RHCSA stuff 2

Question 1

Install podman
check version
Check environment and registry\repository info
Look for a specific image in repository
(image - prebuilt containers packed together)
Use highest star image - download
show previously downloaded images
Check running containers
Run container
Check if container is running check via web browser or command
View logs
Stop a running container
How do you run multiple containers of httpd?
Create a new container from the download image
Manage containers through systemd (manages boot processes) (first you’ll need to generate a unit file)
enable the service

Answer 1

yum install podman -y
podman -v
podman info

registries:
search:
- registry.access.redhat.com
- registry.redhat.io
- docker.io

If you’re looking for specific image, it will look in the above order

podman search httpd
podman pull docker.io/library/httpd (or whatever you want)

podman images

podman ps

podman run -dt -p 8080:80/tcp docker.io/library/httpd
(-d detach/daemon mode - runs in background, -t give it a terminal, -p expose port from host to container so we want container listening on container, this gives it its own httpd instance)

podman ps

localhost:8080

pogman logs -l

podman ps (container id will be first collumn)
podman stop (container-id)

Change the port to run multiple containers:
podman run -dt -p 8081:80/tcp docker.io/library/httpd

podman run -dt -p 8082:80/tcp docker.io/library/httpd

podman create –name nates_httpd docker.io/library/httpd (last part is the registry) <- creates image
podman start nates_httpd <- starts container

podman generate systemd –new –files –name nates-httpd (generates unit file)
If you don’t get the message that it’s in /etc/systemd/system then it’s in /root

systemctl enable/start container-httpd.service (whatever it’s acalled in /etc/systemd/system)

TO DELETE CONTAINER

Question 2

Show logs for a container

Answer 2

podman logs amazing_juan

Question 3

Remove a container

Answer 3

podman rm farting_bear

Question 4

What is port binding on podman

Answer 4

8080:80
host port : container port
I want httpd ran on 8080 on my host

Question 5

Show all containers that have been run on podman

Answer 5

podman ps -a

Question 6

How do we make an interactive ubuntu container

Answer 6

podman -it -d -p 8080:80 ubuntu
podman attach (container id)
ctrl + p then q to leave

Question 7

Install on ubuntu container
install updates and apache2 (httpd)
verify it’s running
create an image of the container so it saves
Create a container that’s saved

Answer 7

podman pull ubuntu
podman run -it ubuntu /bin/bash
apt update apache2 -y
apt dist-upgrade
/etc/init.d/apache2 status
/etc/init.d/apache2 start
CTRL + p (let got of P) q
podman commit (container id) apache-test:1.0 (version number not necessary)

Oh no! it doesn’t pull up the web page!

podman commit (containerid) –change=’ENTRYPOINT [“apachectl”, “-DFOREGROUND” (new container id)
apache-test:1.1

TRY THIS INSTEAD
podman commit (containerid) (newcontainerid) change=’CMD [“apachectl”, “-DFOREGROUND”]’

Now create a container

podman create –name nathan_container -p 8080:80 nathan

if ENTRYPOINT doesn’t work use CMD (this will save you a lot of frustration)

ENTRYPOINT - this is another word for the first thing the container does upon loading.

Question 8

Build a docker file

Answer 8

mkdir dockerfiles
cd dockerfiles
vi Dockerfile
FROM ubuntu (the container you want to create image from)
MAINTAINER Nathan joshcahoe@gmail.com

Update packages
RUN apt update; apt dist-upgrade -y

Install packages
RUN apt install -y apache2 vim-nox

Set entrypoint
ENTRYPOINT apache2ctl -D FORGROUND
if ENTRYPOINT doesn’t work use CMD

podman build -t lltv/apache-test:1.2 .
-t means tag
. means find the dockerfile in current directory

(if ubuntu prompts for date and time settings add this)
ARG DEBIAN_FRONTEND=noninteractive

Question 9

Create a container out of your working apache server and assign it port 8081
Next turn it into a service you can turn on

Answer 9

podman create –name nathan -p 8081:80 apache_server
podman generate systemd –new –files –name apache_server

the podman container has to be running in order to create the systemd service

Question 10

Look at the ubuntu image via skopeo

Answer 10

skopeo inspect docker://docker.io/library/ubuntu

skopeo list tags docker://docker.io/library/ubuntu

Question 11

/dev/sdb1 has an xfs file system, check if it’s functioning properly then return the exit code

Answer 11

xfs_repair
echo $?

Question 12

Show what run-level you’re in

Answer 12

who -r

Question 13

Describe the linux boot process

Answer 13

Power Button Pressed

BIOS (basic input output system) -
performs system integrity checks, looks for boot loader (like a Hard Drive or CD)

MBR (Master Boot Record) 1st sector of the disk (like /dev/sda/) Executes GRUB and loads in RAM

GRUB2 (Grand Unified Bootloader) executes kernel - allows you to choose version of kerenel. (/boot/grub/grub.conf or boot/grub2/grub.cfg) YOU WILL SEE GRUB POP UP GIVING YOU KERNEL OPTIONS starts initrd (initial ram disk) temp root file system until kernel is booted

GRUB2 Loads vmlinux or vmlinuz, initrd loads just enough software to recognize your hardware to load full kernel.
/boot/vmlinuz

Kernel - Mounts the root file system from grub.conf. Executes /sbin/init, also loads required drivers from here and start the first OS process systemd.

Systemd the runs init and starts all required processes:
reads = /etc/systemd/system/default.target to bring the system to the run_level

Init - executes run level programs
/sbin/init

Runlevel - /etc/rc.d/rc(number).d/

Question 14

Configure motd

Answer 14

vi /etc/motd

vi /etc/ssh/sshd_config
Motd - off
vi /etc/profile.d/motd.sh
systemctl restart sshd

Question 15

3 different ways to view the disk partitions

Answer 15

df -h
fdisk -l
lsblk

Question 16

Adding a disk
Show added disk
Create new partition
Add file system type (We want linux shit)
Mount that ol’ girl to a directory you make called data
Make it mounted on boot

Unmount

Answer 16

Add hard drive
fdisk -l
fdisk /dev/sdb
n
p (primary)
(enter)
(enter)
+1G (if you wanted to make a 1G partition)
w (write table to disk and exit)
fdisk -l
mkfs.xfs /dev/sdb1 (xfs is linux shit)
mkdir /data
mount /dev/sdb1 /data
vim /etc/fstab
at end:
/dev/sdb1 /data xfs defaults 0 0 (this allows this on boot)

umount /data

You can use UUID located in blkid in /etc/fstab instead of /dev/sdb1

Question 17

Setup LVM via starting setup

Answer 17

During initial setup:

Select -> Instillation destination

Select : “I will configure partitioning”

New mount points will use the Following partitioning scheme:
LVM

Click the plus
Add the other disk and make sure it’s in the same Volume group (these can be on different mount points)
/
/home
/var
swap
/boot
You can just do one partition under / if you like

start up and:
df -h

/dev/mapper/host123-root (host123 is the name of our LVM volume, if you see this naming convention, this means this is an LVM partition)

Question 18

Adding Disk and Creating new LVM partition

Add new hard disk
show where it’s located
create partition (make sure you make it LVM)
create a physical volume for it
Create a volume group
Create Logical Volume (or logical partition you could call it)
Mount to directory oracle

Answer 18

Create new disk
fdisk -l (confirm it’s there)
fdisk /dev/sdc
n
p
(enter)
(enter)
(enter)
p (shows info)
t (type of partition)
L (shows hex codes) 8e (Linux LVM)
p (to confirm)
w (to write)
pvcreate /dev/sdc1 (pvcreate - physical volume create)
pvdisplay (shows volumme info)
vgcreate oracle_vg /dev/sdc1 (or whatever name you want)
vgdisplay oracle_vg
lvcreate -n oracle_lv –size 1000M oracle-vg
or (lvcreate -n oracle_lv -l 100%FREE oracle-vg
mkfs.xfs /dev/oracl_vg/oracle_lv
mkdir /oracle
mount /dev/oracle_vg/oracle_lv /oracle
df -h

vim /etc/fstab
add:
/dev/oracle_vg/oracle_lv /oracle/ xfs defaults 0 0

Question 19

Extend your LVM

Answer 19

Add disk
fdisk -l | more
fdisk /dev/sdd
n
p
t
8e
w

pvdisplay (see what’s associated to what in terms of Volume Groups)

vgdisplay oracle_vg
(look at Volume Group Size)

pvcreate /dev/sdd1
vgextend oracle_vg /dev/sdd1
lvextend -L+1024M /dev/mapper/oracle_vg-oracle_lv
xfs_growfs /dev/mapper/oracle_vg-oracle_lv

Question 20

What is recommended swap size

Answer 20

double memory

Question 21

Add then delete swap space

Answer 21

Basically this command makes 1G of data thrown into a file

df -h (look for swap space, it’s all the partitions named tmpds or devtmpfs)

free -h

dd if=/dev/zero of=/newswap (name you pick) bs=1M count=1024

=======================================
dd - creates new file | convert and copy a file
if - read from file instead of standard input
of - write to file instead of standard output
bs - byte size - read/write byte size at a time
count - total size of the file
/dev/zero - dummy file to create file filled with zeros

chmod go-r newswap
mkswap /newswap
swapon /newswap
free -h
vim /etc/fstab
at bottom
/newswap swap swap defaults 0 0

swapoff /newswap
rm /newswap
delete from /etc/fstab

Question 22

Install Stratis
add 2 5G disks
create new stratis pool
Extend the pool
Use dnf instead of yum since it will eventually replace it

Create a file system for it
Mount your directory to a new directory called /bigdata

Create a snapshot of your file system

Make it mountable at boot

Answer 22

dnf installs stratis-cli stratisd -y
systemctl start stratisd
systemctl enable stratisd
add harddisks
lsblk (check to see if disks were added)
stratis pool create pool1 /dev/sdb
stratis pool list
stratis pool add-date pool1 /dev/sdc
stratis pool list

stratis filesystem create pool1 fs1
stratis filesystem list

mkdir /bigdata
mount /dev/startis/pool1/fs1 /bigdata (get the name from stratis filesystem list)

lsblk (check to see if it’s mounted)
df -h (this will show it has 1T, this isn’t accurate, it’s just a stratis code that’s funky, so ignore that)
stratis filesystem list (this will show you the actual size)

stratis filesystem snapshot pool1 fs1 fs1-snap

vim /etc/fstab
at end:

stratis filesystem list (to get uuid)

UUID=”asf-0887afgdja-“ /bigdata xfs defaults, x-systemd.requires=stratisd.service 0 0

That last bit means we won’t try and load this until the stratis service starts

Question 23

Check if the ext4 file system on /dev/sdb1 is functional

Answer 23

fsck /dev/sdb1

DON’T FORGET TO UNMOUNT

Question 24

Show file systems via df

Answer 24

df -T

Question 25

Clean file system ext2-4
fix it with no questions

Answer 25

fsck -f (force check even if no errors)

fsck -y (if errors, answer yes to all questions)

Question 26

Make a copy of everything on sda and put it on sdb

Answer 26

Make sure have same fs
mount sda
add contents
unmount

dd if=/dev/sda of=/dev/sdb

Question 27

Create an NFS Server

Answer 27

firewall-cmd –permanent –add-service=nfs and rpcbind

yum install nfs-utils libnfsidmap (probably aleady installed)

systemctl enable rpcbind
systemctl enable nfs-server
systemctl start rpcbind, nfs-server, rpc-statd, nfs-idmapd ( do each on their own line

mkdir /mypretzels
chmod a+rwx /mypretzels

cp /etc/exports /etc/exports_orig
vim /etc/exports
/myprezels 192.168.12.7 (rw,sync,no_root_squash)

exportfs -rv

192.168.12.7 (client)
If you want to give it to everyone just put “*”

sync - write to disk immediately
- root onl client machine will have same level of access to files as root on server

-r republish everything in /etc/export
-v verbose
=======================================

Question 28

Create an NFS client

Answer 28

Steps for NFS client configuration
yum install nfs-utils rpcbind

systemctl rpcbind start

firewall-cmd –permanent –add-port=111/tcp
firewall-cmd –permanent –add-port=rpc-bind

mkdir /mnt/app (just make a mount point)

mounnt 192.168.1.5:/mypretzels /mnt/app

Question 29

Difference between Samba and NFS

Answer 29

Samba can share with other OS’ but NFS can’t

Question 30

Configure Samba

Answer 30

yum install samba samba-client samba-common

firewall-cmd –permanent –zone=public –add-service=samba

mkdir -p /samba/moreprezels
(-p make parent directories as needed)
chmod a+rwx /samba
chown -R nobody:nobody /samba
chcon -t samba_share_t /samba

vim /etc/selinux/config
SELINUX=disabled
reboot

(from samba dir /etc/samba/) cp smb.conf smb.conf.orig
(delete everything below the comments copy contents from guide and paste.)

test par (test parametar)
(hit enter)

systemctl enable smb
systemctl start smb
systemctl enable nmb
systemctl start nmb

cd /samba/morepretzels
touch apples
=======================================
NOW LOOK AT THE SHARE VIA WINDOWS
\192.168.1.95 (whatever your ip is on linux)

Right click -> new -> text document -> save and call it yara to check if it pops up on linux

=======================================
NOW LOOK AT THE SHARE VIA ANOTHER LINUX

yum install cifs-utils samba-client

mkdir /mnt/sambashare (creating mnt point)

mount -t cifs //192.168.1.95/Anonymous /mnt/sambashare
(-t which file system)

==================================================
HINTS
Nobody is used for NFS - particularly when using root_squash which maps uid 0 (root) to nobody’s uid preventing the client from access the file as a super user. I think Nobody might actually be used since it is an account that anyone can use and it has limited rights.

Question 31

Configure autofs

Answer 31

yum install autofs -y
systemctl start autofs
systemctl enable autofs

vim /etc/auto.master
add:
/nfs /etc/auto.nfs –timeout=60 –ghost
(ghost creates directories inside the nfs)
or instead of /nfs do /-
vim /etc/auto.nfs
nfs -fstype=nfs 192.168.1.114:/nfs
or if you used /-
/nfs -fstype-nfs 192.168.1.114:/nfs

Question 32

Look up unit httpd in journalctl
Show incrementing logs from httpd
Show just errors

Answer 32

journalctl -u httpd
jounalctl -fu httpd
journalctl - p err -u httpd
-r reverse
-n 5 show last 5

Question 33

Make the journalctl persistent

Answer 33

System logs are ephemeral, they go away on boot
vim /etc/systemd/journal
#Storage=persistent

if it’s
#Storage=auto
This means if /var/log/journal exists it will stay perminant, if not it will make an ephemeral log.

systemctl daemon-reexec
or
systemctl reload systemd-journald

mkdir -p /var/log/journal/

Question 34

Automount all filesystems specified in fstab

Answer 34

mount -a

Question 35

Find all directories named fart in my home directory

How would you search for a file with this name?

Answer 35

find /home/delsinm -iname “fart” -type d

-type f

Question 36

What do you put at the end of a find command to perform another command

Answer 36

-exec rm {} \;

\; ends find command
or
+
{} <- remove whatever’s there

Question 37

All files in the Pictures directory need the execute bit removed, how would you do this with the find command.

Answer 37

find Pictures/ -type f -exec chmod u-x {} +

Question 38

option to use with find to find files owned by user

Answer 38

-user delsinm

Question 39

Find only empty files in your directory

Answer 39

find /home/delsinm -type f -empty

Question 40

find only file that have been modified within the week that contain the word “log”
then more than a month but also show the full permissions with the second one

Answer 40

find / -iname “log” -mtime -7
find / -iname “log” -mtime +30 -ls

Question 41

Change the root password

Answer 41

Reboot press up and down to pause countdown

• select kernel you want to boot into in grub menu and press e
• at end of “linux line” type “rd.break” (ctrl + E here to jump to end of line)
• CTRL + x
• mount -o remount,rw /sysroot
• chroot /sysroot
• passwd
• touch /.autorelabel
• exit
• reboot

chroot /sysroot <- chroot sections this root directory off to where it won’t interfere with the system. Turns this process into root directory.

The mount command options there tell you that you’re changing sysroot to writable so you can change the password.

rd.break tells your computer to break the boot process and go into maintenance mode.

Question 42

list all enabled repositories
List all available repos with yum

Answer 42

yum repolist
yum repolist all

Question 43

List all available repositories and then enable one then disable it

Answer 43

subscription-manager repos –list

subscription-manager repos –enable repository

subscription-manager repos –disable repository

(repository here is a place holder for whatever you want to enable)

dnf config-manager –enable repository

dnf config-manager –disable repository

Question 44

show info on repos you have currently with dnf

Answer 44

dnf repoinfo

Question 45

Add a repo from a url via dnf

Disable then enable rhel8-test

Answer 45

dnf install createrepo dnf-utils

dnf config-manager –add-repo https://repo.test.com

restart dnf? maybe just restart?

dnf config-manager –disablerepo rhel8-test
dnf config-manager –enablerepo rhel8-test

https://www.youtube.com/watch?v=RXwjttIO_dI

Add up until /86_64

|||
Remember to update system
To open a repos server create your repo like normal, in that end it will need to go into /var/www/html
open the firewall to html
start httpd
baseurl=http://192.168.10.170/var/www/localrepo

Question 46

Show current target

Show all available targets

Set a different boot target

Answer 46

systemctl get-default

systemctl list-units –type target

systemctl set-default multi-user.target