[Opendnssec-develop] Auditor daemon

Jakob Schlyter jakob at kirei.se
Mon Aug 24 06:37:55 UTC 2009

On 13 aug 2009, at 14.42, alexd at nominet.org.uk wrote:

> I'm just looking at daemonizing the auditor. Then I realised I  
> wasn't quite sure what was meant to happen...
> How often is the auditor meant to run in daemon form? Is this  
> configurable?
> What should happen if the auditor daemon encounters errors in the  
> signed zone? Is this configurable?

currently we have the following directories for the file adapter:

/var/opendnssec/  (i.e. @localstatedir@/opendnssec)
	unsigned/	the unsigned zone
	signed/		the signed zone

would it perhaps make sense to add an audited/ directory and let the  
daemonized auditor move files from signed/ to audited/ when a zone has  
bee audited?

this would perhaps change how we call the auditor from the signed  
engine as well, just making <Audit/> in a signer configuration tell  
the signer engine to run the signer explicitly on the file in signed/  
when the zone has been signed? (making the auditor run explicitly  
rather than in batch)


More information about the Opendnssec-develop mailing list