[Opendnssec-user] trouble with default kasp

Mattias Andersson mattias at nonetwork.se
Wed Aug 5 20:45:16 UTC 2009


Hi, I guess you have missed one step before that.

You first have to once run
ksmutil setup
this will create your database.

A second thing then, it should be

ksmutil addzone example.com default /var/opendnssec/signconf/example.com.xml
/var/opendnssec/unsigned/example.com /var/opendnssec/signed/example.com

Good luck

/Mattias

sheridan at CS.ColoState.EDU skrev:
> Hi, we're trying to get opendnssec up and running on some Debian based
> systems (etch, Ubuntu hard/jaunty). We've got it installed and we're
> trying to do our first signing. However, when we run:
>
> ksmutil addzone example.com default /etc/opendnssec/kasp.xml
> /var/opendnssec/unsigned/example.com /var/opendnssec/signed/example.com
>
> we get a failure message:
>
> zonelist filename set to /etc/opendnssec/zonelist.xml.
> SQLite database set to: /var/opendnssec/kasp.db
> ERROR: error executing SQL - no such table: policiesERROR: database
> operation failed - no such table: policiesError, can't find policy :
> default
> Failed to update zones
>
> which we take to mean that it can't find the default policy specified in
> /etc/opendnssec/kasp.xml, but we're using the example file and it clearly
> has a policy listed out with <Policy name="default">.
>
> If we try to add the zone manually (without ksmutil) we get as far as
> signer_engine_cli:
> cmd> sign all
>
> Error handling command: 'NoneType' object has no attribute
> 'signatures_resign_time'Traceback (most recent call last):
>   File "/usr/local/opendnssec/lib/opendnssec/signer/Engine.py", line 240,
> in handle_command
>     self.schedule_signing(zone)
>   File "/usr/local/opendnssec/lib/opendnssec/signer/Engine.py", line 516,
> in schedule_signing
>     str(zone.zone_config.signatures_resign_time))
> AttributeError: 'NoneType' object has no attribute 'signatures_resign_time'
>
> Which we take to be the same problem? Any suggestions you can give us
> would be highly appreciated.
>
> Thanks,
> Brendan Sheridan.
>
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>
>   




More information about the Opendnssec-user mailing list