[Opendnssec-user] Notify debugging

Rick van Rein rick at openfortress.nl
Fri May 16 19:36:26 UTC 2014


> Although I found a work-around already, I looked in the /var/opendnssec/unsigned directory. This directory is completely empty. Apparently, the received zones are stored somewhere else.

The actual directory is configured in /etc/opendnssec (usually).

> In the /var/opendnssec/tmp directory there are some rug.nl* files (among which a rug.nl.axfr), but they contain signed zone information.

That’s the working location for the signer, indeed.  There’ll be some comment-carried settings that it uses to be able to iterate over the zone faster than for a full run — it will spread signatures over time to release the burden of crypto processing.

> It also contains the earlier mentioned rug.nl.xfrd-state. I have no idea where the unsigned zone information is stored.

Look in /etc/opendnssec (or whetever is configured as the directory for config files on your system) for the actual location.

https://wiki.opendnssec.org/display/DOCS/conf.xml#conf.xml-Configuration (ZoneListFile)
https://wiki.opendnssec.org/display/DOCS/zonelist.xml#zonelist.xml-Zones (Adapters)


More information about the Opendnssec-user mailing list