Exam Practice rhcsa 6 Flashcards
password recovery
- go to single usermode with the help of grub #passwd
Note:- if the command does not execute #lokkit --disabled #lokkit --selinux=permissive #passwd
set ip,dns,netmask,gateway
#setup Select network configuration and then set the IP, dns, netmask, gateway #service network restart
create yum client base url
#vi /etc/yum.repos.d/Server.repo [Server] name=Server baseurl=ftp://instructor.example.com/pub/rhel6/dvd/Server enabled=1 gpgcheck=0
\:wq #init 6 to reboot
After reboot check connectivity with Server #ping 192.168.0.254 #nslookup instructor.example.com #yum list #yum repolist
LVM Reduce
Resize your LVM /home to 150MB will range to (130M-160M)
#df -h #lvdisplay ***check the lvm partition*** #umount /home #lvdisplay ****check the name of lvm*** #e2fsck -f /dev/vgsrv/home #resize2fs /dev/vgsrv/home 150M #lvreduce -L 150M /dev/vgsrv/home #df -h **** You will not find the partition**** #mount /dev/vgsrv/home /home #df -h
LVM Extend
Resize your LVM /home to 250 will range to (230M-260M)
#lvextend -L 250M /dev/vgsrv/home #resize2fs /dev/vgsrv/home #df -h
LDAP
Example
Configure an ldap client, where your ldap server is instructor.example.com
LDAP Base DN: (dc=example,dc=com).
Authenticate your ldap server using the certificate
(ftp://instructor.example.com/pub/EXAMPLE-CA=CERT)
You should be able to login as ldapuserX via LDAP. This configuration must be persistant after restart. You will get the home directory only after solving automount question.
#yum groupinstall directory-client #system-config-authentication
Note: dialog box will open in that
Enter details
User Account Dattabase = LDAP
LDAP Search Base DN = dc=example,dc=com
LDAP Server = ldap://instructor.example.com
Check mark TLS and then click download certificate and give the path
ftp://instructor.example.com/pub/EXAMPLE-CA-CERT
authentication Method = LDAP
Apply the setting
Check LDAP
#getent passwd ldapuserX
#su ldapuserX
$exit
NTP, configure your NTP server as instructor.example.com
system-config-date
check mark Synchronize date and time over network. Remove all the NTP SERVER and click ADD and type
Instructor.example.com
Press Enter and press OK
Automount LDAP
Configure automount in such a way that the ldapuserX’s home directory in instructor.example.com:/home/guests/ldapuserX should be mounted as local directory /home/guests/ldapuserX when ldapuserX logs in. This configuration must be persistant after restart password for ldapuser is “password”
#rpm -qa autofs #vim /etc/auto.master Below /misc add the line /home/guests /etc/auto.misc
:wq
#vim /etc/auto.misc Below CD line OR end of the script add the line: ldapuserX -rw,soft,intr instructor.example.com:/home/guests/ldapuserX
:wq!
#service autofs stop #service autofs start #su - ldapuserX #df -h
Kernel Installation update
Install new kernel from UDATE dir on Server. boot the system with the new kernel
#yum install lftp #lftp 192.168.0.254 ~>cd pub ~>cd UPDATE ~>mget *kern* ~> bye #ls #rpm -ivh kern[+TAB] #vi /etc/grub.conf
Check the position of the new kernel if it is 1st position then defaults=0 if it is in 2nd position, the default=1
Create a cron job which will run everyday at 1:30 for user harry
crontab -e -u harry
30 1 * * * /bin/ech “hiya”
FTP anonymous
Create an ftp server in such a way that anonymous user can login & download from the directory /var/ftp/pub/downloads
#yum install vsftp* #head -15 /etc/vsftpd/vsftpd.conf
Check anonymous_enable=YES
#tail -5 /etc/vsftpd/vsftpd.conf check tcp_wrappers=YES
#mkdir -p /var/ftp/pub/downloads #service vsftpd restart #chkconfig --level 35 vsftpd on #ftp 192.168.0.[100+x] check your VM IP
HTTPD Page
Host a webpage on your hostname. Download the page to be hosted from (ftp://instructor.example.com/pub/web/station.html).
Do not make any modifications or changes to this file
#yum install http* #lftp 192.168.0.254 ~>cd pub/web ~>mget stat* ~>bye #ls #mv station.html /var/www/html/index.html #service httpd restart #chkconfig --level 35 httpd on #restorecon -R /var/www/html #elinks http://serverX.example.com
Also check with firefox
Find
locate all files owned by user susan & copy them to /home/lost+found/
#find / -user susan -exec cp -vp {} /home/lost+found/ \;
#cd /home/lost+found
#lsgrep
Search for the text ‘strato’ in the file /usr/share/dict/words & copy this file to a file /root/lines.txt. The new file should not have any blank spaces or lines.
The order of the names in the new file should be same as the order in which it appears in the original file
grep strator /usr/share/dict/words > /root/lines.txt
LVM
Create a logical volume wshare from the volume group wgroup
The volume group should have extents of size 8MiB. The logical volume should have 50 extents. Mount this lvm as /mnt/lvm
fdisk /dev/vda (set an lvm partition to 500M
#partx -a /dev/vda #pvcreate /dev/vda6 #vgcreate -s 8M wgroup /dev/vda6 #vgdisplay wgroup #lvcreate -l 50 -n wshare wgroup #lvdisplay /dev/wgroup/wshare #mkfs.ext4 /dev/wgroup/wshare
note use the right format based on the question
#mkdir /mnt/lvm #vi /etc/fstab
/dev/wgroup/wshare /mnt/lvm ext4 defaults 0 0
#mount -a #df -h #init 6
Set up a default configuration FTP server.
Block ftp connections from hackers.net
# yum install vsftpd # chkconfig vsftpd on # service vsftpd start # vi /etc/sysconfig/iptables-config IPTABLES_MODULES=”nf_conntrack_ftp nf_nat_ftp” # iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 20 -j ACCEPT # iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT # service iptables save # service iptables restart # vi /etc/hosts.deny vsftpd: .hackers.net: DENY
expire user’s account in one week
# date -d “+1week” # usermod -e YYYY-MM-DD bob or # chage -E YYYY-MM-DD bob # chage -l bob
Set up a default configuration webserver. In the index file, place the sentence “This is a test.”.
Make this webserver only accessible to your machine and server1.example.com.
# yum install httpd # chkconfig httpd on # service httpd start echo “This is a test.″ > /var/www/html/index.html # iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT # service iptables save # vi /etc/httpd/conf/httpd.conf Order allow,deny Allow from 127.0.0.1 server1.example.com # service httpd reload
Add 100MB of swap space to your machine using a logical volume.
# lvcreate –name lv_swap2 –size 100M vg # mkswap /dev/vg/lv_swap2 # swapon /dev/vg/lv_swap2 # vi /etc/fstab /dev/vg/lv_swap2 swap swap defaults 0 0
Expand the file system on /home to 2GB in size.
lvresize -r -L 2G /dev/vg/lv_home
Set up a new 100MB logical volume. Encrypt the volume with LUKS and set it up to automatically decrypt and mount to /crypt at boot.
Use the ext4 filesystem and place an empty file in the root of the encrypted filesystem with a name of “test”.
# lvcreate –name crypt –size 100M vg # mkdir /crypt # cryptsetup luksFormat /dev/vg/crypt # cryptsetup luksOpen /dev/mapper/vg-crypt crypt # mkfs.ext4 /dev/mapper/crypt # vi /etc/fstab /dev/mapper/crypt /crypt ext4 defaults 1 2 # mount -a # cryptsetup luksAddKey /dev/vg/crypt /etc/keyfile # chmod 400 /etc/keyfile # vi /etc/crypttab crypt /dev/vg/crypt /etc/keyfile # touch /crypt/test
Set up a job to delete all of the regular files in the /home/bob directory on the second day of every month at 8:30 A.M.
# crontab -e
30 08 02 * * /bin/find /home/bob -type f -exec /bin/rm {} \;Install the appropriate kernel update from http://mirrors.kernel.org/centos/6.4/updates/x86_64/Packages.
The following conditions must also be met:
– the updated kernel is the default kernel when the system is rebooted.
– the original kernel remains available and bootable on the system.
# uname –r # wget http://mirrors.kernel.org/centos/6.4/updates/x86_64/Packages/kernel* # rpm –ivh kernel # vi /etc/grub.conf Check for default (0 or 1)
Set up the automounter, and configure it to read the DVD on the /misc/dvd directory.
# yum install -y autofs # vi /etc/auto.misc dvd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom # service autofs start
Create a file named dontcopy in the /root directory and make it impossible to back it up with the dump command.
# touch /root/dontcopy # chattr +d /root/dontcopy
Install the vsftpd package.
Copy the TUNING file coming with the package into the /root directory.
# yum install -y vsftpd # rpm -ql vsftpd | grep TUNING # cd /usr/share/doc/vsftpd… # cp TUNING /root
install a httpd server. Make it serve files from /www/html.
Write a file called index.html displaying “Hello world!“.
# yum groupinstall -y “Web server” # yum install -y setroubleshoot-server elinks # cp -rp /var/www/* /www # cd /etc/httpd/conf # sed -e “s:DocumentRoot \”/var/www/html\”:DocumentRoot \”/www/html\”:g” httpd.conf > httpd.conf2 # mv -f httpd.conf2 httpd.conf # service httpd configtest # echo Hello world! >/www/html/index.html # semanage fcontext -a -t httpd_sys_content_t “/www(/.*)?” # restorecon -r /www # iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT # service iptables save # chkconfig httpd on # service httpd start # elinks http://localhost
Remove all the files from the /etc/yum.repos.d directory.
Set up a repository for the Base packages from (US)University of Oklahoma’s (http://mirror.oss.ou.edu/centos/) or (Germany)ATrpms’s (http://mirror.atrpms.net/centos/) or (China)Beijing Institute of Technology’s (http://mirror.bit.edu.cn/centos/) according to your geographical localization.
# cd /etc/yum.repos.d # /bin/rm * # vi local.repo [base] name=University of Oklahoma – Base baseurl=http://mirror.oss.ou.edu/centos/$releasever/os/$basearch/ enabled=1 gpgcheck=0 # yum clean all # yum repolist all
Create a directory called project in /home.
Create two groups called admins and dbas with gid respectively 50001 and 50002.
Put andrew account into the admins group and steven account into the dbas group, each time as a secondary group.
Configure the project directory for group collaboration among members of the admins and dbas groups with no access for all other users.
# mkdir /home/project # groupadd -g 50001 admins; groupadd -g 50002 dbas # usermod -aG admins andrew # usermod -aG dbas steven # setfacl -m g:admins:rwx /home/project # setfacl -m g:dbas:rwx /home/project # setfacl -m o:— /home/project
Configure a cron job for the root user to search for files named core in the /usr directory and delete them on every sunday at 11:55pm system time.
# crontab -e
55 23 * * 0 /bin/find /usr -name core -exec /bin/rm {} \;Create a script called cmd in the /root directory that displays “Zero” if no parameter is given, “One” if only one and “Several” if more than one.
# cd /root # vi cmd !#/bin/bash case $# in 0) echo “Zero”;; 1) echo “One”;; *) echo “Several”;; esac # chmod u+x cmd
Allow ssh access only from the 192.168.1.0/24 network.
# iptables -I INPUT ! -s 192.168.1.0/24 -m tcp -p tcp –dport 22 -j REJECT # service iptables save
What command to get a synthetic view of the disk organization?
lsblk
Write a Bash script called prog.sh in the /root directory that creates 40 files of 2MB each with the fallocate command in the mounted /xfs directory. Each file has got a name as follows: .file_N where N is a number from 1 to 40.
cd /root
vi prog.sh
#!/bin/bash
cd /xfs N=40 while [ “$N” -gt 0 ] do fallocate -l 2M .file_$N N=`expr $N – 1` done ——————– # chmod u+x prog.sh # ./prog.sh
Create a cron job running as root, starting at 11PM every day and writing a report on daily system resource consumption in the /var/log/consumption.log file.
# crontab -e 00 23 * * * /usr/bin/sar -A > /var/log/consumption.log
