[Opendnssec-user] Opendnssec Documentation

B C brettlists at gmail.com
Sat Oct 24 10:34:09 UTC 2009 

Thanks Jakob they are all good pointers. As my /etc/opendnssec and
/var/opendnssec are quite old I have decided to start afresh from this
release.

Consequently I am now having some issues getting things up and running.

I have installed and configured softhsm and added/initialised a slot for
opendnssec to use.

However when i start the signing/enforcer daemons I am seeing an error:

Oct 24 11:28:10 dnssigner2 ods-enforcerd: SQLite database set to:
/var/opendnssec/kasp.db
Oct 24 11:28:10 dnssigner2 ods-enforcerd: Log User set to: local0
Oct 24 11:28:10 dnssigner2 ods-enforcerd: Switched log facility to: local0
Oct 24 11:28:10 dnssigner2 ods-enforcerd: Connecting to Database...
Oct 24 11:28:10 dnssigner2 ods-enforcerd: ERROR: error executing SQL - no
such table: dbadmin

I do have an /var/opendnssec/kasp.db but it is empty:

 ls -l /var/opendnssec
total 16
-rw-r--r-- 1 root root    0 Oct 24 11:28 kasp.db
-rw-r--r-- 1 root root    0 Oct 24 11:28 kasp.db.our_lock

Any ideas on where I am going wrong from anybody would be greatly
appreciated.

Brett


On Fri, Oct 23, 2009 at 10:05 PM, Jakob Schlyter <jakob at kirei.se> wrote:

> On 23 okt 2009, at 21.23, B C wrote:
>
>  Since the recent version(s) the user document at.
>>
>> http://www.opendnssec.org/documentation/
>>
>> seems to be quite out of date.
>>
>
> please use the documentation available starting at
> http://trac.opendnssec.org/wiki/Signer for now.
>
>
>  I have no problem(s) with the compile/install but am looking for a
>> document that tells me howto:
>>
>> Add a new policy to a blank install.
>>
>
> edit kasp.xml and 'ods-ksmutil update' to import it into the enforcer.
>
>
>  Add a new zone to a blank install.
>>
>
> ods-ksmutil zone add ...
>
>
>  Start up the daemons (which ones in which order).
>>
>
> ods-control start
>
>  Make changes to policies.
>>
>
> edit kasp.xml and 'ods-ksmutil update' to update.
>
>  Emergency key rollover.
>>
>
> ods-ksmutil key rollover ...
>
>  Immediate resign.
>>
>
> ods-signer ...
>
>
>  Is there a new document in the works or at least a readme that covers the
>> above points (and anything else I need ?
>>
>
> an update set of documentation is being work on, but I wouldn't hold my
> breath waiting for it just yet.
>
>
>        jakob
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20091024/db265ab4/attachment.htm>

More information about the Opendnssec-user mailing list