On 6/15/21 4:40 PM, Tony Finch wrote:
How should named say that a key has changed? It's a multithreaded program so it can't fork (not without a single-threaded helper process) so maybe it should fire off a message to a socket that the script machinery can listen to. (Maybe abuse NOTIFY for the purpose?) The feedback loop can be closed using an rndc command.
With a NOTIFY, something like _your_ old listener nsnotifyd: handle DNS NOTIFY messages by running a command https://dotat.at/prog/nsnotifyd/ https://github.com/fanf2/nsnotifyd gets interesting. Don't know yet how dusty that is, or relevant to current bind 9.16+, etc. -- -- but the general 'respond immediately to a NOTIFY' sounds quite useful. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
