recover missing journal files from running server
Phil Pennock
bind-users+phil at spodhuis.org
Thu Jul 10 16:33:01 UTC 2014
Folks, in a moment of gross stupidity I added "--delete-delay" to an
rsync invocation in a deploy script, to remove master zonefiles from
the server which are no longer needed. I forgot that the DNSSEC
auto-maintain journal files are in that directory too.
Seeing little things like this:
deleting db.spodhuis.org.signed.jnl
deleting db.spodhuis.org.signed
deleting db.spodhuis.org.jnl
deleting db.spodhuis.org.jbk
worry me. So, I still have all of the DNSSEC keyfiles (different
directory, and in private git pushed to backup storage anyway). I still
have a running server instance.
Is there any way to get back the on-disk state files for the
auto-maintained zones, so that I can recover from my mistake cleanly?
(There's about 20 domains).
Using `rndc sync` or `rndc sync spodhuis.org` does not recreate the
journal file. Log file lines and `rndc zonestatus` below.
What are my options to recover?
Thanks,
-Phil
----------------------------8< cut here >8------------------------------
10-Jul-2014 16:18:49.194 general: info: zone spodhuis.org/IN (signed): next key event: 10-Jul-2014 17:18:49.192
[...]
10-Jul-2014 16:27:47.724 general: info: received control channel command 'sync spodhuis.org'
10-Jul-2014 16:27:47.724 general: info: sync: dumping zone 'spodhuis.org/IN': success
----------------------------8< cut here >8------------------------------
----------------------------8< cut here >8------------------------------
% rndc zonestatus spodhuis.org
name: spodhuis.org
type: master
files: master/db.spodhuis.org
serial: 2014070501
signed serial: 2014070525
nodes: 211
last loaded: Wed, 09 Jul 2014 00:18:47 GMT
secure: yes
inline signing: yes
key maintenance: automatic
next key event: Thu, 10 Jul 2014 17:18:49 GMT
next resign node: _443._tcp.security.spodhuis.org/CNAME
next resign time: Thu, 10 Jul 2014 18:08:35 GMT
dynamic: no
----------------------------8< cut here >8------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140710/98123cdc/attachment.bin>
More information about the bind-users
mailing list