[Opendnssec-user] Error returned from ds-seen command

Rick van Rein rick at openfortress.nl
Tue Aug 30 07:10:52 UTC 2011


The following output looks good to me:

# /etc/init.d/ods-control ksm key ds-seen -z smurfnet.org -x 29419
MySQL database schema set to: KASP
MySQL database user set to: ods
MySQL database password set
Found key with CKA_ID b42bd6fdf74f35d6de657aaa9e941282
Key b42bd6fdf74f35d6de657aaa9e941282 made active

Also, the pre/post situation is updated as expected:

PRE:  smurfnet.org                    KSK           ready     waiting for ds-seen b42bd6fdf74f35d6de657aaa9e941282  LUNA SA                           29419
POST: smurfnet.org                    KSK           active    2012-08-28 23:29:06 b42bd6fdf74f35d6de657aaa9e941282  LUNA SA                           29419

However, the return value from the ds-seen command is 255 (and ends
up in the shell as exit code 65280).  Is this a bug?

The log gives no hints, but basically repeats the above info, with
a bit of verbosity from our wrapper scripts:

Aug 29 23:29:06 adleman portal_shell[16535]: Running: /usr/local/surfdomeinen/bin/ods-control-wrapper ksm key ds-seen -z smurfnet.org -x 29419
Aug 29 23:29:06 adleman ods-ksmutil: Key b42bd6fdf74f35d6de657aaa9e941282 made active
Aug 29 23:29:06 adleman portal_shell[16535]: Fatal error: Error: 65280
Aug 29 23:29:06 adleman portal_shell[16535]: Closing shell with force
Aug 29 23:30:31 adleman ods-ksmutil: Key ebc75c93e13d28f3f55570bfb9471c73 made active

This error is also raised if we deliberately provide an already-seen or
non-existent key; but the situation above is a real, first submission
with ds-seen.


More information about the Opendnssec-user mailing list