Update zonechecks system test

Change test configuration to make use of 'dnssec-policy' instead of
'auto-dnssec'.

diff --git a/bin/tests/system/zonechecks/clean.sh b/bin/tests/system/zonechecks/clean.sh
index ed4012a266a467c4944bdf09d19340559e930f53..330b242b047c67b63b5d09ecfb05424f7a3d7c9c 100644 (file)
--- a/bin/tests/system/zonechecks/clean.sh
+++ b/bin/tests/system/zonechecks/clean.sh
@@ -15,7 +15,7 @@ rm -f *.out
 rm -f */named.memstats
 rm -f */named.conf
 rm -f */named.run
-rm -f */*.db */*.db.signed */K*.key */K*.private */*.jnl */dsset-*
+rm -f */*.db */*.db.signed */K*.key */K*.private */K*.state */*.jnl */dsset-*
 rm -f */signer.err
 rm -f rndc.out.*
 rm -f ns*/named.lock

diff --git a/bin/tests/system/zonechecks/ns1/named.conf.in b/bin/tests/system/zonechecks/ns1/named.conf.in
index 03bc91838c865d2ca604b495189b5a7e0dc98f0e..efb11b01d8fab513fd3dd384f942a6d29b868977 100644 (file)
--- a/bin/tests/system/zonechecks/ns1/named.conf.in
+++ b/bin/tests/system/zonechecks/ns1/named.conf.in
@@ -35,6 +35,13 @@ controls {
        inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };
 
+dnssec-policy "zonechecks" {
+       keys {
+               ksk key-directory lifetime unlimited algorithm @DEFAULT_ALGORITHM@;
+               zsk key-directory lifetime unlimited algorithm @DEFAULT_ALGORITHM@;
+       };
+};
+
 view unused {
        match-clients { none; };
 
@@ -52,7 +59,7 @@ view primary {
                file "primary.db";
                allow-update { any; };
                allow-transfer { any; };
-               auto-dnssec maintain;
+               dnssec-policy zonechecks;
        };
 
        zone "bigserial.example" {