You are on page 1of 11

Exam -7-paper-1

---------------------Initial setup:
--------------password break:
-------------------restart system
----> press esc key
linux...
--- > press e
----> fi ( line not enter)
----> linux16 /boot/vmliuz ----> go to end of the line and enter below the comond
rd.break console=tty1
---->ctrl+X
switch_root:# mount -o remount,rw /sysroot
switch_root:# chroot /sysroot
sh-4.2# passwd
---> in exam they give passwd
newpasswd:
retypepasswd:
sh-4.2# exit
switch_root:#exit
--------------------------------------------------------------------------root@server6 ~]# systemctl set-default multi-user.target -----> go to single user mode
[root@server6 ~]# systemctl set-default graphical.target
Terminal open"
Alt+f2
Enter a command: gnome-terminal---> enter
------------------------------------------------------------------------[root@server6 ~]# nmtui
---> Edit a connection
---> system eth0
----> Edit
------>Profile name:system eth0
------> ipv4 configuration -->show(click)--Enter
( IP address,gateway,dns,search domain give in EXAM u can enter below)
Addressed:172.25.20.11/24 ----> exam they give ip,dns,gateway ,domain
Gateway :172.25.254.254
DNS server:172.25.254.254
search Domain: example.com
-----> ok
-----> quit

[root@server6 ~]# nmtui


------> Activate connection
------> system eth0 ----> Deactivate(show)--Enter--> Activate ---> Enter
------> quit
now check IP address:
-------------------[root@server6 ~]# ip a
[root@server6 ~]# ping 172.25.254.254
[root@server6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=static
ONBOOT=yes
--------------[root@server6 ~]#hostnamectl set-hostname server6.example.com
or
[root@server6 ~]#vim /etc/hostname
server6.example.com
--------------[root@server6 ~]# systemctl stop iptables.service
[root@server6 ~]# systemctl stop ip6tables.service
[root@server6 ~]# systemctl stop ebtables.service
[root@server6 ~]# systemctl disable iptables.service
[root@server6 ~]# systemctl disable ip6tables.service
[root@server6 ~]# systemctl disable ebtables.service
[root@server6 ~]# systemctl mask iptables.service
ln -s '/dev/null' '/etc/systemd/system/iptables.service'
[root@server6 ~]# systemctl mask ip6tables.service
ln -s '/dev/null' '/etc/systemd/system/ip6tables.service'
[root@server6 ~]# systemctl mask ebtables
ln -s '/dev/null' '/etc/systemd/system/ebtables.service'
--------------[root@server6 yum.repos.d]# vim admin.repo
[admin]
name=adminrepo
baseurl=http://content.example.com/rhel7.0/x86_64/dvd
gpgcheck=0
enabled=1
[root@server6 yum.repos.d]# yum clean all
[root@server6 yum.repos.d]# yum clean dbcache
[root@server6 yum.repos.d]# yum repolist

[root@server6 ~]# init 6


---------------------------------------------------------------Question and answer:
----------------------------1.SELinux
Make SELinux as enforcing mode which is permanent
Answer:
---------[root@server6 ~]# vim /etc/sysconfig/selinux
SELINUX=enforcing
[root@server6 ~]# setenforce enforcing
[root@server6 ~]# getenforce
Enforcing
[root@server6 ~]# init 6
------------------------------------------------------------------------2.To create a new 500 MB physical partion
To create a new 500 MB physical partition mounted on /common with xfs
filesystem. Note because partition sizes are seldom exactly what is specified
when you are created, anything with range of 475MB to 525 MB is acceptable .
Answer:
-----------[root@server6 ~]# lsblk
[root@server6 ~]# fdisk /dev/vdb
Command (m for help): p
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p): p
Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): +500M
Command (m for help): p
Device Boot Start
End
Blocks Id System
/dev/vdb1
2048 1026047
512000 83 Linux
Command (m for help): w
[root@server6 ~]# partprobe /dev/vdb
[root@server6 ~]# mkdir /common
[root@server6 ~]# mkfs.xfs /dev/vdb1
[root@server6 ~]# vim /etc/fstab
/dev/vdb1
/common

xfs

defaults

00

[root@server6 ~]# mount -a


[root@server6 ~]# df -h
/dev/vdb1
497M 26M 472M 6% /common
----------------------------------------------------------------------------3.create the following users,groups and group membership.
a group name admin.
a user harry who belongs to admin as a secondary group.
a user natasha who belongs to admin as a secondary group.
a user sarah who does not access to an interactive shell on the system and
who is not member of admin.
a user sandy who belongs to admin as a secondary group.
harry,natasha,sarah,sandy should all have password of password.
Ans:
[root@server6 ~]# groupadd admin
[root@server6 ~]# useradd -G admin harry
[root@server6 ~]# useradd -G admin natasha
[root@server6 ~]# useradd -s /sbin/nologin sarah
[root@server6 ~]# useradd -G admin sandy
[root@server6 ~]# passwd harry
[root@server6 ~]# passwd natasha
[root@server6 ~]# passwd sarah
[root@server6 ~]# passwd sandy
[root@server6 ~]# cat /etc/gshadow
admin:!::harry,natasha,sandy
[root@server6 ~]# id harry
[root@server6 ~]# su - sarah
--------------------4.create a collaborative directory /common/admin with the following
characterstics.
Group ownership of /common/admin is admin
the directory should be readable ,writeable and accessible to members of
admin but not to any other users.(It is understood the root as access to all files
and directories on the system).
files created in /common/admin automatically have group ownership set to the
admin group.
Ans:
---[root@server6 ~]# mkdir -p /common/admin
[root@server6 ~]# ls -ld /common/admin
dr-xr-x---. 15 root root 4096 Nov 25 06:41 .
[root@server6 ~]# chgrp admin /common/admin
[root@server6 ~]# chmod 2770 /common/admin/ -R

[root@server6 admin]# chmod g+s /common/admin


[root@server6 ~]# ls -ld /common/admin/
[root@server6 admin]# touch 1 2 3
-------------------------------------------------------------------------------5.shedule a job.
harry set the own job schedule on 12:40 at noon print /bin/echo on "hello
world".
natasha should not schedule cron jobs.
Ans:
---1) [root@server6 ~]# yum install cron* -y
[root@server6 ~]# crontab -eu harry
2 8 * * * /bin/echo "hellow world"
[root@server6 ~]# systemctl restart crond.service
[root@server6 ~]# cat /var/spool/mail/harry
2) [root@server6 ~]# vim /etc/cron.deny
natasha
[root@server6 ~]# systemctl restart crond.service
[root@server6 ~]# su - natasha
[natasha@server6 ~]# crontab -e
your not allowed to use this program
----------------------------6.Install the appropriate kernel update from
http://classroom.example.com/rhel7.0/x86_64/errata/ The following criteria must
also be met .
the updated kernel is a default when is system is rebooted.
the original kernel remains available and bootable on the system.
Ans:
[root@server6 ~]# vim /etc/grub.conf
[root@server6 ~]# uname -r
3.10.0-123.el7.x86_64
[root@server6 ~]# cd /etc/yum.repos.d
[root@server6 yum.repos.d]# ls
admin.repo
[root@server6 yum.repos.d]# vim admin.repo

[admin]
name=adminrepo
baseurl=http://content.example.com/rhel7.0/x86_64/errata/
gpgcheck=0
enabled=1
[root@server6 yum.repos.d]# yum clean all
[root@server6 yum.repos.d]# yum clean dbcache
[root@server6 yum.repos.d]# yum repolist
[root@server6 yum.repos.d]# yum install kernel -y
[root@server6 yum.repos.d]# reboot -f
[root@server6 ~]# uname -r
3.10.0-123.1.2.el7.x86_64
[root@server6 ~]# vim /etc/grub.conf
---------------------7.create a swap memory.
. create a swap partition 512MB size.
Ans:
--[root@server6 ~]# fdisk /dev/vdb
Command (m for help): p
Command (m for help): n
Select (default p): e
--enter
---enter
--- enter
Command (m for help): n
Partition type:
p primary (1 primary, 1 extended, 2 free)
l logical (numbered from 5)
Select (default p): l
Last sector, +sectors or +size{K,M,G} (1028096-20971519, default 20971519): +512M
Command (m for help): p
Command (m for help): t
Partition number (1,2,5, default 5): 5
Hex code (type L to list all codes): 82
Changed type of partition 'Linux' to 'Linux swap / Solaris'
Command (m for help): w
[root@server6 ~]# partprobe /dev/vdb
[root@server6 ~]# mkswap /dev/vdb5
[root@server6 ~]# vim /etc/fstab

/dev/vdb5
swap
[root@server6 ~]# swapon -a
[root@server6 ~]# swapon -s
[root@server6 ~]# free -m
[root@server6 ~]# lsblk

swap

defaults

00

-----------------------------8. ARCHIVE.
Archive /etc/hosts to /var/tmp/archive.tar.bz2.
Please read carefully the question /var/ and /tmp are directory. So remove
the /tmp or /var and try it.
Ans:
[root@server6 /]# tar -cjvf /var/tmp/archive.tar.bz2 /etc/hosts
UnZip:
-----[root@server5 /]# tar -xjvf /var/tmp/archiv.tar.bz2 -C /root/Desktop/
etc/hosts
----------------------------9.Bind to the LDAP domain example.com provided by classroom.example.com
for user..
note the following.
ldapuserX should be able to log into your system, where X is your server
number, but will not have a home directory until you have completed the autofs
requirement below.
.
all ldap user have a password of password
Note:your ldap user TLS certificate path
http://classroom.example.com/pub/EXAMPLE-CA-CERT
Ans:
---[root@server6 ~]# yum install sssd* -y
[root@server6 ~]# yum install auth* -y
[root@server6 ~]# yum install autofs* -y
[root@server6 ~]# systemctl restart sssd
Job for sssd.service failed.
[root@server6 ~]# authconfig-gtk
one new window open
User accound database: LDAP
Ldap Search base DN : dc=example,dc=com
Ldap server
:ldaps://classroom.example.com

select Use TLS to encrypted connection


-- Click Download certicficate --- new window open
certificate url: http://classroom.example.com/pub/EXAMPLE-CA-CERT
--> ok
Authendication method : LDAP PASSWD
[root@server6 ~]# systemctl restart sssd
----------------------10.Configure autofs to automount the home directories of LDAP users. Note the
following: .
i) classroom.example.com (172.25.254.254) NFS -exports /home/guests to your
system,.
ii) ldapuserX's home directory is
classroom.example.com:/home/guests/ldapuserX. where X is your station
number . ,
iii) ldapuserX's home directory should be automounted locally mapped to /home
as /home/guests..
home directories must be writeable by their users.
while you are able to log in as any of the users ldapuser1 through
ldaouser20.the only home directory.
that is accessible from your system is ldapuserx
Example:station 100 would configure the automounter such that ldapuser100's
home directory /home/guest gets mounted automatically upon login.
Ans:
--[root@server5 /]# vim /etc/auto.master
/misc /etc/auto.misc
/home/guests /etc/auto.misc
[root@server5 /]# vim /etc/auto.misc
cd
-fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
ldapuser6
-rw,soft,intr classroom.example.com:/home/guests/ldapuser6
[root@server6 ~]# systemctl restart autofs
[root@server6 ~]# su - ldapuser6
-----------------------------------------------------------------------------

11.copy the file /etc/fstab to var/tmp.


configure the permission of /var/tmp/fstab.
the file /var/tmp/fstab is owned by root user.
the file /var/tmp/fstab is belongs to the group root.
the file /var/tmp/fstab is should not be executable by any one.
the user harry is able to read and write by /var/tmp/fstab.
the user Natasha can neither read nor write /var/tmp/fstab.
all other user(current/future)have the ablity to read /var/tmp/fstab.
Ans:
---[root@server5 ~]# cd /var/tmp
[root@server5 tmp]# ls
[root@server5 tmp]# cp -rvf /etc/fstab /var/tmp/
[root@server5 /]# setfacl -m u:harry:rw- /var/tmp/fstab
[root@server5 /]# setfacl -m u:natasha:--- /var/tmp/fstab
[root@server5 /]# getfacl /var/tmp/fstab
-----------------12. configure your system so that it is an NTP client of classroom.example.com.
Ans:
---[root@server6 ~]# yum install chrony* -y
[root@server6 ~]# vim /etc/chrony.conf
server 3.rhel.pool.ntp.org iburst
server classroom.example.com iburst
[root@server6 ~]# systemctl restart chronyd.service
[root@server6 ~]# timedatectl
[root@server6 ~]# chronyc tracking
--------------------13.find the owner of the file sandy to copy the file to given path of root/find.user.
Ans:
---[root@server6 ~]# find / -iname sandy
[root@server6 ~]# cp -rvf /home/sandy /root/find.user
[root@server6 ~]# cp -rvf /var/spool/mail/sandy /root/find.user
--------------------

14.Create one logical volume named database and it should be on datastore


volume group with size 50 extent..
(i) the datastore volume group extend should be 16MiB..
mount the logical volume under mount point /mnt/database.
Ans:
---[root@server6 ~]# fdisk /dev/vdb
Command (m for help): p
Command (m for help): n
Partition type:
p primary (0 primary, 1 extended, 3 free)
l logical (numbered from 5)
Select (default p): l
Last sector, +sectors or +size{K,M,G} (4096-20971519, default 20971519): +2G
[root@server6 ~]# partprobe /dev/vdb
[root@server6 ~]# pvcreate /dev/vdb5
[root@server6 ~]# vgcreate -s 16 datastore /dev/vdb5
[root@server6 ~]# vgdisplay
[root@server6 ~]# lvcreate -l 50 -n /dev/datastore/database
[root@server6 ~]# lvdisplay
[root@server6 ~]# mkdir /mnt/database
[root@se[root@server6 ~]# mkfs.ext4 /dev/datastore/database
rver6 ~]# vim /etc/fstab
/dev/datastore/database

/mnt/database

ext4

defaults

00

[root@server6 ~]# mount -a


[root@server6 ~]# df -h
------------------------------15.to create a new user with UID 1326 alies.
Ans:
---[root@server6 ~]# useradd -u 1326 alies
[root@server6 ~]# id alies
uid=1326(alies) gid=1326(alies) groups=1326(alies)
----------------------------------16.Enable FTP service on your system and anonymous user's can download
options available on your server.
Ans:
--[root@server6 ~]# yum install *ftp* -y
[root@server6 ~]# yum install vsftpd* -y
[root@server6 ~]# systemctl restart vsftpd

[root@server6 ~]# vim /etc/vsftpd/vsftpd.conf


anonymous_enable=YES
[root@server6 ~]# ftp 172.25.6.11
Name (172.25.6.11:root): anonymous
ftp> ls
-----------------------------------------------------------------------------------------17.Find the string "/bin/bash" in /etc/passwd and searching string as been
stored in /root/search.txt.
[root@server6 ~]# grep /bin/bash /etc/passwd > /root/search.txt
[root@server6 ~]# cat /root/serarch.txt
-----------------------------------------------------------------------------------------18.The initial size of that logical volume database is 800MB. Make successfully
reduce the size of logical volume 500MB without losing any data..
Ans
---[root@server6 ~]# umount -a
[root@server6 ~]# e2fsck -f /dev/datastore/database
[root@server6 ~]# resize2fs /dev/datastore/database 500M
[root@server6 ~]# lvreduce -L 500M /dev/datastore/database
Do you really want to reduce database? [y/n]: y
[root@server6 ~]# resize2fs /dev/datastore/database
[root@server6 ~]# mount -a /dev/datastore/database /mnt/database