Hi All, [Error] Following record is auth=1, run pdnsutil rectify-zone?: xxx.xxx.com IN RRSIG DS
[Error] Following record is auth=1, run pdnsutil rectify-zone?: xxx.xxx.com IN RRSIG NSEC For this error, not really sure what it means, but we have fixed it anyhow. We need to force another another clean notify with a new SOA Serial, that sort of fixed the error. Warmest Regards, Jackson Yap -----Original Message----- From: Jackson Yap <jack...@apc.sg> Sent: Thursday, 25 February 2021 2:30 PM To: 'Pieter Lexis' <pieter.le...@powerdns.com>; 'pdns-users@mailman.powerdns.com' <pdns-users@mailman.powerdns.com> Subject: RE: [Pdns-users] How to Update from PDNS 4.1.14 to Latest? Thanks everyone. This works for those who need to extract for the error: pdnsutil check-all-zones | grep -i "\[error\]" We just discovered 2 errors which we have no clue what it means. A [Error] Following record is auth=1, run pdnsutil rectify-zone?: xxx.xxx.com IN RRSIG DS [Error] Following record is auth=1, run pdnsutil rectify-zone?: xxx.xxx.com IN RRSIG NSEC What is the exact issue and how to resolve this? Warmest Regards, Jackson Yap -----Original Message----- From: Pdns-users <pdns-users-boun...@mailman.powerdns.com> On Behalf Of Pieter Lexis via Pdns-users Sent: Thursday, 25 February 2021 2:19 PM To: pdns-users@mailman.powerdns.com Subject: Re: [Pdns-users] How to Update from PDNS 4.1.14 to Latest? Hi Jackson, On 2/25/21 3:21 AM, Jackson Yap via Pdns-users wrote: > I have fixed the error. The issue is strangely the installer did not > set the permission of pdns.conf correct. The default permissions in the package allow the service to read the file. but if indeed it wasn't 755, it won't wor. Since 4.4, PowerDNS is started as the pdns user, so you could chown the config to root:pdns with 750 permissions if you want to clamp it down. > The update is almost perfect. Now I will just have to monitor for any > errors/logs for the next few days. Excellent. > I have one question: > > pdnsutil check-all-zones > > As we have thousands over zones, can someone advise how can we use the > command above just to list those errors only? No, we check all the zones and dump both warnings and errors, but `pdnsutil check-all-zones | grep -i error` should help here. Cheers, Pieter -- Pieter Lexis PowerDNS.COM BV -- https://www.powerdns.com _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
