unexpected behaviour of rndc dnstap -roll

Jakob Dhondt jakob.dhondt at switch.ch
Mon Jun 22 06:58:37 UTC 2020

Thanks for your help!

On 21.06.20 22:30, Tony Finch wrote:
> Jakob Dhondt <jakob.dhondt at switch.ch> wrote:
>> I am generating dnstap files using bind and regularly roll them using
>> 'rndc dnstap -roll [number]'. The way I understand the documentation is
>> that there should be max [number] old dnstap files after executing this
>> command but what actually happens is that all files are being kept so
>> that I have to remove the old ones myself.
> Yes, this is a bug. I could reproduce the problem but I couldn't see it
> by staring at the code, so I added some extra logging until I found
> the mistake. I've submitted a merge request for this patch:
> https://gitlab.isc.org/fanf/bind9/-/commit/29d275965c0cddc862eeccb28188b8fd124fb321
> Tony.


Jakob Dhondt, Security Engineer, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 15, direct +41 44 268 16 23
jakob.dhondt at switch.ch, www.switch.ch
Security-News: securityblog.switch.ch

More information about the bind-users mailing list