[Pdns-users] How to Update from PDNS 4.1.14 to Latest?
Jackson Yap
jackson at apc.sg
Thu Feb 25 06:59:15 UTC 2021
Hi All,
[Error] Following record is auth=1, run pdnsutil rectify-zone?:
xxx.xxx.com IN RRSIG DS
[Error] Following record is auth=1, run pdnsutil rectify-zone?:
xxx.xxx.com IN RRSIG NSEC
For this error, not really sure what it means, but we have fixed it
anyhow.
We need to force another another clean notify with a new SOA Serial, that
sort of fixed the error.
Warmest Regards,
Jackson Yap
-----Original Message-----
From: Jackson Yap <jackson at apc.sg>
Sent: Thursday, 25 February 2021 2:30 PM
To: 'Pieter Lexis' <pieter.lexis at powerdns.com>;
'pdns-users at mailman.powerdns.com' <pdns-users at mailman.powerdns.com>
Subject: RE: [Pdns-users] How to Update from PDNS 4.1.14 to Latest?
Thanks everyone.
This works for those who need to extract for the error:
pdnsutil check-all-zones | grep -i "\[error\]"
We just discovered 2 errors which we have no clue what it means. A
[Error] Following record is auth=1, run pdnsutil rectify-zone?:
xxx.xxx.com IN RRSIG DS
[Error] Following record is auth=1, run pdnsutil rectify-zone?:
xxx.xxx.com IN RRSIG NSEC
What is the exact issue and how to resolve this?
Warmest Regards,
Jackson Yap
-----Original Message-----
From: Pdns-users <pdns-users-bounces at mailman.powerdns.com> On Behalf Of
Pieter Lexis via Pdns-users
Sent: Thursday, 25 February 2021 2:19 PM
To: pdns-users at mailman.powerdns.com
Subject: Re: [Pdns-users] How to Update from PDNS 4.1.14 to Latest?
Hi Jackson,
On 2/25/21 3:21 AM, Jackson Yap via Pdns-users wrote:
> I have fixed the error. The issue is strangely the installer did not
> set the permission of pdns.conf correct.
The default permissions in the package allow the service to read the file.
but if indeed it wasn't 755, it won't wor. Since 4.4, PowerDNS is started
as the pdns user, so you could chown the config to root:pdns with 750
permissions if you want to clamp it down.
> The update is almost perfect. Now I will just have to monitor for any
> errors/logs for the next few days.
Excellent.
> I have one question:
>
> pdnsutil check-all-zones
>
> As we have thousands over zones, can someone advise how can we use the
> command above just to list those errors only?
No, we check all the zones and dump both warnings and errors, but
`pdnsutil check-all-zones | grep -i error` should help here.
Cheers,
Pieter
--
Pieter Lexis
PowerDNS.COM BV -- https://www.powerdns.com
_______________________________________________
Pdns-users mailing list
Pdns-users at mailman.powerdns.com
https://mailman.powerdns.com/mailman/listinfo/pdns-users
More information about the Pdns-users
mailing list