"auto-dnssec maintain" stoped working again...
Mark Andrews
marka at isc.org
Mon Oct 3 09:16:33 UTC 2011
In message <20111002161255.GG11782 at michelle1>, Michelle Konzack writes:
> Hello Hauke Lampe,
>
> Am 2011-10-01 02:02:56, hacktest Du folgendes herunter:
> > Do you mean expired signatures or no signatures at all?
>
> I have expired signatures...
>
> > In the latter case, have you checked that the zone's keys are readable
> > by named and still active?
>
> Ehm yes
>
> root at dns1 /etc/bind # ls -Al /etc/bind/master/net/tamay-dogan/*tamay-dogan*
> -rw-r--r-- 1 bind adm 502 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet1.tamay-dogan.net.+005+12154.key
> -rw------- 1 bind adm 1.2K Oct 2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet1.tamay-dogan.net.+005+12154.private
> -rw-r--r-- 1 bind adm 502 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet2.tamay-dogan.net.+005+45271.key
> -rw------- 1 bind adm 1.2K Oct 2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet2.tamay-dogan.net.+005+45271.private
> -rw-rw-r-- 1 bind adm 2.2K Jul 3 17:10 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan
> -rw-rw-r-- 1 bind adm 249 Jun 17 22:33 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.conf
> -rw-r--r-- 1 bind adm 256 Jul 3 17:10 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.conf.signed
> -rw-rw-r-- 1 bind adm 1.1K Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1
> -rw-rw-r-- 1 bind adm 238 Oct 2 17:59 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1.conf
> -rw-r--r-- 1 bind adm 245 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1.conf.signed
> -rw-r--r-- 1 bind adm 13K Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1.signed
> -rw-rw-r-- 1 bind adm 798 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2
> -rw-rw-r-- 1 bind adm 238 Oct 2 17:59 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2.conf
> -rw-r--r-- 1 bind adm 245 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2.conf.signed
> -rw-r--r-- 1 bind adm 8.2K Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2.signed
> -rw-r--r-- 1 bind adm 7.1K Jul 26 04:22 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.signed
> -rw-r--r-- 1 bind adm 15K Jul 26 04:10 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.signed.jnl
> -rw-r--r-- 1 bind adm 459 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet1.tamay-dogan.net.+005+28905.key
> -rw------- 1 bind adm 1010 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet1.tamay-dogan.net.+005+28905.private
> -rw-r--r-- 1 bind adm 459 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet2.tamay-dogan.net.+005+36762.key
> -rw------- 1 bind adm 1010 Oct 2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet2.tamay-dogan.net.+005+36762.private
> -rw-r--r-- 1 bind adm 439 Jul 3 17:10 /etc/bind/master/net/tamay-dogan/ZS=
> K_Ktamay-dogan.net.+005+30945.key
> -rw------- 1 bind adm 1010 Jul 3 17:10 /etc/bind/master/net/tamay-dogan/ZS=
> K_Ktamay-dogan.net.+005+30945.private
>
> If I am right, this looks right.
No. It looks completely wrong. Someone/something has re-named the K* files.
As the K* files have been renamed named can't find them.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list