"auto-dnssec maintain" stoped working again...

Mark Andrews marka at isc.org
Mon Oct 3 09:16:33 UTC 2011 

In message <20111002161255.GG11782 at michelle1>, Michelle Konzack writes:
> Hello Hauke Lampe,
> 
> Am 2011-10-01 02:02:56, hacktest Du folgendes herunter:
> > Do you mean expired signatures or no signatures at all?
> 
> I have expired signatures...
> 
> > In the latter case, have you checked that the zone's keys are readable
> > by named and still active?
> 
> Ehm yes
> 
> root at dns1 /etc/bind # ls -Al /etc/bind/master/net/tamay-dogan/*tamay-dogan*
> -rw-r--r-- 1 bind adm  502 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet1.tamay-dogan.net.+005+12154.key
> -rw------- 1 bind adm 1.2K Oct  2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet1.tamay-dogan.net.+005+12154.private
> -rw-r--r-- 1 bind adm  502 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet2.tamay-dogan.net.+005+45271.key
> -rw------- 1 bind adm 1.2K Oct  2 18:01 /etc/bind/master/net/tamay-dogan/KS=
> K_Kintranet2.tamay-dogan.net.+005+45271.private
> -rw-rw-r-- 1 bind adm 2.2K Jul  3 17:10 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan
> -rw-rw-r-- 1 bind adm  249 Jun 17 22:33 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.conf
> -rw-r--r-- 1 bind adm  256 Jul  3 17:10 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.conf.signed
> -rw-rw-r-- 1 bind adm 1.1K Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1
> -rw-rw-r-- 1 bind adm  238 Oct  2 17:59 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1.conf
> -rw-r--r-- 1 bind adm  245 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1.conf.signed
> -rw-r--r-- 1 bind adm  13K Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet1.signed
> -rw-rw-r-- 1 bind adm  798 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2
> -rw-rw-r-- 1 bind adm  238 Oct  2 17:59 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2.conf
> -rw-r--r-- 1 bind adm  245 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2.conf.signed
> -rw-r--r-- 1 bind adm 8.2K Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.intranet2.signed
> -rw-r--r-- 1 bind adm 7.1K Jul 26 04:22 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.signed
> -rw-r--r-- 1 bind adm  15K Jul 26 04:10 /etc/bind/master/net/tamay-dogan/ne=
> t.tamay-dogan.signed.jnl
> -rw-r--r-- 1 bind adm  459 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet1.tamay-dogan.net.+005+28905.key
> -rw------- 1 bind adm 1010 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet1.tamay-dogan.net.+005+28905.private
> -rw-r--r-- 1 bind adm  459 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet2.tamay-dogan.net.+005+36762.key
> -rw------- 1 bind adm 1010 Oct  2 18:01 /etc/bind/master/net/tamay-dogan/ZS=
> K_Kintranet2.tamay-dogan.net.+005+36762.private
> -rw-r--r-- 1 bind adm  439 Jul  3 17:10 /etc/bind/master/net/tamay-dogan/ZS=
> K_Ktamay-dogan.net.+005+30945.key
> -rw------- 1 bind adm 1010 Jul  3 17:10 /etc/bind/master/net/tamay-dogan/ZS=
> K_Ktamay-dogan.net.+005+30945.private
> 
> If I am right, this looks right.

No. It looks completely wrong.  Someone/something has re-named the K* files.
As the K* files have been renamed named can't find them.
 
Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list