Hi Orm!

Are you referring to postfix 3.7.0-2?

If so, the ownership on the files are okay for me:

```
ls -lah /usr/bin/post{drop,queue}
-rwxr-sr-x 1 root postdrop 19K Feb 7 00:56 /usr/bin/postdrop
-rwxr-sr-x 1 root postdrop 23K Feb 7 00:56 /usr/bin/postqueue
```

This is ensured by tmpfiles.d (see /usr/lib/tmpfiles.d/postfix.conf).

Can you maybe provide logs for some context as to how it does not work?
Have you checked the release notes for 3.7.0 [1] whether anything might affect your configuration?

[1] http://www.postfix.org/announcements/postfix-3.7.0.html

Hi David!

> Are you referring to postfix 3.7.0-2?

Yes.

> This is ensured by tmpfiles.d (see /usr/lib/tmpfiles.d/postfix.conf).

The entries are there and are correct, but somehow the upgrade dosn't seem to have ensured the permissions accordingly (or even changed them; I haven't changed my config in years and it worked before).

Can't see anything in the release notes which might be related except the dropping of backward compatibility to 3.3. If 3.3 didn't need the permissions that way that could be a reason, though.

> The entries are there and are correct, but somehow the upgrade dosn't seem to have ensured the permissions accordingly (or even changed them; I haven't changed my config in years and it worked before).

The tmpfiles.d integration is triggered as a libalpm hook after installation.
In your /var/log/pacman.log this should look something like:

```
[2022-02-07T01:11:41+0100] [PACMAN] Running 'pacman -U postfix-3.7.0-2-x86_64.pkg.tar.zst postfix-pcre-3.7.0-2-x86_64.pkg.tar.zst'
[2022-02-07T01:11:42+0100] [ALPM] transaction started
[2022-02-07T01:11:43+0100] [ALPM] upgraded postfix (3.6.4-1 -> 3.7.0-2)
[2022-02-07T01:11:43+0100] [ALPM] installed postfix-pcre (3.7.0-2)
[2022-02-07T01:11:43+0100] [ALPM] transaction completed
[2022-02-07T01:11:43+0100] [ALPM] running '20-systemd-sysusers.hook'...
[2022-02-07T01:11:43+0100] [ALPM] running '30-systemd-daemon-reload.hook'...
[2022-02-07T01:11:43+0100] [ALPM] running '30-systemd-tmpfiles.hook'...
[2022-02-07T01:11:43+0100] [ALPM] running '30-systemd-update.hook'...
```

The tmpfiles.d setup is also ensured during boot by systemd-tmpfiles-setup.service (it is pulled in by sysinit.target.wants).

Did you reboot since?

> [2022-02-07T01:11:43+0100] [ALPM] installed postfix-pcre (3.7.0-2)

this one is missing, the rest is there, but I'm not positive I rebooted before the error happened.

> this one is missing, the rest is there,

If you are not using PCRE in your configuration then you don't need postfix-pcre.

> but I'm not positive I rebooted before the error happened.

Hm, that is really odd. It might point at a larger issue with your system if systemd is not applying the tmpfiles.d integration. :-/

Are the /usr/bin/post{drop,queue} files writable by root (i.e. the mount options for / do not prevent it)? Is your / mounted rw? (check `mount |grep "on / "`).
Can you provide the output of `journalctl -b -u systemd-tmpfiles-setup` and also attempt to run `systemd-tmpfiles --create` as root (this is what is done by the libalpm hook via /usr/share/libalpm/scripts/systemd-hook)?

Could you please run that last command with debug level logging
# SYSTEMD_LOG_LEVEL=debug systemd-tmpfiles --create

@orm: Can you provide the required output for further debugging or is your problem resolved?