Hi David, Thanks for your report!
> I’m added zone 2 and 3. I updated a TSIG key for domain 2 and then > updated the enforcer and it deleted all my domains? Well this is a bit embarrassing... Since 2.0 we declared the database leading over the zonelist.xml for the configured zones. But to provide backwards compatibility we still allow updating the zones via the zonelist.xml like before. > Usage: > zonelist import > [--remove-missing-zones] aka -r > [--file <absolute path>] aka -f > > Help: > Import zones from zonelist.xml into enforcer database. > > Options: > remove-missing-zones Remove any zones from database not existed in > zonelist file > file File to import, instead of zonelist file configured > in conf.xml As you can see we made the default not to remove zones that are no longer in the XML. However 'update all' never included the please-shoot-me-in-the-foot option. And instead defaults to foot shooting. > Usage: > update all > > Help: > Perform policy import, update zonelist, and update repositorylist. I understand this violates the least surprises rule and think we need to improve this soon. Regards, Yuri
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Opendnssec-user mailing list Opendnssec-user@lists.opendnssec.org https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
