[Opendnssec-user] Opendnssec Documentation
Rickard Bondesson
rickard.bondesson at iis.se
Sat Oct 24 10:40:38 UTC 2009
You also need to setup the database, before you use it for the first time.
ods-ksmutil setup
Sorry about the documentation. It will be fixed within two weeks.
24 okt 2009 kl. 12.34 skrev "B C" <brettlists at gmail.com<mailto:brettlists at gmail.com>>:
Thanks Jakob they are all good pointers. As my /etc/opendnssec and /var/opendnssec are quite old I have decided to start afresh from this release.
Consequently I am now having some issues getting things up and running.
I have installed and configured softhsm and added/initialised a slot for opendnssec to use.
However when i start the signing/enforcer daemons I am seeing an error:
Oct 24 11:28:10 dnssigner2 ods-enforcerd: SQLite database set to: /var/opendnssec/kasp.db
Oct 24 11:28:10 dnssigner2 ods-enforcerd: Log User set to: local0
Oct 24 11:28:10 dnssigner2 ods-enforcerd: Switched log facility to: local0
Oct 24 11:28:10 dnssigner2 ods-enforcerd: Connecting to Database...
Oct 24 11:28:10 dnssigner2 ods-enforcerd: ERROR: error executing SQL - no such table: dbadmin
I do have an /var/opendnssec/kasp.db but it is empty:
ls -l /var/opendnssec
total 16
-rw-r--r-- 1 root root 0 Oct 24 11:28 kasp.db
-rw-r--r-- 1 root root 0 Oct 24 11:28 kasp.db.our_lock
Any ideas on where I am going wrong from anybody would be greatly appreciated.
Brett
On Fri, Oct 23, 2009 at 10:05 PM, Jakob Schlyter <<mailto:jakob at kirei.se>jakob at kirei.se<mailto:jakob at kirei.se>> wrote:
On 23 okt 2009, at 21.23, B C wrote:
Since the recent version(s) the user document at.
<http://www.opendnssec.org/documentation/>http://www.opendnssec.org/documentation/
seems to be quite out of date.
please use the documentation available starting at <http://trac.opendnssec.org/wiki/Signer> http://trac.opendnssec.org/wiki/Signer for now.
I have no problem(s) with the compile/install but am looking for a document that tells me howto:
Add a new policy to a blank install.
edit kasp.xml and 'ods-ksmutil update' to import it into the enforcer.
Add a new zone to a blank install.
ods-ksmutil zone add ...
Start up the daemons (which ones in which order).
ods-control start
Make changes to policies.
edit kasp.xml and 'ods-ksmutil update' to update.
Emergency key rollover.
ods-ksmutil key rollover ...
Immediate resign.
ods-signer ...
Is there a new document in the works or at least a readme that covers the above points (and anything else I need ?
an update set of documentation is being work on, but I wouldn't hold my breath waiting for it just yet.
jakob
<ATT00001..txt>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20091024/49c07499/attachment.htm>
More information about the Opendnssec-user
mailing list