Difficult RHCSA Flashcards
Create a localrepo
Add disk with an iso
cd /
mkdir localrepo
df -h (do this to find path)
(the name of your disk will have spaces in it, cd into it and space to find the correct way to put it)
cd /disk….
cd Appstream
cd Packages
ls -ltr | wc -l (just to see how many packages)
du -sh (to see if we have enough storage)
cp -rv * /localrepo, (just grab one or two to save space)
rm -rf /etc/yum.respos.d/*
vim /etc/yum.repos.d/local.repo
[centos7]
name=centos7
baseurl=file:///localrepo/ (this is the directory we created)
enabled=1
gpgcheck=0
:wq
yum install createrepo
createrepo /localrepo/ (creates database for yum command)
yum clean all (clears cache from old repository)
yum repolist all (shows all repos)
REMEMBER:
If you’re running selinux on your reposerver, you need to change the context of the repo!!!!!
download ksh
Show ksh’s information
Show where configuration files are located
rpm -hiv ksh-23512.rpm
rpm -qa | grep ksh
rpm -qi ksh-23512.rpm
rpm -e ksh-23512.rpm
rpm -qa | grep ksh
which ksh
rpm -qf /usr/bin/ksh
Install screen via yum
rollback screen
(if you have an older version of screen this will just rollback the new one/update that you just installed)
Yum history undo 2
Describe dns record names
Host to IP - A Record
IP to Hostname - PTR Record
Hostname to Hostname - CNAME Record
Host - to - Host is if you have a bunch of servers and you all want them to have the same alias, since the other servers will technically have different names.
View all available time zones
Set time zone to Newyork
Set the date
set date and time
Sync time with ntp
timedatectl list-timezones
timedatectl set-timezone “America/New_York”
timedatectl set-time 2023-05-12
timedatectl set-time ‘2023-05-12 00:39:00;
timedatectl set-ntp true
timedatectl
check if chronyd or ntpd is running if timedatectl shows it is not synced
Install and use sendmail
yum install sendmail
yum install sendmail-cf
vim /etc/mailsendmail.mc
This is where you would put the FQDN of the mail server:
dnl define(‘SMART_HOST’,`smtp.your.provider’)dnl
(dns means comment)
systemctl restart sendmail
ps -ef | grep sendmail
mail -s “Hello!” joshcahoe@gmail.com
Welcome to fart
^d
Download and configure rsyslog
rpm -qa | grep rsyslog
vim /etc/rsyslog.conf
(If you’re sending syslog info to another server change the #*** @@remote-host:514)
systemctl start rsyslog
systemctl enable rsyslog
Where would you go to access the ssh configuration to change the port?
disable root login
What should you do afterword?
/etc/sshd/ssh_conf
PermitRootLogin no
let selinux know
semanage port -a -t ssh_port_t -p tcp 5183
open port on firewall
Send a keep alive message out every 600 seconds, if there is no response after 1 then close the ssh connection
This just makes sure there is a network connection
vim /etc/ssh/sshd_config
ClientAliveInterval 600 (seconds that a keep alive message is sent out)
ClientAliveCountMax 0 (You send one keep alive every 300 seconds and disconnect after 0 answers are missed.)
systemctl restart sshd
This checks if there is still a network connection
Remove empty password connections
vim /etc/ssh/sshd_config
remove hash from
PermitEmptyPasswords
systemctl restart sshd
Only allow one user in ssh
vim /etc/ssh/sshd_config
AllowUsers josh danny
systemctl restart sshd
Generate SSH-keys
Copy keys to the server
Login to test
ssh-keygen
Prompt will comup for where to save your key, this is the path, enter will use default location
Passphase enter
Copy the SHA256 key
ssh-copy-id root@lollipop
enter password for server’s root
(this copys to server’s folder : root/.ssh/authorized_keys)
Install and configure cockpit
via server
ping 8.8.8.8 to check network connectivity
yum install cockpit -y
rpm -qa | grep cockpit
systemctl start cockpit
systemctl enable cockpit
systemctl status cockpit
(cockpit is tcp 9090)
firewall-cmd –permanent –add-port=9090/tcp
firewall-cmd –permanent –add-service=cockpit
firewall-cmd –reload
Where is your DNS server stored?
/etc/resolv.conf
Show info about ens33
ethtool ens33
Bond two ports
modinfo bonding
if you don’t have it install it - modprobe bonding
In the description it should say if you have it here
Create Bond interface file
vim /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
TYPE=Bond
NAME=bond0
BONDING_MASTER=yes
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.1.80
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
BONDING_OPTS=”mode=5 miimon=100”
:wq
vim /etc/sysconfig/network=scripts/ifcfg-enp0s3
d10d
TYPE=Ethernet
BOOTPROTO=none
DEVICE=enp0s3
HWADDR=”MAC NUMBER FOR IFCONFIG”
MASTER=bond0
SLAVE=yes
:wq
Do this for the other NIC
BOOTPROTO - NONE/STATIC (FOR THE IP) (BOOT PROTOCOL - WHAT TO DO UPON BOOT)
ONBOOT=yes - ENABLE WHEN SYSTEM BOOTS
cat /proc/net/bonding/bond0
What does this mean:
BONDING_OPTS=”mode=5 miimon=100”
mode =
0 Round Robin - Packets are sequentially transmitted received through each interface one by one
1 Active Backup - One up and the other comes up if the other goes down
2 XOR (exclusive OR) - MAC is recorded and all traffic coming from it goes down same link
3 Broadcast - Transmitted of all slaves
4 Dynamic Link Aggregation - NICS act as one so you get higher throughput
5 Transmit Load Balance - Based on load of slave.
6 Adaptive Load Balancing - Load Balanced through ARP negotiation
miimon (media independent interface monitoring)- Specifies the MII link monitoring frequency in milliseconds - determines how often the link state of slaves inspected for failure
Edit the network via the text editor delete new adapters IP then create bonding/team (team is same thing) (remember this will cut off network connection so you have to do it locally)
nmtui
edit connection
Wired connection 1 -> delete this one we added from vmware
remove network connection main (this just deletes IP)
add Team (bond is older version)
Profile name - team1
tab down to slaves and add
Ethernet
Profile name - enp0s3
device enp0s3 (or whatever)
ok
(then add the next one)
change IPv4 to Manual
show
add the address, gateway, etc
configure an interface with nmcli
nmcli device (shows all devices)
nmclie connection modify enp0s3 ipv4.addressess 10.253.1.211/24
nmclie connection modify enp0s3 ipv4.gateway 192.168.1.1
nmclie connection modify enp0s3 ipv4.method manual
nmclie connection modify enp0s3 ipv4.dns 8.8.8.8
nmcli connection down enp0s3
nmcli connection up enp0s3
nmcli connection show –active
nmcli connection modify enp0s3 +ipv4.addresses 10.253.1.211/24
nmcli connection reload (does the same as up/down)
systemctl reboot
ip address show
nmcli connection show enp0s3
Create a bond with nmcli
nmcli connection add type bond con-name “Bondconn1” ifname bond0
nmcli connection modify Bondconn1 bond.options “mode=active-backup”
nmcli connection add type ethernet slave-type bond con-name bond0-if1 ifname ens5 master bond0
nmcli connection add type ethernet slave-type bond con-name bond0-if2 ifname ens6 master bond0
sudo nmcli connection delete bond0-if2
cat /proc/net/bonding/bond0
Configure VSFTPD
cp /etc/vsftpd/vsftpd.conf vsftpd.conf.orig
vim /etc/vsftpd/vsftpd.conf
/anonymous
anonymous_enable=NO
/ascii
uncomment these
ascii_upload_enable=YES
ascii_download_enable=YES
/ftpd
uncomment
ftpd_banner=Welcom to blah FTP service
Go to end of file (shift g)
add
# Local Time
use_localtime=YES
systemctl start vsftpd
systemctl enable vsftpd
systemctl stop firewalld
systemctl disable firewalld
Use SCP
touch jack
scp jack delsinm@192.168.11.2:/home/deslinm
(delsinm is the name on the SERVER
/home/delsinm is where you want it to go on the SERVER)
enter username and password
file has now been transferred
scp delsinm@remote:/home/delsinm/jack /home/delsinm
capisce?
directories can be sent with scp -r
Use Rsync
rpm -qa | grep rsync
yum install rsync
tar cvf backup.tar
tar cvf backup.tar .
. <- current directory
mkdir /tmp/backups
rsync -zvh backup.tar /tmp/backups/
rsync -azvh /home/delsinm /tmp/backups/
Create a script confirming if the variable number is equal to 100 then print something
!/bin/bash
# comment
count=100
if [ $count -eq 100 ]
then
echo “Count is 100”
else
echo “Count is not 100”
fi <- tell script to exit out, opposite of it
Command to see options for statements
help test
Create if then script for if error file exists
!/bin/bash
# comment
if [ -e /home/delsinm/error.txt ]
then
echo “file exists”
else
echo “file does not exist”
fi
Create script for See jack run play laugh
!/bin/bash
# comment
for i in run play laugh
do
echo “See jack $i”
done
Create candy script
echo
echo “What is your name?”
read name
echo
echo “Hello, $name. What do you like Candy? [y/n]”
read candy
if [ $candy == y -o yes ]
then
echo “I’ll be seeing you later then…”
elif [ $candy == n -o no]
then
echo “Hmm, no fun.”
else
echo “Learn to read”
fi
Create the following output using loop and an arithmetic expression:
Weekday 2 : Mon
Weekday 3 : Tue
Weekday 4 : Wed
Weekday 5 : Thu
Weekday 6 : Fri
!/bin/bash
i=1
for day in Mon Tue Wed Thu Fri
do
echo “Weekday $((i++)) : $day”
done
Create a do-while script that prints
Welcome (number 1-5) and increments up until 5
!/bin/bash
c=1
while [ $c -le 5 ] <- while c is less than and equal to 5
do
echo “welcome $c”
(( c++ )) <- allows c to accumulate
done
Create a case script
!/bin/bash
# comment
echo
echo Please choose one of the options below
echo
echo ‘a = Display Date and Time’
echo ‘b = List users logged in’
echo ‘c = List current user
echo ‘d = Check System uptime’
echo
read choices
case $choices in
a) date;;
b) ls;;
c) who;;
d) uptime;;
*) echo Invalid choice - Bye
esac
;; <- these are like spaces in between
Make an automated ping to 192.168.1.1, use a return value and echo responses to whether it was successful or not
!/bin/bash
ping -c1 192.168.1.1
if [ $? -eq 0 ] <- if return value is equal to 0
then
echo ok
else
echo not ok
fi
This displays the actual ping and your statement afterword
-c1 <- only ping once
$? < - return value
0 = successful
1 = fail
Let’s say we want to not see the output and only our statement. Just add > /dev/null after
If I want to ping servers 192.168.1.1/7/24 how should I create the script?
Create a file called myhosts
192.168.1.1
192.168.1.7
192.168.1.24
:wq
vim mass_ping
hosts=”/home/delsinm/myhosts”
for ip in $(cat $hosts)
do
ping -c1 $ip > /dev/null
if [ $? -eq 0 ]
echo $ip is ok
else
echo $ip is not ok
fi
create an alias for pwd and ls -la together
alias pl=”ls -la; pwd”
create an alias for ls -la for everything that starts with “d”
alias gl=”ls -la | grep ^d”
^ - everything that starts with d
When creating an alias for ls -la | awk ‘{print $1}’ how would you do this
alias look=”ls -la | awk ‘{print $1}’”
Show aliases
now remove one
alias
unalias lap
Where do you store your user/global permanent aliases?
/etc/bashrc
/home/user/.bashrc
