-
Type:
Support
-
Status: Closed
-
Priority:
Minor
-
Resolution: Incomplete
-
Affects Version/s: OpenDNSSEC 1.4.6
-
Fix Version/s: None
-
Component/s: Signer
-
Labels:None
-
Environment:
FreeBSD angst.csh.rit.edu 10.1-BETA3 FreeBSD 10.1-BETA3 #10 r272180: Fri Sep 26 11:17:48 EDT 2014 antiduh@angst.csh.rit.edu:/usr/obj/usr/src/sys/ANGST64 amd64
I accidentally flubbed my NotifyCommand configuration while setting up ODS for the first time.
If NotifyCommand is set to a program that doesn't exist, the error seems to be silently ignored.
For instance, I had my conf.xml's /Signer/NodifyCommand value set to:
<NotifyCommand>/fake/usr/local/sbin/rndc reload %zone</NotifyCommand>
When I issued an ods-signer sign myzone.com, it just silently failed to run rndc.
The logs seem to be working correctly, since I see it log when it starts and log the signing stats:
Sep 30 16:32:45 angst ods-enforcerd: opendnssec started (version 1.4.6), pid 17647 Sep 30 16:32:46 angst ods-signerd: [hsm] libhsm connection opened succesfully Sep 30 16:32:46 angst ods-signerd: [engine] signer started (version 1.4.6), pid 17656 Sep 30 16:33:13 angst ods-signerd: [STATS] antiduh.com 2014270926 RR[count=2 time=0(sec)] NSEC3[count=0 time=0(sec)] RRSIG[new=2 reused=36 time=0(sec) avg=0(sig/sec)] TOTAL[time=1(sec)]
But nothing about the NotifyCommand being wrong. What gives?