Extras Flashcards

1
Q

mount an ISo

A

mount -o loop media.iso /media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Set same SELinux context for a directory

A

chcon -R –reference=/var/www/html/ /var/www/html/inst

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

FTP and http file location

A

vsftp server is /var/ftp/pub

HTML is /var/www/html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

add/remove software tool is located

A

System -> administration -> add/Remove Software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

List of packages needed for virtualization

A

qemu-kvm - the main kvm packagepython-virtinst - command line tools and libraries for creating VMS
virt-manager - GUI VM administration toolvirt-top - command for VM statisticsvirt-viewer - GUI connection to configure VMs
libvirt - c language toolkit with the libvirtd servicelibvirt-client - c language toolkit for VM client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

check if the right VM modules are located

A
#lsmod | grep kvm
output should return either kvm-intel or kvm-adm
if the output is different or no output run this command to add:
#modprobe kvm
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

virt-install

A
You can also use the virt-install --prompt command to set virtual machines, just enter information as asked such as RAM, CPU, and so forth
# virt-install --prompt
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

virt-install to install a VM with a kickstart file

A

The virt-install –prompt command can be used to install from a kickstart. Example
# virt-install -n outside1.example.org -r 768 –dis \
path=/var/lib/libvirt/images/outsider1.example.org.img \
-l ftp://192.168.122.1/pub/inst \
-x “ks=ftp://192.168.122.1/pub/ks1.cfg”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

switches for the virt-install command

A
  • n (–name) sets the name of a VM
  • r (–ram) configures the amount of RAM in MB
  • -disk defins the virtual disk
  • l (–location) specifies the directory or URL with the installation files
  • x (–extra-args=) includes extra data, such as the url of a kickstart file.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

virt-clone –prompt

A

the virt-clone –prompt command can be used t oclone an existing VM. Make sure the system to be cloned is shutdown.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Tools of interest for administrative purposes

A
  • telnet and nmap to verify remove access to open ports- mutt as an email client to verify the functionality of an email server
  • elinks as a web browser to make sure web services are accessible
  • lftp to access ftp servers with command completion
    #telnet localhost 21
    # nmap localhost
    #mutt -f pop://username@host
    you can also use the mail command as:
    $mail Michaelsubject: test
    cc: marth@example.com
    $mail -s ‘host file’ < /etc/hosts root@localhost
    $elinks http://127.0.0.1/inst
    $lftp ftp.example.org -u frany
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

lftp standard commands

A

cd - changes the current working directory at the remote host
ls - list files at the remote host
get - retrieve one file from the remote host
mget - retrieve a group of files from the remote host
put - uploads one file from your computer to remote hostmput - uploads a group of files to remote host
pwd - list current working directory to the remote host
quit - ends the FTP session
!ls - list files on your host computer in the current directory
!cd - change the local host directory fur upload/download
!pwd - list current working directory on local host computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The Alias command examples

A
some alias command examples:
#alias cp='cp -i'
#alias l.='ls -d .* --color-=auto'
#alias ll='ls -l --color=auto'
#alias rm='rm -i'
#alias rm ='mv -t ~/.trash'
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

the locate command database

A

the locate command database is normally updated only once each day base on this cron /etc/cron.daily/mlocate.cron (might have to manually run)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Specialized variations on the vi command:

A
vipw  - edit /etc/passwd
vigw - edit /etc/group
visudo - etdit /etc/sudoers
vipw -s - edit /etc/shadow
vigr -s - edit /etc/gshadow
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

arp command

A

The arp command displays a table of hardware and IP addresses on the local computer. ARP can help detect problem such as duplicate addresses on the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

displaying routing table

A
#netstat -r  -> displays routing table, similar to route
#route -n  -> similar to 
#netstat -rn
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

get dhcp info

A

dhclient eth0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

two tools that can be used to configure network devices:

A

System-config-network -GUI
nm-connection-edit - GUI command line
System-preferences-network connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

check DNS server

A
if in doubt about whether the DNS server is operational:
#dig @192.168.122.1 mheducation.com
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

default umask

A

The default umask is driven by the /etc/bashrc file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

remount a file system

A

mount -o remount /home

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

common ports

A
21 - FTP
22 - secure shell (SSH)
23 - telnet
25 - SMTP
53 - DNS
80 - http
88 - kerberos
110 - pop
139 - netbios
143 - IMAP
443 - https
993 - IMAP over SSL
2049 - NFS
4995 - POP over SSL
69 - TFTP
139 & 445 as well as UDP 137 & 138 - SAMBA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

diagnose error when running semanage login -l

A
#yum whatprovides /usr/sbin/semanage
#yum -y install policycoreutils-python
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

options for SELinux user roles

A
  • guest_u no GUI, no networking, no access to the SU or sudo command
  • xguest_u GUI, networking only via the firefox web browser
  • user_u GUI and networking available
  • staff_u GUI, networking, and the sudo command available-unconfined_u Full system access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

tools to search /var/log/audit

A
#ausearch -m avc -c sudo
#sealert -a /var/log/audit/audit.log
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

other facl command

A
#getfacl file | setfacl --set-file = - file2  -> copy acl from file1 to file2
#getfacl --access dir | setfacl -d -M-dir  -> copy the access acl into the default ACL
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

GRUB common errors

A

error 15: file not found - the partition was mounted; the kernel was not found on that partition. Cause: root(hdx,y) directive does not point to the partition with /boot directory
ERROR 17: cannot mount selected partition: the partition is not formatted to a filesystem with files. Cause: the root(hdx,y) directive points to a partition formatted to a system such as linux swap
ERRO 22: no such partition: there is no partition specified by the root (hdx,y) directive.

29
Q

list commands at group command line

A

To see a list of commands at the GRUB command line, press the tab key at the grub > prompt. To find the grub.conf file (find the /boot directory)grub
> find /grub/grub.confAnother way to find the /boot directorygrub
> root
to confirm the location of grub.conf, run the cat command:grub
> cat (hd0,0) /grub/grub.conf

30
Q

to see the files installed with a package

A

rpm -ql upstart

31
Q

parameters in /etc/sysconfig/init

A

The parameters in the /etc/sysconfig/init specify how the system looks and feels during the boot process

32
Q

virtual consoles

A

virtual consoles are configured in files /etc/sysconfig/init and the /etc/init directory.

33
Q

examples for the route command

A
#route add default gw 192.168.122.1  > adding a default route
#route add default gw 0.0.0.0
#route add -net 192.168.0 netmask 255.255.255.0 dev eth1-----> sets up a route to the noted network/subnet mask combination through the second ethernet device
34
Q

Netstat

A

Netstat can do a lot more such as identifying open services on the local system#netstat atnp

35
Q

adding an arp entry

A

arp -s buggy 00.00.00.cf.a1.33

36
Q

delete an arp entry

A

arp -d buggy

37
Q

/etc/sysconfig/network directives

A

**NETWORKING - > can be yes or no, to configure or not configure networking
NETWORKING_IPV6 -> can be yes or no for ipv6NSDOMAIN -> set the name of NIS domain, if connected to a NIS network
**
HOSTNAME -> set the hostname of the local computer (can be set by the DHCP server)
GATEWAY -> set the IP address for the gateway(can be set by the DHCP server)
GATEWAYDEV - > sets the network device, such as eth0, that this computer uses to reach a gateway. there’s no need fo rthis directive if there is only one network card.

38
Q

using the GUI network manager configuration tool

A
You may need to first install the associated package:
#yum install NetworkManager-gnome
you can start GUI network connections tool
#nm-connection-editor
39
Q

Creating a swap partition example using fdisk

A
#fdisk /dev/sdb
command (m for help): n
ppartition number(1-4): 1
first sector default:...last sector:200MB
command(m for help): p
command(m for help): t
HEX code (type L to list codes): 82
command(m for help): w
when done follow by
#mkswap /dev/sdb1
#swapon /dev/sdb1
40
Q

set a partition to a different type in parted

A

(parted)set
partition number?
1flag to Invert?
lvmnew state? [on]/off on

41
Q

to see the swap space currently configured

A
run the command:
#cat /proc/swaps
42
Q

checking a partition

A
#umount /var
#fsck -t ext4 /dev/sda7
#mount /dev/sda7 /var
43
Q

disk utility GUI

A
One graphical tool that you can use for storage management is the disk utility, which is available from the gnome-disk-utility package. To access from the command line
#palimpsest
44
Q

empty partition

A

For parted for a new empty partition, you need to create a label. You will get this message “unrecognized disk label” error; run first the mklabel command(parted) mklabel msdos(parted) mkpart

45
Q

formatting partitions

A
-remember: for these command below, you need the appropriate partition
#mkfs.cramfs - create a compressed ROM filesystem
#mkfs.ext2 - formats a volume to the ext2 fs
#mkfs.ext3 - formats a volume to the ext3 fs
#mkfs.ext4 - formats a volume to the text4 fs
#mkfs.msdos -> or mkfs.vfat, or mkdosfs microsoft vfat, not bootable
#mkfs.exfs - formats a volume to the xfs fs
#mkswap - format a volume to the linux swap file system
46
Q

LVM command installed(many exists, but only four are active)

A

LVM - brings you an LVM prompt to run other commands, type help to see a list
lvmconf - can modify the default settings in the related configuration file /etc/lvm/lvm.conf
lvmdiskscan - scans all available drives for LVM-configured partitions
lvmdump - sets up a configuration report in the root administrative user’s home directory(/root)

47
Q

To use the GUI logical volume management tool

A

yum install system-config-lvm

48
Q

Volume encryption with the linux unified key setup (LUKS)

A

LUKS works on a block levelLUKS-protected system requires either a passphrase or a keyfile

49
Q

encrypting a filesystem mounted on a specific directory

A
You need the dm_crypt module
#lsmod | grep dm_cryptif you don't see an output regarding dm_crypt run:
#modprobe dm_cryptYou'll need to install the cryptsetup-luks RPM package
#yum install cryptsetup
50
Q

Create a LUKS-based filesystem with cryptsetup

A
#cryptsetup luksformat /dev/sda1 -> 
first create a passphrase-
 once the partition is encrypted, it can't be read. Before you can format it, it must be mapped
First you need the UUID of the device. This command creates a UUID for the newly encrypted /dev/sda1 device:
#cryptsetup luksUUID /dev/sda1  -> generates a UUID
#cryptsetup luksopen /dev/sda  uuid number- the mapped device should now appear in the /dev/mapper directory(instead of using a UUID you can use a word like test, unless required in the exam)
51
Q

find the UUID associated with a particular encrypted filesystem

A
#dumpe2fs /dev/mapper/test | grep UUID
You can also use the blkld command to get the UUID
52
Q

mounting a luks formatted filesystem

A
If the LUKS formatted filesystem /dev/mapper/test is to be mounted on the directory named /shared, you could add the following lines in /etc/cryptttab:shared /dev/mapper/test   noneshared  UUID=uuidnumber none-You can verify how partitions are actually mounted in the /etc/mtab
#cat /etc/mtab
53
Q

description of entries in /etc/fstab example

A

/dev/dsa1 (device)/home (mount point)ext4 (fs format)defaults(mount option)0 0 ( Dump value followed by FS check order)

54
Q

dump value

A

Either 0 or 1. A value of 1 means that data is automatically saved to disk by the dump command when you exit Linux

55
Q

filesystem check order

A

Determines the order that filesystems are checked by fsck command during the boot process. The root directory(/) should be set to 1, and other local filesystems should be set to 2. Removable filesystems such as those associated with CD/DVD devices should be set to 0, which means they are not checked during the Linux boot process

56
Q

List of virtual filesystems in /etc/fstab

A

tmpfs - a virtual memory filesystem that uses both RAM & swap space
devpts - filesystem relates to Pseudo - terminal devices
sysfs - filesystem provides dynamic info about system devices. Explore the associated /sys directory
proc - provides dynamically configurable options for changing the behavior of the kernel

57
Q

mount a cd/dvd

A

mount -t iso 9660 /dev/sr0 /mnt

58
Q

best option to mount nfs

A
#mount -t nfs server1:/pub share fsmount nfs
or add to /etc/fstabserver1:pub  /share  nfs  rsize=8192,wsize=8192,time=14,intr,udp  00
59
Q

option for mounting samba directories

A

in /etc/fstab//server/pub /share cifs rw,username=user,password=passd, 0 0
or//server/pub /share cifs rw,credentials/etc/secret 0 0
then your /etc/secrent content:username=userpassword = password

60
Q

yum-config-manager

A
To get the full list of yum configuration directives and their current values, run the following command
#yum-config-managerThis command requires the installation of the yum-util package.
61
Q

additional yum commands

A
#yum info samba  -> similar to #rpm -qi samba (query about samba
#yum erase package -> removes package
#yum whatprovides */*.repo
#yum grouplist  
#yum groupinfo "Remote desktop clients"
#yum group install groupPackage name
#yum group install "print server" -x paps -x gutenprint-cups -> exclude paps & gutenprint from being installed
#yum groupremove "Print Server"
#yum createrepo  -> helps you setup a local directory
#yum downloader cups
#yum-config-manager  -> can display all current settings for each repository as well as downloaded individual RPM packages
#yum downloader
62
Q

local access

A

local access is regulated in the /etc/security file

63
Q

to set a password for a group

A

gpasswd group

64
Q

configure a client as an LDAP client

A

you can edit /etc/openldap/ldap.conf and add
URL ldap:127.0.0.1HOST tester.example.comBASE dc=example,dc=com
TLS_CACERTDIR /etc/openldap/cacerts

65
Q

The name service switch file

A
/etc/nsswitch.conf, governs how a computer seachers for key files as password databases. It can be configured to look through LDAP and other server databases such as /etc/hosts   
hosts: files ldap dns
You can also add settings
passwd: files ldap
shadow: files ldap
group : files ldap
66
Q

VNC

A

vnc communication normally proceeds on port 5900, must be open to enable communication.The gnome-base VNC server is known as vino. TigerVNC server, based on tightvnc server also exists

67
Q

vnc gnome

A
you can use the vncviewer command to connect to a vnc server
#vncviewer 192.168.122.1  :2To use the GNOME-based vino server, after it's installed
#vino-preferences
68
Q

password protect grub

A
First create an md5 passwd
#grub-md5-cryptpasswod:
Then edit /boot/grub/grub.conf under the timeout line in the main section enter
passwd --md5
69
Q

setup ftp to only allow specific IPs

A
#yum install -y vsftp*
#vi /etc/vsftpd/vsftpd.conf
verify that this is present or add:  tcp_wrappers=YES
#service vsftpd restartIn /etc/hosts.deny deny everyone for vsftpd :vsftpd: ALL
Then, in /etc/hosts.allow add the authorized IPs :vsftpd:192.168.0.39 192.168.0.50