[Opendnssec-develop] from xml to DB

Matthijs Mekking matthijs at NLnetLabs.nl
Tue Apr 21 09:11:00 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



John Dickinson schreef:
> # programs et al
> PREFIX/{bin,lib,include}
> 
> # static configurations, not written to by the daemons (SYSCONFDIR is
> usually /etc). not writable by the daemons.
> SYSCONFDIR/opendnssec/kasp.xml
> SYSCONFDIR/opendnssec/conf.xml
> SYSCONFDIR/opendnssec/zonelist.xml
> SYSCONFDIR/opendnssec/kasp.rng
> SYSCONFDIR/opendnssec/conf.rng
> SYSCONFDIR/opendnssec/zonelist.rng

The zonelist isn't generated by the KASP daemon?

> # dynamic stuff (LOCALSTATEDIR is usually /var). writable by daemons.
> LOCALSTATEDIR/opendnssec/signconf/<zonename>.conf
> LOCALSTATEDIR/opendnssec/unsigned/<zonename>
> LOCALSTATEDIR/opendnssec/signed/<zonename>
> LOCALSTATEDIR/opendnssec/kasp/kasp.`date`.xml (These are exported
> kasp.xml files for historical or audit reasons)

I am not sure if the unsigned zonefiles should be writeable by the
daemons. [They should if you are using them as an intermediate step in
the AXFR Inbound Adapter. They shouldn't if the zonefile is the File
Inbound Adapter itself.]


Matthijs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBSe2NpA8yVCPsQCW5AQIz9AgAndayO9xOla3PQRs7JU1eH1qZJJecVmzZ
wT/QoDPWMr9wqMOH0GPPcXpg68UWx+26yERATZRtffaIRuwy2OCgKkGoQLHJY024
d/pVkzybN7AiuAJnTpBP4qC4J5wD3iAS/TVTvRiTo8xhf2shNvbD6XLEUXJ29aPn
9hhZtn3ced4//UMi6t45JQ20gztMGqqpGEBSXr0mAYeZC6XW1a6tUFynb7truzLU
hI6fds+Zd9z8tHXYGZSVKe6pAQjWxHVIQS4IUR+KdDZOpapkRx44cDdp5gXAY2H0
9qTpwbTfrYTXPji8rjQlpOsHZ4xP+uy2etmcwCclt7pn/peonJDhNg==
=2Vxl
-----END PGP SIGNATURE-----



More information about the Opendnssec-develop mailing list