[Opendnssec-develop] [OpenDNSSEC] #13: "engine: no new signatures, keeping zone" when changing zone parameters
OpenDNSSEC
owner-dnssec-trac at kirei.se
Thu Aug 13 09:41:03 UTC 2009
#13: "engine: no new signatures, keeping zone" when changing zone parameters
---------------------------------+------------------------------------------
Reporter: mattias at nonetwork.se | Owner: jakob
Type: defect | Status: new
Priority: minor | Component: Unknown
Version: | Keywords:
---------------------------------+------------------------------------------
Hi,
I'm not sure if this is a bug or me doing something wrong.
But I have obsrevered on several occations the message
"engine: no new signatures, keeping zone" i the logg when I have expected
a new zone to be generated. This seams to happen when you don't really
change any RRs. The changes I have done to the zone then could have been
either just changing the zone serial in the SOA or zone encryption
parameters in kasp.xml. Neither of thoose two changes have resulted in a
new zone even thou I would expect them to.
The work around for me was to clean the zone reletad files i
/var/opendnssec/tmp/ and then run the sign command one again.
Maybe this is two bugs?
Perhaps ksmutil update should clean tmp if it detects changes for a
zone(?is this how it works?) and maybe sign_engine should consider
zoneserial in unsigned zone as a change, even thou it generates its own
serial in signed zone.
--
Ticket URL: <http://trac.opendnssec.org/ticket/13>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list