On 04/03/2014 12:14, Matthijs Mekking wrote: > Hi, > > I would like to know some more so that I can delve into this: > > 1. Can you provide the version used? root@perso:~ # pkg_info |grep dns ldns-1.6.16 A library for programs conforming to DNS RFCs and drafts opendnssec-1.3.13 Tool suite for maintaining DNSSEC rubygem-dnsruby-1.53 A pure Ruby DNS client library > > 2. Can you increase the verbosity to 5 and schedule a sign again and > provide those logs? > root@perso:~ # ods-signer verbosity 5 Verbosity level set to 5.
root@perso:~ # ods-signer sign hirlimann.net Zone hirlimann.net scheduled for immediate re-sign. caught this in /var/log/debug.log: Mar 4 12:27:49 perso ods-signerd: [worker[1]] somebody poked me, check completed jobs 17 appointed, 17 completed, 0 failed Mar 4 12:27:49 perso ods-signerd: [worker[1]] sign zone hirlimann.net ok: 17 of 17 RRsets succeeded Mar 4 12:27:49 perso ods-signerd: [file] open file file=hirlimann.net.finalized.tmp mode=writing Mar 4 12:27:49 perso ods-signerd: system call: /usr/local/bin/ods-auditor -c /usr/local/etc/opendnssec/conf.xml -u /usr/local/var/opendnssec/tmp/hirlimann.net.inbound -s /usr/local/var/opendnssec/tmp/hirlimann.net.finalized -z hirlimann.net > /dev/null Mar 4 12:27:49 perso ods-signerd: [worker[1]] finished working on zone hirlimann.net Mar 4 12:27:49 perso ods-signerd: [scheduler] schedule task [read] for zone hirlimann.net Mar 4 12:27:49 perso ods-signerd: [task] On Tue Mar 4 13:27:49 2014 I will [read] zone hirlimann.net Mar 4 12:27:49 perso ods-signerd: [worker[1]] report for duty Mar 4 12:27:49 perso ods-signerd: [scheduler] not popping task for zone hirlimann.net: not ready (when 1393936069 < now 1393932469, flush=0) Mar 4 12:27:49 perso ods-signerd: [worker[1]] nothing to do > $ ods-signer verbosity > $ ods-signer sign hirlimann.net > > 3. Do the DNSKEY queries match the records in the signed file that the > signer has produced? > ain't sure for that one. because it doesn't look like the signer has produced a new file. > 4. What is the last time the signed file has been changed (fstat)? > root@perso:/etc/namedb/signed # ls -ltr total 8 -rw-r--r-- 1 root wheel 7899 Feb 14 00:14 hirlimann.net -- http://sietch-tabr.tumblr.com/ http://www.flickr.com/photos/lhirlimann/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
