Additional configuration override for sysklogd
Scott Kitterman
ubuntu at kitterman.com
Tue Jan 13 15:54:08 GMT 2009
Thanks to Mr. Kaminsky and his DNS cache poisoning attack, I've been looking
into DNSSEC a bit more lately.
The first thing I'm trying to do is update the dkim-milter package to build
against a DNSSEC capable resolver (upstream now supports using the Unbound
package for this is a new upstream not yet packaged).
Unbound is shipped by it's upstream in a default chrooted configuration which
Debian has changed because the syslog configuration needs to be changed
manually to work with unbound inside the chroot.
I see that in Ubuntu the sysklogd package is already wired to allow ltsp to
override it's configuration:
https://launchpad.net/ubuntu/+source/sysklogd/1.5-5ubuntu1/+changes
What I would like to do is:
1. Restore the Unbound upstream default chroot configuration.
2. In the sysklogd package allow Unbound to over-ride it's configuration so
logging from the chroot works by default.
3. Update dkim-milter to use Unbound so it's 'DNSSEC Ready'.
I thought I ought to check and see if there was any objection to part 2 of
this before I changed it. I'm not going to upload any of it unless I get all
three bits going OK.
Any objections?
Scott K
More information about the ubuntu-devel
mailing list