[Opendnssec-user] Re: zone-fetcher not renaming zones after AXFR

James Dempsey jamespd at gmail.com
Wed Oct 27 02:13:32 UTC 2010


Matthijs,

Thanks for the quick change! After deploying r4138, the files were indeed
renamed from zone.axfr to zone, however, It looks like tools_read_input() at
signer/src/signer/tools.c:52 expects the unsigned zone file to be named
zone.axfr, when the file appears to have already been renamed.  Reverting
the changes to tools.c introduced by r4138 has allowed me to do zone fetches
without error.

With r4138, I was seeing the following error messages:
Oct 27 01:35:34 sign1 openCryptokiModule[18297]: unable to open file
/var/opendnssec/unsigned/ZONE.axfr for reading: No such file or directory
Oct 27 01:35:34 sign1 openCryptokiModule[18297]: unable to copy axfr file
/var/opendnssec/unsigned/ZONE.axfr to /var/opendnssec/unsigned/ZONE

Cheers,
James

On Tue, Oct 26, 2010 at 2:02 AM, Matthijs Mekking <matthijs at nlnetlabs.nl>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi James,
>
> I have committed some changes to make the initial round of errors go
> away. Please try r4138 and thanks for the report.
>
> Best regards,
>
> Matthijs
>
> On 10/22/2010 04:42 AM, James Dempsey wrote:
> > On Fri, Oct 22, 2010 at 10:32 AM, James Dempsey <jamespd at gmail.com
> > <mailto:jamespd at gmail.com>> wrote:
> >
> >     Hi all,
> >
> >     I'm having a problem with the zone fetcher while running the
> >     OpenDNSSEC trunk (r4129) on Debian Squeeze.  Zones appear to be
> >     fetched and the resulting /var/opendnssec/unsigned/<zone-name>.axfr
> >     file looks complete, but OpenDNSSEC doesn't rename the file
> >     to /var/opendnssec/unsigned/<zone-name> and sign it.  Has anyone
> >     else seen this, or can anyone point me to the line of code that
> >     renames the .axfr files?
> >
> >     I see the zone fetch success in syslog:
> >
> >     ods-signerd: zone fetcher received NOTIFY for zone <zone-name>
> >     ods-signerd: zone fetcher transferred zone <zone-name> serial
> >     2010102164 successfully
> >
> >     On the console, I get the following messages:
> >
> >     /bin/cp: cannot stat `/var/opendnssec/unsigned/<zone-name>': No such
> >     file or directory
> >     Zone <zone-name> scheduled for immediate re-sign.
> >
> >
> >     Cheers,
> >     James
> >
> >
> > As best I can tell, this rename was done in version 1.1.3
> > in OpenDNSSEC-1.1.3/signer/signer_engine/Zone.py:279.  I can't find the
> > equivalent code in trunk.  I attempted a quick fix by changing "%s.axfr"
> > to "%s" in signer/src/tools/zone_fetcher.c:971
> >
> >     snprintf(dest_file, sizeof(dest_file), "%s.axfr",
> >
> > While this seemed to remove the roadblock, I'm still seeing an initial
> > round of errors on the console before OpenDNSSEC starts processing data.
> >
> > /bin/cp: cannot stat `/var/opendnssec/unsigned/<zone-name>': No such
> > file or directory
> >
> > Thanks,
> > James
> >
> >
> >
> > _______________________________________________
> > Opendnssec-user mailing list
> > Opendnssec-user at lists.opendnssec.org
> > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJMxYADAAoJEA8yVCPsQCW5eHEH/iQuogJrQPokpl1Wio8R4kHM
> XqL/abY0YnKGt0nk3uYOKdZG1sWLCBx1nrysfc/Qb8VmZ36GTiJbr0dbehsu2wwt
> WmuBumEi/oAA1c584u16+K4WyN4L71dwP3nVvv5gAjTAL+pqQBXoP0SO4WY2xl9H
> xdgyZ97Oq6qPcLToWTE1g2HbA4ij5ww3kDZ7fBFeLsK9oefQkXpbqJnlY/qYBOkP
> K9eIKtWAjQ2izqAmo+G9dUBwDPWwEAWjjaCaMpsfZO3QIopeWI5CCtJ9rdlJdw+b
> +snE9pfdEGx6AvtI1I1A7AHrityCdPueiRD9Ybsd15TfyTjWyeJgMNm2XSzTcis=
> =iuKG
> -----END PGP SIGNATURE-----
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20101027/64e2e2be/attachment.htm>


More information about the Opendnssec-user mailing list