I followed the exact tutorial from here https://ftp.isc.org/isc/dnssec-guide/html/dnssec-guide.html#easy-start-guide-for-authoritative-servers to set up DNSSEC on my domain domain.example.com.
When I try to do the validation of my setup using delv, I get an error. The following is my validation step:
user@nameserver:/etc/bind$ delv @10.10.10.10 -a keys/tmp/example.key +root=domain.example.com domain.example.com. SOA +multiline
;; resolution failed: ncache nxdomain
; negative response, unsigned answer
; domain.example.com. 300 IN \-ANY ;-$NXDOMAIN
; example.com. SOA a.ns.joker.com. hostmaster.joker.com. 2011082265 14400 3600 604800 300
and when I check the log files I see the following output:
Mär 05 22:27:30 nameserver named[74793]: zone domain.example.com/IN (signed): reconfiguring zone keys
Mär 05 22:27:30 nameserver named[74793]: zone domain.example.com/IN (signed): next key event: 05-Mar-2021 23:27:30.591
Mär 05 22:27:30 nameserver named[74793]: dumping master file: /etc/bind/zones/tmp-TELhWOSOza: open: permission denied
Mär 05 22:27:30 nameserver named[74793]: managed-keys-zone: Initializing automatic trust anchor management for zone '.'; DNSKEY ID 20326 is now trusted, waiving the normal 30-day waiting period.
Mär 05 22:27:30 nameserver named[74793]: resolver priming query complete
Mär 05 22:30:45 nameserver named[74793]: client @0x7f584800a550 1.1.1.1#36082 (domain.example.com): query: domain.example.com IN A -E(0)DC (10.10.10.10) [ECS 10.10.10.0/24/0]
Mär 05 22:30:53 nameserver named[74793]: client @0x7f584800a550 1.1.1.2#56781 (domain.example.com): query: domain.example.com IN A -E(0)DC (10.10.10.10) [ECS 10.10.10.0/24/0]
Mär 05 22:41:12 nameserver named[74793]: dumping master file: /etc/bind/zones/tmp-mlDktgv0MJ: open: permission denied
Mär 05 22:56:00 nameserver named[74793]: dumping master file: /etc/bind/zones/tmp-RuJ2bQd0qY: open: permission denied
Mär 05 23:23:17 nameserver named[74793]: client @0x7f584800a550 10.10.10.10#60252 (domain.example.com): query: domain.example.com IN SOA +E(0)DK (10.10.10.10)
Edit:
the only thing I had to do differently is in the options section I left the default directory "/var/cache/bind";
else I would get other error messages.
OS is Ubuntu 20.04.2