SA
Content
SA
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You will be given username password for your virtual machine
Enter single user mode.
* #setup [enter the given IP hostname DNS server IP Gateway]
* #lokkit --diasbled
* #lokkit --selinux=permissive
* #vi base.repo
[base]
baseurl=ftp://server.example.com/pub/packages
enabled=1
gpgcheck=0
* reboot
note:- in this scenerio IP of machine is 192.168.0.11
hostname station11.example.com
server server.example.com
********************************************************************************
1> LVM
Resize your LVM /home to 300MB.
Answer:
# df -h
Either one of the cases are possible in the exam
case I :- Current size of /home < 300MB
# lvextend -L 300M /dev/mygrp/myvol
# resize2fs /dev/mygrp/myvol
# lvdisplay
# df -h
case II :- Current size of /home > 300MB
# umount /home
# e2fsck -f /dev/mygrp/myvol
# resize2fs /dev/mygrp/myvol 300M
# lvreduce -L 300M /dev/mygrp/myvol
# mount -a
# lvdisplay
*****************************************************************************
2> Create a logical volume wshare from the volume group wgroup. The vg should
have the extents of size 8MB. The lv should have 100 extents. Mount this
lvm as /mnt/lvm.
Answer:
(note 8MB X 100 = 800MB)
# fdisk /dev/vda
Create a partition greater than 800MB, say 1000MB & make id=8e
# pvcreate /dev/vdax
# vgcreate -s 8M wgroup /dev/vdax
# lvcreate -l 100 -n wshare wgroup
# mkfs.ext4 /dev/wgroup/wshare
# mkdir /mnt/lvm
# mount -t ext4 /dev/wgroup/wshare /mnt/lvm
***************************************************************************
3> Create 3 new users natasha, harry and sarah.
natasha is a member of secondary group admin.
harry is also a member of same group.
sarah being not a member of any group, should not be given interactive shell.
Password for all is "redhat".
Answer:
# groupadd admin
# useradd -G admin natasha
(To create a new group)
(directly create user nastasha and add to
secondary group admin auto - 2 cmds in 1)
# passwd natasha
# useradd -G admin harry
# passwd harry
# useradd -s /bin/false sarah
# passwd sarah
Testing:
# id Natasha
>> natasha admin etc, etc..
# id harry
# id sarah
(No shell to sarah)
****************************************************************************
4> Create a user jane. The user id of this user should be 3564.
Answer:
# useradd -u 3564 jane
Testing:
# grep jane /etc/passwd
****************************************************************************
5> natasha should create cron job that must do /bin/echo hiya everyday at 14:23.
Answer:
# su - natasha
(since natasha should do this)
# crontab -e
(To add a cron job)
23 14 * * * /bin/echo hiya
(Make an entry here)
# logout
(Back to root)
# /etc/init.d/crond restart
(Only root can do this)
# chkconfig --level 35 crond on
# crontab -l -u natasha
(Cross check)
*****************************************************************************
6> Copy /etc/fstab to /var/tmp/fstab.
This file and group should be owned by root.
natasha should be allowed to read and write to this file.
harry should not be allowed to read or write to this file.
No one should be able to execute.
All other users must be able to read
(current or future).
Answer:
# cp /etc/fstab /var/tmp/
# setfacl -m u:natasha:rw /var/tmp/fstab
(set acl for natasha a
s rw-)
# setfacl -m u:harry:0 /var/tmp/fstab
(set acl for harry as
---)
# getfacl /var/tmp/fstab
(verify everything)
*****************************************************************************
7> Create a dir /common/adm. See to it that, it should be owned by group admin.
Read, write and execute by group admin only.
Any file made under this dir should also have group admin.
Answer:
# mkdir /common/adm
(Create a new dir)
# chgrp admin /common/adm
(To change group owner to admin)
# chmod 2070 /common/adm
(To change permission and set sgid)
*****************************************************************************
8> Install a new kernel from ftp://server1.example.com/pub/updates.
Make sure that this new kernel is the default kernel.
Also the old stock kernel should be available and bootable.
Answer:
# yum -y install lftp*
(This installs lftp from srv to your m/c)
# lftp server1.example.com
# cd updates
#rpm -ivh linux-firmware-20100806.rpm
# rpm -ivh kernel-2.6.35.6-45.rpm
(Will install kernel on you
r vm)
# vi /etc/grub.conf
t, if it is not)
(Make the new kernel defaul
*******************************************************************************
9> Setup a ftp server such that anonymous access is allowed and can download
from directory /var/ftp/pub/downloads
Answer:
# yum -y install vsftpd*
# vi /etc/vsftpd/vsftpd.conf (Verify for anonymous access/tcp wrappers)
anonymous_enable=yes
no_anon_password=yes
tcp_wrappers=yes
# /etc/init.d/vsftpd restart
# chkconfig vsftpd on
To test:
# ftp 192.168.0.11
<----- your machine IP
username anonymous
i.e ftp to your own machine
******************************************************************************
10> Create a website by your hostname ie. "http://station11.example.com".
Copy station.html from server1.example.com/pub/web/
Do Not make any modifications or changes to this file.
Answer:
# yum -y install httpd*
# vi /etc/httpd/conf/httpd.conf (Open config file and just change this)
ServerName station11.example.com
(In Section 2)
# chkconfig httpd on
# httpd -t
(To test syntax of config file)
# lftp
(download station.html from server)
# get /pub/web/station.html
# mv station.html /var/www/html/index.html
To test: # elinks station11.example.com
*****************************************************************************
11> Create a swap partition of 100MB.
Answer:
# fdisk /dev/vda
create a 100MB partition and make the id=82
# partx -a /dev/vda
# mkswap /dev/vdax
(When you run this command you will
Setting up swapspace version 1, size = 112416KiB
no label, UUID=a257593b-9330-407a-8c56-8580a895a282
# vim /etc/fstab
UUID=a257593b-9330-407a-8c56-8580a895a282 swap swap defaults 0 0
# swapon /dev/vdax
# swapon -s
******************************************************************************
12> Locate all files owned by user sasha & copy them to /home/lost+found/
Answer:
# Find / -user sasha -exec cp -vp {} /home/lost+found/ \;
******************************************************************************
13> Search fot the text "Strato" in the file /usr/share/dict/words & copy this
to /root/lines.txt file.
This new file should not contain any blanks spaces or lines.
The order of the names in the new file should be same as the order in the
original file.
Answer:
# grep -i strato /usr/share/dict/words > /root/lines.txt
******************************************************************************
14> Configure your NTP server as server1.example.com
Answer:
In GUI, Click on system,then administrate, then date & time
[tick] SYNCRONIZE DATE & TIM
add
server1.example.com
ok
******************************************************************************
15> Configure a LDAP client, where your ldap server is server1.example.com
LDAP Base DN: dc=Server, dc=example, dc=com.
Authenticate your LDAP server using the certificate
ftp://server1.example.com/pub/EXAMPLE-CA-CERT
You should be able to login as ldapuser11 via LDAP.This connection must be
persistent after restart. You will get home directory only after SOLVING
AUTOMOUNT QUESTION.
Answer:
# yum groupinstall directory-client*
# system-config-authentication
Enter the following:
user acc database LDAP
LDAP search Base DN:dc=example, dc=com
LDAP server ldap://server1.example.com
[tick] use TLS
Click on ----> DOWNLOAD CA CERTIFICATE
Certificate url: ftp://server1.example.com/pub/EXAMPLE-CA-CERT
Authentication method
LDAP
Apply
# getent passwd ldapuser11
# su - ldapuser11
******************************************************************************
16> Configure automount in such a way that the ldapuser11 home directory in
server1.example.com /home/guests/ldapuser11 should be mounted as local
directory /home/guests/ldapuser11 when ldapuser11 logins. This config
must persist after restart.
Answer:
# rpm -qa autofs
# vim /etc/auto.master
/home/guests /etc/auto.misc
# vim /etc/auto.misc
ldapuser11 -rw,soft,intr server1.example.com:/home/guests/ldapuser1
1
# /etc/init.d/autofs restart
# chkconfig --level 35 autofs on
# su - ldapuser11
********************************ALL THE BEST***********************************
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You will be given username password for your virtual machine
Enter single user mode.
* #setup [enter the given IP hostname DNS server IP Gateway]
* #lokkit --diasbled
* #lokkit --selinux=permissive
* #vi base.repo
[base]
baseurl=ftp://server.example.com/pub/packages
enabled=1
gpgcheck=0
* reboot
note:- in this scenerio IP of machine is 192.168.0.11
hostname station11.example.com
server server.example.com
********************************************************************************
1> LVM
Resize your LVM /home to 300MB.
Answer:
# df -h
Either one of the cases are possible in the exam
case I :- Current size of /home < 300MB
# lvextend -L 300M /dev/mygrp/myvol
# resize2fs /dev/mygrp/myvol
# lvdisplay
# df -h
case II :- Current size of /home > 300MB
# umount /home
# e2fsck -f /dev/mygrp/myvol
# resize2fs /dev/mygrp/myvol 300M
# lvreduce -L 300M /dev/mygrp/myvol
# mount -a
# lvdisplay
*****************************************************************************
2> Create a logical volume wshare from the volume group wgroup. The vg should
have the extents of size 8MB. The lv should have 100 extents. Mount this
lvm as /mnt/lvm.
Answer:
(note 8MB X 100 = 800MB)
# fdisk /dev/vda
Create a partition greater than 800MB, say 1000MB & make id=8e
# pvcreate /dev/vdax
# vgcreate -s 8M wgroup /dev/vdax
# lvcreate -l 100 -n wshare wgroup
# mkfs.ext4 /dev/wgroup/wshare
# mkdir /mnt/lvm
# mount -t ext4 /dev/wgroup/wshare /mnt/lvm
***************************************************************************
3> Create 3 new users natasha, harry and sarah.
natasha is a member of secondary group admin.
harry is also a member of same group.
sarah being not a member of any group, should not be given interactive shell.
Password for all is "redhat".
Answer:
# groupadd admin
# useradd -G admin natasha
(To create a new group)
(directly create user nastasha and add to
secondary group admin auto - 2 cmds in 1)
# passwd natasha
# useradd -G admin harry
# passwd harry
# useradd -s /bin/false sarah
# passwd sarah
Testing:
# id Natasha
>> natasha admin etc, etc..
# id harry
# id sarah
(No shell to sarah)
****************************************************************************
4> Create a user jane. The user id of this user should be 3564.
Answer:
# useradd -u 3564 jane
Testing:
# grep jane /etc/passwd
****************************************************************************
5> natasha should create cron job that must do /bin/echo hiya everyday at 14:23.
Answer:
# su - natasha
(since natasha should do this)
# crontab -e
(To add a cron job)
23 14 * * * /bin/echo hiya
(Make an entry here)
# logout
(Back to root)
# /etc/init.d/crond restart
(Only root can do this)
# chkconfig --level 35 crond on
# crontab -l -u natasha
(Cross check)
*****************************************************************************
6> Copy /etc/fstab to /var/tmp/fstab.
This file and group should be owned by root.
natasha should be allowed to read and write to this file.
harry should not be allowed to read or write to this file.
No one should be able to execute.
All other users must be able to read
(current or future).
Answer:
# cp /etc/fstab /var/tmp/
# setfacl -m u:natasha:rw /var/tmp/fstab
(set acl for natasha a
s rw-)
# setfacl -m u:harry:0 /var/tmp/fstab
(set acl for harry as
---)
# getfacl /var/tmp/fstab
(verify everything)
*****************************************************************************
7> Create a dir /common/adm. See to it that, it should be owned by group admin.
Read, write and execute by group admin only.
Any file made under this dir should also have group admin.
Answer:
# mkdir /common/adm
(Create a new dir)
# chgrp admin /common/adm
(To change group owner to admin)
# chmod 2070 /common/adm
(To change permission and set sgid)
*****************************************************************************
8> Install a new kernel from ftp://server1.example.com/pub/updates.
Make sure that this new kernel is the default kernel.
Also the old stock kernel should be available and bootable.
Answer:
# yum -y install lftp*
(This installs lftp from srv to your m/c)
# lftp server1.example.com
# cd updates
#rpm -ivh linux-firmware-20100806.rpm
# rpm -ivh kernel-2.6.35.6-45.rpm
(Will install kernel on you
r vm)
# vi /etc/grub.conf
t, if it is not)
(Make the new kernel defaul
*******************************************************************************
9> Setup a ftp server such that anonymous access is allowed and can download
from directory /var/ftp/pub/downloads
Answer:
# yum -y install vsftpd*
# vi /etc/vsftpd/vsftpd.conf (Verify for anonymous access/tcp wrappers)
anonymous_enable=yes
no_anon_password=yes
tcp_wrappers=yes
# /etc/init.d/vsftpd restart
# chkconfig vsftpd on
To test:
# ftp 192.168.0.11
<----- your machine IP
username anonymous
i.e ftp to your own machine
******************************************************************************
10> Create a website by your hostname ie. "http://station11.example.com".
Copy station.html from server1.example.com/pub/web/
Do Not make any modifications or changes to this file.
Answer:
# yum -y install httpd*
# vi /etc/httpd/conf/httpd.conf (Open config file and just change this)
ServerName station11.example.com
(In Section 2)
# chkconfig httpd on
# httpd -t
(To test syntax of config file)
# lftp
(download station.html from server)
# get /pub/web/station.html
# mv station.html /var/www/html/index.html
To test: # elinks station11.example.com
*****************************************************************************
11> Create a swap partition of 100MB.
Answer:
# fdisk /dev/vda
create a 100MB partition and make the id=82
# partx -a /dev/vda
# mkswap /dev/vdax
(When you run this command you will
Setting up swapspace version 1, size = 112416KiB
no label, UUID=a257593b-9330-407a-8c56-8580a895a282
# vim /etc/fstab
UUID=a257593b-9330-407a-8c56-8580a895a282 swap swap defaults 0 0
# swapon /dev/vdax
# swapon -s
******************************************************************************
12> Locate all files owned by user sasha & copy them to /home/lost+found/
Answer:
# Find / -user sasha -exec cp -vp {} /home/lost+found/ \;
******************************************************************************
13> Search fot the text "Strato" in the file /usr/share/dict/words & copy this
to /root/lines.txt file.
This new file should not contain any blanks spaces or lines.
The order of the names in the new file should be same as the order in the
original file.
Answer:
# grep -i strato /usr/share/dict/words > /root/lines.txt
******************************************************************************
14> Configure your NTP server as server1.example.com
Answer:
In GUI, Click on system,then administrate, then date & time
[tick] SYNCRONIZE DATE & TIM
add
server1.example.com
ok
******************************************************************************
15> Configure a LDAP client, where your ldap server is server1.example.com
LDAP Base DN: dc=Server, dc=example, dc=com.
Authenticate your LDAP server using the certificate
ftp://server1.example.com/pub/EXAMPLE-CA-CERT
You should be able to login as ldapuser11 via LDAP.This connection must be
persistent after restart. You will get home directory only after SOLVING
AUTOMOUNT QUESTION.
Answer:
# yum groupinstall directory-client*
# system-config-authentication
Enter the following:
user acc database LDAP
LDAP search Base DN:dc=example, dc=com
LDAP server ldap://server1.example.com
[tick] use TLS
Click on ----> DOWNLOAD CA CERTIFICATE
Certificate url: ftp://server1.example.com/pub/EXAMPLE-CA-CERT
Authentication method
LDAP
Apply
# getent passwd ldapuser11
# su - ldapuser11
******************************************************************************
16> Configure automount in such a way that the ldapuser11 home directory in
server1.example.com /home/guests/ldapuser11 should be mounted as local
directory /home/guests/ldapuser11 when ldapuser11 logins. This config
must persist after restart.
Answer:
# rpm -qa autofs
# vim /etc/auto.master
/home/guests /etc/auto.misc
# vim /etc/auto.misc
ldapuser11 -rw,soft,intr server1.example.com:/home/guests/ldapuser1
1
# /etc/init.d/autofs restart
# chkconfig --level 35 autofs on
# su - ldapuser11
********************************ALL THE BEST***********************************
