Hello,
I'm looking into OpenDNSSEC v 1.4.5 configuration files and I can't see any
hooks for user scripts in Enforcer's configuration.
I would like to run my own script every time a new key is generated or
existing key is deleted (or even better - after any state change).
What mechanism would you recommend for this purpose?
Should I watch SoftHSM/OpenDNSSEC database files and re-read them after every
change? It seems very inefficient and error prone (think about race conditions
...).
I think that the (theoretical) hook should be called with parameters
equivalent to output from "ods-ksmutil key list -v" for every changed key.
Would it be possible to add those hooks?
Thank you for your time.
--
Petr Spacek @ Red Hat
_______________________________________________
Opendnssec-user mailing list
Opendnssec-user@lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
