The serialincr() function in zonesigner uses the zonefile to increment
the serial. In the case of dynamic zones the zonefile may not
necessarily be up-to-date, and it could change. While the
administrator should probably be aware of this when running it
manually, I might suggest wrapping the calls to zonesigner from
rollerd with 'rndc freeze' and 'rndc unfreeze' of the zone.
There are, of course, caveats to this. If there are multiple views,
then the view needs to be specified (to rndc), which means rollerd
needs to have some details about this view. Also, if a zone isn't
dynamic rndc will return an error, which has the same exit status as
an error in freezing a legitimate zone (e.g., because it's already
frozen). I'm not sure what other cases there might be, but in both
these cases, it seems safe to ignore the error--from the rollerd
perspective. It should also be careful to always unfreeze the zone
regardless of any errors that happen after the freeze.