Vyatta6.4にメール、Web、DNSを導入 

■VyattaをSqueezeと同様に構築する
 ドメインもIPも後で変更すれば良いので、ひとまず普通に入るかチェック。
 NTPサーバは既にあるので、セキュリティなしの単純なメール、Web、DNSを導入する。

 vyatta6.4をセキュアなsqueezeとして使う
 http://d.hatena.ne.jp/labunix/20120714

■postfix

$ hostname -f
vyatta64
$ sudo apt-get install -y postfix
$ sudo apt-get install -y bsd-mailx
$ grep alias /etc/postfix/main.cf
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

$ cat /etc/transport
vyatta64                :
*                       :

$ grep transport /etc/postfix/main.cf
transport_maps = hash:/etc/transport

$ sudo postmap /etc/transport
$ sudo /etc/init.d/postfix reload

$ sudo dpk-reconfigure postfix
$ echo "test" | mail -s "Test Mail" vyatta@vyatta64
$ sudo mail -u vyatta
Mail version 8.1.2 01/15/2001.  Type ? for help.
"/var/mail/vyatta": 1 message 1 new
>N  1 "labunix@vyatta64  Sat Jul 28 03:33   14/446   Test Mail

■Apache2の導入

$ sudo apt-get install -y apache2
$ grep "DocumentRoot" /etc/apache2/sites-available/default
        DocumentRoot /var/www
$ sudo mv /var/www/index.html /var/www/index.html.bak
$ echo '<html><head><title>Test</title></head>
 <body>
 Hello World
 </body>
 </html>' | sudo tee -a /var/www/index.html
<html><head><title>Test</title></head>
<body>
Hello World
</body>
</html>

$ w3m -dump /var/www/index.html
Hello World
$ w3m -dump -no-proxy http://localhost
Hello World
$ w3m -dump -no-proxy http://vyatta64
Hello World

■DNSの導入

$ sudo apt-get install -y bind9
$ sudo cp -pi /etc/bind/named.conf.options /etc/bind/named.conf.options.org

■bindログの設定(managed-keys.bindも)

$ diff /etc/bind/named.conf.options /etc/bind/named.conf.options.org
1,12d0
< logging {
<         channel "default-log" {
<         file "/var/log/bind/bind.log" versions 10 size 100k;
<         severity info;
<         print-time yes;
<         print-severity yes;
<         print-category yes;
<         };
<
<         category default { "default-log"; };
<         category lame-servers { null; };
< };
30c18
<       //listen-on-v6 { any; };
---
>       listen-on-v6 { any; };

$ sudo mkdir /var/log/bind
$ sudo touch /var/log/bind/bind.log
$ grep bind /etc/passwd > /dev/null && echo "ok"
ok
$ sudo chown -R bind:bind /var/log/bind
$ ls -l /var/log/bind/ | awk '{print $3,$4}'
bind bind

$ sudo touch /var/cache/bind/managed-keys.bind
$ sudo chown -R bind:bind /var/cache/bind
$ sudo named-checkconf && sudo /etc/init.d/bind9 restart
$  sudo named-checkconf && sudo /etc/init.d/bind9 restart
Stopping domain name service...: bind9 waiting for pid 9450 to die.
Starting domain name service...: bind9.
labunix@vyatta64:~$  sudo tail -f /var/log/bind/bind.log
28-Jul-2012 03:56:43.053 general: info: zone 0.in-addr.arpa/IN: loaded serial 1
28-Jul-2012 03:56:43.053 general: info: zone 127.in-addr.arpa/IN: loaded serial 1
28-Jul-2012 03:56:43.054 general: info: zone 255.in-addr.arpa/IN: loaded serial 1
28-Jul-2012 03:56:43.055 general: info: zone localhost/IN: loaded serial 2
28-Jul-2012 03:56:43.056 general: info: managed-keys-zone ./IN: loaded serial 0
28-Jul-2012 03:56:43.059 general: notice: running

$ nslookup localhost localhost
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost

Name:      localhost
Address 1: 127.0.0.1 localhost

$ sudo apt-get install -y dnsutils
$ dig localhost @localhost

; <<>> DiG 9.7.3 <<>> localhost @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8316
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;localhost.                     IN      A

;; ANSWER SECTION:
localhost.              604800  IN      A       127.0.0.1

;; AUTHORITY SECTION:
localhost.              604800  IN      NS      localhost.

;; ADDITIONAL SECTION:
localhost.              604800  IN      AAAA    ::1

;; Query time: 9 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jul 28 03:59:29 2012
;; MSG SIZE  rcvd: 85