On 2021-06-06 20:48, Bas van den Dikkenberg via Opendnssec-user wrote:
The signer and enforcer keep shutingdown
I see this in the log, any one any ideas:
Jun 6 20:45:03 domein ods-signerd[2761]: OpenDNSSEC signer engine
version 2.1.9
Dear Bas,
From the logs I can see that there is a problem in your configuration.
In your etc/opendnssec/conf.xml you will find two entries:
<Configuration> -> <Signer> -> <SocketFile>
and
<Configuration> -> <Enforcer> -> <SocketFile>
In both cases there is a file path specified where the signer and
enforcer will place a unix domain socket. This means that:
The directories where these two are placed need to be writable for
the user as which OpenDNSSEC will run, and if there is already a file
that this must be writable.
The user is either the user which you use when you start OpenDNSSEC,
or the user specified as <User> as specified in etc/opendnssec/conf.xml
So either the path is wrong or isn't writable.
It isn't uncommon that OpenDNSSEC is installed and tried as root, but
later run as a dedicated user, resulting in this problem.
\Berry
Jun 6 20:45:03 domein systemd[1]: opendnssec-signer.service: Main
process exited, code=exited, status=1/FAILURE
Jun 6 20:45:03 domein systemd[1]: opendnssec-signer.service: Failed
with result 'exit-code'.
Jun 6 20:45:03 domein systemd[1]: Stopped OpenDNSSEC signer daemon.
Jun 6 20:45:03 domein systemd[1]: Stopping OpenDNSSEC Enforcer
daemon...
Jun 6 20:45:03 domein ods-enforcerd: [enforce_task] No changes to
signconf file required for zone 4.x.x.in-addr.arpa
Jun 6 20:45:03 domein ods-enforcerd: [enforcer] update zone:
5.x.x.in-addr.arpa
Jun 6 20:45:03 domein ods-enforcerd: [hsm_key_factory_delete_key]
looking for keys to purge from HSM
Jun 6 20:45:03 domein ods-enforcerd: [enforcer] removeDeadKeys: keys
deleted from HSM: 0
Jun 6 20:45:03 domein ods-enforcerd: [enforce_task] No changes to
signconf file required for zone 5.x.x.in-addr.arpa
Jun 6 20:45:03 domein ods-enforcerd: [enforcer] update zone:
7.x.x.in-addr.arpa
Jun 6 20:45:03 domein ods-enforcerd: [hsm_key_factory_delete_key]
looking for keys to purge from HSM
Jun 6 20:45:03 domein ods-enforcerd: [enforcer] removeDeadKeys: keys
deleted from HSM: 0
Jun 6 20:45:03 domein ods-enforcerd: [enforce_task] No changes to
signconf file required for zone 7.x.x.in-addr.arpa
Jun 6 20:45:03 domein ods-enforcerd: [enforcer] update zone:
8.x.x.in-addr.arpa
Jun 6 20:45:03 domein ods-enforcerd: [hsm_key_factory_delete_key]
looking for keys to purge from HSM
Jun 6 20:45:03 domein ods-enforcerd: [enforcer] removeDeadKeys: keys
deleted from HSM: 0
Jun 6 20:45:03 domein ods-enforcerd: [enforce_task] No changes to
signconf file required for zone 8.x.x.in-addr.arpa
Jun 6 20:45:03 domein ods-enforcerd: [engine] cannot connect to
command handler: connect() failed: No such file or directory
Jun 6 20:45:03 domein ods-enforcerd: [engine] command handler self
pipe trick failed, unclean shutdown
THanks in advance!
Bas
_______________________________________________
Opendnssec-user mailing list
Opendnssec-user@lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
_______________________________________________
Opendnssec-user mailing list
Opendnssec-user@lists.opendnssec.org
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
