Tag: redhat

  • redhat

    rhce
    RHCSA Study Guide
    RHCSA Questions

  • rpm verify packages

    To verify a package installed on system, you can use

    rpm -V PKG_NAME

    Example

    [root@hello-1 curl-curl-7_69_0]# rpm -V bind
S.5....T.  c /etc/named.conf
[root@hello-1 curl-curl-7_69_0]#

    Here bind package have /etc/named.conf file modified.

    To verify all packages on system, run

    rpm -Va

    Back to rpm

  • RHCSA Study Guide

    1. Logical volume ‘home’ as created and mounted. Reduce its size to ‘192M’ (size from 185M to 200MB is acceptable)

    # lvdispaly
# umount /dev/vgsrv/home
# e2fsck -f /dev/vgsrv/home
# resize2fs /dev/vgsrv/home 192M 
# lvcreduce -L 192M /dev/vgsrv/home
# mount /dev/vgsrv/home
# lvdisplay


# lvdisplay
# umount /dev/vgsrv/home
# lvextend -L 256M /dev/vgsrv/home
# e2fsck -f /dev/vgsrv/home
# resize2fs /dev/vgsrv/home 256M
# mount /dev/vgsrv/home
# lvdisplay

    2. Add a group sysmgrs

    Add a user Natasha such that user’s secondary group is sysmgrs.

    Add a user harry such that user’s secondary group is sysmgrs.

    Add a user sarrah, who has no interactive shell, and not belongs to the group sysmgrs.

    Set password of Natasha, harry and sarrah to lotawens.

    # groupadd sysmgrs
# useradd -G sysmgrs Natasha
( We can verify the newly created user by cat /etc/passwd)
# useradd -G sysmgrs harry
# useradd -s /sbin/nologin sarrh
# passwd Natasha
# passwd harry
# passwd sarrah

    3. Configure FTP access on your virtual machine to allow permission for anonymous user.

    If yum not configured;
# cd /etc/yum.repos.d
# vim domain70.repo
[domain70]
baseurl=
enabled=1
gpgcheck=0
:wq!

# yum clean all
# yum update all

# yum install vsftpd*
# yum install ftp
# ftp ip
User: anonymous
Password: 

If logging successfully, do the last steps;
If not, the below mentioned files and make changes.
# vim /etc/vsftpd/vsftpd.conf
# vim /etc/vsftpd/ftpusers
# vim /etc/vsftpd/user_list
And try again
# service vsftpd restart
# chkconfig vsftpd on

    4. Make a collaborative directory /a/b and set the permission as

    Group ownership of /a/b is sysmgrs

    The directory should be readable, writable and accessable to members of sysmgrs, but not to any other user. ( it is undershould that root has access to all files and
    directories on the system)

    Files created in /a/b automatically have group ownership set to the group sysmgrs.

    # mkdir -p /a/b
# chgrp sysmgrs /a/b
# chmod 2770 /a/b

    5. Copy the file /etc/fstab to /var/tmp. Configure the permissions of /var/tmp/fstab so that,

    The file /var/tmp/fstab is owned by the root user

    The file /var/tmp/fstab is belongs to group root

    The file /var/tmp/fstab is should not be executable by anyone

    The user natasha is able to read and write /var/tmp/fstab

    The user harry can neigher write not read /var/tmp/fstab

    All other users (current or future) have the ability to read /var/tmp/fstab

    # cp -a /etc/fstab /var/tmp
# cd /var/tmp
# ls -l
# getfacl /var/tmp/fstab
# chmod ugo-x /var/tmp/fstab 
[ No need to do this, there won't be execute permission for the file by default]
# setfacl -m u:natasha:rw /var/tmp/fstab
# setfacl -m u:harry:0 /var/tmp/fstab   (zero)
[Read permission will be there for all the users, by default. Check it using ls -l /var/tmp/fstab]

Verify by

[ ls -la /var/tmp/fstab]

    6. set cronjob for user natasha to do /bin/echo hiya at 14:23

    # crontab -e -u natasha
23 14 * * * /bin/echo hiya
:wq!

    7. host.domain70.example.com shares remote users. Configure ldap such that ldapusers has no home directory until we do automounting.

    baseDN: dc=domain70, dc=example, dc=com

    Certificate: ftp://host.domain70.example.com/pub/EXAMPLE-CA-CERT

    Username: ldapuser70

    Password: password

    # system-config-authentication
LDAP user
DN=dc=domain70,dc=example,dc=com
Server=host.domain70.example.com
Certificate= ftp://host.domain70.example.com/pub/exam-crt ( enter url carefully, there maybe // or ..)
LDAP password
OK

starting sssd
# su -ldapuser70
Display Bash prompt
#exit

    8. configure NTP with that of rhcert.domain70.example.com

    # system-config-date
Delete old server names and add given server name 
Advanced Tick speedup
#exit

    9. Implement a web server for the site http://station.domain70.example.com/ then perform the following steps:

    Download ftp://rhcert.domain70.example.com/pub/rhcsa/station.html

    Rename the download file to index.html

    Copy this index.html to the Document root of your web server.

    DO NOT make any modifications to the content of index.html

    # yum install httpd
# cd /var/www/html
# wget ftp://rhcert.domain70.example.com/pub/rhcsa/station.html
# mv station.html index.html
990th line : remove '#'
Remove '*' and add IP address:
Eg Name VirtualHost 172.40.70.12
1003rd line copy 7 lines and paste below that itself.
(last 7 lines)
Remove # of all lines

Ist line : remove * and add ip


3rd line

Document Root /var/www/html

4th line

server name station.domain70.example.com
:wq!

#service httpd restart
# chkconfig httpd on

check site http://station.domain70.example.com/

    10. Install the appropriate Kernel update from ftp://domain70.example.com/pub/updates/ The following criteria must also be met:

    The updated kernel is the default Kernel when the system is rebooted.

    The orginal kernel remains available and bootable on the system.

    # ftp rhcert.domain70.example.com
Anonymous login
ftp> cd /pub/updates
ftp> ls
ftp> mget kernel*
ftp> bye
# rpm -ivh kernel*
# vim /etc/grub.conf
Check the updatted kernel is the first kernel and the orginal kernel remains available.
set default=0
:wq!

    11. Configure autofs to automount the home directories of ldapusers host.domain70.example.com NFS-exports /rhome to your
    machine. ldapuser70’s home directory should be automounted locally beneath /rhome/ldapuser7-. Home directores must be writable by thier users.

    User: ldpauser70
    Password: password

    # vim /etc/auto.master
/rhome /etc/auto.misc
:wq!
# vim /etc/auto.misc
ldapuser70 --rw,sync host.domain70.example.com:/rhome/ldpauser70
:wq!

#service autofs restart
# service autofs reload
# chkconfig autofs on
# su -ldapuser70
Login ldapuser with home directory
# exit

    12. Create a swap partition of 754 MB size. Do not make any change to the existing swap partition

    # fdisk -l
# fdisk -cu /dev/vda
p
n
e or p
select e
default (first): enter
default (last): enter
n
default(first): enter
default(first): +754M
t(1-5)
l: 82
p
w
#reboot
#mkswap /dev/vda5


# vim /etc/fstab

/dev/vda5 swap swap defaults 0 0

:wq

# mount -a
# swapon -a
# swapon -s

    13. Add a user manlo with uid 1353. Set his password as lotawens

    # useradd -u 1353 manlo
# passwd manlo
# su - manlo

    14. Locate all files and directories of user jacques and copy it to /root/findfiles

    OR locate the files of owner “dax” and copy to the directory /root/founddirectory

    OR Find files in your system which is owned by andrew user & save on /backup/somefile.

    
# find / -user jacques > /root/findfiles ( if /root/findfiles is a file)


# mkdir -p /root/findfiles
# find / -user jacques -exec cp -a {} /root/findfiles\;    [ if /root/findfiles is a directory ]

    15. Find all lines contain a string loop in a file /etc/grub.conf copy it to /root/list. Don’t leave a free line in /root/list

    grep loop /etc/hosts > /root/list

    16. Create a device:

    Logical volume qa with 60 extents.

    Volume group qagroup with 16MB extent size.

    Mount it permanently under /abc with file system ext3

    
# fdisk -l
# fdisk -cu /dev/vda
n
default(first)
default(last): +1000M
(since 60 extents of 16M = 16*60=960MB lvm;
So physical volume > 960MB)
t(1-6):6
l:8e
p
w
# reboot(init6)
# pvcreate /dev/vda6
# vgcreate -s 16M qagroup /dev/vda6
# lvcreate -l 60 -n qa qagroup
# mkfs.ext3 /dev/qagroup/qa
# mkdir /abc
# vim /etc/fstab
/dev/qagroup/qa /abc ext3 defaults 0 0
:wq
# mount -a