Package: dnssec-tools Version: 2.0-1 Severity: important Tags: upstream Dear Maintainer,
After a zonefile change, the zone can be resigned with: rollctl -signzone <zonename> Even if the rollrec file includes a directory option for that zone, the sign operation causes zonesigner to fail with: "zone file "<zonename>" does not exist" There is an additional problem with runner() that prevents this message from being logged (at any loglevel), although it is correctly written to stderr. The command returns "zone <zonename> signed", even though the operation failed. The command passed to zonesigner is: Sep 30 13:01:35 2013: borks.org: executing "/usr/sbin/zonesigner -rollmgr rollerd -dtconfig /etc/dnssec-tools/dnssec-tools.conf -zone borks.org -krf /etc/bind/borks.org/borks.org.krf -signonly borks.org /etc/bind/borks.org/borks.org.signed" This command works correctly, but only if issued from the directory containing the zonefile. It appears that the "directory" option in the rollrec is being ignored. -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages dnssec-tools depends on: ii bind9utils 1:9.8.4.dfsg.P1-6+nmu3 ii libmailtools-perl 2.12-1 ii libnet-dns-perl 0.68-1.2 ii libnet-dns-sec-perl 0.16-2 ii libtimedate-perl 1.2000-1 ii perl 5.18.1-4 Versions of packages dnssec-tools recommends: ii bind9 1:9.8.4.dfsg.P1-6+nmu3 dnssec-tools suggests no packages. -- Configuration Files: /etc/default/rollerd changed [not included] /etc/dnssec-tools/dnssec-tools.conf changed [not included] /etc/dnssec-tools/dnssec-tools.rollrec changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
