RHCSA Prep

Question 1

Add 3 users: harry, natasha, tom.
The requirements: The Additional group of the two users: harry, Natasha is the admin group. The user: tom’s login shell should be non-interactive.

Answer 1

useradd -G admin harry
# useradd -G admin natasha
# useradd -s /sbin/nologin tom
# id harry;id Natasha (Show additional group)
# cat /etc/passwd
(Show the login shell)

Question 2

Create a catalog under /home named admins. Its respective group is requested to be the admin group. The group users could read and write, while other users are not allowed to access it. The files created by users
from the same group should also be the admin group.

Answer 2

cd /home/
# mkdir admins /
# chown .admin admins/
# chmod 770 admins/
# chmod g+s admins/

Question 3

Configure a task: plan to run echo hello command at 14:23 every day.

Answer 3

which echo -
# crontab -e
23 14 * * * /bin/echo hello
# crontab -l (Verify)

Question 4

Find the files owned by harry, and copy it to catalog: /opt/dir

Answer 4

cd /opt/
# mkdir dir
# find / -user harry -exec cp -rfp {} /opt/dir/ \;

Question 5

Find the rows that contain abcde from file /etc/testfile, and write it to the file/tmp/testfile, and the sequence is requested as the same as /etc/testfile.

Answer 5

grep `abcde’ /etc/testfile > /tmp/testfile

Question 6

Create a 2G swap partition which take effect automatically at boot-start, and it should not affect the original swap partition.

Answer 6

fdisk /dev/sda -
p
(check Partition table)
n
(create new partition: press e to create extended partition, press p to create the main partition, and the extended partition is further divided into logical partitions)
Enter -
+2G
t
l
W -
partx -a /dev/sda
partprobe
mkswap /dev/sda8
Copy UUID -
swapon -a
vim /etc/fstab
UUID=XXXXX swap swap defaults 0 0
(swapon -s)

Question 7

Create a user named alex, and the user id should be 1234, and the password should be alex111.

Answer 7

useradd -u 1234 alex
# passwd alex
alex111
alex111

Question 8

Install a FTP server, and request to anonymous download from /var/ftp/pub catalog. (it needs you to configure yum direct to the already existing file server.)

Answer 8

cd /etc/yum.repos.d
# vim local.repo
[local]
name=local.repo
baseurl=file:///mnt
enabled=1
gpgcheck=0
# yum makecache
# yum install -y vsftpd
# service vsftpd restart
# chkconfig vsftpd on
# chkconfig –list vsftpd
# vim /etc/vsftpd/vsftpd.conf
anonymous_enable=YES

Question 9

Configure a HTTP server, which can be accessed through
http://station.domain40.example.com.
Please download the released page from http://ip/dir/example.html.

Answer 9

yum install -y httpd
# chkconfig httpd on
# cd /var/www/html
# wget http://ip/dir/example.html
# cp example.com index.html
# vim /etc/httpd/conf/httpd.conf
NameVirtualHost 192.168.0.254:80
<VirtualHost 192.168.0.254:80>
DocumentRoot /var/www/html/
ServerName station.domain40.example.com
</VirtualHost>

Question 10

Configure the verification mode of your host account and the password as LDAP. And it can login successfully through ldapuser40. The password is set as
“password”. And the certificate can be downloaded from http://ip/dir/ldap.crt. After the user logs on the user has no host directory unless you configure the autofs in the following questions

Answer 10

system-config-authentication
LDAP Server: ldap//instructor.example.com (In domain form, not write IP)
OR -
# yum groupinstall directory-client (1.krb5-workstation 2.pam-krb5 3.sssd)
# system-config-authentication
1.User Account Database: LDAP
2.LDAP Search Base DN: dc=example,dc=com
3.LDAP Server: ldap://instructor.example.com (In domain form, not write IP) 4.Download CA Certificate
5.Authentication Method: LDAP password
6.Apply
getent passwd ldapuser40

Question 11

Configure autofs to make sure after login successfully, it has the home directory autofs, which is shared as /rhome/ldapuser40 at the ip: 172.24.40.10. and it also requires that, other ldap users can use the home
directory normally.

Answer 11

chkconfig autofs on
# cd /etc/
# vim /etc/auto.master
/rhome /etc/auto.ldap
# cp auto.misc auto.ldap
# vim auto.ladp
ldapuser40 -rw,soft,intr 172.24.40.10:/rhome/ldapuser40
* -rw,soft,intr 172.16.40.10:/rhome/&
# service autofs stop
# server autofs start
# showmount -e 172.24.40.10
# su - ladpuser40

Question 12

Configure the system synchronous as 172.24.40.10.

Answer 12

Graphical Interfaces:
System–>Administration–>Date & Time
OR -
# system-config-date

Question 13

Change the logical volume capacity named vo from 190M to 300M. and the size of the floating range should set between 280 and 320. (This logical volume has been mounted in advance.)

Answer 13

vgdisplay -
(Check the capacity of vg, if the capacity is not enough, need to create pv , vgextend , lvextend)
# lvdisplay (Check lv)
# lvextend -L +110M /dev/vg2/lv2
# resize2fs /dev/vg2/lv2
mount -a
(Verify)
———————————————————-
(Decrease lvm)
# umount /media
# fsck -f /dev/vg2/lv2
# resize2fs -f /dev/vg2/lv2 100M
# lvreduce -L 100M /dev/vg2/lv2
# mount -a
# lvdisplay (Verify)
OR -
# e2fsck -f /dev/vg1/lvm02
# resize2fs -f /dev/vg1/lvm02
# mount /dev/vg1/lvm01 /mnt
# lvreduce -L 1G -n /dev/vg1/lvm02
# lvdisplay (Verify)

Question 14

Create a volume group, and set 16M as a extends. And divided a volume group containing 50 extends on volume group lv, make it as ext4 file system, and mounted automatically under /mnt/data.

Answer 14

pvcreate /dev/sda7 /dev/sda8
# vgcreate -s 16M vg1 /dev/sda7 /dev/sda8
# lvcreate -l 50 -n lvm02
# mkfs.ext4 /dev/vg1/lvm02
# blkid /dev/vg1/lv1
# vim /etc/fstab
# mkdir -p /mnt/data
UUID=xxxxxxxx /mnt/data ext4 defaults 0 0
# vim /etc/fstab
# mount -a
# mount
(Verify)

Question 15

Upgrading the kernel as 2.6.36.7.1, and configure the system to Start the default kernel, keep the old kernel available.

Answer 15

cat /etc/grub.conf
# cd /boot
# lftp it
# get dr/dom/kernel-xxxx.rpm
# rpm -ivh kernel-xxxx.rpm
# vim /etc/grub.conf
default=0

Question 16

Create a 512M partition, make it as ext4 file system, mounted automatically under /mnt/data and which take effect automatically at boot-start.

Answer 16

fdisk /dev/vda -
n
+512M
w#
partprobe /dev/vda
# mkfs -t ext4 /dev/vda5
# mkdir -p /data
# vim /etc/fstab
/dev/vda5 /data ext4 defaults 0 0
# mount -a

Question 17

Create a volume group, and set 8M as a extends. Divided a volume group containing 50 extends on volume group lv (lvshare), make it as ext4 file system, and mounted automatically under /mnt/data. And the size of
the floating range should set between 380M and 400M

Answer 17

fdisk -
# partprobe
# pvcreate /dev/vda6
# vgcreate -s 8M vg1 /dev/vda6 -s
# lvcreate -n lvshare -l 50 vg1 -l
# mkfs.ext4 /dev/vg1/lvshare
# mkdir -p /mnt/data
# vim /etc/fstab
/dev/vg1/lvshare /mnt/data ext4 defaults 0 0
# mount -a
# df -h

Question 18

Download ftp://192.168.0.254/pub/boot.iso to /root, and mounted automatically under /media/cdrom and which take effect automatically at boot-start

Answer 18

cd /root; wget ftp://192.168.0.254/pub/boot.iso
# mkdir -p /media/cdrom
# vim /etc/fstab
/root/boot.iso /media/cdrom iso9660 defaults,loop 0 0
# mount -a
mount [-t vfstype] [-o options] device dir

Question 19

Add admin group and set gid=600 -

Answer 19

groupadd -g 600 admin

Question 20

Add user: user1, set uid=601 -
Password: redhat -
The user’s login shell should be non-interactive

Answer 20

Explanation: # useradd -u 601 -s /sbin/nologin user1
# passwd user1
redhat

Question 21

Add users: user2, user3.
The Additional group of the two users: user2, user3 is the admin group Password: redhat

Answer 21

useradd -G admin user2
# useradd -G admin user3
# passwd user2
redhat
# passwd user3
redhat

Question 22

Copy /etc/fstab to /var/tmp name admin, the user1 could read, write and modify it, while user2 without any permission.

Answer 22

cp /etc/fstab /var/tmp/
# chgrp admin /var/tmp/fstab
# setfacl -m u:user1:rwx /var/tmp/fstab
# setfacl -m u:user2:— /var/tmp/fstab
# ls -l
-rw-rw-r–+ 1 root admin 685 Nov 10 15:29 /var/tmp/fstab

Question 23

Configure a task: plan to run echo “file” command at 14:23 every day.

Answer 23

(a) Created as administrator
# crontab -u natasha -e
23 14 * * * /bin/echo “file”
(b)Created as natasha
# su - natasha
$ crontab -e
23 14 * * * /bin/echo “file”

Question 24

Configure a default software repository for your system.
One YUM has already provided to configure your system on http://server.domain11.example.com/pub/ x86_64/Server, and can be used normally.

Answer 24

Yum-config-manager –add-repo=http://content.example.com/rhel7.0/x86-64/dvd ג€ is to generate a file vim content.example.com_rhel7.0_x86_64_dvd.repo, Add a line gpgcheck=0
Yumcleanall -
Yumrepolist -
Almost 4305 packages are right, Wrong Yum Configuration will lead to some following questions cannot be worked out.

Question 25

Create User Account.
Create the following user, group and group membership:
Adminuser group -
User natasha, using adminuser as a sub group
User Harry, also using adminuser as a sub group
User sarah, can not access the SHELL which is interactive in the system, and is not a member of adminuser, natasha harry sarah password is redhat.

Answer 25

groupadd adminuser -
useradd natasha -G adminuser
useradd haryy -G adminuser
useradd sarah -s /sbin/nologin
Passwd user name // to modify password or echo redhat | passwd –stdin user name id natasha // to view user group.

Question 26

Configure /var/tmp/fstab Permission.
Copy the file /etc/fstab to /var/tmp/fstab. Configure var/tmp/fstab permissions as the following:
Owner of the file /var/tmp/fstab is Root, belongs to group root
File /var/tmp/fstab cannot be executed by any user
User natasha can read and write /var/tmp/fstab
User harry cannot read and write /var/tmp/fstab
All other users (present and future) can read var/tmp/fstab.

Answer 26

cp /etc/fstab /var/tmp/
/var/tmp/fstab view the owner setfacl -m u:natasha:rw- /var/tmp/fstab setfacl -m u:haryy:— /var/tmp/fstab
Use getfacl /var/tmp/fstab to view permissions

Question 27

Configure a cron Task.
User natasha must configure a cron job, local time 14:23 runs and executes: */bin/echo hiya every day.

Answer 27

crontab ג€”e ג€”u natasha
23 14/bin/echo hiya
crontab -l -u natasha // view
systemctlenable crond
systemcdlrestart crond

Question 28

Create a Shared Directory.
Create a shared directory /home/admins, make it has the following characteristics:
/home/admins belongs to group adminuser
This directory can be read and written by members of group adminuser Any files created in /home/ admin, group automatically set as adminuser.

Answer 28

mkdir /home/admins -
chgrp -R adminuser /home/admins
chmodg+w /home/admins
chmodg+s /home/admins

Question 28

Install the Kernel Upgrade.
Install suitable kernel update from:
http://server.domain11.example.com/pub/updates.
Following requirements must be met:
Updated kernel used as the default kernel of system start-up.
The original kernel is still valid and can be guided when system starts up.

Answer 28

Explanation: Using the browser open the URL in the question, download kernel file to root or home directory. uname ג€”r// check the current kernel version rpm ג€”ivh kernel-*.rpm vi /boot/grub.conf// check
Some questions are: Install and upgrade the kernel as required. To ensure that grub2 is the default item for startup.
Yum repo : http://content.example.com/rhel7.0/x86-64/errata
OR -
uname -r // check kernel
Yum-config-manager –add-repo= ג€http://content.example.com/rhel7.0/x86-64/ errata €ג
Yum clean all -
Yum list kernel// install directly
Yum -y install kernel// stuck with it, do not pipe! Please do not pipe!
Default enable new kernel grub2-editenv list// check
Modify grub2-set-default ג€kernel full name €ג
Grub2-mkconfig ג€”o/boot/grub2/grub.cfg// Refresh

Question 29

Binding to an external validation server.
System server.domain11.example.com provides a LDAP validation service, your system should bind to this service as required:
Base DN of validation service is dc=example,dc=com
LDAP is used for providing account information and validation information Connecting and using the certification of http://server.domain11.example.com/pub/
EXAMPLE-CA-CERT to encrypt -
After the correct configuration, ldapuser1 can log into your system, it does not have HOME directory until you finish autofs questions, ldapuser1 password is password.

Answer 29

Explanation: yum -y install sssd authconfig-gtk krb5-workstation authconfig-gtk // open the graphical interface
Modify user account database to ldap, fill up DN and LDAP SERVER as questions required, use TLS to encrypt connections making tick, write http:// server.domain11.example.com/pub/EXAMPLE-CA-CERT to
download ca, authentication method choose ldap password.
You can test if the ldapuser is added by the following command:
Id ldapuser1 -

Question 30

Configure NTP.
Configure NTP service, Synchronize the server time, NTP server: classroom.example.com

Answer 30

Yum -y install chrony -
Vim /etc/chrony.conf -
Add: server classroom.example.com iburst
Start: systemctl enable chronyd -
systemctl restart chronyd
Validate: timedatectl status -

Question 31

Configure autofs.
Configure the autofs automatically mount to the home directory of LDAP, as required: server.domain11.example.com use NFS to share the home to your system. This file system contains a pre configured home
directory of user ldapuserX.
Home directory of ldapuserX is:
server.domain11.example.com /home/guests/ldapuser
Home directory of ldapuserX should automatically mount to the ldapuserX of the local /home/guests Home directory ג€™s write permissions must be available for users ldapuser1 ג€™s password is password

Answer 31

yum install -y autofs
mkdir /home/rehome
/etc/auto.master
/home/rehome/etc/auto.ldap
Keep then exit -
cp /etc/auto.misc /etc/auto.ldap
/etc/auto.ldap
ldapuserX -fstype=nfs,rw server.domain11.example.com:/home/guests/
Keep then exit -
systemctl start autofs
systemctl enable autofs
su - ldapuserX// test
If the above solutions cannot create files or the command prompt is -bash-4.2$, it maybe exist multi-level directory, this needs to change the server.domain11.example.com:/home/guests/ to
server.domain11.example.com:/home/guests/ldapuserX. What is multi-level directory? It means there is a directory of ldapuserX under the /home/guests/ldapuserX in the questions. This directory is the real
directory.

Question 32

Configure a user account.
Create a user iar uid is 3400. Password is redhat

Answer 32

useradd -u 3400 iar
passwd iar

Question 33

Add a swap partition.
Adding an extra 500M swap partition to your system, this swap partition should mount automatically when the system starts up. Don’t remove and modify the existing swap partitions on your system.

Answer 33

fdisk -cu /dev/vda// in the way of expanding the partition, don ג€™t make main partition partx ג€”a /dev/vda mkswap /dev/vdax swapon /dev/vdax swapon ג€”s vi /etc/fstab
/dev/vdaxswapswapdefaults0 0
mount -a