On 08/05/2011 06:31 AM, kim Doff wrote: > Hello, > Hi, > Could you help me? >
Well, I can try and give you some information and pointers. > 1. > > DNSSEC Master/Slave are working faultlessly. > > I have PowerDNS v3, PowerAdmin 2.1.5 and MySQL Database Replication > With SSL Encryption. > > Here is my question. > > When I modify zone domain.com <http://domain.com> through PowerAdmin > by adding a subdomain like test.domain.com <http://test.domain.com> > > Master/Slave are updated (SOA serial is updated) > but Master/Slave do not bind test.domain.com <http://test.domain.com>, > > I have to rectify zone domain.com <http://domain.com> in Master > to bind test.domain.com <http://test.domain.com> in Master/Slave > > # pdnssec rectify-zone domain.com <http://domain.com> > > Is there a way to do it automatically through PowerDNS? > First you'll have to know where all the documentation is: http://powerdnssec.org/ http://wiki.powerdns.com/trac/wiki/PDNSSEC http://doc.powerdns.com/powerdnssec-auth.html http://wiki.powerdns.com/trac/wiki/PDNSSEC/details http://wiki.powerdns.com/trac/wiki/PDNSSEC/backends Next you should know that if you choose how PowerDNS should do the live-signing for the domain. If you choose one that does not need an ordered zone, like for example NSEC3-narrow, you can just add the right auth=TRUE to the database and it will 'just work'. Because that is all that rectify-zone does for un-ordered zones. (zone-transfers will not be signed by the way with NSEC3-narrow, if I remember correctly, if you need them you might not what to choose that) > 2. > > When I enable setuid=pdns and setgid=pdns in pdns.conf, > Master/Slave are down. > Have you tried running pdns_server with --daemon=no --guardian=no --config=/your-config ? I think this should not detach from the console. If you also add something like strace -f -F than you can also see what is doing. There most be something that the pdns-user or -group does not have rights to that it needs. > Why? > > Thanks, > > Kim > _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
