[Opendnssec-develop] Re: [OpenDNSSEC] #57: Auditor + ZoneReader (NameError)
OpenDNSSEC
owner-dnssec-trac at kirei.se
Fri Nov 20 18:47:24 UTC 2009
#57: Auditor + ZoneReader (NameError)
------------------------------------+---------------------------------------
Reporter: archi.laurent@… | Owner: alex
Type: defect | Status: accepted
Priority: trivial | Component: Auditor
Version: | Keywords: Auditor + ZoneReader (NameError)
------------------------------------+---------------------------------------
Comment(by rb):
There are two things here:
1. The auditor crashes when the option is missing an argument.
2. The command line should look like: "ods-auditor --zone [ZONE_NAME]
--signed [PATH_TO_SIGNED_FILE]" or "ods-auditor -z [ZONE_NAME] -s
[PATH_TO_SIGNED_FILE]"
The auditor can be started in three ways:
"ods-auditor"
* Will audit all of your zones and the unsigned and signed zone files
are stored in the location indicated in the zonelist.xml
"ods-auditor -z [ZONE_NAME]"
* Will audit a single zone. And uses the paths given in the zonelist.xml
"ods-auditor -z [ZONE_NAME] -s [PATH_TO_SIGNED_FILE]"
* Audit a single zone and use the signed zone given in this path
rather than that one given in the zonelist.xml
If you have the <Audit> tag in the kasp.xml, then the auditor will be
started automatic by the signer. Thus stopping the zone distribution
if something is wrong. You can run the auditor yourself by using these
commands, to see what it is saying.
The reason why we have the option to override the signed zone file
location, is so that the signer can audit the zone before it is
written to the signed directory.
--
Ticket URL: <http://trac.opendnssec.org/ticket/57#comment:5>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list