new dnssec zone OK, error "zone_rekey:dns_zone_getdnsseckeys failed: not found" only in local bind logs ?
PGNet Dev
pgnet.dev at gmail.com
Fri Oct 14 14:17:53 UTC 2022
hi
> Think ownership, permission and things like SELinux, AppArmore depending on your OS.
on this box, no SELinux or AppArmor
in my named.conf
directory "/namedb/production";
and for my domain's dnssec
key-directory "/keys/dnssec/example.com";
pathnames are relative to chroot.
here, chroot is @ "/data/chroot/named",
ps aux | grep named
named 14285 0.0 0.2 526388 67360 ? Ssl 08:47 0:00 /usr/sbin/named -f -t /data/chroot/named -n 2 -S 1024 -u named -c /etc/named.conf
checking,
ls -al \
/data/chroot/named/namedb/production \
/data/chroot/named/keys/dnssec/example.com/
access looks ok (?)
/data/chroot/named/keys/dnssec/example.com/:
total 32K
drwxr-xr-x 2 named named 4.0K Oct 12 18:09 ./
drwxr-xr-x 5 named named 4.0K Oct 14 00:22 ../
-rw-r----- 1 named named 405 Oct 13 19:14 Kexample.com.+013+17296.key
-rw-r----- 1 named named 215 Oct 13 19:14 Kexample.com.+013+17296.private
-rw-r----- 1 named named 572 Oct 13 19:14 Kexample.com.+013+17296.state
-rw-r----- 1 named named 455 Oct 13 19:14 Kexample.com.+013+62137.key
-rw-r----- 1 named named 235 Oct 13 19:14 Kexample.com.+013+62137.private
-rw-r----- 1 named named 556 Oct 13 19:14 Kexample.com.+013+62137.state
/data/chroot/named/namedb/production:
total 16K
drwxrwxr-x 2 named named 4.0K Oct 14 08:47 ./
drwxr-xr-x 5 named named 4.0K Oct 14 08:47 ../
-rw------- 1 named named 8.0K Oct 14 08:47 external.nzd
-rw-r----- 1 named named 0 Oct 14 08:47 managed-keys.bind
More information about the bind-users
mailing list