[Opendnssec-develop] Re: [OpenDNSSEC] #57: Auditor + ZoneReader (NameError)

OpenDNSSEC owner-dnssec-trac at kirei.se
Fri Nov 20 18:47:24 UTC 2009

#57: Auditor + ZoneReader (NameError)
Reporter:  archi.laurent@…          |       Owner:  alex                            
    Type:  defect                   |      Status:  accepted                        
Priority:  trivial                  |   Component:  Auditor                         
 Version:                           |    Keywords:  Auditor + ZoneReader (NameError)

Comment(by rb):

 There are two things here:

 1. The auditor crashes when the option is missing an argument.
 2. The command line should look like: "ods-auditor --zone [ZONE_NAME]
 --signed [PATH_TO_SIGNED_FILE]" or "ods-auditor -z [ZONE_NAME] -s

 The auditor can be started in three ways:

 * Will audit all of your zones and the unsigned and signed zone files
 are stored in the location indicated in the zonelist.xml

 "ods-auditor -z [ZONE_NAME]"
 * Will audit a single zone. And uses the paths given in the zonelist.xml

 "ods-auditor -z [ZONE_NAME] -s [PATH_TO_SIGNED_FILE]"
 * Audit a single zone and use the signed zone given in this path
 rather than that one given in the zonelist.xml

 If you have the <Audit> tag in the kasp.xml, then the auditor will be
 started automatic by the signer. Thus stopping the zone distribution
 if something is wrong. You can run the auditor yourself by using these
 commands, to see what it is saying.

 The reason why we have the option to override the signed zone file
 location, is so that the signer can audit the zone before it is
 written to the signed directory.

Ticket URL: <http://trac.opendnssec.org/ticket/57#comment:5>
OpenDNSSEC <http://www.opendnssec.org/>

More information about the Opendnssec-develop mailing list