Additional configuration override for sysklogd

Scott Kitterman ubuntu at
Tue Jan 13 15:54:08 GMT 2009

Thanks to Mr. Kaminsky and his DNS cache poisoning attack, I've been looking 
into DNSSEC a bit more lately.

The first thing I'm trying to do is update the dkim-milter package to build 
against a DNSSEC capable resolver (upstream now supports using the Unbound 
package for this is a new upstream not yet packaged).

Unbound is shipped by it's upstream in a default chrooted configuration which 
Debian has changed because the syslog configuration needs to be changed 
manually to work with unbound inside the chroot.

I see that in Ubuntu the sysklogd package is already wired to allow ltsp to 
override it's configuration:

What I would like to do is:

1.  Restore the Unbound upstream default chroot configuration.
2.  In the sysklogd package allow Unbound to over-ride it's configuration so 
logging from the chroot works by default.
3.  Update dkim-milter to use Unbound so it's 'DNSSEC Ready'.

I thought I ought to check and see if there was any objection to part 2 of 
this before I changed it.  I'm not going to upload any of it unless I get all 
three bits going OK.

Any objections?

Scott K

More information about the ubuntu-devel mailing list