OpenDKIM and restricted DNS

If you are using OpenDKIM behind a restrictive network that doesn’t allow all outgoing UDP connections, you may find some issues when checking authoritative responses for public keys:

key retrieval failed (s=20120113, d=gmail.com): '20120113._domainkey.gmail.com' query timed out

or:

key retrieval failed (s=20120113, d=gmail.com): '20120113._domainkey.gmail.com' unexpected reply class/type (-1/-1)

The workaround is to set static DNS servers (whatever is allowed in your network) in /etc/opendkim.conf using the directive Nameservers:

Nameservers 208.67.222.222,208.67.220.220

Enable NFS checks on Zabbix

In order to enable NFS auto-discovery, open Zabbix’s interface, go to “Administration” -> “General” -> “Regular Expressions” -> “File systems for discovery” and add “NFS” to the regular expression.

Depending on the interval defined on the discovery rule, it may take some time for the partitions to show up.

Dealing with SELinux. The easy way.

So, your newly configured service doesn’t work properly whenever you have SELinux enabled… Instead of just disabling it, try one of the proper ways to fix it:

setenforce permissive

– Reproduce your problem so fresh logs are generated.

grep denied /var/log/audit/audit.log > /tmp/denied_stuff.log

– Check and confirm the content of the log.

cat /tmp/denied_stuff.log | audit2allow -M service_please_do_this

– Check and confirm the policies in the file “service_please_do_this.te”

semodule -i service_please_do_this.pp
setenforce enforcing