**zone-purge** *zone*... [**+orphan**] [*filter*...]
Purge zone data, zone file, journal, timers, and/or KASP data of specified zones.
Available filters are **+expire**, **+zonefile**, **+journal**, **+timers**,
- **+kaspdb**, and **+catalog**. If no filter is specified, all filters are enabled.
- If the zone is no longer configured, add **+orphan** parameter (zone file cannot
- be purged in this case). When purging orphans, always check the server log for
- possible errors. For proper operation, it's necessary to prevent ongoing changes
- to the zone and triggering of zone related events during purge; use of
- **zone-freeze** is advisable. This command always requires the force option. (#)
+ **+keys**, **+kaspdb**, and **+catalog**. If no filter is specified, all filters
+ are enabled, except for **+keys**, which must be listed explicitly. If the zone is
+ no longer configured, add **+orphan** parameter (zone file cannot be purged in this
+ case). When purging orphans, always check the server log for possible errors. For proper
+ operation, it's necessary to prevent ongoing changes to the zone and triggering of zone
+ related events during purge; use of **zone-freeze** is advisable. This command always
+ requires the force option. (#)
.. _knotc_zone-stats:
orphan->server = server;
const purge_flag_t params =
- PURGE_ZONE_TIMERS | PURGE_ZONE_JOURNAL | PURGE_ZONE_KASPDB |
- PURGE_ZONE_BEST | PURGE_ZONE_LOG;
+ PURGE_ZONE_TIMERS | PURGE_ZONE_JOURNAL | PURGE_ZONE_KEYS |
+ PURGE_ZONE_KASPDB | PURGE_ZONE_BEST | PURGE_ZONE_LOG;
int ret = selective_zone_purge(conf(), orphan, params);
free(orphan);
bool failed = false;
if (args->data[KNOT_CTL_IDX_ZONE] == NULL) {
+ // Purge keys. (It needs to be requested explicitly.)
+ if (MATCH_AND_FILTER(args, CTL_FILTER_PURGE_KEYS)) {
+ ret = kasp_db_sweep_keys(&args->server->kaspdb,
+ zone_exists, args->server->zone_db);
+ log_if_orphans_error(NULL, ret, "keys", &failed);
+ }
+
// Purge KASP DB.
if (only_orphan || MATCH_AND_FILTER(args, CTL_FILTER_PURGE_KASPDB)) {
ret = kasp_db_sweep(&args->server->kaspdb,
knot_dname_to_lower(zone_name);
if (!zone_exists(zone_name, args->server->zone_db)) {
+ // Purge keys. (It needs to be requested explicitly.)
+ if (MATCH_AND_FILTER(args, CTL_FILTER_PURGE_KEYS)) {
+ if (knot_lmdb_open(&args->server->kaspdb) == KNOT_EOK) {
+ ret = kasp_db_delete_keys(&args->server->kaspdb, zone_name, true, false);
+ log_if_orphans_error(zone_name, ret, "keys", &failed);
+ }
+ }
+
// Purge KASP DB.
if (only_orphan || MATCH_AND_FILTER(args, CTL_FILTER_PURGE_KASPDB)) {
if (knot_lmdb_open(&args->server->kaspdb) == KNOT_EOK) {
MATCH_OR_FILTER(args, CTL_FILTER_PURGE_KASPDB) * PURGE_ZONE_KASPDB |
MATCH_OR_FILTER(args, CTL_FILTER_PURGE_CATALOG) * PURGE_ZONE_CATALOG |
MATCH_OR_FILTER(args, CTL_FILTER_PURGE_EXPIRE) * PURGE_ZONE_EXPIRE |
+ // Keys purge must be requested explicitly.
+ MATCH_AND_FILTER(args, CTL_FILTER_PURGE_KEYS) * PURGE_ZONE_KEYS |
PURGE_ZONE_NOSYNC; // Purge even zonefiles with disabled syncing.
zone_set_flag(zone, (zone_flag_t)params);
RETURN_IF_FAILED("journal", KNOT_ENOENT);
}
+ // Purge keys and related metadata.
+ if (params & PURGE_ZONE_KEYS) {
+ ret = knot_lmdb_open(zone_kaspdb(zone));
+ if (ret == KNOT_EOK) {
+ ret = kasp_db_delete_keys(zone_kaspdb(zone), zone->name,
+ false, !exit_immediately);
+ }
+ RETURN_IF_FAILED("keys", KNOT_ENOENT);
+ }
+
// Purge KASP DB.
if (params & PURGE_ZONE_KASPDB) {
ret = knot_lmdb_open(zone_kaspdb(zone));
#define PURGE_ZONE_DATA (PURGE_ZONE_TIMERS | PURGE_ZONE_ZONEFILE | PURGE_ZONE_JOURNAL | \
PURGE_ZONE_KASPDB | PURGE_ZONE_CATALOG)
-/*!< Standard purge (respect C_ZONEFILE_SYNC param). */
-#define PURGE_ZONE_ALL (PURGE_ZONE_DATA | PURGE_ZONE_BEST | PURGE_ZONE_LOG)
+/*!< Standard purge (including keys; respect C_ZONEFILE_SYNC param). */
+#define PURGE_ZONE_ALL (PURGE_ZONE_DATA | PURGE_ZONE_KEYS | PURGE_ZONE_BEST | PURGE_ZONE_LOG)
/*!< All purge-related flags. */
#define PURGE_ZONE_FLAGS (PURGE_ZONE_ALL | PURGE_ZONE_NOSYNC | PURGE_ZONE_EXPIRE)
# now purge zones keys in order to create dangling policy_last
for z in zones0:
- knot.ctl("zone-purge -f +kaspdb " + z.name)
+ knot.ctl("zone-purge -f +keys " + z.name)
zones_add2 = t.zone_rnd(5, dnssec=False, records=10)
add_shared(t, knot, zones_add2, zones0[0])
projects / thirdparty / knot-dns.git / commitdiff
