Rhce Exam
Rhce Exam
hostname: node2.lab.example.com
Password: TombigSmall
IP: 172.25.250.11/24
GW: 172.25.250.254
DNS: 172.25.250.254
00: First crack password of node2 Machine & set it to the instruction is above instructions:
ans: #reboot the vm. press ESC then select boot loader, press 'e' to enter grub mode.
# chroot /sysroot/
# passwd root
# touch /.autorelabel
# exit
# exit to logout.
FILE LABELING
All files, directories, devices ... have a security context/label associated with them. These
context are stored in the extended
attributes of the file system. Problems with SELinux often arise from the file system being
mislabeled. This can be caused by boot‐
ing the machine with a non SELinux kernel. If you see an error message containing file_t, that is
usually a good indicator that you
capability. The restorecon/fixfiles commands are also available for relabeling files.
network connection:
# ifconfig to check your physical or virtual interface name: here is: enp1s0
# nmcli connection add con-name lan1 ifname enp2s0 type ethernet ipv4.method
manual ipv4.addresses 172.25.250.11/24 ipv4.gateway 172.25.250.254 ipv4.dns 172.25.250.254
autoconnect yes
or, we can create a new config file or modify existing config file
# vim /etc/sysconfig/network-scripts/ifcfg-lan1
ans: # getenforce
# vim /etc/selinux/config
selinux=enforcing
To change the sestatus from config file then reboot your system.
[appstream_any_name_you_can_assign_but_no_space_here]
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS/
gpgcheck=0
##BaseOS is same:
03: Set a recommended tuning profile for your system. (profile already available).
04: Create a SWAP partition of 250 megabyte & make available at next reboot.
# fdisk /dev/vdb
# lsblk
# fdisk -l
# mkswap /dev/vdb1
# blkid
# vim /etc/fstab
# swapon -av
05: Create the volume group with name myvolume with 8MiB P.E. and create the lvm name
mydatabase with the 100P.E. format this lvm with ext4 and create a directory /database & mount
this lvm permanently on /database.
# fdisk -l
# pvcreate /dev/vdb2
# mkfs.ext4 /dev/myvolume/mydatabase
# blkid
/dev/mapper/myvolume-mydatabase: UUID="a747660c-8d14-4943-
a227-a1320a31e943" TYPE="ext4"
# vim /etc/fstab +
# mkdir /database
# mount -av
06: Extend or Resize the LVM partition /dev/myvolume/mydatabase into 500 MiB from the
current size and mount the LVM /dev/myvolume/mydatabase to a mount point /database.
# df -HT
07: You have been provided with a disk drive attached to your system /dev/vdX. Make use of it to
create a VDO. VDO device name is myvdo1 with a logical size of 100GiB & format this vdo storage
as xfs & create a mount point /vdostorage & mount it permanently.
# man vdo [to see the manual simply copy an example] # vdo create --
name=vdo0 --device=/dev/sdb1 --vdoLogicalSize=10T
# lsblk
# blkid
# fdisk /dev/mapper/myvdo1
# lsblk
# fdisk -l
# fdisk -l /dev/mapper/myvdo1
# mkfs.xfs /dev/mapper/myvdo1 -K -f
# blkid
# vim /etc/fstab
# mkdir /vdostorage
# mount -av
NOTE:
##Usually, when a filesystem is created, a trim operation is carried out on the device.
This is undesirable in the case of the VDO. When formating using the mkfs command, use
the -K option to instruct the command not to discard blocks during the creation to the filesystem.
# ls -l /dev/mapper/myvdo1 >> We can use the ls command as shown to
08. Configure the rhcsa application so that when run as "pandora" it shows below message "Labla
lbal lahs ksbhs".
# vim /etc/bashrc
pandora ()
# source /etc/bashrc
# pandora
# vim /etc/bashrc
starton ()
};
# starton
NODE-A-ASK:
ans: # getenforce
# vim /etc/selinux/config
selinux=enforcing
To change the sestatus from config file then reboot your system.
[appstream_any_name_you_can_assign_but_no_space_here]
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS/
gpgcheck=0
Test:
##BaseOS is same:
◾a. The user natasha must configure a cron job that runs daily at 14:23 local time & executes
/bin/echo "hi alex"
ans: cronie package is already installed in the exam if doesn't installed you have to installed.
◾b. The user harry must configure a cron job that runs daily at every 3 minute local time &
executes /bin/echo I got RHCE certificate.
# crontab -e -u harry
# cd /var/spool/cron/ */20
Fixed the HTTP service, the page isn't provived node2 machine by this
link=http://172.25.250.10:2658
[Note: first you install HTTP service on node1 machine & configure the Main
Configuration File: /etc/httpd/conf/httpd.conf
Now, set the Listen port is:2658. 2nd step:Create a file name index.html to
Document Root: /var/www/html & write it to "I got RHCE certificate."]
ans:
# vim /etc/httpd/conf/httpd.conf
listen on 2658
# vim /var/www/html/index.html
## This part is already done in the exam & document root is aslo set.
## Frist you check the service is running or not, # systemctl status httpd
# man semanage port for manual to see the example & simply
copy the example & change the port no:
# Then check it from serverb or nodeb if you can't found the page then check firewall.
# firewall-cmd --list-all
# firewall-cmd --reload
# curl http://172.25.250.10:2658
# groupadd sysadmin
# useradd natasha
# useradd sarah
A user harry who does not have access to an interactive shell on the system & who is not a member
of sysadmin.
natasha, sarah & harry should all have the password of password.
# passwd sarah
# passwd harry
# passwd natasha
ans:
# mkdir /common/admin -p
The directory should be readable, writable & accessible to members of sysadmin, but not to any
other users. (It is understood that root has access to all files & directories on the system.)
Files created in "/common/admin/" automatically have group ownership set to the sysadmin.
# chmod 2770 /common/admin
or
# ls -ld /common/admin
07: Copy the file "/etc/passwd" to "/var/tmp". Configure the permissions of "/var/tmp/passwd"
so that:
# getfacl /var/tmp/passwd
The user sarah can neither write nor read "/var/tmp/passwd". [Note that: all other
users (current or future) have the ability to read "/var/tmp/passwd".]
08: Syncronise your system time with the classroom.example.com. or Configure NTP in your
system so that it is an NTP client of 3.in.pool.ntp.org
# vim /etc/chrony.conf
or # chronyc sources -v
[Note that: first you configure node1 machine & share /ourhome/nfsuser directory with
the .example.com domain clients only, share must be writable.]
ans:
SERVERA OR NODEA
# mkdir /ourhome/nfsuser -p
# cd /ourhome/nfsuser
# mkdir user1
# touch user.txt
# vim /etc/exports
/ourhome/nfsuser 172.25.250.0/24(rw,sync)
or
# exportfs -avr
# showmount -e
# firewall-cmd --rel
SERVERB OR NODEB
/data /etc/auto.master.d/user
# vim /etc/auto.master.d/user
remoteuser 172.25.250.10:/ourhome/nfsuser
/- /etc/auto.master.d/user
# vim /etc/auto.master.d/user
/data 172.25.250.10:/ourhome/nfsuser
Or /data -fstype=nfs,rw,sync
172.25.250.10:/ourhome/nfsuser
# df -HT
Direct maps in autofs provide a mechanism to automatically mount file systems at arbitrary
points in the file system hierarchy.
A direct map is denoted by a mount point of /- in the master map. Entries in a direct map
contain an absolute path name as a key (instead of the relative path names used in indirect maps).
One thing that is frequently used but not yet mentioned is the handling of multiple master
map entries for the direct mount point /-. The map keys for each entry are merged and behave as
one map.
# file /home/backup.tar.bz2
# file /home/backup.tar.gz
11: Deny cronjob for user susan so that other user for this system are not effected for this cronjob.
susan
12: Find all files owned by user brain and put them into /root/brain.
ans:
13: Download a file word.dict from http://content.example.com & put it to "/root". Copy all the
lines from /root/word.dict files that contains the word "mail" and put those lines in
/root/sorted.dict
ans: # cd /root
# wget http://classroom.example.com/content/word.dict
or