Hello! Some details first: I have less than a week to solve this problem, current signatures expire at 20110611. FreeBSD 8.1-RELEASE-p4 OpenDNSSEC 1.2.1 (installed from FreeBSD ports) SoftHSM 1.2.1 (installed from FreeBSD ports)
Two weeks ago we started using OpenDNSSEC for the main three production domains of a customer. No problems at all until today, when I upgraded sqlite3 from 3.7.6.2 to 3.7.6.3. The release notes for the sqlite3 upgrade seemed to indicate that it was safe, but after the upgrade and a reboot /usr/local/var (which I have softlinked to /var/named/usr/local/var because named is chrooted) had disappeared completely. I may have caused this myself since I was stupid enough not to stop ods-signer and ods-enforcerd during the sqlite3 upgrade. I restored from yesterdays backup, but now I get these errors: ods-enforcerd: SoftHSM: init: Wrong database schema version: /usr/local/var/softhsm/slot0.db ods-enforcerd: hsm_get_slot_id(): could not find token with the name OpenDNSSEC ods-signerd: SoftHSM: init: Wrong database schema version: /usr/local/var/softhsm/slot0.db ods-signerd: setup failed: error initializing libhsm (errno 268435457) ods-signerd: signer engine setup failed ods-signerd: shutdown signer engine I tried reverting to version 3.7.6.2 of sqlite3, but I get the same errors whatever I do now. I have compared the dump of the current slot0.db with dumps from backuped slot0.db, and they have no diffs. If I understand lib/SoftDatabase.cpp in SoftHSM source correctly the cause of the error is that there should be a PRAGMA user_version=100; or something like that in the SoftHSM db. But the only PRAGMA I have in there, even in the old backups, is PRAGMA foreign_keys=OFF; My first idea is to enter a PRAGMA user_version into slot0.db, but since I don't know if that will solve the problem and also I'm no good at SQL, I'm not trying that right now. If anyone can confirm that this is the solution and give me the steps to fix it I would be very grateful. Otherwise I guess I'll have to reset the SoftHSM database, but I don't know how to export current keys from slot0.db when I can't start the SoftHSM application. Starting from scratch with fresh keys is the least preferred solution. Any ideas are welcome! Thanks! -- Peter Olsson [email protected] _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
