On Sun, Aug 09, 2020 at 12:03:22PM +0200, Jelle de Jong wrote: > Thank you for your reply, there are still a lot of ; resign=20200802123322 > lines, but it does clean up a lot better, sorted on record type it would > become useful, ideas? > > Is there no clean named command to do this output?
Everything starting with ";" is a comment. Run it through "named-compilezone" again, perhaps with "-s relative" this time (I used "-s full" before because it makes processing with awk easier). The result should be be free of comments and canonically sorted. "named" can do this automatically if you dynamically update a zone and remove the DNSKEY rrset. I think "dnssec-signzone -SPRQ" would do it if you marked the keys as deleted with "dnssec-settime" first; I haven't tested this, but it should. But I think the awk trick is probably the most straightforward way. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
