Hi So my understanding is that for the time being I’m going to have to run the following after adding or removing a zone. ods-enforcer loneliest export
To avoid any foot-shootery? Regards — David Peall > On 16 Sep 2016, at 3:10 PM, Yuri Schaeffer <[email protected]> wrote: > > Hi David, > > Thanks for your report! > >> I’m added zone 2 and 3. I updated a TSIG key for domain 2 and then >> updated the enforcer and it deleted all my domains? > > Well this is a bit embarrassing... Since 2.0 we declared the database > leading over the zonelist.xml for the configured zones. But to provide > backwards compatibility we still allow updating the zones via the > zonelist.xml like before. > >> Usage: >> zonelist import >> [--remove-missing-zones] aka -r >> [--file <absolute path>] aka -f >> >> Help: >> Import zones from zonelist.xml into enforcer database. >> >> Options: >> remove-missing-zones Remove any zones from database not existed in >> zonelist file >> file File to import, instead of zonelist file configured >> in conf.xml > > As you can see we made the default not to remove zones that are no > longer in the XML. However 'update all' never included the > please-shoot-me-in-the-foot option. And instead defaults to foot shooting. > >> Usage: >> update all >> >> Help: >> Perform policy import, update zonelist, and update repositorylist. > > I understand this violates the least surprises rule and think we need to > improve this soon. > > Regards, > Yuri > > _______________________________________________ > Opendnssec-user mailing list > [email protected] > https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Opendnssec-user mailing list [email protected] https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
