14 Led
2016
14 Led
'16
11:19
Le jeudi 14 janvier 2016 à 10:40 +0100, Ondřej Surý a écrit :
Hi Bastie,
the code to upgrade your KASB DB should be in the postinst script,
but could you try manually running:
/usr/sbin/knotc conf-read | \
sed -n 's/.*kasp-db = "\(.*\)"/\1/p'
and send the output back?
root@arrakeen:/tmp# /usr/sbin/knotc conf-read | sed -n 's/.*kasp-db =
"\(.*\)"/\1/p'
keys
root@arrakeen:/tmp#
Then try running full script with debug output,
whether this gets
executed?
#!/bin/bash -x
/usr/sbin/knotc conf-read | \
sed -n 's/.*kasp-db = "\(.*\)"/\1/p' | \
while read KASPDB; do
su --shell /bin/bash --command "/usr/sbin/keymgr --dir
'$KASPDB' init" knot;
done
root@arrakeen:/tmp# ./test.sh
+ /usr/sbin/knotc conf-read
+ sed -n 's/.*kasp-db = "\(.*\)"/\1/p'
+ read KASPDB
+ su --shell /bin/bash --command '/usr/sbin/keymgr --dir
'\''keys'\''
init' knot
+ read KASPDB
Then I ran it from my storage dir :
root@arrakeen:/var/lib/knot/external# /tmp/test.sh
+ /usr/sbin/knotc conf-read
+ sed -n 's/.*kasp-db = "\(.*\)"/\1/p'
+ read KASPDB
+ su --shell /bin/bash --command '/usr/sbin/keymgr --dir
'\''keys'\''
init' knot
+ read KASPDB
I had to restart knot before "/usr/sbin/knotc conf-read" returned
anything, I guess it's the reason why the postinst script didn't do
anything
Regards,
Cheers,
--
Ondřej Surý -- Technical Fellow
--------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Milesovska 5, 130 00 Praha 3, Czech Republic
mailto:ondrej.sury@nic.cz https://nic.cz/
--------------------------------------------
----- Original Message -----
--
Bastien
From: "Bastien Durel"
<bastien(a)durel.org>
To: knot-dns-users(a)lists.nic.cz
Sent: Thursday, January 14, 2016 10:34:13 AM
Subject: [knot-dns-users] Knot 2.1.0-rc1
Hello,
Knot 2.1.0-rc1 made its way to the debian repository. I installed
it as
part of today's upgrade, but it seems to not like my configuration
:
For each zone I got these messages :
2016-01-14T10:07:00 error: [durel.org] DNSSEC, failed to initialize
(invalid parameter)
2016-01-14T10:07:00 error: [durel.org] failed to store changes into
journal (invalid parameter)
2016-01-14T10:07:00 error: [durel.org] zone load failed (invalid
parameter)
I log zone events up to notice level.
my default template is :
template:
- id: "default"
storage: "/var/lib/knot/external"
ixfr-from-differences: "on"
dnssec-signing: "on"
kasp-db: "keys"
serial-policy: "increment"
And this zone is defined as :
- domain: "durel.org."
file: "durel.org"
notify: "corrin"
acl: "acl_corrin"
Which is this "invalid parameter ?"
Thanks,
--
Bastien
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users
_______________________________________________
knot-dns-users mailing list
knot-dns-users(a)lists.nic.cz
https://lists.nic.cz/cgi-bin/mailman/listinfo/knot-dns-users