Hello Rachid, Thanks.
> the rpm spec i've send here, builds perfectly as far as i remember. CentOS has more packages available than RHEL on which I'm building, so I have to construct several underlying packages. Working on that now, it seems that SQLite is the only thing I still need to do. You SQLite dependency does not mention the minimum version, so I turned that into "sqlite >= 3.4.2" as demanded by ./configure: checking for sqlite3.h... yes checking for sqlite3_prepare_v2 in -lsqlite3... no configure: error: Missing SQLite3 library v3.4.2 or greater configure: error: ./configure failed for enforcer I just got started with the build, so I have nothing worth showing yet. For now, it's mainly thoughts and ideas that I have to share. > i've rebuild it for 32bits arch few days ago. :) > did you get any error while building opendnssec with my spec ? Not yet, but any lessons learnt will be shared. That's also behind this posting -- things I ran into. > if so let us know, so we can share and update the "official" opendnssec spec > :) I will surely share it, this is the best thing to do for all concerned. I do have another idea about the package than what you did: The auditor is essentially an external component, and I do not want to include it with the main RPM, because it introduces several dependencies. For now, I'm avoiding that with the --disable-auditor configure option. It is probably best if I/we split the source and build two packages for it. > for the mysql view i'd be interested in helping if possible :-) Thanks. I suppose both databases are useful to some audiences: SQLite works for locally signing people, probably the same ones who also rely on SoftHSM. For "business critical" signing, like our setup that wants to run in high availability mode (yes, we did get two HSMs with a PKCS #11 library that implements HA mode) it is more likely that MySQL with replication is the right path. Not sure how that would work, package-wise. My current, short-sighted aim is to build packages that work for our requirements, but I am quite open to generally usable alternatives. Ideally, installing OpenDNSSEC would mean you needed to have one of the databases on your system, right? Cheers, -Rick _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
