[Opendnssec-user] CRITICAL: failed to sign zone example.com: General error

Wed Jan 18 17:42:09 UTC 2017

I haven't followed this thread, sry if this Q's already been asked/answered.

I've seen this before

> Jan 18 17:11:26 dns2 ods-signerd: [file] open file  file=/usr/local/var/opendnssec/signconf/example.com.xml mode=reading
> Jan 18 17:11:26 dns2 ods-signerd: [file] unable to open file /usr/local/var/opendnssec/signconf/example.com.xml for reading: No such file or directory

albeit with ods 2.1x ... here, it was perms.

Do user/group shown in

	ps aux | grep ods

match perms on

	/usr/local/var/opendnssec/signconf
	/usr/local/var/opendnssec/signconf/example.com.xml

?

here, e.g.,

ps aux | grep ods
	COMMAND     PID       USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
		ods-signe 14141 opendnssec    7u  IPv4  55794      0t0  UDP dns.example.net:12345
	                        ^^^^^^^^^^
	...

cd /var/opendnssec
tree -ug
	.
	├── [opendnssec opendnssec        4096]  enforcer
	│   └── [opendnssec opendnssec        2032]  zones.xml
	├── [opendnssec opendnssec       98304]  kasp.db
	├── [opendnssec opendnssec        4096]  raw
	├── [opendnssec opendnssec        4096]  signconf
	│   ├── [opendnssec opendnssec        1517]  example.com.xml
	│   ├── [opendnssec opendnssec        1172]  example.com.xml.ZONE_DELETED
	...
	├── [opendnssec opendnssec        4096]  signed
	├── [opendnssec opendnssec        4096]  signer
	│   ├── [opendnssec opendnssec        8242]  example.com.axfr
	│   ├── [opendnssec opendnssec       10186]  example.com.backup2
	│   ├── [opendnssec opendnssec       21442]  example.com.ixfr
	│   ├── [opendnssec opendnssec         345]  example.com.xfrd-state
	...
	└── [opendnssec opendnssec        4096]  unsigned