On Tue, 17 Jul 2012, 刘硕 wrote:
I found an interesting thing that when the two processes is running, I mean ods-signerd and ods-enforcerd. I can not use ods-signer to sign zone manually, but the automatic signing seems works well. Bellow are clues for you: [root@CST-BJ-104:202.173.9.19 :/var/opendnssec/signed]$ps -aux|grep ods Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.8/FAQ root 3955 0.0 0.0 40660 5548 ? SLs Jul12 0:07 /usr/local/sbin/ods-enforcerd root 12080 0.0 1.1 1022852 91780 ? SLsl Jul13 1:35 ods-signerd
It's a little strange you have one started with full path and the other with no path. Are they from the same install?
[root@CST-BJ-104:202.173.9.19 :/var/opendnssec/signed]$ods-signer sign example Unable to connect to engine: connect() failed: No such file or directory
Are you sure one is not looking for the socket at the wrong place due to mismatched install, eg /var/run/opendnssec/engine.sock versus /local/var/run/opendnssec/engine.sock? Can you strace the ods-signer command to see where it is trying to find the socket?
Do ods-signer and ods-signerd have some relationship? Why can not I use ods-signer manually when ods-signerd is running?
ods-signer just gives commands to ods-signerd over a socket. The "manual" signing just gives ods-signerd a "sign now" command. Paul _______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
