[Opendnssec-develop] checks for changed zone config and zone input files
Jakob Schlyter
jakob at kirei.se
Fri Jun 12 10:05:35 UTC 2009
On 12 jun 2009, at 05.52, Jelte Jansen wrote:
> Currently, the engine reads the zone configuration files on startup,
> and
> re-reads them when it gets the 'update' command. It does not
> regularly check if
> they have changed. The reason for this is that I want to keep disk
> access down a
> bit, and continual polling/parsing seems overkill.
do you think that stat(2) all input files once every X minutes is
overkill?
> I could do it on every re-sign run, but in that case it might take a
> while
> before a change is accepted (for instance, if you change the re-sign
> interval
> from very long to very short, it will take the very-long time to
> discover that
> it has changed). In those cases it would make sense that the engine
> is told that
> there is a change, and my understanding was, if that is needed in
> some cases,
> why not just do it every time the config has changed (btw, currently
> there is
> only a 'check-all-configs' command, I could make it more specific
> into a
> 'check-this-zone-for-new-config').
yes, checking a specific file makes sense to me. you would check the
zone config every time the zone input file has changed as well I guess.
> So IMHO, it would make sense for the communicator to tell the engine
> that it has
> changed a zone configuration. But of course you are allowed to
> differ in opinion :)
I think we can add that for a later version - perhaps some command
socket that it can notify the signer via.
> Kind of the same reasoning goes for the zone input file, but this
> time it would
> be the administrator/frontend to do the kicking (through the 'sign
> <zone>' command).
right.
jakob
More information about the Opendnssec-develop
mailing list