Prevent a race in the "inline" system test
A short time window exists between logging the addition of an NSEC3PARAM record to a zone and committing it to the current version of the zone database. If a query arrives during such a time window, an unsigned response will be returned. One of the checks in the "inline" system test requires NSEC3 records to be present in an answer - that check would fail in the case described above. Use rndc instead of log watching for checking whether zone signing and NSEC3 chain modifications are complete in order to prevent intermittent "inline" system test failures.
Showing with 7 additions and 4 deletions