Simon Mittelberger wrote: > Hello, Hi Simon,
> > on the enforcers first run the NotifyCommand is not executed. > > I was able to reproduce the following on versions: OpenDNSSEC 1.2.0 rc2 > and trunk: > > * the package is started with ods-control start > * a zone gets added: ods-control ksm zone add -z $domain -p $policy -i > $unsigned_zonefile -o $signed_zonefile -s $signconf_file > * kick the enforcer: ods-control enforcer notify > * the zone is signed and output correctly > * after signing the zone, when the method tools_write_output(zone_type* > zone) is called, the part of the code, where the notify command for the > nameserver should be executed is not processed, because zone->notify_ns > is NULL. > > If the signer is restarted it works: > > - ods-signer stop > - ods-signer start > - ods-signer sign domain.tld > > It seems like the NotifyCommand is only set for zones when the signer > engine is recovered from backup. On freshly added zones it is not set. > I've tested adding fresh zones to a running OpenDNSSEC and it works properly. Perhaps the problem was with the sequence you followed, adding the zone first and then activating the enforcer. I've seen a situation where the zone->notify_ns is cleared out and the NotifyCommand is not run, but I wasn't able to reproduce it. May be there is a race-conditiong somewhere? cheers, > > All the best, > Simon > > > > > _______________________________________________ > Opendnssec-user mailing list > [email protected] > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user -- Sebastian Castro DNS Specialist .nz Registry Services (New Zealand Domain Name Registry Limited) desk: +64 4 495 2337 mobile: +64 21 400535 _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
