I think I understand the root cause of this bug: the way that
/usr/share/perl5/Net/DNS/SEC/Tools/rollmgr.pm invokes rndc is
incorrect when zones have a view. When there is a view,
there are additional MANDATORY arguments
So: circa line 1153 we see:
`$rndc reload $zone >/dev/null 2>&1`;
Removing the redirect to /dev/null so that the error can be seen
reveals this:
rndc: 'reload' failed: not found
no matching zone 'myzone.org' in any view
The correct invocation should have been this:
`$rndc reload $zone IN $view`;
where view is the appropriate view for the zone being signed.
>From some rndc docs:
> rndc reload class and view arguments are only optional
> if no views are defined in the named configuration.
>
> If any views are defined in the named configuration,
> then ALL zones must be in a view, and the view name
> is required in order to identify a zone.
Cannot provide a patch; adding the required $view argument
trickles through the entire toolchain.
Two hacks are possible:
-- write a cronjob to reload zones nightly
-- edit rollmgr.pm and invoke rndc reload without any zone argument
(i.e. reload all zones)
