The postfix RA uses a few checks to confirm directories have the correct permissions. When it checks whether the data directory is writeable it uses su which fails with an authentication failure. Using sudo to perform the command as the postfix user is a more reliable way. See the sample below which runs through the checks performed by the script on an interactive shell and the difference in the su vs sudo commands.
Problem was actually caused by postfix user not existing in /etc/shadow. su fails with auth failure because of this. Should be fixed regardless with the merge of #1880 and its use of runuser.
The postfix RA uses a few checks to confirm directories have the correct permissions. When it checks whether the data directory is writeable it uses su which fails with an authentication failure. Using sudo to perform the command as the postfix user is a more reliable way. See the sample below which runs through the checks performed by the script on an interactive shell and the difference in the su vs sudo commands.
PR to fix this Update postfix probe from su to sudo #1880
Tested with resource-agents v4.11.0
Test machine specs Ubuntu Server 22.10 Linux node3 5.19.0-1022-raspi #29-Ubuntu SMP PREEMPT