Extras

Question 1

mount an ISo

Answer 1

mount -o loop media.iso /media

Question 2

Set same SELinux context for a directory

Answer 2

chcon -R –reference=/var/www/html/ /var/www/html/inst

Question 3

FTP and http file location

Answer 3

vsftp server is /var/ftp/pub

HTML is /var/www/html

Question 4

add/remove software tool is located

Answer 4

System -> administration -> add/Remove Software

Question 5

List of packages needed for virtualization

Answer 5

qemu-kvm - the main kvm packagepython-virtinst - command line tools and libraries for creating VMS
virt-manager - GUI VM administration toolvirt-top - command for VM statisticsvirt-viewer - GUI connection to configure VMs
libvirt - c language toolkit with the libvirtd servicelibvirt-client - c language toolkit for VM client

Question 6

check if the right VM modules are located

Answer 6

#lsmod | grep kvm
output should return either kvm-intel or kvm-adm
if the output is different or no output run this command to add:
#modprobe kvm

Question 7

virt-install

Answer 7

You can also use the virt-install --prompt command to set virtual machines, just enter information as asked such as RAM, CPU, and so forth
# virt-install --prompt

Question 8

virt-install to install a VM with a kickstart file

Answer 8

The virt-install –prompt command can be used to install from a kickstart. Example
# virt-install -n outside1.example.org -r 768 –dis \
path=/var/lib/libvirt/images/outsider1.example.org.img \
-l ftp://192.168.122.1/pub/inst \
-x “ks=ftp://192.168.122.1/pub/ks1.cfg”

Question 9

switches for the virt-install command

Answer 9

• n (–name) sets the name of a VM
• r (–ram) configures the amount of RAM in MB
• -disk defins the virtual disk
• l (–location) specifies the directory or URL with the installation files
• x (–extra-args=) includes extra data, such as the url of a kickstart file.

Question 10

virt-clone –prompt

Answer 10

the virt-clone –prompt command can be used t oclone an existing VM. Make sure the system to be cloned is shutdown.

Question 11

Tools of interest for administrative purposes

Answer 11

• telnet and nmap to verify remove access to open ports- mutt as an email client to verify the functionality of an email server
• elinks as a web browser to make sure web services are accessible
• lftp to access ftp servers with command completion
  #telnet localhost 21
  # nmap localhost
  #mutt -f pop://username@host
  you can also use the mail command as:
  $mail Michaelsubject: test
  cc: marth@example.com
  $mail -s ‘host file’ < /etc/hosts root@localhost
  $elinks http://127.0.0.1/inst
  $lftp ftp.example.org -u frany

Question 12

lftp standard commands

Answer 12

cd - changes the current working directory at the remote host
ls - list files at the remote host
get - retrieve one file from the remote host
mget - retrieve a group of files from the remote host
put - uploads one file from your computer to remote hostmput - uploads a group of files to remote host
pwd - list current working directory to the remote host
quit - ends the FTP session
!ls - list files on your host computer in the current directory
!cd - change the local host directory fur upload/download
!pwd - list current working directory on local host computer

Question 13

The Alias command examples

Answer 13

some alias command examples:
#alias cp='cp -i'
#alias l.='ls -d .* --color-=auto'
#alias ll='ls -l --color=auto'
#alias rm='rm -i'
#alias rm ='mv -t ~/.trash'

Question 14

the locate command database

Answer 14

the locate command database is normally updated only once each day base on this cron /etc/cron.daily/mlocate.cron (might have to manually run)

Question 15

Specialized variations on the vi command:

Answer 15

vipw  - edit /etc/passwd
vigw - edit /etc/group
visudo - etdit /etc/sudoers
vipw -s - edit /etc/shadow
vigr -s - edit /etc/gshadow

Question 16

arp command

Answer 16

The arp command displays a table of hardware and IP addresses on the local computer. ARP can help detect problem such as duplicate addresses on the network

Question 17

displaying routing table

Answer 17

#netstat -r  -> displays routing table, similar to route
#route -n  -> similar to 
#netstat -rn

Question 18

get dhcp info

Answer 18

dhclient eth0

Question 19

two tools that can be used to configure network devices:

Answer 19

System-config-network -GUI
nm-connection-edit - GUI command line
System-preferences-network connections

Question 20

check DNS server

Answer 20

if in doubt about whether the DNS server is operational:
#dig @192.168.122.1 mheducation.com

Question 21

default umask

Answer 21

The default umask is driven by the /etc/bashrc file

Question 22

remount a file system

Answer 22

mount -o remount /home

Question 23

common ports

Answer 23

21 - FTP
22 - secure shell (SSH)
23 - telnet
25 - SMTP
53 - DNS
80 - http
88 - kerberos
110 - pop
139 - netbios
143 - IMAP
443 - https
993 - IMAP over SSL
2049 - NFS
4995 - POP over SSL
69 - TFTP
139 & 445 as well as UDP 137 & 138 - SAMBA

Question 24

diagnose error when running semanage login -l

Answer 24

#yum whatprovides /usr/sbin/semanage
#yum -y install policycoreutils-python

Question 25

options for SELinux user roles

Answer 25

• guest_u no GUI, no networking, no access to the SU or sudo command
• xguest_u GUI, networking only via the firefox web browser
• user_u GUI and networking available
• staff_u GUI, networking, and the sudo command available-unconfined_u Full system access

Question 26

tools to search /var/log/audit

Answer 26

#ausearch -m avc -c sudo
#sealert -a /var/log/audit/audit.log

Question 27

other facl command

Answer 27

#getfacl file | setfacl --set-file = - file2  -> copy acl from file1 to file2
#getfacl --access dir | setfacl -d -M-dir  -> copy the access acl into the default ACL

Question 28

GRUB common errors

Answer 28

error 15: file not found - the partition was mounted; the kernel was not found on that partition. Cause: root(hdx,y) directive does not point to the partition with /boot directory
ERROR 17: cannot mount selected partition: the partition is not formatted to a filesystem with files. Cause: the root(hdx,y) directive points to a partition formatted to a system such as linux swap
ERRO 22: no such partition: there is no partition specified by the root (hdx,y) directive.

Question 29

list commands at group command line

Answer 29

To see a list of commands at the GRUB command line, press the tab key at the grub > prompt. To find the grub.conf file (find the /boot directory)grub
> find /grub/grub.confAnother way to find the /boot directorygrub
> root
to confirm the location of grub.conf, run the cat command:grub
> cat (hd0,0) /grub/grub.conf

Question 30

to see the files installed with a package

Answer 30

rpm -ql upstart

Question 31

parameters in /etc/sysconfig/init

Answer 31

The parameters in the /etc/sysconfig/init specify how the system looks and feels during the boot process

Question 32

virtual consoles

Answer 32

virtual consoles are configured in files /etc/sysconfig/init and the /etc/init directory.

Question 33

examples for the route command

Answer 33

#route add default gw 192.168.122.1  > adding a default route
#route add default gw 0.0.0.0
#route add -net 192.168.0 netmask 255.255.255.0 dev eth1-----> sets up a route to the noted network/subnet mask combination through the second ethernet device

Question 34

Netstat

Answer 34

Netstat can do a lot more such as identifying open services on the local system#netstat atnp

Question 35

adding an arp entry

Answer 35

arp -s buggy 00.00.00.cf.a1.33

Question 36

delete an arp entry

Answer 36

arp -d buggy

Question 37

/etc/sysconfig/network directives

Answer 37

**NETWORKING - > can be yes or no, to configure or not configure networking
NETWORKING_IPV6 -> can be yes or no for ipv6NSDOMAIN -> set the name of NIS domain, if connected to a NIS network
**HOSTNAME -> set the hostname of the local computer (can be set by the DHCP server)
GATEWAY -> set the IP address for the gateway(can be set by the DHCP server)
GATEWAYDEV - > sets the network device, such as eth0, that this computer uses to reach a gateway. there’s no need fo rthis directive if there is only one network card.

Question 38

using the GUI network manager configuration tool

Answer 38

You may need to first install the associated package:
#yum install NetworkManager-gnome
you can start GUI network connections tool
#nm-connection-editor

Question 39

Creating a swap partition example using fdisk

Answer 39

#fdisk /dev/sdb
command (m for help): n
ppartition number(1-4): 1
first sector default:...last sector:200MB
command(m for help): p
command(m for help): t
HEX code (type L to list codes): 82
command(m for help): w
when done follow by
#mkswap /dev/sdb1
#swapon /dev/sdb1

Question 40

set a partition to a different type in parted

Answer 40

(parted)set
partition number?
1flag to Invert?
lvmnew state? [on]/off on

Question 41

to see the swap space currently configured

Answer 41

run the command:
#cat /proc/swaps

Question 42

checking a partition

Answer 42

#umount /var
#fsck -t ext4 /dev/sda7
#mount /dev/sda7 /var

Question 43

disk utility GUI

Answer 43

One graphical tool that you can use for storage management is the disk utility, which is available from the gnome-disk-utility package. To access from the command line
#palimpsest

Question 44

empty partition

Answer 44

For parted for a new empty partition, you need to create a label. You will get this message “unrecognized disk label” error; run first the mklabel command(parted) mklabel msdos(parted) mkpart

Question 45

formatting partitions

Answer 45

-remember: for these command below, you need the appropriate partition
#mkfs.cramfs - create a compressed ROM filesystem
#mkfs.ext2 - formats a volume to the ext2 fs
#mkfs.ext3 - formats a volume to the ext3 fs
#mkfs.ext4 - formats a volume to the text4 fs
#mkfs.msdos -> or mkfs.vfat, or mkdosfs microsoft vfat, not bootable
#mkfs.exfs - formats a volume to the xfs fs
#mkswap - format a volume to the linux swap file system

Question 46

LVM command installed(many exists, but only four are active)

Answer 46

LVM - brings you an LVM prompt to run other commands, type help to see a list
lvmconf - can modify the default settings in the related configuration file /etc/lvm/lvm.conf
lvmdiskscan - scans all available drives for LVM-configured partitions
lvmdump - sets up a configuration report in the root administrative user’s home directory(/root)

Question 47

To use the GUI logical volume management tool

Answer 47

yum install system-config-lvm

Question 48

Volume encryption with the linux unified key setup (LUKS)

Answer 48

LUKS works on a block levelLUKS-protected system requires either a passphrase or a keyfile

Question 49

encrypting a filesystem mounted on a specific directory

Answer 49

You need the dm_crypt module
#lsmod | grep dm_cryptif you don't see an output regarding dm_crypt run:
#modprobe dm_cryptYou'll need to install the cryptsetup-luks RPM package
#yum install cryptsetup

Question 50

Create a LUKS-based filesystem with cryptsetup

Answer 50

#cryptsetup luksformat /dev/sda1 -> 
first create a passphrase-
 once the partition is encrypted, it can't be read. Before you can format it, it must be mapped
First you need the UUID of the device. This command creates a UUID for the newly encrypted /dev/sda1 device:
#cryptsetup luksUUID /dev/sda1  -> generates a UUID
#cryptsetup luksopen /dev/sda  uuid number- the mapped device should now appear in the /dev/mapper directory(instead of using a UUID you can use a word like test, unless required in the exam)

Question 51

find the UUID associated with a particular encrypted filesystem

Answer 51

#dumpe2fs /dev/mapper/test | grep UUID
You can also use the blkld command to get the UUID

Question 52

mounting a luks formatted filesystem

Answer 52

If the LUKS formatted filesystem /dev/mapper/test is to be mounted on the directory named /shared, you could add the following lines in /etc/cryptttab:shared /dev/mapper/test   noneshared  UUID=uuidnumber none-You can verify how partitions are actually mounted in the /etc/mtab
#cat /etc/mtab

Question 53

description of entries in /etc/fstab example

Answer 53

/dev/dsa1 (device)/home (mount point)ext4 (fs format)defaults(mount option)0 0 ( Dump value followed by FS check order)

Question 54

dump value

Answer 54

Either 0 or 1. A value of 1 means that data is automatically saved to disk by the dump command when you exit Linux

Question 55

filesystem check order

Answer 55

Determines the order that filesystems are checked by fsck command during the boot process. The root directory(/) should be set to 1, and other local filesystems should be set to 2. Removable filesystems such as those associated with CD/DVD devices should be set to 0, which means they are not checked during the Linux boot process

Question 56

List of virtual filesystems in /etc/fstab

Answer 56

tmpfs - a virtual memory filesystem that uses both RAM & swap space
devpts - filesystem relates to Pseudo - terminal devices
sysfs - filesystem provides dynamic info about system devices. Explore the associated /sys directory
proc - provides dynamically configurable options for changing the behavior of the kernel

Question 57

mount a cd/dvd

Answer 57

mount -t iso 9660 /dev/sr0 /mnt

Question 58

best option to mount nfs

Answer 58

#mount -t nfs server1:/pub share fsmount nfs
or add to /etc/fstabserver1:pub  /share  nfs  rsize=8192,wsize=8192,time=14,intr,udp  00

Question 59

option for mounting samba directories

Answer 59

in /etc/fstab//server/pub /share cifs rw,username=user,password=passd, 0 0
or//server/pub /share cifs rw,credentials/etc/secret 0 0
then your /etc/secrent content:username=userpassword = password

Question 60

yum-config-manager

Answer 60

To get the full list of yum configuration directives and their current values, run the following command
#yum-config-managerThis command requires the installation of the yum-util package.

Question 61

additional yum commands

Answer 61

#yum info samba  -> similar to #rpm -qi samba (query about samba
#yum erase package -> removes package
#yum whatprovides */*.repo
#yum grouplist  
#yum groupinfo "Remote desktop clients"
#yum group install groupPackage name
#yum group install "print server" -x paps -x gutenprint-cups -> exclude paps & gutenprint from being installed
#yum groupremove "Print Server"
#yum createrepo  -> helps you setup a local directory
#yum downloader cups
#yum-config-manager  -> can display all current settings for each repository as well as downloaded individual RPM packages
#yum downloader

Question 62

local access

Answer 62

local access is regulated in the /etc/security file

Question 63

to set a password for a group

Answer 63

gpasswd group

Question 64

configure a client as an LDAP client

Answer 64

you can edit /etc/openldap/ldap.conf and add
URL ldap:127.0.0.1HOST tester.example.comBASE dc=example,dc=com
TLS_CACERTDIR /etc/openldap/cacerts

Question 65

The name service switch file

Answer 65

/etc/nsswitch.conf, governs how a computer seachers for key files as password databases. It can be configured to look through LDAP and other server databases such as /etc/hosts   
hosts: files ldap dns
You can also add settings
passwd: files ldap
shadow: files ldap
group : files ldap

Question 66

VNC

Answer 66

vnc communication normally proceeds on port 5900, must be open to enable communication.The gnome-base VNC server is known as vino. TigerVNC server, based on tightvnc server also exists

Question 67

vnc gnome

Answer 67

you can use the vncviewer command to connect to a vnc server
#vncviewer 192.168.122.1  :2To use the GNOME-based vino server, after it's installed
#vino-preferences

Question 68

password protect grub

Answer 68

First create an md5 passwd
#grub-md5-cryptpasswod:
Then edit /boot/grub/grub.conf under the timeout line in the main section enter
passwd --md5

Question 69

setup ftp to only allow specific IPs

Answer 69

#yum install -y vsftp*
#vi /etc/vsftpd/vsftpd.conf
verify that this is present or add:  tcp_wrappers=YES
#service vsftpd restartIn /etc/hosts.deny deny everyone for vsftpd :vsftpd: ALL
Then, in /etc/hosts.allow add the authorized IPs :vsftpd:192.168.0.39 192.168.0.50