. alternatives command is available in chkconfig package.

# cd /opt/jdk1.8.0_131/
# alternatives --install /usr/bin/java java /opt/jdk1.8.0_131/bin/java 2
# alternatives --config java


There are 3 programs which provide 'java'.

  Selection    Command
-----------------------------------------------
*  1           /opt/jdk1.7.0_71/bin/java
 + 2           /opt/jdk1.8.0_45/bin/java
   3           /opt/jdk1.8.0_91/bin/java
   4           /opt/jdk1.8.0_131/bin/java

Enter to keep the current selection[+], or type selection number: 4

At this point JAVA 8 has been successfully installed on your system. We also recommend to setup javac and jar commands path using alternatives

# alternatives --install /usr/bin/jar jar /opt/jdk1.8.0_131/bin/jar 2
# alternatives --install /usr/bin/javac javac /opt/jdk1.8.0_131/bin/javac 2
# alternatives --set jar /opt/jdk1.8.0_131/bin/jar
# alternatives --set javac /opt/jdk1.8.0_131/bin/javac 

Check Installed Java Version

Check the installed Java version on your system using following command.

root@tecadmin ~# java -version

java version "1.8.0_131"
Java(TM) SE Runtime Environment (build 1.8.0_131-b11)
Java HotSpot(TM) 64-Bit Server VM (build 25.131-b11, mixed mode) 

Configuring Environment Variables

Most of Java based application’s uses environment variables to work. Set the Java environment variables using following commands

• Setup JAVA_HOME Variable

# export JAVA_HOME=/opt/jdk1.8.0_131

• Setup JRE_HOME Variable

# export JRE_HOME=/opt/jdk1.8.0_131/jre

• Setup PATH Variable

# export PATH=$PATH:/opt/jdk1.8.0_131/bin:/opt/jdk1.8.0_131/jre/bin

Also put all above environment variables in /etc/environment file for auto loading on system boot.

Article Source & Credit:

Original article posted at the following URL: 
https://tecadmin.net/install-java-8-on-centos-rhel-and-fedora/