File Sharing

Question 1

Samba got its name from the SMB protocol, what does SMB SMB stand for?

Answer 1

Server Message Block

Question 2

Which 3 Daemon services does Samba use?

Answer 2

smbd - Samba Daemon
nmbd - Netbios Daemon
winbind - Manages connections between Linux & Windows

Question 3

What are the 5 Samba package names on Debian based distros?

Answer 3

cifs-utils - utilities to manage shares
samba - server function
samba-common - configs and docs
smbclient - client connections
winbind - winbind functions

Question 4

What are the 5 Samba package names on Redhat based distros?

Answer 4

cifs-utils - utilities to manage shares
samba - server function
samba-common - configs and docs
samba-client - client connections
samba-winbind - winbind functions

Question 5

Where is the samba documentation installed?

Answer 5

/usr/share/doc/samba* or

/usr/share/doc/samba-version

Question 6

Where does Samba store the storage/DB files?

Answer 6

/var/lib/samba

Question 7

Where does Samba write log messages?

Answer 7

/var/log/samba

Question 8

Where is the main samba config file?

Answer 8

/etc/samba/smb.conf

Question 9

Samba utility that mounts samba shares

Answer 9

mount.cifs

Question 10

Samba utility that can be used to administer a samba server and remote servers

Answer 10

net

Question 11

Samba utility that can lookup netbios info

Answer 11

nmblookup

Question 12

Samba utility that is used to manage samba user databases

Answer 12

pdbedit

Question 13

Samba utility that executes remote procedure call functions

Answer 13

rpcclient

Question 14

Samba utility that displays or modifies Samba access control functions

Answer 14

smbcacs

Question 15

Samba utility that connects, list shares or provides ftp like access to a share

Answer 15

smbclient

Question 16

Samba utility that manages the smbd daemon

Answer 16

smbcontrol

Question 17

Samba utility that mounts samba shares - an older tool that has been replaced by mount.cifs

Answer 17

smbmount

Question 18

Samba utility that manages the samba smbpasswd or tdbsam database

Answer 18

smbpaswd

Question 19

Samba utility that sends files to a samba printer share

Answer 19

smbspool

Question 20

Samba utility that displays the status of the samba server connections

Answer 20

smbstatus

Question 21

Samba utility that createss samba file sare backups

Answer 21

smbtar

Question 22

Samba utility that tests the syntax of the sm.conf file

Answer 22

testparm

Question 23

Samba utility that displays winbindd info

Answer 23

wbinfo

Question 24

Samba utility that is used to configure Samba as an active directory domain controller

Answer 24

samba-tool

Question 25

Samba directive that defines the workgroup name

Answer 25

workgroup

Question 26

Samba directive that declares a comment describing the samba server

Answer 26

server string

Question 27

Samba directive that defines a netbios name for the Samba server (typically only required on legacy windows networks)

Answer 27

netbios name

Question 28

Samba directive that defines a Kerberos realm

Answer 28

realm

Question 29

Samba directive that defines which interface(s) to provide the Samba service

Answer 29

interfaces

Question 30

Samba directive that defines systems that are allowed to access the Samba service

Answer 30

hosts allow

Question 31

Samba directive that defines systems that should be denied access to the Samba services

Answer 31

hosts deny

Question 32

Samba directive that stops the nmbd daemon from launching

Answer 32

disable netbios

Question 33

Samba directive that defines which port numbers to listen on

Answer 33

smb ports

Question 34

Samba directive that defines enables wins support on a netbios network

Answer 34

wins support

Question 35

Samba directive that defines the Samba log file

Answer 35

log file

Question 36

Samba directive that defines the logging level

Answer 36

log level

Question 37

Samba directive that defines the maximum Samba log size

Answer 37

max log size

0 = no limit

Question 38

Samba directive that defines the security mode of the server (ads, domain, server,share or user)

Answer 38

security

Question 39

Samba directive that defines the account database (ldapsam, smbpasswd or tdbsam)

Answer 39

passdb backend

Question 40

Samba directive that defines if encryption is allowed or required

Answer 40

smb encrypt

Question 41

Samba file section names are enclosed in square brackets [ ]. Which file section name sets the directives for all shares?

Answer 41

[global]

Question 42

Samba file section names are enclosed in square brackets [ ]. Which file section name sets the directives for a new share called LPIC-Share?

Answer 42

[LPIC-Share]

Question 43

Samba file section names are enclosed in square brackets [ ]. Which file section name sets the directives for user home directories?

Answer 43

[homes]

Question 44

Samba file section names are enclosed in square brackets [ ]. Which file section name sets the directives for a Samba server acting as a domain Controller? (A samba server that is responding to security authentication requests.

Answer 44

[netlogin]

Question 45

Samba file section names are enclosed in square brackets [ ]. Which file section name sets the directives for printer shares?

Answer 45

[printers]

Question 46

Samba file section names are enclosed in square brackets [ ]. Which file section name sets the directives for roaming user profiles?

Answer 46

[profiles]

Question 47

Samba configuration file directive that describes the samba share

Answer 47

comment

Question 48

Samba configuration file directive that determines if the Samba share is listed as an available share

Answer 48

browseable

Question 49

Samba configuration file directive that declares a list of authorised users for a share

Answer 49

valid users

Question 50

Samba configuration file directive that declares a list of unauthorised users for a share

Answer 50

invalid users

Question 51

Samba configuration file directive that declares the absolute directory for a share

Answer 51

path

Question 52

Samba configuration file directive that defines whether a password will be required for a share or not.

Answer 52

public

public = no #password required

Question 53

Samba configuration file directive that allows only guest connections to a share

Answer 53

guest only

Question 54

Samba configuration file directive that sets a group name for users connecting to a share

Answer 54

group

Question 55

Samba configuration file directive that defines whether a share is writable or not

Answer 55

writable

Question 56

Samba configuration file directive that declares a list or users and/or groups that can write to a share

Answer 56

write list

Question 57

Samba utility that tests thesmb.conf file for errors. You should run this after every edit of smb.conf.

Answer 57

testparm

Question 58

What does this command do?

pdbedit -L

Answer 58

pdbedit is used to manage backend user databases. The -L option will list the users in the database.

Question 59

User John has access to a Samba server (192.168.20.10) on his network. How can John check which shares are available on the server?

Answer 59

Use the smbclient command.

smbclient -L //192.168.20.10 -U John

Question 60

Samba will use DNS, which port does DNS use?

Answer 60

53

Question 61

Which port numbers does the Samba Netbios feature use?

Answer 61

137 - 139
137 - Netbios Name service
138 - Netbios datagram service
139 - Netbios session service

Question 62

Which port does Samba use for end point resolution?

Answer 62

135

Question 63

Which port is used for SMB over TCP?

Answer 63

445

Question 64

User John has access to a Samba server (192.168.20.10) on his network. How can John access a shared named public and use ftp like commands while connected to the share?

Answer 64

use smbclient

smbclient //192.168.20.10/public -U John

Question 65

User John has access to a Samba server (192.168.20.10) on his network. How can John access a shared named public as if it were a local directory?

Answer 65

John need to mount the share.
Create a mount point : mkdir /mnt/public
then mount the share: mount -t cifs -o username=John,noperm //192.168.20.10/public /mnt/public

Question 66

The SMB protocol has two security levels what are they?

Answer 66

user level security and
share level security

share level doesn’t use usernames, just passwords to access a share - it is now deprecated.

user level - users authenticate with a username and a password.

Question 67

Samba has 5 modes, what are they?

Answer 67

ads - Allows Samba server to join active Directory as a member
domain - User names and passwords are authenticated by the domain controller.
server - Usernames and passwords handled by remote (possibly Samba) server
share - only password used to access share
user - username and password handled by this Samba server

Question 68

How would you setup Samba as an Active Directory member?

Answer 68

1 Install Samba and utilities
2 If domain controller is providing DNS, change resolv.conf
3 Setup NTP
4 Check domain controller name to IP resolution is correct - modify /etc/hosts if required
5 Modify smb,conf as required
6 Join the domain (e.g. net ads join -U Admin-user
7 Change nsswitch.conf to use winbind
8 Start the winbind service

Question 69

How would you make all printers defined in /etc/cups/printers available via samba? hint: you’ll need 6 directives…

Answer 69

[printers]
comment = All Printers on Server X
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes

Question 70

User John has access to a Samba server (192.168.20.10) on his network which has a printer share “HP-Laserjet” availbale. How can John send his lpic-notes.txt file to the printer?

Answer 70

with the smbclient tool…

smbclient //192.168.20.10/HP-Laserjet -U John -c “print lpic-notes.txt”

Question 71

Name 8 things you can do to troubleshoot Samba

Answer 71

1 run testparm
2 Check the Service is started and running
3 Check share with smbclient -L
4 Check the workgroup setting
5 Do some network diagnostics, ping, traceroute...
6 Review log files increase debug level
7 check smbstatus (if installed)
8 Review user/group settings

Question 72

How can you break the log file into separate files for each client.

Answer 72

using the log file directive in smb.conf:

log file = /var/log/samba/log.%m

Question 73

How can you increase and decrease the Samba log level on the fly?

Answer 73

Increase:
kill SIGUSR1 smbd-PID
Decrease
kill SIGUSR2 smbd-PID

• Where smbd-PID is the process ID of the smbd service.

Question 74

What are the Samba Log levels high and low settings?

Answer 74

log level = 0 #off
log level = 1 #low
log level - 10 # highest

Question 75

Which Samba utility command will display the netbios name for server 192.168.20.10?

Answer 75

nmblookup -A 192.168.20.10

Question 76

Which Samba utility command will display the netbios name and hostname for server 192.168.20.10?

Answer 76

nmblookup -S 192.168.20.10

Question 77

Which Samba utility command would you run to check if a user is in the local samba user database?

Answer 77

pdbedit -L or

pdbedit -L -u username

Question 78

Which Samba utility command would you run to check if a user on a Samba server that is a member of an Active directory?

Answer 78

wbinfo -u (for user info)

wbinfo -g (for group info)

Question 79

Which NFS Version supports UDP only, is 32 bit and has limited maximum file sizes and performance issues?

Answer 79

NFSv2, released in 1989, should avoid v2 now if possible.

Question 80

Which NFS Version utilises “weak cache” to change files in memory, uses multiple ports including TCP and uses NVM Network Lock Manager to help prevent issues?

Answer 80

NFSv3, released in 1995, v3 is the version tested on the LPIC exam.

Question 81

Which NFS Version introduces Kerberos Authentication,, consolidates multi-ports to a single port and features built-in file lcoking, better performance and security?

Answer 81

NFSv4, released in 2000 and refreshed in 2015.

Question 82

What is RPC?

Answer 82

Remote Procedure Call protocol. It allows programs to be ignorant of network details but still request services from another system.

Question 83

The filesystem an NFS server offers is called either an…

Answer 83

export or a share

Question 84

NFS daemon or kernel service that maps user and group ids?

Answer 84

idmapd (alias rpc.idmapd) - based on settings in idmapd.conf - not used in NFSv3 and lower.

Question 85

NFS daemon or kernel service that starts the NLM protocol service

Answer 85

locks (alias rpc.lockd) - not used in NFSv4

Question 86

NFS daemon or kernel service that handles NFS client mount requests on te NFS server side

Answer 86

mountd (alias rpc.mountd)

Question 87

NFS daemon or kernel service that handles user level NFS file access and data streaming

Answer 87

nfsd (alias rpc.nfsd) not used/required in NFSv4

Question 88

NFS daemon or kernel service that maps RPC services to port - need to be running on both client and server

Answer 88

portmapper (rpcbind)

Question 89

NFS daemon or kernel service that manages NFS quotas

Answer 89

rquotad (alias rpc.rquotad)

Question 90

NFS daemon or kernel service that provides NSM (Network Status Monitor and is used with lockd to provide NLM file locking

Answer 90

statd (alias rpc.statd)

Question 91

Which directory is the NFS documentation typically installed in?

Answer 91

/usr/share/doc/nfs*/

Question 92

NFS packages for Redhat based distros

Answer 92

nfs-utils
nfs-utils-lib
rpcbind
portmap

Question 93

NFS Packages for Debian based distros

Answer 93

nfs-kernel-server
nfs-common
rpcbind
portmap

Question 94

NFS - Main Export file also known as server export table

Answer 94

/etc/exports

Question 95

NFS - Directory with extra config files (files with .exports extension)

Answer 95

/etc/exports.d/

Question 96

NFS - mount config file used on NFS clients

Answer 96

/etc/nfsmount.conf

Question 97

NFS - primary nfs config files (for both Redhat and Debian based distros)

Answer 97

/etc/sysconfig/nfs
/etc/default/nfs-kernel-server
/etc/default/nfs-common

Question 98

NFS file that contains current exports and clients using them - maintained by the kernel

Answer 98

/proc/fs/nfs/exports

Question 99

NFS file that contains current exports and clients using them - not maintained by the kernel

Answer 99

/var/lib/nfs/xtab

Question 100

NFS file that contains a list of current exports for client systems - on the server only

Answer 100

/var/lib/nfs/etab

Question 101

NFS file tat contains a list of current exports and the client systems that currently have them mounted

Answer 101

/var/lib/nfs/rmtab

Question 102

NFS export directive that ensures clients can’t write to the share

Answer 102

ro

read-only

Question 103

NFS export directive that ensures clients can write to a share

Answer 103

rw

read-write

Question 104

NFS export directive that doesn’t check the write cache has been written to disk before reading data

Answer 104

async

Question 105

NFS export directive that checks the buffer has been written to disk before reading data

Answer 105

sync

Question 106

NFS export directive that treats ALL users as anonymous

Answer 106

all_squash

Question 107

NFS export directive that maps client root accounts to unprivileged accounts

Answer 107

root_squash

Question 108

NFS export directive that allows client root users to access export as root

Answer 108

no_root_squash

Question 109

NFS export directive that identifies filesystem export by UUID

Answer 109

fsid

Question 110

NFS export directive that assigns a specified GID to anonymous group clients

Answer 110

anongid

Question 111

NFS export directive that assigns a specified UID to anonymous user clients

Answer 111

anonuid

Question 112

NFS export directive that enables subtree checking so permissions are checked on higher level directories

Answer 112

subtree_check

Question 113

NFS export directive that ensures permission on higher level directories arenot checked

Answer 113

No_subtree_check

Question 114

NFS utility that manages and displays information concerning shares

Answer 114

exportfs

Question 115

NFS utility that mounts a NFS export on a NFS client

Answer 115

mount.nfs

Question 116

NFS utility that displays client per mount stats

Answer 116

mountstats

e.g.
mountstats /path/to/mounted/nfsshare

Question 117

NFS utility that displays client per mount IO stats

Answer 117

nfsiostat

Question 118

NFS utility that displays NFs client and server activity stats

Answer 118

nfsstats

Question 119

NFS utility that displays rpc service information

Answer 119

rpcinfo

Question 120

NFS utility that displays NFS server information, can be used remotely

Answer 120

showmount

Question 121

NFS utility that unmounts an NFS export

Answer 121

umount.nfs

Question 122

What command would you run to display a list of all registered RPC programs

Answer 122

rpcinfo -p

Question 123

exportfs command to export all shares

Answer 123

exportfs -a

Question 124

exportfs command to unexport all shares

Answer 124

exportfs -u

Question 125

exportfs command to ignore /etc/exports and use the command line

Answer 125

exportfs -i

Question 126

exportfs command to export share with command line options

Answer 126

exportfs -o

Question 127

exportfs command to refresh shares in /etc/exports

Answer 127

exportfs -r
or
exportfs -ra

Question 128

exportfs command to provide verbose info

Answer 128

exportfs -v

Question 129

what is this doing?

exportfs 192.168.20.10:/srv/nfsshare1

Answer 129

Exporting the share “nfsshare1” on the server 192.168.20.10

Question 130

How can you display NFS shares with all the associated options (ro,rw,sync,async etc..)

Answer 130

exportfs -v for localhost or
or
exportfs -v 192.168.20.10 or

cat /var/lib/nfs/etab

Question 131

What does an nfs mount definition look like in fstab? force use of version 3.

Answer 131

192.168.20.10:/srv/nfsshare1 /mnt/nfsshare1 nfs intr,nfsvers=3,tcp 0 0

Question 132

What are the two built in methods of security in NFS

Answer 132

user level share options in /etc/exports and

AUTH_SYS or AUTH_UNIX uid and gid file permissions

Question 133

What 6 things can we do to improve NFSv3 security?

Answer 133

1 Use TCP (UDP is easier to spoof)
2 Limit wildcard use in export definitions
3 Use root_squash
4 consider all_squash
5 Manage access to ports
6 Use TCP wrappers (hosts.allow and hosts.deny)

Question 134

What can we do to troubleshoot NFS issues?

Answer 134

1 Check /etc/exports
2 Verify Daemons are running
3 Review NFS ports
4 Check server exports (exportfs -v showmount -e)
5 Basic network diagnostics (ping, traceroute…)
6 Review log file (/var/log/messages |grep nfs)
7 check available exports on the server: showmount -e [server]
9 check NFS export option exportfs -v

Question 135

Which ports are used in FTP passive mode

Answer 135

Ports 20 and 21

Question 136

Which ports are used in FTP active mode

Answer 136

unknown, these ports a negotiated between the client and server when establishing the connection

Question 137

Name the 3 ftp servers mentioned on the LPIC exam

Answer 137

vsftpd
pure-FTPd
proFTPD

Question 138

There are 2 command linux command line ftp clients, what are they?

Answer 138

ftp - standard basic ftp client

lftp - refined ftp client

Question 139

vsftpd package name

Answer 139

vsftpd

sudo apt-get install vsftpd

Question 140

vsftpd document location

Answer 140

/usr/share/doc/vsftpd-version or

/usr/share/doc/vsftpd

Question 141

vsftpd config file location

Answer 141

/etc/vsftpd.conf or

/etc/vsftpd/vsftpd.conf

Question 142

vsftpd config directive to allow anonymous users to create directories

Answer 142

anon_mkdir_write_enable

Default - No

Question 143

vsftpd config directive to permit anonymous users to rename and delete files

Answer 143

anon_other_write_enable

Default - No

Question 144

vsftpd config directive to specify the directory an anonymous user changes into on login

Answer 144

anon_root

Default - Directory in /etc/passwd for FTP user

Question 145

vsftpd config directive to allow anonymous users to see and download world readable file

Answer 145

anon_world_readable_only

Default - Yes

Question 146

vsftpd config directive to allow anonymous users to upload files

Answer 146

anon_upload_enable

Default - No

Question 147

vsftpd config directive to allow anonymous user access to the FTP server

Answer 147

anonymous_enable

Default - Yes

Question 148

vsftpd config directive to change ownership of anonymous users uploaded files

Answer 148

chown_uploads
Default - No
Define username with chown_username

Question 149

vsftpd config directive to change the owner of all anonymously uploaded files

Answer 149

chown_username

enable with chown_uploads, set username with chown_username

Question 150

vsftpd config directive to chroot local users

Answer 150

chroot_local_user

Default - No

Question 151

vsftpd config directive to define a list of users to be placed in chroot

Answer 151

chroot_list_enable

chroot_list_file

Question 152

vsftpd config directive to set the default ftp account

Answer 152

ftp_username

Default - ftp

Question 153

vsftpd config directive to run in either standalone mod or via initialisation service

Answer 153

listen

listen_ipv6

Question 154

vsftpd config directive to allow local users to login via ftp

Answer 154

local_enable

Default - No

Question 155

vsftpd config directive to log all ftp queries

Answer 155

log_ftp_protocol

Default - No

Question 156

vsftpd config directive to check a file for a list of valid/invalid users

Answer 156

userlist_enable

userlist_file

Question 157

vsftpd config directive to allow ftp users access to commands that modify the filesystem

Answer 157

write_enable

Default - No

Question 158

How would you check if the vsftpd service supports tcp wrappers

Answer 158

Get the full path
which fsftpd
then check if the binary uses the libwrap library
ldd /usr/sbin/vsftpd |grep libwrap

Question 159

How would you install pure-ftpd in Debian and Redhat?

Answer 159

Debian:
apt-get install pure-ftpd
Redhat
check epel repo is enabled
yum -enablerep=epel  info pure-ftpd
yum -enablerep=epel  install pure-ftpd

Question 160

pure-ftpd command line option to listen only for ipv4

Answer 160

• 4

- -ipv4only

Question 161

pure-ftpd command line option to listen for only ipv6

Answer 161

• 6

- -ipv6only

Question 162

pure-ftpd command line option to chroot all users

Answer 162

• A

- -chrooteveryone

Question 163

pure-ftpd command line option to set the max number of client connections

Answer 163

• c

- -maxclientsnumber

Question 164

pure-ftpd command line option to set the max number of clients per IP

Answer 164

• C

- -macclientsperip

Question 165

pure-ftpd command line option to allow anonymous users

Answer 165

• e

- -anonymously

Question 166

pure-ftpd command line option to disallow anonymous users

Answer 166

• E

- -noanonymous

Question 167

pure-ftpd command line option to start the service in the background.

Answer 167

• B

- -daemonize