[Opendnssec-user] Managing KASP policies

Dave Knight dave at knig.ht
Tue Jul 27 20:21:34 CEST 2010


I'm running 1.0.0

I have a few policies defined in kasp.xml

If I remove one from that file, then run `ksm update all`, it isn't actually removed and now I have inconsistency between the file and the db. While there is a `ksm zone delete` command there is no corresponding `ksm policy delete`. 

I figured that the right thing to do in this case would be to put the policy back into kasp.xml and set <Description>DO NOT USE</Description>, then run `ksm update all` again. That didn't do anything, `ksmutil policy list` continues to show the old description as defined when the policy was created.

Am I doing something wrong? Is this better in a newer release?

Thanks!
dave


More information about the Opendnssec-user mailing list