[Opendnssec-develop] Missing exception handling by signerd when lacking permission
Rickard Bellgrim
rickard.bellgrim at iis.se
Thu Dec 23 09:39:35 UTC 2010
On 22 dec 2010, at 11.52, Rick Zijlker wrote:
> When starting by using “ods-control start” I received a “Can’t connect() to engine” error. Apparently the signerd didn’t start because of a lack of permission, but it took some debugging before we found out, since signerd pretends to be starting without problems, but afterwards the signer fails.
>
> The location containing the slot0.db softhsm repo (/var/softhsm) was inaccessible by signerd. After changing the owner it worked without trouble. It would be nice to have exception handling by signerd when it fails on permission and not continue starting so it becomes hard to trace the cause of the failing signer. What do you think?
I think there is nothing we can do about this in version 1.2. We need to change the behavior of the start up sequence. But we do log to syslog where the debug information can be found.
// Rickard
More information about the Opendnssec-develop
mailing list