test: switch to new config keyword for bind9 >= 9.21

bind9 9.21 removed the deprecated 'managed-keys', swap it with
'trust-anchors' if the version is 9.21 or newer

[   20.654086] TEST-75-RESOLVED.sh[1217]: + delv -a /etc/bind.keys @ns1.unsigned.test signed.test
[   20.654425] TEST-75-RESOLVED.sh[1218]: + tee /tmp/tmp.D4LNomAKqY
[   20.672599] TEST-75-RESOLVED.sh[1218]: ;; /etc/bind.keys:1: option 'managed-keys' no longer exists

diff --git a/test/units/TEST-75-RESOLVED.sh b/test/units/TEST-75-RESOLVED.sh
index f8665532194eb7ab874fe7fcfdcad39318384183..3889338193505181aceedfe355a9b6224ab2e8ba 100755 (executable)
--- a/test/units/TEST-75-RESOLVED.sh
+++ b/test/units/TEST-75-RESOLVED.sh
@@ -156,10 +156,13 @@ EOF
     # Create a trust anchor for resolved with our root zone
     keymgr . ds | sed 's/ DS/ IN DS/g' >/etc/dnssec-trust-anchors.d/root.positive
     # Create a bind-compatible trust anchor (for delv)
-    # Note: the trust-anchors directive is relatively new, so use the original
-    #       managed-keys one until it's widespread enough
+    # Note: managed-keys was removed in version 9.21, use the newer trust-anchors directive
     {
-        echo 'managed-keys {'
+        if systemd-analyze compare-versions "$(delv -v | awk '{print $2}')" ge 9.21; then
+            echo 'trust-anchors {'
+        else
+            echo 'managed-keys {'
+        fi
         keymgr . dnskey | sed -r 's/^\. DNSKEY ([0-9]+ [0-9]+ [0-9]+) (.+)$/. static-key \1 "\2";/g'
         echo '};'
     } >/etc/bind.keys