[Opendnssec-develop] [OpenDNSSEC] #187: signer
OpenDNSSEC
owner-dnssec-trac at kirei.se
Mon Oct 18 18:38:38 UTC 2010
#187: signer
---------------------------------------------+------------------------------
Reporter: Tom Hendrikx <tom@…> | Owner: matthijs
Type: defect | Status: new
Priority: major | Component: Signer
Version: trunk | Keywords:
---------------------------------------------+------------------------------
After upgrading the ODS suite from 1.1.3 to 1.2.0b1, the signer does not
start after issuing the command 'ods-signer start'. Calling 'ods-signer
stop' yields: 'Unable to connect to engine: connect() failed: No such file
or directory'. Although the man page suggests that all errors are sent to
stderr, no error is seen and exit code is 0.
Reviewing the syslog shows:
Oct 18 20:16:01 stella ods-signerd: SoftHSM: init: Could not open token
database. Probably wrong privileges: /var/lib/softhsm/slot0.db
Oct 18 20:16:01 stella ods-signerd: SoftHSM: init: Wrong database schema
version: /var/lib/opendnssec/softhsm_slot1.db
Oct 18 20:16:01 stella ods-signerd: setup failed: error initializing
libhsm (errno 268435457)
Oct 18 20:16:01 stella ods-signerd: signer engine setup failed
Oct 18 20:16:01 stella ods-signerd: shutdown signer engine
This means that ods-signer does not start up but does not say so. This
gives issues with init scripts that need to check if the signer is
actually running.
Proposal: add a ods-signer 'status' or 'running' command that nicely
checks if the daemon is running. The 'start' command can use this routine
internally to report if its own work was successfully. Note: 'ods-control
enforcer start' already does something like this.
--
Ticket URL: <http://trac.opendnssec.org/ticket/187>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list