Rhcsa

Download as pdf or txt
Download as pdf or txt
You are on page 1of 11

RHCSA EXAM Questions & Answers

**********************************************

RHCSA-VM configuration:

*you have been provided a virtual box named as serverX.example.com (hint:where X is your domain
number)
* password for both virtual machine should be "Postroll"
*serverX.example.com provided with ip=172.25.X.11/255.255.255.0
*serverX.example.com are provided with gateway 172.25.254.254 & example.com dns domain with
the IP: 172.25.254.254

*NOTE: I have Foundation Machine # 9, so I am using 172.25.9.11


# nmcli connection add con-name eth0 ifname eth0 type ethernet ip4 172.25.9.11/24 gw4
172.25.254.254
# nmcli connection modify eth0 ipv4.dns 172.25.254.254
# nmcli connection modify eth0 ipv4.dns-search example.com
# nmcli connection modify eth0 ipv4.method manual
# nmcli connection modify eth0 connection.autoconnect yes
# nmcli connection down eth0
# nmcli connection up eth0
----------------------------
* Set the Hostname

# hostnamectl set-hostname server9.example.com

Before starting exam.

--> ping server-vm ip , desktop-vm ip and classroom.example.com


--> from server-vm ping base machine and server.
--> check hostname and IP address of server-vm and desktop-vm

# ping 172.25.9.11
# ping 172.25.9.10
# ping 172.25.254.254
# ping 172.25.254.9 ----> Your base Machine
# ping example.com
1) configure Selinux

The machine should be running enforcing mode

# vim /etc/selinux/config

Change this

SELINUX=enforcing

Don't forget to Reboot it, so that I'll take affect

2) create a new 100MB ext4 Physical partition mounted under /gluster


(Note because partition sizes are seldom exactly what is specified when they are created, any
thing within the range of 70MB to 120MB is acceptable)

# fdisk /dev/vdb
# partprobe /dev/vdb
# mkfs.ext4 /dev/vdb1
# mkdir -p /gluster
# vim /etc/fstab

/dev/vdb1 /gluster ext4 defaults 0 0

# mount -a
# df -hT

3) create a new 150MB swap partition.


(Note because partition sizes are seldom exactly what is specified when they are created, any
thing within the range of 130MB to 170MB is acceptable)

# fdisk /dev/vdb
# partprobe /dev/vdb
# mkswap /dev/vdb2
# swapon /dev/vdb2
# swapon -a
# vim /etc/fstab

UUID=4f3e868d-c885-4e1f-b069-d56ba443a9b6 swap swap defaults 0 0

Verify:
# free -m
# swapon -s

4) create a repositary for http://content.example.com/rhel7.0/x86_64/dvd

# vim /etc/yum.repos.d/rhcsa.repo

[localrepo]
name = Local Repo for RHCSA exam
baseurl = http://content.example.com/rhel7.0/x86_64/dvd
gpgcheck = 0
enabled = 1

Test:

# yum clean all


# yum list all
# yum repolist
5) create the following user, groups, and group memberships:

--> A group named sysgrp


--> A user andrew who belongs to sysgrp as a secondary group
--> A user susan also belongs to sysgrp as a secondary group
--> A user sarah who does not have access to an interactive shell on system and who not a
member of sysgrp
--> susan,sarah, andrew password = "Postroll"

# groupadd sysgrp
# useradd -G sysgrp andrew
# useradd -G sysgrp susan
# useradd -s /sbin/nologin sarah
# passwd susan
password: Postroll
# passwd andrew
password: Postroll
# passwd sarah
password: Postroll

Verification:

# id andrew
uid=1002(andrew) gid=1003(andrew) groups=1003(andrew),1002(sysgrp)
# id susan
uid=1003(susan) gid=1004(susan) groups=1004(susan),1002(sysgrp)
# su - sarah
This account is currently not available.
6) create a collaborative directory /redhat/sysgrp with the following characteristics:
--> Group owneship of /redhat/sysgrpis sysgrp
--> The directory should be readbale,writable, and accessable to members of sysgrp, but not to
any other user.

–->It is understood that root has access to all files and directories on the system.
--> Files created in /redhat/sysgrp automatically have group ownership set to the sysgrp group

# mkdir -p /redhat/sysgrp
# chgrp sysgrp /redhat/sysgrp
or
# chown :sysgrp /redhat/sysgrp
# chmod 2770 /redhat/sysgrp

Verification:

# ls -ld /redhat/sysgrp
drwxrws---. 2 root sysgrp 6 Jun 15 23:21 /redhat/sysgrp

7) Install the appropriate kernel update from http://content.example.com/rhel7.0/x86_64/errata


The following criteria must also be met:
-->The updated kernel is the default kerneal when the system rebooted.
-->The original kernel remains available and bootable on the system

# vim /etc/yum.repos.d/kernel.repo

[kernelrepo]
name = Local Repo for Kernel
baseurl = http://content.example.com/rhel7.0/x86_64/errata
gpgcheck = 0
enabled = 1
# yum repolist

Run this command before installing the kernel

# uname -rms
Linux 3.10.0-123.el7.x86_64 x86_64

Install the kernel


# yum update kernel

After Kernel installation, reboot the system and run this command again

# uname -rms
Linux 3.10.0-123.1.2.el7.x86_64 x86_64

8) Enable IP forwarding on your machine

# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1

Enable it using:

# sysctl -p

9) The user andrew must configure a cron job that runs daily at 14:23 local time and executes -
/bin/echo “I got RHCE”

# yum install crontabs


# systemctl enable crond
# systemctl start crond
# crontab -e -u andrew

23 14 * * * /bin/echo “I got RHCE”


# systemctl restart crond
Verification:

# crontab -l -u andrew

10) Bind with LDAP used provided by classroom.example.com for userr authentication.
Note the following:-
--> The LDAP search base DN is dc=example,dc=com
--> The LDAP certificate file is

http://classroom.example.com/pub/EXAMPLE-CA-CERT
-->ldapuserX should be able to log into your system, whereX is your ServerX ((hint:where X is
your domain number),
but will not have a home directory, until you have completed the autofs requirement,below all
LDAP users have password of "kerberos"
# yum install authconfig-gtk sssd krb5-workstation
# autoconfig-gtk
# systemctl start sssd
# systemctl enable sssd

Verification:

# getent passwd ldapuser9


ldapuser9:*:1709:1709:LDAP Test User 9:/home/guests/ldapuser9:/bin/bash
# ssh ldapuser9@localhost

11) configure autofs to automount the home directories of LDAP users,


Note the following:
→ classroom.example.com (172.25.254.254), NFS-exports /home/guests to your system,
whereX is your server Number.
→ LDAP userX's home directory is classroom.example.com:/home/guests/ldapuserX
→ LdapuserX's home directory should be automounted locally beneath /home as
/home/guests/ldapuserX
→ home directories must be writable by their users
→ while you are able to login as any of the users ldapuser1 through ldapuser20 the only home
directory that is accessible from
your system is ldapuserX.
Example:- classroom.example.com would configure the automaster such that ldapuser100's home
directory /home/guests/ldapuserX gets mounted automatically upon login. The NFS share would
be classroom.example.com:/home/guests/

# yum install autofs


# vim /etc/auto.master

/home/guests /etc/auto.test

# vim /etc/auto.test

* -rw,sync classroom.example.com:/home/guests/&

# systemctl enable autofs


# systemctl start autofs

Verification:
# su - ldapuser9
# df -h

12) Configure your system so that it is an NTP client of classroom.example.com.

Consider the company do not use daylight saving in America.

# yum install chrony ­y


# vim /etc/chrony.conf
# server classroom.example.com iburst
# systemctl restart chronyd
# systemctl enable chronyd
# timedatectl
# timedatectl list-timezones
# timedatectl set-timezone America/Phoenix
# timedatectl

Verification:

# chronyc sources -v

13) copy the file /etc/fstab to /var/tmp


configure the permission of /var/tmp/fstab so that
the file /var/tmp/fstab is owned by the root user, belongs to the group root
should not be executable by anyone.
The user andrew is able to read & write /var/tmp/fstab
The user susan can neighter write nor read /var/tmp/fstab
All other users (current or future) have the ability to read /var/tmp/fstab.

# cp /etc/fstab /var/tmp/
# setfacl -m u:andrew:rw- /var/tmp/fstab
# setfacl -m u:susan:--- /var/tmp/fstab

Verification:

# getfacl /var/tmp/fstab
# su - andrew
$ vim /var/tmp/fstab ----> Try to write anything to the file and it should be successful
$ exit
logout
# su - susan
$ cat /var/tmp/fstab
$ cat: /var/tmp/fstab: Permission denied -----> It should show this error
$ exit
logout

14) Resize the logical volume, logical-data and it filesystem to 400MB.


Make sure that the filesystem contents remain intact.
(Note: partitions are seldom exactly the size requested,so any thing within the range of 370MB
to 430MB is acceptable)

# df -Th -------> get the mount point of it

# umount /datasource
# e2fsck -f /dev/datacontainer/datacopy
# resize2fs /dev/datacontainer/datacopy 400M
# lvreduce -L 400M /dev/datacontainer/datacopy
# mount -a

15) Add the user tulsan with userid 2985

# useradd -u 2985 tulsan

Verification:

# id tulsan

find the file which owned by user julice and copy the file into /root/findresults directory.

# mkdir -p /root/findresults
# find / -user julice -exec cp -vrfp {} /root/findresults/ \;

16) create a new logical volume in the name of datacopy with the size of 50 logical extents under
volume group datacontainer. Consider the physical extent size is 16M .file system must ext4 then
mount it under /datasource

# bc

16*50
800 <=== result

# fdisk /dev/vdb <==== [ add a partition sized of 900M ]


# partprobe /dev/vdb
# pvcreate /dev/vdb3
# vgcreate -s 16M datacontainer /dev/vdb3
# vgdisplay
# lvcreate -l 50 -n datacopy datacontainer
# lvdisplay
# mkfs.ext4 /dev/datacontainer/datacopy
# mkdir -p /gluster
# vim /etc/fstab

/dev/vdb3 /datasource ext4 defaults 00

# mount -a
Verification:

# df -hT

17) create an archive file /root/local.tgz for /usr/local. it should be compressed by gzip.

# tar -cvzf /root/local.tgz /usr/local

18) search the string sarah in the /etc/passwd file and save the output in /root/lines

# grep sarah /etc/passwd > /root/lines


# cat lines
sarah:x:1004:1005::/home/sarah:/sbin/nologin

19) mount an iso file.

- download the http://classroom.example.com/content/book/test.iso into your home directory.


- mount the test.iso file into /mnt/isomount persistently.

# cd
# wget http://classroom.example.com/content/book/test.iso
# vim /etc/fstab

/root/test.iso /mnt/isomount iso9660 loop,defaults 00

# mount -a
# df -h

20) Install a package.

- Install the zsh package.


# yum install zsh -y

Or

- Configure ftp access on your system.


- Clients within the example.com should have anonymous access to your machine.

# yum install vsftpd -y


# systemctl enable vsftpd
# systemctl start vsftpd
# firewall-cmd --permanent --add-service=vsftpd
# firewall-cmd --reload

21) Create a symbolic link.

- Create a symbolink link of /usr/local to /local

# ln -s /usr/local /local

22) Create a hard link.

- Create a hard link of /usr/local to /local

# ln /usr/local /local

23) share a directory via nfs.

- share the /shared directory withing the example.com

# mkdir /shared
# systemctl enable nfs-server
# systemctl start nfs-server
# firewall-cmd --permanent --add-service=nfs
# firewall-cmd --reload
# vim /etc/exports

/shared *.example.com(rw,sync,no_root_squash)

# exportfs -r
# exportfs
# systemctl restart nfs-server

You might also like