[Opendnssec-user] Re: zone-fetcher not renaming zones after AXFR
James Dempsey
jamespd at gmail.com
Wed Oct 27 21:05:06 UTC 2010
Of course, you are correct. Thanks!
On Wed, Oct 27, 2010 at 9:49 PM, Matthijs Mekking <matthijs at nlnetlabs.nl>wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi James,
>
> Could this be because of your quick fix by changing "%s.axfr" to "%s" in
> signer/src/tools/zone_fetcher.c:971 already renames the file?
>
> Best regards,
>
> Matthijs
>
> On 10/27/2010 04:13 AM, James Dempsey wrote:
> > Matthijs,
> >
> > Thanks for the quick change! After deploying r4138, the files were
> > indeed renamed from zone.axfr to zone, however, It looks like
> > tools_read_input() at signer/src/signer/tools.c:52 expects the unsigned
> > zone file to be named zone.axfr, when the file appears to have already
> > been renamed. Reverting the changes to tools.c introduced by r4138 has
> > allowed me to do zone fetches without error.
> >
> > With r4138, I was seeing the following error messages:
> > Oct 27 01:35:34 sign1 openCryptokiModule[18297]: unable to open file
> > /var/opendnssec/unsigned/ZONE.axfr for reading: No such file or directory
> > Oct 27 01:35:34 sign1 openCryptokiModule[18297]: unable to copy axfr
> > file /var/opendnssec/unsigned/ZONE.axfr to /var/opendnssec/unsigned/ZONE
> >
> > Cheers,
> > James
> >
> > On Tue, Oct 26, 2010 at 2:02 AM, Matthijs Mekking <matthijs at nlnetlabs.nl
> > <mailto:matthijs at nlnetlabs.nl>> wrote:
> >
> > Hi James,
> >
> > I have committed some changes to make the initial round of errors go
> > away. Please try r4138 and thanks for the report.
> >
> > Best regards,
> >
> > Matthijs
> >
> > On 10/22/2010 04:42 AM, James Dempsey wrote:
> >> On Fri, Oct 22, 2010 at 10:32 AM, James Dempsey <jamespd at gmail.com
> > <mailto:jamespd at gmail.com>
> >> <mailto:jamespd at gmail.com <mailto:jamespd at gmail.com>>> wrote:
> >
> >> Hi all,
> >
> >> I'm having a problem with the zone fetcher while running the
> >> OpenDNSSEC trunk (r4129) on Debian Squeeze. Zones appear to be
> >> fetched and the resulting
> > /var/opendnssec/unsigned/<zone-name>.axfr
> >> file looks complete, but OpenDNSSEC doesn't rename the file
> >> to /var/opendnssec/unsigned/<zone-name> and sign it. Has anyone
> >> else seen this, or can anyone point me to the line of code that
> >> renames the .axfr files?
> >
> >> I see the zone fetch success in syslog:
> >
> >> ods-signerd: zone fetcher received NOTIFY for zone <zone-name>
> >> ods-signerd: zone fetcher transferred zone <zone-name> serial
> >> 2010102164 successfully
> >
> >> On the console, I get the following messages:
> >
> >> /bin/cp: cannot stat `/var/opendnssec/unsigned/<zone-name>':
> > No such
> >> file or directory
> >> Zone <zone-name> scheduled for immediate re-sign.
> >
> >
> >> Cheers,
> >> James
> >
> >
> >> As best I can tell, this rename was done in version 1.1.3
> >> in OpenDNSSEC-1.1.3/signer/signer_engine/Zone.py:279. I can't
> > find the
> >> equivalent code in trunk. I attempted a quick fix by changing
> > "%s.axfr"
> >> to "%s" in signer/src/tools/zone_fetcher.c:971
> >
> >> snprintf(dest_file, sizeof(dest_file), "%s.axfr",
> >
> >> While this seemed to remove the roadblock, I'm still seeing an initial
> >> round of errors on the console before OpenDNSSEC starts processing
> > data.
> >
> >> /bin/cp: cannot stat `/var/opendnssec/unsigned/<zone-name>': No such
> >> file or directory
> >
> >> Thanks,
> >> James
> >
> >
> >
> >> _______________________________________________
> >> Opendnssec-user mailing list
> >> Opendnssec-user at lists.opendnssec.org
> > <mailto:Opendnssec-user at lists.opendnssec.org>
> >> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> <mailto:Opendnssec-user at lists.opendnssec.org>
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>
> > _______________________________________________
> > Opendnssec-user mailing list
> > Opendnssec-user at lists.opendnssec.org
> > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJMx+eiAAoJEA8yVCPsQCW5kB4IAMRoZwY/NLcC6/d6NFYyw/J0
> RqHCfpAkIn7+xNg+cZ9gSbAdGJLYzxdxwoZGir0NFwxcG+OoyCroucBa/7QPJld2
> GXlITyCWsYYwedSvCXQ0V9U08kLENwV3m6Eqj02HKK1xqzqieYy6UH/uAb6dSg9M
> XndjKnULh1RAyAWFA63BQjKXsKK0CrsPquIzXVE5vKA5ADj4KQ8iLFUgBvOOxf8Y
> orwfEqsJXlqJRRdlAO7zk/DGcZe4g+Jz15GIt4ADCT4t6FDtHWHUuF/eVHevKlXd
> ppUN3+Urc/9aqKG0hM74i6jca54uUKbbO7Xiv7Lfn08i3gxwEVdj9LylgOqVqpE=
> =YGi5
> -----END PGP SIGNATURE-----
> _______________________________________________
> Opendnssec-user mailing list
> Opendnssec-user at lists.opendnssec.org
> https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20101028/110b9183/attachment.htm>
More information about the Opendnssec-user
mailing list