Difficult RHCSA

Question 1

Create a localrepo

Answer 1

Add disk with an iso
cd /
mkdir localrepo
df -h (do this to find path)
(the name of your disk will have spaces in it, cd into it and space to find the correct way to put it)
cd /disk….
cd Appstream
cd Packages
ls -ltr | wc -l (just to see how many packages)
du -sh (to see if we have enough storage)
cp -rv * /localrepo, (just grab one or two to save space)
rm -rf /etc/yum.respos.d/*
vim /etc/yum.repos.d/local.repo

[centos7]
name=centos7
baseurl=file:///localrepo/ (this is the directory we created)
enabled=1
gpgcheck=0
:wq

yum install createrepo
createrepo /localrepo/ (creates database for yum command)

yum clean all (clears cache from old repository)

yum repolist all (shows all repos)

REMEMBER:
If you’re running selinux on your reposerver, you need to change the context of the repo!!!!!

Question 2

download ksh
Show ksh’s information
Show where configuration files are located

Answer 2

rpm -hiv ksh-23512.rpm
rpm -qa | grep ksh
rpm -qi ksh-23512.rpm
rpm -e ksh-23512.rpm
rpm -qa | grep ksh
which ksh
rpm -qf /usr/bin/ksh

Question 3

Install screen via yum
rollback screen
(if you have an older version of screen this will just rollback the new one/update that you just installed)

Answer 3

Yum history undo 2

Question 4

Describe dns record names

Answer 4

Host to IP - A Record

IP to Hostname - PTR Record

Hostname to Hostname - CNAME Record

Host - to - Host is if you have a bunch of servers and you all want them to have the same alias, since the other servers will technically have different names.

Question 5

View all available time zones
Set time zone to Newyork
Set the date
set date and time
Sync time with ntp

Answer 5

timedatectl list-timezones

timedatectl set-timezone “America/New_York”

timedatectl set-time 2023-05-12
timedatectl set-time ‘2023-05-12 00:39:00;
timedatectl set-ntp true
timedatectl
check if chronyd or ntpd is running if timedatectl shows it is not synced

Question 6

Install and use sendmail

Answer 6

yum install sendmail
yum install sendmail-cf
vim /etc/mailsendmail.mc

This is where you would put the FQDN of the mail server:
dnl define(‘SMART_HOST’,`smtp.your.provider’)dnl

(dns means comment)

systemctl restart sendmail

ps -ef | grep sendmail

mail -s “Hello!” joshcahoe@gmail.com
Welcome to fart
^d

Question 7

Download and configure rsyslog

Answer 7

rpm -qa | grep rsyslog

vim /etc/rsyslog.conf
(If you’re sending syslog info to another server change the #*** @@remote-host:514)

systemctl start rsyslog
systemctl enable rsyslog

Question 8

Where would you go to access the ssh configuration to change the port?
disable root login

What should you do afterword?

Answer 8

/etc/sshd/ssh_conf
PermitRootLogin no

let selinux know
semanage port -a -t ssh_port_t -p tcp 5183

open port on firewall

Question 9

Send a keep alive message out every 600 seconds, if there is no response after 1 then close the ssh connection

This just makes sure there is a network connection

Answer 9

vim /etc/ssh/sshd_config
ClientAliveInterval 600 (seconds that a keep alive message is sent out)
ClientAliveCountMax 0 (You send one keep alive every 300 seconds and disconnect after 0 answers are missed.)
systemctl restart sshd

This checks if there is still a network connection

Question 10

Remove empty password connections

Answer 10

vim /etc/ssh/sshd_config
remove hash from
PermitEmptyPasswords
systemctl restart sshd

Question 11

Only allow one user in ssh

Answer 11

vim /etc/ssh/sshd_config
AllowUsers josh danny
systemctl restart sshd

Question 12

Generate SSH-keys
Copy keys to the server
Login to test

Answer 12

ssh-keygen

Prompt will comup for where to save your key, this is the path, enter will use default location

Passphase enter

Copy the SHA256 key

ssh-copy-id root@lollipop
enter password for server’s root
(this copys to server’s folder : root/.ssh/authorized_keys)

Question 13

Install and configure cockpit

Answer 13

via server

ping 8.8.8.8 to check network connectivity

yum install cockpit -y

rpm -qa | grep cockpit

systemctl start cockpit
systemctl enable cockpit
systemctl status cockpit

(cockpit is tcp 9090)

firewall-cmd –permanent –add-port=9090/tcp
firewall-cmd –permanent –add-service=cockpit
firewall-cmd –reload

Question 14

Where is your DNS server stored?

Answer 14

/etc/resolv.conf

Question 15

Show info about ens33

Answer 15

ethtool ens33

Question 16

Bond two ports

Answer 16

modinfo bonding
if you don’t have it install it - modprobe bonding
In the description it should say if you have it here

Create Bond interface file
vim /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
TYPE=Bond
NAME=bond0
BONDING_MASTER=yes
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.1.80
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
BONDING_OPTS=”mode=5 miimon=100”

:wq

vim /etc/sysconfig/network=scripts/ifcfg-enp0s3
d10d
TYPE=Ethernet
BOOTPROTO=none
DEVICE=enp0s3
HWADDR=”MAC NUMBER FOR IFCONFIG”
MASTER=bond0
SLAVE=yes

:wq

Do this for the other NIC

BOOTPROTO - NONE/STATIC (FOR THE IP) (BOOT PROTOCOL - WHAT TO DO UPON BOOT)
ONBOOT=yes - ENABLE WHEN SYSTEM BOOTS

cat /proc/net/bonding/bond0

Question 17

What does this mean:
BONDING_OPTS=”mode=5 miimon=100”

Answer 17

mode =
0 Round Robin - Packets are sequentially transmitted received through each interface one by one

1 Active Backup - One up and the other comes up if the other goes down

2 XOR (exclusive OR) - MAC is recorded and all traffic coming from it goes down same link

3 Broadcast - Transmitted of all slaves

4 Dynamic Link Aggregation - NICS act as one so you get higher throughput

5 Transmit Load Balance - Based on load of slave.

6 Adaptive Load Balancing - Load Balanced through ARP negotiation

miimon (media independent interface monitoring)- Specifies the MII link monitoring frequency in milliseconds - determines how often the link state of slaves inspected for failure

Question 18

Edit the network via the text editor delete new adapters IP then create bonding/team (team is same thing) (remember this will cut off network connection so you have to do it locally)

Answer 18

nmtui
edit connection
Wired connection 1 -> delete this one we added from vmware
remove network connection main (this just deletes IP)
add Team (bond is older version)
Profile name - team1
tab down to slaves and add
Ethernet
Profile name - enp0s3
device enp0s3 (or whatever)
ok
(then add the next one)
change IPv4 to Manual
show
add the address, gateway, etc

Question 19

configure an interface with nmcli

Answer 19

nmcli device (shows all devices)

nmclie connection modify enp0s3 ipv4.addressess 10.253.1.211/24

nmclie connection modify enp0s3 ipv4.gateway 192.168.1.1

nmclie connection modify enp0s3 ipv4.method manual

nmclie connection modify enp0s3 ipv4.dns 8.8.8.8

nmcli connection down enp0s3

nmcli connection up enp0s3

nmcli connection show –active

nmcli connection modify enp0s3 +ipv4.addresses 10.253.1.211/24

nmcli connection reload (does the same as up/down)

systemctl reboot

ip address show

nmcli connection show enp0s3

Question 20

Create a bond with nmcli

Answer 20

nmcli connection add type bond con-name “Bondconn1” ifname bond0

nmcli connection modify Bondconn1 bond.options “mode=active-backup”

nmcli connection add type ethernet slave-type bond con-name bond0-if1 ifname ens5 master bond0

nmcli connection add type ethernet slave-type bond con-name bond0-if2 ifname ens6 master bond0

sudo nmcli connection delete bond0-if2

cat /proc/net/bonding/bond0

Question 21

Configure VSFTPD

Answer 21

cp /etc/vsftpd/vsftpd.conf vsftpd.conf.orig

vim /etc/vsftpd/vsftpd.conf
/anonymous
anonymous_enable=NO
/ascii
uncomment these
ascii_upload_enable=YES
ascii_download_enable=YES
/ftpd
uncomment
ftpd_banner=Welcom to blah FTP service

Go to end of file (shift g)
add
# Local Time
use_localtime=YES

systemctl start vsftpd
systemctl enable vsftpd
systemctl stop firewalld
systemctl disable firewalld

Question 22

Use SCP

Answer 22

touch jack
scp jack delsinm@192.168.11.2:/home/deslinm
(delsinm is the name on the SERVER
/home/delsinm is where you want it to go on the SERVER)

enter username and password

file has now been transferred

scp delsinm@remote:/home/delsinm/jack /home/delsinm

capisce?

directories can be sent with scp -r

Question 23

Use Rsync

Answer 23

rpm -qa | grep rsync
yum install rsync
tar cvf backup.tar

tar cvf backup.tar .
. <- current directory
mkdir /tmp/backups
rsync -zvh backup.tar /tmp/backups/

rsync -azvh /home/delsinm /tmp/backups/

Question 24

Create a script confirming if the variable number is equal to 100 then print something

Answer 24

!/bin/bash

# comment
count=100
if [ $count -eq 100 ]
then
echo “Count is 100”
else
echo “Count is not 100”
fi <- tell script to exit out, opposite of it

Question 25

Command to see options for statements

Answer 25

help test

Question 26

Create if then script for if error file exists

Answer 26

!/bin/bash

# comment
if [ -e /home/delsinm/error.txt ]
then
echo “file exists”
else
echo “file does not exist”
fi

Question 27

Create script for See jack run play laugh

Answer 27

!/bin/bash

# comment
for i in run play laugh
do
echo “See jack $i”
done

Question 28

Create candy script

Answer 28

echo
echo “What is your name?”
read name
echo
echo “Hello, $name. What do you like Candy? [y/n]”
read candy
if [ $candy == y -o yes ]
then
echo “I’ll be seeing you later then…”
elif [ $candy == n -o no]
then
echo “Hmm, no fun.”
else
echo “Learn to read”
fi

Question 29

Create the following output using loop and an arithmetic expression:
Weekday 2 : Mon
Weekday 3 : Tue
Weekday 4 : Wed
Weekday 5 : Thu
Weekday 6 : Fri

Answer 29

!/bin/bash

i=1
for day in Mon Tue Wed Thu Fri
do
echo “Weekday $((i++)) : $day”
done

Question 30

Create a do-while script that prints
Welcome (number 1-5) and increments up until 5

Answer 30

!/bin/bash

c=1
while [ $c -le 5 ] <- while c is less than and equal to 5
do
echo “welcome $c”
(( c++ )) <- allows c to accumulate
done

Question 31

Create a case script

Answer 31

!/bin/bash

# comment
echo
echo Please choose one of the options below
echo
echo ‘a = Display Date and Time’
echo ‘b = List users logged in’
echo ‘c = List current user
echo ‘d = Check System uptime’
echo

read choices
case $choices in

a) date;;
b) ls;;
c) who;;
d) uptime;;
*) echo Invalid choice - Bye
esac

;; <- these are like spaces in between

Question 32

Make an automated ping to 192.168.1.1, use a return value and echo responses to whether it was successful or not

Answer 32

!/bin/bash

ping -c1 192.168.1.1
if [ $? -eq 0 ] <- if return value is equal to 0
then
echo ok
else
echo not ok
fi

This displays the actual ping and your statement afterword

-c1 <- only ping once
$? < - return value
0 = successful
1 = fail

Let’s say we want to not see the output and only our statement. Just add > /dev/null after

Question 33

If I want to ping servers 192.168.1.1/7/24 how should I create the script?

Answer 33

Create a file called myhosts
192.168.1.1
192.168.1.7
192.168.1.24
:wq

vim mass_ping

hosts=”/home/delsinm/myhosts”

for ip in $(cat $hosts)
do

ping -c1 $ip > /dev/null
if [ $? -eq 0 ]
echo $ip is ok
else
echo $ip is not ok
fi

Question 34

create an alias for pwd and ls -la together

Answer 34

alias pl=”ls -la; pwd”

Question 35

create an alias for ls -la for everything that starts with “d”

Answer 35

alias gl=”ls -la | grep ^d”

^ - everything that starts with d

Question 36

When creating an alias for ls -la | awk ‘{print $1}’ how would you do this

Answer 36

alias look=”ls -la | awk ‘{print $1}’”

Question 37

Show aliases
now remove one

Answer 37

alias
unalias lap

Question 38

Where do you store your user/global permanent aliases?

Answer 38

/etc/bashrc
/home/user/.bashrc