[Opendnssec-user]ods-signer failed when ods-signerd is running

Paul Wouters paul at nohats.ca
Tue Jul 17 01:59:57 UTC 2012


On Tue, 17 Jul 2012, 刘硕 wrote:

> I found an interesting thing that when the two processes is running, I mean ods-signerd and ods-enforcerd. I can not use ods-signer to
> sign zone manually, but the automatic signing seems works well.
> Bellow are clues for you:
> [root at CST-BJ-104:202.173.9.19 :/var/opendnssec/signed]$ps -aux|grep ods
> Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.8/FAQ
> root      3955  0.0  0.0  40660  5548 ?        SLs  Jul12   0:07 /usr/local/sbin/ods-enforcerd
> root     12080  0.0  1.1 1022852 91780 ?       SLsl Jul13   1:35 ods-signerd

It's a little strange you have one started with full path and the other
with no path. Are they from the same install?

> [root at CST-BJ-104:202.173.9.19 :/var/opendnssec/signed]$ods-signer sign example
> Unable to connect to engine: connect() failed: No such file or directory

Are you sure one is not looking for the socket at the wrong place due to
mismatched install, eg /var/run/opendnssec/engine.sock versus
/local/var/run/opendnssec/engine.sock? Can you strace the ods-signer
command to see where it is trying to find the socket?

> Do ods-signer and ods-signerd have some relationship? Why can not I use ods-signer manually when ods-signerd is running?

ods-signer just gives commands to ods-signerd over a socket. The
"manual" signing just gives ods-signerd a "sign now" command.

Paul



More information about the Opendnssec-user mailing list