Rhcsa
Rhcsa
Rhcsa
**********************************************
RHCSA-VM configuration:
*you have been provided a virtual box named as serverX.example.com (hint:where X is your domain
number)
* password for both virtual machine should be "Postroll"
*serverX.example.com provided with ip=172.25.X.11/255.255.255.0
*serverX.example.com are provided with gateway 172.25.254.254 & example.com dns domain with
the IP: 172.25.254.254
# ping 172.25.9.11
# ping 172.25.9.10
# ping 172.25.254.254
# ping 172.25.254.9 ----> Your base Machine
# ping example.com
1) configure Selinux
# vim /etc/selinux/config
Change this
SELINUX=enforcing
# fdisk /dev/vdb
# partprobe /dev/vdb
# mkfs.ext4 /dev/vdb1
# mkdir -p /gluster
# vim /etc/fstab
# mount -a
# df -hT
# fdisk /dev/vdb
# partprobe /dev/vdb
# mkswap /dev/vdb2
# swapon /dev/vdb2
# swapon -a
# vim /etc/fstab
Verify:
# free -m
# swapon -s
# vim /etc/yum.repos.d/rhcsa.repo
[localrepo]
name = Local Repo for RHCSA exam
baseurl = http://content.example.com/rhel7.0/x86_64/dvd
gpgcheck = 0
enabled = 1
Test:
# groupadd sysgrp
# useradd -G sysgrp andrew
# useradd -G sysgrp susan
# useradd -s /sbin/nologin sarah
# passwd susan
password: Postroll
# passwd andrew
password: Postroll
# passwd sarah
password: Postroll
Verification:
# id andrew
uid=1002(andrew) gid=1003(andrew) groups=1003(andrew),1002(sysgrp)
# id susan
uid=1003(susan) gid=1004(susan) groups=1004(susan),1002(sysgrp)
# su - sarah
This account is currently not available.
6) create a collaborative directory /redhat/sysgrp with the following characteristics:
--> Group owneship of /redhat/sysgrpis sysgrp
--> The directory should be readbale,writable, and accessable to members of sysgrp, but not to
any other user.
–->It is understood that root has access to all files and directories on the system.
--> Files created in /redhat/sysgrp automatically have group ownership set to the sysgrp group
# mkdir -p /redhat/sysgrp
# chgrp sysgrp /redhat/sysgrp
or
# chown :sysgrp /redhat/sysgrp
# chmod 2770 /redhat/sysgrp
Verification:
# ls -ld /redhat/sysgrp
drwxrws---. 2 root sysgrp 6 Jun 15 23:21 /redhat/sysgrp
# vim /etc/yum.repos.d/kernel.repo
[kernelrepo]
name = Local Repo for Kernel
baseurl = http://content.example.com/rhel7.0/x86_64/errata
gpgcheck = 0
enabled = 1
# yum repolist
# uname -rms
Linux 3.10.0-123.el7.x86_64 x86_64
After Kernel installation, reboot the system and run this command again
# uname -rms
Linux 3.10.0-123.1.2.el7.x86_64 x86_64
# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
Enable it using:
# sysctl -p
9) The user andrew must configure a cron job that runs daily at 14:23 local time and executes -
/bin/echo “I got RHCE”
# crontab -l -u andrew
10) Bind with LDAP used provided by classroom.example.com for userr authentication.
Note the following:-
--> The LDAP search base DN is dc=example,dc=com
--> The LDAP certificate file is
http://classroom.example.com/pub/EXAMPLE-CA-CERT
-->ldapuserX should be able to log into your system, whereX is your ServerX ((hint:where X is
your domain number),
but will not have a home directory, until you have completed the autofs requirement,below all
LDAP users have password of "kerberos"
# yum install authconfig-gtk sssd krb5-workstation
# autoconfig-gtk
# systemctl start sssd
# systemctl enable sssd
Verification:
/home/guests /etc/auto.test
# vim /etc/auto.test
* -rw,sync classroom.example.com:/home/guests/&
Verification:
# su - ldapuser9
# df -h
Verification:
# chronyc sources -v
# cp /etc/fstab /var/tmp/
# setfacl -m u:andrew:rw- /var/tmp/fstab
# setfacl -m u:susan:--- /var/tmp/fstab
Verification:
# getfacl /var/tmp/fstab
# su - andrew
$ vim /var/tmp/fstab ----> Try to write anything to the file and it should be successful
$ exit
logout
# su - susan
$ cat /var/tmp/fstab
$ cat: /var/tmp/fstab: Permission denied -----> It should show this error
$ exit
logout
# umount /datasource
# e2fsck -f /dev/datacontainer/datacopy
# resize2fs /dev/datacontainer/datacopy 400M
# lvreduce -L 400M /dev/datacontainer/datacopy
# mount -a
Verification:
# id tulsan
find the file which owned by user julice and copy the file into /root/findresults directory.
# mkdir -p /root/findresults
# find / -user julice -exec cp -vrfp {} /root/findresults/ \;
16) create a new logical volume in the name of datacopy with the size of 50 logical extents under
volume group datacontainer. Consider the physical extent size is 16M .file system must ext4 then
mount it under /datasource
# bc
16*50
800 <=== result
# mount -a
Verification:
# df -hT
17) create an archive file /root/local.tgz for /usr/local. it should be compressed by gzip.
18) search the string sarah in the /etc/passwd file and save the output in /root/lines
# cd
# wget http://classroom.example.com/content/book/test.iso
# vim /etc/fstab
# mount -a
# df -h
Or
# ln -s /usr/local /local
# ln /usr/local /local
# mkdir /shared
# systemctl enable nfs-server
# systemctl start nfs-server
# firewall-cmd --permanent --add-service=nfs
# firewall-cmd --reload
# vim /etc/exports
/shared *.example.com(rw,sync,no_root_squash)
# exportfs -r
# exportfs
# systemctl restart nfs-server