[Opendnssec-develop] checks for changed zone config and zone input files

Jakob Schlyter jakob at kirei.se
Fri Jun 12 10:05:35 UTC 2009

On 12 jun 2009, at 05.52, Jelte Jansen wrote:

> Currently, the engine reads the zone configuration files on startup,  
> and
> re-reads them when it gets the 'update' command. It does not  
> regularly check if
> they have changed. The reason for this is that I want to keep disk  
> access down a
> bit, and continual polling/parsing seems overkill.

do you think that stat(2) all input files once every X minutes is  

> I could do it on every re-sign run, but in that case it might take a  
> while
> before a change is accepted (for instance, if you change the re-sign  
> interval
> from very long to very short, it will take the very-long time to  
> discover that
> it has changed). In those cases it would make sense that the engine  
> is told that
> there is a change, and my understanding was, if that is needed in  
> some cases,
> why not just do it every time the config has changed (btw, currently  
> there is
> only a 'check-all-configs' command, I could make it more specific  
> into a
> 'check-this-zone-for-new-config').

yes, checking a specific file makes sense to me. you would check the  
zone config every time the zone input file has changed as well I guess.

> So IMHO, it would make sense for the communicator to tell the engine  
> that it has
> changed a zone configuration. But of course you are allowed to  
> differ in opinion :)

I think we can add that for a later version - perhaps some command  
socket that it can notify the signer via.

> Kind of the same reasoning goes for the zone input file, but this  
> time it would
> be the administrator/frontend to do the kicking (through the 'sign  
> <zone>' command).



More information about the Opendnssec-develop mailing list