[Opendnssec-develop] [OpenDNSSEC] #42: I don't understand why "now"
OpenDNSSEC
owner-dnssec-trac at kirei.se
Wed Oct 14 15:59:01 UTC 2009
#42: I don't understand why "now"
------------------------------------+---------------------------------------
Reporter: archi.laurent at gmail.com | Owner: rb
Type: defect | Status: new
Priority: major | Component: Unknown
Version: trunk | Keywords: table "dbadmin"
------------------------------------+---------------------------------------
Hi all, and thanks for your development Opendnssec.
However I think when your development is more speed to compare at your
documentation...it's not easy. just a small remark.
For help you, i has joined at this ticket all myself commands (Ubuntu) :
Compilation/opendnssec-1.0.0b2# make clean dep ; ./configure
--prefix=/usr/local/opendnssec --sysconfdir=/etc --localstatedir=/var
--with-ldns=/usr/local --with-botan=/usr/local && make && make install
apt-get install python-4suite-xml (it's new now ! not before)
echo "/usr/local/opendnssec/lib" >> /etc/ld.so.conf.d/libc.conf
add in "/etc/environnement" :/usr/local/opendnssec/bin/ necessary for
$PATH
source /etc/environnement
My softhsm.conf:
# softHSM configuration file
# /etc/softhsm.conf :
0:/home/opendnssec/slot0.db
4:/home/opendnssec/slot4.database
------------------/etc/opendnssec/conf.xml---------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!--Fichier = /etc/opendnssec/conf.xml -->
<!-- $Id: conf.xml.in 1618 2009-08-14 12:48:36Z jakob $ -->
<Configuration>
<RepositoryList>
<Repository name="softHSM">
<Module>/usr/local/opendnssec/lib/libsofthsm.so</Module>
<TokenLabel>OpenDNSSEC</TokenLabel>
<PIN>mandrake</PIN>
</Repository>
</RepositoryList>
<Common>
<Logging>
<Syslog><Facility>local0</Facility></Syslog>
</Logging>
<PolicyFile>/etc/opendnssec/kasp.xml</PolicyFile>
<ZoneListFile>/etc/opendnssec/zonelist.xml</ZoneListFile>
</Common>
<Enforcer>
<!--
<Privileges>
<User>opendnssec</User>
<Group>opendnssec</Group>
</Privileges>
-->
<Datastore>
<SQLite>/home/opendnssec/slot0.db></SQLite>
</Datastore>
<Interval>PT3600S</Interval>
</Enforcer>
<Signer>
<!--
<Privileges>
<User>opendnssec</User>
<Group>opendnssec</Group>
<Directory>/</Directory>
</Privileges>
-->
<WorkingDirectory>/home/opendnssec/tmp</WorkingDirectory>
<WorkerThreads>8</WorkerThreads>
<!--
<NotifyCommand>/usr/local/bin/my_nameserver_reload_command</NotifyCommand>
-->
</Signer>
<Auditor>
<!--
<Privileges>
<User>opendnssec</User>
<Group>opendnssec</Group>
<Directory>/</Directory>
</Privileges>
-->
<WorkingDirectory>/home/opendnssec/tmp</WorkingDirectory>
</Auditor>
</Configuration>
-------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!-- $Id: zonefetch.xml.in 1920 2009-09-30 07:49:39Z matthijs $ -->
<ZoneFetch>
<!-- where to listen for notifies -->
<!-- DEFAULT: do not listen to notify on specific address -->
<NotifyListen><Port>53</Port></NotifyListen>
<!-- default inbound AXFR settings
(per zone setting not yet implemented) -->
<Default>
<!-- TSIG secret for inbound AXFR -->
<!-- DEFAULT: don't use TSIG -->
<TSIG>
<Name>secret.archi.amt.</Name>
<!-- http://www.iana.org/assignments/tsig-
algorithm-names -->
<Algorithm>hmac-sha256</Algorithm>
<!-- base64 encoded secret -->
<Secret>sw0nMPCswVbes1tmQTm1pcMmpNRK+oGMYN+qKNR/BwQ=</Secret>
</TSIG>
<!-- address of host to request AXFR from -->
<!-- incoming NOTIFY has to match this address as well -->
<!-- DEFAULT: none -->
<RequestTransfer>
<IPv4>192.168.1.11</IPv4><Port>53</Port>
</RequestTransfer>
</Default>
</ZoneFetch>
----------/etc/opendnssec/zonelist.xml---------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!-- Fichier /etc/opendnssec/zonelist.xml (attention il s'allonge a chaque
addzone) -->
<!-- $Id: zonelist.xml.in 1443 2009-07-30 13:17:16Z rb $ -->
<ZoneList>
<Zone name="archi.amt">
<Policy>default</Policy>
<SignerConfiguration>/var/opendnssec/signconf/archi.amt.xml</SignerConfiguration>
<Adapters>
<Input>
<File>/var/opendnssec/unsigned/archi.amt</File>
</Input>
<Output>
<File>/var/opendnssec/signed/archi.amt</File>
</Output>
</Adapters>
</Zone>
</ZoneList>
-------------------------------------------------------------------
softhsm --init-token --slot 0 --label "OpenDNSSEC"
The SO PIN must have a length between 4 and 255 characters.
Enter SO PIN: ________
The user PIN must have a length between 4 and 255 characters.
Enter user PIN: _________
The token has been initialized.
softhsm --init-token --slot 4 --label "token"
The SO PIN must have a length between 4 and 255 characters.
Enter SO PIN: _________
The user PIN must have a length between 4 and 255 characters.
Enter user PIN: _______
The token has been initialized.
----just after, i think all databases are very small(ok):----
-rw-r--r-- 1 root root 5120 2009-10-14 17:30 slot0.db
-rw-r--r-- 1 root root 5120 2009-10-14 17:31 slot4.database
/usr/bin/sqlite3 /home/opendnssec/slot0.db <
/mnt/Divers2/Compilation/OpenDNSSEC/enforcer/utils/database_create.sqlite3
root at serveur:/home/opendnssec# /usr/bin/sqlite3
/home/opendnssec/slot4.database <
/mnt/Divers2/Compilation/OpenDNSSEC/enforcer/utils/database_create.sqlite3
root at serveur:/home/opendnssec# ls -l
-rw-r--r-- 1 root root 27648 2009-10-14 17:34 slot0.db
-rw-r--r-- 1 root root 27648 2009-10-14 17:35 slot4.database
(ok it's better now !)
ksmutil zone add -z archi.amt -p default -i
/var/opendnssec/unsigned/archi.amt -o /var/opendnssec/signed/archi.amt
zonelist filename set to /etc/opendnssec/zonelist.xml.
SQLite database set to: /home/opendnssec/slot0.db>
== File /home/opendnssec/slot0.db> does not exist, nothing to backup
ERROR: error executing SQL - no such table: dbadmin
Failed to connect to database
==
My database is already here, i don't understand where is teh probleme (?)
== root at serveur:/home/opendnssec# ls
slot0.db slot0.db> slot0.db>.our_lock slot4.database
==
My version is : SQLite version 3.6.10
And when i open the database "slot0.db" i can see this :
== .dump dbadmin
BEGIN TRANSACTION;
CREATE TABLE "dbadmin" (
"version" INTEGER NOT NULL DEFAULT (1),
"description" TEXT
);
INSERT INTO "dbadmin" VALUES(1,'This needs to be in sync with the version
defined in database.h');
COMMIT; ==
Many thanks for help me, because actually i am blocked by a mistery
problem.
Best regards.
--
Ticket URL: <http://trac.opendnssec.org/ticket/42>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list