Problem with DNSSEC

M

Mattie

Verified User
Joined
Jun 1, 2008
Messages
123
Hi,

I've tried to enable DNSSEC using https://help.directadmin.com/item.php?id=651 and https://www.directadmin.com/features.php?id=1525

I've done "generate keys" (and they are displayed in DA), however according to the tutorial I now need to do "sign" but I get the following message:

Error with dnssec.sh sign: sh: /usr/local/directadmin/scripts/dnssec.sh: Permission denied
Click to expand...

Code: 
root@vps:/usr/local/directadmin/scripts# ls -al dnssec.sh
-rwx------ 1 diradmin diradmin 7260 Feb 17 13:06 dnssec.sh

Seems ok right? Ah well I've set it to 777 but now I get the following error:

Error with dnssec.sh sign: Cannot find DirectAdmin Config File:
/usr/local/directadmin/conf/directadmin.conf
Click to expand...

But obviously that file does exists :)

Any ideas?
 
Unfortunate that has no effect, still the same error. Permissions didn't look wrong anyway so I suspect a problem with the script, perhaps it is outdated? Not sure if many people use it.


edit: I'm on version 1.51.2

From the DA error log:
2017:02:23-20:53:41: Error with dnssec.sh sign (caller=admin manual sign) sh: /usr/local/directadmin/scripts/dnssec.sh: Permission denied
Click to expand...

So, dnssec.sh permissions are 700 - diradmin - diradmin
 
Last edited:
I've tested on my side and successfully generated keys and signed a zone on my own server. That's probably something wrong on your side, if you need a free fix you might consider opening a ticket with Directadmin support or somebody here has an idea what might be wrong.

If the admin is the caller of the script then this user has no permissions to read /usr/local/directadmin/conf/directadmin.conf (and that's normal).
 
Hm strange, I didn't do anything fancy with my install so not sure why it won't work (well the error messages are clear). Do you know what user calls the dnssec script? Is dat diradmin?
 
Thanks, that doesn't give me any insights so I will send an email to DA support.
 
You must log in or register to reply here.
Back
Top