Hi Jerry,
I have found three ods-signerd, but two of them are created in
configure-make-make install process, so I think only the last one is used.
[root@CST-BJ-103 opendnssec]# find / -name ods-signerd
/home/lius/opendnssec-related/OpenDNSSEC_trunk/signer/src/ods-signerd
/home/lius/opendnssec-related/opendnssec-1.3.9/signer/src/ods-signerd
/usr/local/sbin/ods-signerd
I will show you how mutiple ods-signerds are running together
[root@CST-BJ-103 opendnssec]# ods-control start
Starting enforcer...
OpenDNSSEC ods-enforcerd started (version 1.4.0-trunk), pid 2828
Starting signer engine...
OpenDNSSEC signer engine version 1.4.0-trunk
Engine running.
[root@CST-BJ-103 opendnssec]# ps -aux | grep ods
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
root 2828 1.6 0.1 40276 4896 ? SLs 15:07 0:00
/usr/local/sbin/ods-enforcerd
root 2834 201 0.6 300696 27448 ? SLsl 15:07 0:08
/usr/local/sbin/ods-signerd
root 2851 0.0 0.0 61188 752 pts/2 S+ 15:07 0:00 grep ods
[root@CST-BJ-103 opendnssec]# ll
total 8
-rw-r--r-- 1 root root 5 Jul 18 15:07 enforcerd.pid
srwxr-xr-x 1 root root 0 Jul 18 15:07 engine.sock
-rw-r--r-- 1 root root 5 Jul 18 15:07 signerd.pid
The messages above is normal and show that the OpenDNSSEC works well, but let's
continue:
[root@CST-BJ-103 opendnssec]# ods-signerd
OpenDNSSEC signer engine version 1.4.0-trunk
[root@CST-BJ-103 opendnssec]# ps -aux | grep ods
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
root 2828 0.1 0.1 40276 4896 ? SLs 15:07 0:00
/usr/local/sbin/ods-enforcerd
root 2834 188 5.5 462208 224584 ? SLsl 15:07 1:26
/usr/local/sbin/ods-signerd
root 2858 159 0.5 222600 23516 ? SLsl 15:08 0:09 ods-signerd
root 2871 0.0 0.0 61188 752 pts/2 R+ 15:08 0:00 grep ods
[root@CST-BJ-103 opendnssec]# ll
total 8
-rw-r--r-- 1 root root 5 Jul 18 15:07 enforcerd.pid
srwxr-xr-x 1 root root 0 Jul 18 15:08 engine.sock
-rw-r--r-- 1 root root 5 Jul 18 15:08 signerd.pid
engine.sock and signerd.pid is changed, and the content of signerd.pid is the
latter on, that is 2858.
When I run ods-control stop, the former ods-signerd is left, the latter setup
ods-signerd is shundown with ods-enforcerd
[root@CST-BJ-103 tmp]# ods-control stop
Stopping enforcer...
Stopping signer engine...
Engine shut down.
[root@CST-BJ-103 tmp]# tail /var/log/messages
Jul 18 15:16:24 CST-BJ-103 last message repeated 85080 times
Jul 18 15:16:24 CST-BJ-103 ods-signerd: [tools] unable to write zone example2:
adapter failed (Assertion error)
Jul 18 15:16:24 CST-BJ-103 ods-signerd: [worker[2]] backoff task [configure]
for zone example2 with 120 seconds
Jul 18 15:17:01 CST-BJ-103 ods-enforcerd: Received SIGTERM, exiting...
Jul 18 15:17:01 CST-BJ-103 ods-enforcerd: all done! hsm_close result: 0
Jul 18 15:17:02 CST-BJ-103 puppet-agent[2881]: Could not request certificate:
getaddrinfo: Name or service not known
Jul 18 15:17:02 CST-BJ-103 ods-signerd: [cmdhandler] received command stop[4]
Jul 18 15:17:02 CST-BJ-103 ods-signerd: [engine] signer shutdown
Jul 18 15:17:02 CST-BJ-103 ods-signerd: [cmdhandler] received command [0]
Jul 18 15:17:06 CST-BJ-103 ods-signerd: [log] switching log to stderr verbosity
0 (log level 2)
[root@CST-BJ-103 tmp]# ps -aux | grep ods
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.7/FAQ
root 2834 129 12.2 744468 496204 ? SLsl 15:07 12:36
/usr/local/sbin/ods-signerd
root 2979 0.0 0.0 61192 764 pts/2 S+ 15:17 0:00 grep ods
I'm puzzled, I know ods-signerd will bind to a port whose default value is 53,
so why can I setup more than one ods-signerd?
Best regards,
Stuart
From: Jerry Lundstr鰉
Date: 2012-07-18 14:29
To: shuoleo
CC: opendnssec-user
Subject: Re: Re: [Opendnssec-user]ods-signer failed when ods-signerd is running
Hi Stuart,
On Wed, Jul 18, 2012 at 8:08 AM, 刘硕 <[email protected]> wrote:
> If ods-signerd is running, then I run ods-signerd seems do nothing at all,
> but sometimes there are more than one ods-signerd process at the same time!
> I don't this situation would affect opendnssec's signing work, because I
> think some ods-signerd would do the work at a mixed period.
You should not have more then one ods-signerd process running.
Maybe you have installed OpenDNSSEC in different locations.
Can you run as root:
find / -name ods-signerd
/Jerry
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
