[Opendnssec-user] enforcer hooks
Petr Spacek
pspacek at redhat.com
Fri May 16 16:01:35 UTC 2014
Hello,
I'm looking into OpenDNSSEC v 1.4.5 configuration files and I can't see any
hooks for user scripts in Enforcer's configuration.
I would like to run my own script every time a new key is generated or
existing key is deleted (or even better - after any state change).
What mechanism would you recommend for this purpose?
Should I watch SoftHSM/OpenDNSSEC database files and re-read them after every
change? It seems very inefficient and error prone (think about race conditions
...).
I think that the (theoretical) hook should be called with parameters
equivalent to output from "ods-ksmutil key list -v" for every changed key.
Would it be possible to add those hooks?
Thank you for your time.
--
Petr Spacek @ Red Hat
More information about the Opendnssec-user
mailing list