[Tutor] subprocess outputing wrong info to command line

brads brads at nyctelecomm.com
Sat Feb 21 00:58:17 CET 2015 

My subprocess is in error but the same command at the command line works
fine.

 

 

# cat makekeys.py

#!/usr/bin/python3.4

import subprocess

import sys

import string

import os.path

import datetime

import shlex

from time import gmtime, strftime

from subprocess import Popen, PIPE, STDOUT

 

pretime = strftime("%Y%m%d%H", gmtime())

time = datetime.datetime.strptime(pretime,'%Y%m%d%H')

print (time)

plustime = datetime.timedelta(days=730)

timeadd = (time + plustime)

str(timeadd)

#ndate = datetime.strptime(timeadd, '%Y%m%d%H')

#timeadd = timeadd.replace(tzinfo=UTC())

print (timeadd)

 

dname = input("Enter the domain to configure keys for? ")

if os.path.exists(dname+".external.signed"):

        os.remove(dname+".external.signed")

        #os.remove(dname+".external")

        os.remove(dname+".ksk.key")

        os.remove(dname+".zsk.key")

        os.remove(dname+".ksk.private")

        os.remove(dname+".zsk.private")

fd = open( dname+".external", 'w')

fd.write("$TTL 86400\n")

fd.write("$ORIGIN "+dname+".\n")

fd.write("@  1D  IN SOA yoda.ex-mailer.com.  admin@"+dname+".(\n")

fd.write("                      "+strftime("%Y%m%d%H", gmtime())+"\n")

#fd.write("                     "+repr(timeadd)+"\n")

fd.write("                      3h\n")

fd.write("                      1h\n")

fd.write("                      1w\n")

fd.write("                      1h)\n")

fd.write("                      IN NS   yoda.ex-mailer.com.\n")

fd.write("                      IN NS   r2d2.ex-mailer.com.\n")

fd.write(dname+".               IN TXT  v=spf1 mx a:r2d2.ex-mailer.com
-all\n")

fd.write(dname+".               MX 0    r2d2.ex-mailer.com.\n")

fd.write("mail."+dname+".       IN A    107.191.60.48\n")

fd.write("$include /usr/local/etc/namedb/K"+dname+".zsk.key ; ZSK\n")

fd.write("$include /usr/local/etc/namedb/K"+dname+".ksk.key ; KSK\n")

fd.close()

 

 

result = subprocess.check_output(["dnssec-keygen", "-f", "KSK", "-r",
"/dev/urandom", "-a", "RSASHA256", "-b", "2048", "-n", "ZONE", dname])

result_utf8 = result.decode("utf-8").strip()

mylist = list(result_utf8)

print (mylist[0])

listlen= len(mylist)

array = list()

listlen -= 11

i = 0

while( i < listlen ):

        #if mylist != '\n' ^ mylist != '':

        array.insert(i, mylist[i])

        i = i + 1

combined = "".join(array)

print ('combined')

print (combined)

fmove = subprocess.call(["mv", result_utf8+".key",combined +".ksk.key"])

fmove = subprocess.call(["mv", result_utf8+".private",combined
+".ksk.private"])

 

zresult =
subprocess.check_output(["dnssec-keygen","-r","/dev/urandom","-a","RSASHA256
","-b","2048","-n","ZONE", dname])

zresult_utf8 = zresult.decode("utf-8").strip()

myzlist = list(zresult_utf8)

print (myzlist[0])

zlistlen= len(myzlist)

zarray = list()

zlistlen -= 11

zi = 0

while( zi <zlistlen ):

        zarray.insert(zi, myzlist[zi])

        zi = zi + 1

zcombined = "".join(zarray)

zfmove = subprocess.call(["mv", zresult_utf8+".key",zcombined+".zsk.key"])

zfmove = subprocess.call(["mv",
zresult_utf8+".private",zcombined+".zsk.private"])

 

sfmove = subprocess.call(['dnssec-signzone','-e',strftime('%Y%m%d%H',
gmtime())+'0000','-p','-t','-g','-k',zcombined+'.ksk.key','-o',dname,dname+'
.external',zcombined+'.zsk.key'])

#cmd = "dnssec-signzone','-e',strftime('%Y%m%d%H',
gmtime())+'0000','-p','-t','-g','-k','K'+dname+'.ksk.key','-o',dname,dname+'
.external','K"+dname+'.zsk.key'

#subprocess.check_call(shlex.split(cmd))

 

 

 

 

 

 

# python3.4 makekeys.py

2015-02-20 23:00:00

2017-02-19 23:00:00

Enter the domain to configure keys for? test123.com

Generating key pair.........+++ ...............+++

K

combined

Ktest123.com

Generating key pair...+++
.........................................................+++

K

dnssec-signzone: fatal: No self-signed KSK DNSKEY found.  Supply an active

key with the KSK flag set, or use '-P'.

 

 

 

 

 

command works on the command line:

 

dnssec-signzone -e20180330000000 -p -t -g -k Ktest123.com.ksk.key -o
test123.com test123.com.external Ktest123.com.zsk.key

Verifying the zone using the following algorithms: RSASHA256.

Zone fully signed:

Algorithm: RSASHA256: KSKs: 1 active, 0 stand-by, 0 revoked

                      ZSKs: 1 active, 0 stand-by, 0 revoked

test123.com.external.signed

Signatures generated:                        9

Signatures retained:                         0

Signatures dropped:                          0

Signatures successfully verified:            0

Signatures unsuccessfully verified:          0

Signing time in seconds:                 0.010

Signatures per second:                 875.401

Runtime in seconds:                      0.013

More information about the Tutor mailing list