[Opendnssec-develop] checks for changed zone config and zone input files

Jelte Jansen jelte at NLnetLabs.nl
Fri Jun 12 09:52:45 UTC 2009

Hash: SHA1


it appears we may have a specification discrepancy about some of the input files
for the signer engine.

Currently, the engine reads the zone configuration files on startup, and
re-reads them when it gets the 'update' command. It does not regularly check if
they have changed. The reason for this is that I want to keep disk access down a
bit, and continual polling/parsing seems overkill.

I could do it on every re-sign run, but in that case it might take a while
before a change is accepted (for instance, if you change the re-sign interval
from very long to very short, it will take the very-long time to discover that
it has changed). In those cases it would make sense that the engine is told that
there is a change, and my understanding was, if that is needed in some cases,
why not just do it every time the config has changed (btw, currently there is
only a 'check-all-configs' command, I could make it more specific into a

So IMHO, it would make sense for the communicator to tell the engine that it has
changed a zone configuration. But of course you are allowed to differ in opinion :)

Kind of the same reasoning goes for the zone input file, but this time it would
be the administrator/frontend to do the kicking (through the 'sign <zone>' command).

Should these be changed?

Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the Opendnssec-develop mailing list