WireGuard/RockyLinux9

WireGuardサーバを RockyLinux9 で作ってみる

[root@rockylinux9 ~]# cat /etc/redhat-release
Rocky Linux release 9.5 (Blue Onyx)
 
[root@rockylinux9 ~]# uname -r
5.14.0-503.14.1.el9_5.x86_64
 
[root@rockylinux9 ~]# getenforce
Enforcing
 
[root@rockylinux9 ~]# mokutil --sb-state
EFI variables are not supported on this system
 
[root@rockylinux9 ~]#

WireGuardのサーバになるには「wireguard-tools」とカーネルモジュールの「wireguard.ko」が必要.
幸いRockyLinux9のkernelは初めから「wireguard.ko」を持っているので「wireguard-tools」のみ入れればいい

[root@rockylinux9 ~]# dnf install epel-release -y
 
[root@rockylinux9 ~]# dnf install wireguard-tools -y

「wireguard-tools」パッケージの他に「systemd-resolved」が組み込まれる

次にカーネルモジュールの「wireguard.ko」ですが、

[root@rockylinux9 ~]# modinfo wireguard
filename:       /lib/modules/5.14.0-503.14.1.el9_5.x86_64/kernel/drivers/net/wireguard/wireguard.ko.xz
alias:          net-pf-16-proto-16-family-wireguard
alias:          rtnl-link-wireguard
version:        1.0.0
author:         Jason A. Donenfeld <Jason@zx2c4.com>
description:    WireGuard secure network tunnel
license:        GPL v2
rhelversion:    9.5
srcversion:     A73354D89DB6FB3F43509BD
depends:        libcurve25519-generic,udp_tunnel,ip6_udp_tunnel,curve25519-x86_64
retpoline:      Y
intree:         Y
name:           wireguard
vermagic:       5.14.0-503.14.1.el9_5.x86_64 SMP preempt mod_unload modversions
sig_id:         PKCS#7
signer:         Rocky kernel signing key
sig_key:        6B:67:95:A3:78:7D:44:87:0A:18:07:7A:C1:74:3D:9F:44:DE:EA:E0
sig_hashalgo:   sha256
signature:      81:9D:A2:70:15:C0:F4:E6:39:37:DE:55:5D:56:E5:F6:55:BF:ED:FE:
                FA:21:A9:E3:53:EA:A8:EC:AC:2C:5B:AE:BD:5D:78:71:A4:30:2F:AC:
                D7:1E:00:BA:00:EE:B2:DF:C6:43:64:64:E1:EF:20:01:14:D1:79:B8:
                6F:05:24:5F:13:80:B7:95:DF:41:AB:50:4A:0D:F8:B6:9B:22:CB:46:
                4B:8F:89:AA:A1:A6:E7:18:8D:C2:5D:6D:E5:14:1E:C8:E5:9E:44:F7:
                6A:E4:15:7B:93:9A:91:64:6E:C3:EE:EA:B0:55:7A:1F:3C:6F:4C:D7:
                3C:51:A9:B8:22:76:42:C2:04:5F:BD:61:88:C1:E3:AD:2F:D3:03:C5:
                C7:B1:49:14:A8:B6:E2:73:4B:04:06:17:CE:4A:F3:B0:F8:8C:54:1D:
                04:44:4B:AA:82:5C:20:C4:76:0B:C9:97:6C:99:00:CB:D5:5F:FF:2F:
                6D:85:B7:8F:BB:1A:F0:35:52:65:B3:D7:0F:5B:80:09:1B:EC:F0:85:
                14:CD:F0:68:AD:97:35:A8:94:CA:37:34:E8:B1:42:9D:93:96:69:17:
                D7:19:3F:7B:12:78:69:28:9A:E3:7F:C7:1E:A8:72:05:D3:0A:1A:C7:
                C3:B0:B3:B2:8D:17:72:EC:12:F1:16:D1:68:F6:A8:4A:C2:AD:C6:50:
                BE:CD:39:19:BA:44:AD:63:30:48:91:5F:4E:4C:46:E2:5B:3C:C1:C5:
                C5:6F:C7:50:C0:0A:2A:C2:4A:37:91:59:7B:38:1A:C9:C3:31:9D:99:
                A3:35:72:37:ED:46:90:9A:F3:2F:D6:8D:9F:32:DD:2D:16:53:83:30:
                7C:2B:37:AC:91:2D:04:1A:FC:74:D3:07:21:87:A6:94:C0:82:AF:67:
                62:EF:CD:75:3F:63:69:6B:46:2F:5B:0F:CA:99:F5:DB:6E:99:09:C1:
                A5:6D:05:24:40:F6:7C:98:25:67:D5:32:B6:FC:CE:56:D4:62:5F:AC:
                3F:29:E0:4A
[root@rockylinux9 ~]#

と既に組み込まれているのでWireGuardの「systemctl enable wg-quick@wg0」の時にロードされます

御品書き
■samba スキーマ拡張
ユーザ登録(1,2)
win参加 RSAT lin参加

ホームディレクトリ
 共有フォルダ(1)
VSS DC追加 GPO SSO
透過的ファイル圧縮
 Server-Side Copy
ルータ超え時刻同期
 ログオンスクリプト
 NAS参加(1) NFS DFS
Mac参加(NFS)
ownCloud
リモートディスクトップ
 ディスクトップ
 smb3マルチチャンネル
 backup
メモ OpenAM
samba/LDAP XP
nisでsmb
admin-tools