Scripting dnssec-verify - processing command output
matthew-l at itconsult.co.uk
Sun Feb 7 10:07:24 UTC 2021
Thanks! That diagnosis is spot on: dnssec-verify is sending all its output
to STDERR as demonstrated by:-
>[matthew at m71 ~]$ dnssec-verify -I text -o itconsult.net itconsult.net.zone >temp-out 2>temp-err
>[matthew at m71 ~]$ ls -l temp-*
>-rw-rw-r-- 1 matthew matthew 279 Feb 7 09:34 temp-err
>-rw-rw-r-- 1 matthew matthew 0 Feb 7 09:34 temp-out
The fix (well, lash up) in Perl then becomes:-
$resp = `dnssec-verify -I text -o example.com example.com.zone 2>&1`;
which then gets the output from STDERR into the variable.
Let's wait for the ISC folks to see whether they think this is a bug...
>From: Paul Kosinski via bind-users <bind-users at lists.isc.org>
>To: bind-users at lists.isc.org
>Date: Sat, 6 Feb 2021 19:45:54 -0500
>Subject: Re: Scripting dnssec-verify - processing command output
>It sounds to me like dnssec-verify is sending the output in question to STDERR instead of STDOUT.
>On Sat, 06 Feb 2021 19:02:28 +0000
>Matthew Richardson <matthew-l at itconsult.co.uk> wrote:
>> I have been using Perl to do a reasonable amount of scripting, running bind
>> utilities and processing the results into variables. The details below are
>> from Bind 9.11.27 on Centos 7.
>> The code:-
>> $resp = `dig -t soa example.com`;
>> print "dig resp:'$resp'\n";
>> gets the result of the dig command into the variable $resp and prints it.
>> $resp = `dnssec-verify -I text -o example.com example.com.zone`;
>> print "dnssec-verify resp:'$resp'\n";
>> displays the results of the dnssec-verify command on the console and leaves
>> the variable $resp empty.
>> Any ideas would be appreciated...
>> As an aside, using dnssec-keygen DOES put the results into the variable.
>> Best wishes,
>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>bind-users mailing list
>bind-users at lists.isc.org
More information about the bind-users