Notice dont forget to test you configuration with a reboot!!!!

Check how to configure a repo for http/ftp server Configure network with system-config-network/tui, and be sure it works after reb oot!!!!!! I had a issue had to set NM to yes, Yes almost forgot, it is also essential to know how to reset roots pwd on a unkn ow system, where you simply dont know the previous roots pwd, just at boot type a and type 1 and boot system in single user mode and reset roo ts pwd, to that you will have to use at your exam Questions 1 | CREATE LVM Create the "LVM" with the name "source" by using 26PE's from the volume group "o pen". Consider the PE size as "8MB". Mount it on /mnt/secret with filesystem vfa t. --> notice here that the already 3 partition present vda1,2,3 I had two question 1st was to create a swap from partition (NOT from LVM) and 2nd was to create a new LVM with new VG and new LV. Since you cant have 5 primary partition you need to create the next 5 partition as logical, recommend doing this with cfdisk, ha d issues rereading new partitions using partx -a, or partprobe, in some cases I had to reboot the server Questions 2 | USER'S GROUPS AND PERMISSION: Create a group named "sysadmin" A user sarah and natasha should belongs to "mana ger" group as a secondary group . A user harry should not have access to interac tive shell and he should not be a member of "manager" group. passwd for all user created should be "password". --> This task can differ with names, but the task I had was similiar Questions 3 | DIRECTORY COLLABORATION: Create the Directory "/home/manager" with the following characteristics. Group o wnership of "/home/manager" should go to "manager" group. The directory should b e have full permission for all members off "manager" group but not to any other users accept "root". Files created under "/home/manager" should get the same gro up ownership is set to the "manager" group. --> this also pretty ease you need to set g+s on the directory Questions 4 | UPDATE THE KERNEL: Install the appropriate Kernel fromftp://instructor.example.com/ftp/updates. You r machine should boot with updated kernel. --> I think I had the kernel on a http location used lynx to get the exact path to the new kernel and kernel-firmware, used after wget to download it. use rpm -vih kernel-firmware and then rpm -ivh kermel dont do -Uvh, this will remove the previous kernel, no changes are needed. --> if the source is ftp just ftp and open or lftp Questions 5 | CRON JOB: The user sarah must configure a cron job that runs today at 14:23 today. and exe cutes "/bin/echo "hyer" and deny the user max for creating cronjob . --> yes this matches, but had it without the deny Questions 6 | RESIZE LVM: Resize the lvm "/dev/vgsrv/home" (/dev/myvol/vo) so that after reboot size shoul d be in between 90MB to 120MB.. Yup, if you are not sure make a copy of the /home, or where the LV points to. so umount > fsck > resize /dev.../lv 100M > lvresize -L 100M /dev. (by lvresize yo

.com:/home/guests/ldapuserx. create a copy from auto. verify with getfacl. BASE DN: dc=example. instructor. other users (future and current) shuo ld be able to read /var/tmp/fstab.com(192.misc called auto. --> Yes this is pretty easy. --> matches. can be also found in the system tools Questions 9 | AUTOMOUNT THE HOME DIRECTORY FOR LDAPUSER Note the following. Clients within the remote.test should not have anonomyous FTP access to your system. just start from GUI the Authentification Tool or au thconfig/authconfig-tui If all goes well verify changes with getend passwd ldapuser01 Questions 8 | "NTP" CLIENT: Configure your system as "NTP" client for "instructor. While login with any of the ldapuser then only home directory should accesible from your system that ld apuserx..u may get a message about destroying your data just confirm). you must configure you network connection! yum install vsftpd chkconfig vsftpd on service vsftpd start Didnt had the second part.examp le. The user "sarah" should able to read and write to the file. The user "natash a" can neither read nor write to the file.example.ldap in the auto. just use setfacl -m u:user:rwx file.example.com/pub/EXAMPLECA-CERT"Ldap user should login into your system .example.set default group a s ftp so that when content will be created under this dir group ftp will be inhe rited.ldap ldapuser01 -fstype=nfs IP:/home/quests/ldapuser01 --> nfs is NFSv3 * -fstype=nfs IP:/home/quests/& --> all users Questions 10 | ACCESS CONTROL LIST: Copy the file /etc/fstab to /var/tmp and configure the "ACL" as mention followin g. Where "X" is your system no.168. Ldapuser's home directory is i nstructor.example. D ownload the web page fromftp://instructor.com/ Download the certificate from "ftp://instructor.com".254) "Nfs exports" /home/gu ests to your system where "x" is your station ip. Questions 7 | BIND THE "LDAP" FOR USER AUTHENTICATION: Note the following. dont change the order lvresize and resize.example. Create a directory /data . The file /var/tmp/fstab is owned by the "root". with deny just that anonymous users should have acces s Questions 12 | CONFIGURE "web server": Configure your system as "web server" for the sitehttp://serverX.com .ldap in ldap comment all and type the following /home/guests auto. Ldapuser's home directory should b e automounted locally beneath at /home/guests/ldapuserx.com/updates/station.html Renam .dc=com ldap path ldap://instructor. or simply switch to users and try to make changes Questions 11 | CONFIGURE FTP SERVER: Configure FTP access from your system.0. --> yes done with system-configure-date or time dont know the exact name. Yes. notice.example. The file /var/tmp/fstab belon gs to the group "root" The file /var/tmp/fstab should not be executable by other 's. --> Yes matches.

html. Similiar installation as vsftpd packege name is httpd Dont forget to configure /etc/httpd/conf/httpd.99g [root@rhel01 ~]# vgdisplay open --.99g 7.19. Questions 16 | SEARCH FOR WORD: List all lines which have string "full" from "/usr/share/dict/words" file and co py the lines in /root/word. Consider the PE size as "8MB".Volume group --VG Name open System ID Format lvm2 Metadata Areas 1 Metadata Sequence No 1 VG Access read/write VG Status resizable MAX LV 0 Cur LV 0 Open LV 0 Max PV 0 . --> yes check first questions and create new logical/extended partition Questions 15 | LOCATE THE FILES: locate the files of owner "dax" and copy to the directory /root/found directory --> yes.com </VirtualHost> Questions 13 | ADD USERS: Create the user "dax" with uid 4223.7.html" page to the "doc ument root" Do not make any modifications to the content of index.example.html" Copy the "index.domainXX. --> simply todo for grep Questions 1 | CREATE LVM Create the "LVM" with the name "source" by using 26PE's from the volume group "o pen". root@rhel01 ~]# pvcreate /dev/sdc Writing physical volume data to disk "/dev/sdc" Physical volume "/dev/sdc" successfully created root@rhel01 ~]# vgcreate -s 8m open /dev/sdc Volume group "open" successfully created [root@rhel01 ~]# vgs VG #PV #LV #SN Attr VSize VFree VolGroup 1 2 0 wz--n.found. Mount it on /mnt/secret with filesystem vfa t. --> ok Questions 14 | EXTEND SWAP SPACE: Extend the SWAP space with "250" MB dont remove the existing swap.e the the downloaded page as "index. find / -user dax -exec cp -prf {} /dest_folder/ \.51g 0 open 1 0 0 wz--n.conf NameVirtualHost XX:80 <VirtualHost XX:80> DocumentRoot /var/www/html/ ServerName station.

99 GiB 8. Stripe width=0 blocks 51296 inodes.99 GiB QhlZRz-MAk1-5Y9y-UbYi-LaYS-41lF-KUEzeN lvm> lvcreate -L 8M -n source open Logical volume "source" created lvm> lvs LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert lv_root VolGroup -wi-ao-.51g lv_swap VolGroup -wi-ao-.00%) reserved for the super user First data block=0 Maximum filesystem blocks=209715200 7 block groups 32768 blocks per group.18. 98304.12 (17-May-2010) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks.00m [root@rhel01 ~]# mke2fs -t vfat /dev/open/source mke2fs 1. 163840 Writing inode tables: done Writing superblocks and filesystem accounting information: done [root@rhel01 ~]# mount /dev/open/source /mnt/secret/ Questions 2 | USER'S GROUPS AND PERMISSION: Create a group named "sysadmin" A user sarah and natasha should belongs to "mana ger" group as a secondary group . Question 2 Create a group named "sysadmin" #groupadd -q 25000 sysadmin A user sarah and natasha should belongs to "manager" group as a secondary group # groupadd -q 25001 manager # useradd -G manager sarah. A user harry should not have access to interac tive shell and he should not be a member of "manager" group. 204800 blocks 10240 blocks (5.passwd natasha A user harry should not have access to interactive shell and he should not be a member of "manager" group . 32768 fragments per group 7328 inodes per group Superblock backups stored on blocks: 32768. passwd for all user created should be "password".passwd sarah # useradd -G manager natasha.8.1.00g source open -wi-a--.Cur PV Act PV VG Size PE Size Total PE Alloc PE / Size Free PE / Size VG UUID 1 1 7.00 MiB 1023 0 / 0 1023 / 7.41.

00g source open -wi-ao-.com/ftp/updates.800. Look for harry and change "/bin/bash" to "/sbin/nologin".com/ftp/updates/kernel-2.el6.00m .deny and /etc/at..18.repos.120. [root@rhel01 ~]# lvs LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert lv_root VolGroup -wi-ao-. # mkdir /home/manager # chown nobody.51g lv_swap VolGroup -wi-ao-. we can get the related rpm from this ftp with wget for example: #wget ftp://instructor.den y Questions 6 | RESIZE LVM: Resize the lvm "/dev/vgsrv/home" (/dev/myvol/vo) so that after reboot size shoul d be in between 90MB to 120MB.51g lv_swap VolGroup -wi-ao-.example. save and exit.passwd harry #vi /etc/passwd. there are two ways: first.d/ Questions 5 | CRON JOB: The user sarah must configure a cron job that runs today at 14:23 today.00m home vgsrv -wi-a--.1.x86_64. You r machine should boot with updated kernel. The directory should b e have full permission for all members off "manager" group but not to any other users accept "root". adding a .useradd harry. we will use the command at: #at 1423 >/bin/echo "hyer" >EOT to deny max use cronjob we need tu include him in /etc/cron.00 MiB THIS MAY DESTROY YOUR DATA (filesystem etc. Since the job is specific and not periodically.manager /home/manager # chmod 2770 /home/manager Questions 4 | UPDATE THE KERNEL: Install the appropriate Kernel fromftp://instructor.) Do you really want to reduce home? [y/n]: y Reducing logical volume home to 120.el6.x86_64.example.1.32-XX.repo file in /etc/yum.200.rpm then we can install it: #rpm -ivh kernel-2.00g source open -wi-ao-.6. Files created under "/home/manager" should get the same gro up ownership is set to the "manager" group.00m [root@rhel01 ~]# lvresize /dev/vgsrv/home -L 120M WARNING: Reducing active logical volume to 120. Questions 3 | DIRECTORY COLLABORATION: Create the Directory "/home/manager" with the following characteristics.00m home vgsrv -wi-a--.rpm The second and fastest way is using yum: #yum update kernel This option needs to set this ftp as a local repository.00 MiB Logical volume home successfully resized [root@rhel01 ~]# lvs LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert lv_root VolGroup -wi-ao-.18.800.6. Group o wnership of "/home/manager" should go to "manager" group. and exe cutes "/bin/echo "hyer" and deny the user max for creating cronjob .32-XX.

The file /var/tmp/fstab belon gs to the group "root" The file /var/tmp/fstab should not be executable by other 's.com".168. Where "X" is your system no.0. other users (future and current) shuo ld be able to read /var/tmp/fstab. Questions 12 | CONFIGURE "web server": Configure your system as "web server" for the sitehttp://serverX.com .com(192.examp le. Ldapuser's home directory is i nstructor. Questions 9 | AUTOMOUNT THE HOME DIRECTORY FOR LDAPUSER Note the following. While login with any of the ldapuser then only home directory should accesible from your system that ld apuserx. Questions 15 | LOCATE THE FILES: locate the files of owner "dax" and copy to the directory /root/found directory Questions 16 | SEARCH FOR WORD: List all lines which have string "full" from "/usr/share/dict/words" file and co py the lines in /root/word.[root@rhel01 ~]# vgrename /dev/vgsrv /dev/myvol Volume group "vgsrv" successfully renamed to "myvol" [root@rhel01 ~]# lvrename /dev/myvol/home /dev/myvol/vo Renamed "home" to "vo" in volume group "myvol" Questions 7 | BIND THE "LDAP" FOR USER AUTHENTICATION: Note the following.html" page to the "doc ument root" Do not make any modifications to the content of index.example.com/ Download the certificate from "ftp://instructor. instructor.html Renam e the the downloaded page as "index.example.dc=com ldap path ldap://instructor.com/pub/EXAMPLECA-CERT"Ldap user should login into your system . Questions 13 | ADD USERS: Create the user "dax" with uid 4223. The user "sarah" should able to read and write to the file. Questions 10 | ACCESS CONTROL LIST: Copy the file /etc/fstab to /var/tmp and configure the "ACL" as mention followin g. Ldapuser's home directory should b e automounted locally beneath at /home/guests/ldapuserx.254) "Nfs exports" /home/gu ests to your system where "x" is your station ip.com/updates/station. Well.set default group a s ftp so that when content will be created under this dir group ftp will be inhe rited.example. The user "natash a" can neither read nor write to the file. useradd -u 4223 dax Questions 14 | EXTEND SWAP SPACE: Extend the SWAP space with "250" MB dont remove the existing swap.example.found.html. Clients within the remote. Questions 11 | CONFIGURE FTP SERVER: Configure FTP access from your system.test should not have anonomyous FTP access to your system.example.com:/home/guests/ldapuserx. first of all candidates will have to break the root password and set the p .example. D ownload the web page fromftp://instructor. The file /var/tmp/fstab is owned by the "root". BASE DN: dc=example.html" Copy the "index. Questions 8 | "NTP" CLIENT: Configure your system as "NTP" client for "instructor. Create a directory /data .

While installing also. But in the 3rd line. you have to connect to the repository. # Groupaddsysadmin # Useraddsaara # Useradd Natasha . Repository And after you configure the network. due to which repository wi ll not work. because there can be multiple package s. The –y switch will reduce your time as it will automat ically provide “yes” option to any user interaction required. u have to give the ftp path given for configuring the reposito ry. In a dditional information.assword to whatever is specified in the question paper.domain10. They will give an url which looks like this: ftp://redhat. Now carry out the following steps: [root@station]# vim /etc/yum. Q1. 2) When installing any package for a service.repo which stand s for repository linker file) Inside the file max. samba*. I will list the questions along with answers. In the 1st line. and who is not a member of sysadmin.Saara. After this u can give commands like: [root@station]# yum install –y samba* Always keep 2 things in mind: 1) Always use yum install –y. Ex: ftp*. use * for packages.d/ create a file with any name but the extension should be . Give: [root@station]# rpm –qa | grep <package name> In package name always use wildcard(*). .Create a group named sysadmin .A user Natasha who also belongs to sysadmin as a secondary group.domain10. Natasha and harry should all have the password of avaster.re pos.A user harry who does not have access to an interactive shell on the system. ssh*. nfs*.com/ftp/pub/updates/x86_64Server Be careful. That concludes the pre-requisites for you to attempt the main questions. . .example.example.d/max. This is a big mistake made by many candidates. first check whether the package is already installed.repo (Inside the directory /etc/yum.com/ftp/pub/updates/x86_64Server enabled=1 gpgcheck=0 Save & Quit the file (Use :wq) In the name field u can give any name. This basically perform s unattended installation with “yes” as default answer.repos.A user saarawho belongs to sysadmin as a secondary group. the spelling of server at the end starts with a capital S and not sm all s. Redhat will give instructions for configuration of the re pository.repo type in the following information: [Server] name=redhat baseurl=ftp://redhat. check twice and then give the following comman d to verify: [root@station]# yum repolist This command will show whether your repository has been configured correctly. Most will be correct. Create the following users. Just write down that url in the paper provided because copy and pas te will not work.ldap*. u can give any word. groups and group memberships: . Type the path very carefully.

Create a collaborative directory /shared/sysadmin with the following charact eristics: .ipv4. # uname –r # Wget ftp://instructor.com/ftpupdates/kernel* # Rpm –ivh kernel<TAB> # Vim /etc/grub. Thefollowing must also be met: .conf net. . # Mkdir -p /shared/sysadmin # Chgrpsysadmin /shared/sysadmin # Chmod g+s /shared/sysadmin # Chmod g+rwx /shared/sysadmin # Chmod o-rwx /shared/sysadmin Q3.(It is understood that root has access to all fi les and directories on the system).ip_forward=1 :wq #sysctl –p Q5.conf Check for default (0 or 1) "Just make sure that u execute the rpm -ivh command from the same directory whic h contains the new kernel just downloaded" Q4. # rpm –q cronie (it shows whether crond was installed or not) If its not installed # yum install cronie # service crond restart #chkconfig crond on # su – saara $ crontab –e 25 15 * * * /bin/echo “hello” Q6. vim /etc/sysctl. Enable IP forwarding. Resize the LVM(200MB)so that it should be in between 400MB to450MB. . writable and accessible to members of sysa dmin.The updated kernel is the default kernel when the system is rebooted. but not to any other user. (or) 130MB to 150MB.com/ftpu pdates.Group ownership of /shared/sysadmin is sysadmin. .The original kernel remains available and bootable on the system.The directory should be readable.# # # # # # Useradd –s /sbin/nologin harry Passwd saara Passwd Natasha Passwd harry Usermod –G sysadmin saara Usermod –G sysadmin natasha Q2.example./bin/echo hello. . The user saara must configure a cron job that runs daily at 15:25 local ti me and executes .Files created in /shared/sysadmin automatically have group ownership set to the sysadmin group. Install the appropriate kernel update from ftp://instructor.example.

example. Bind the LDAP for user authentication.example. .com/ . Note the following: . .dc=com .com/ tick use tls http://instructor.0. .example. Configure autofs to auto mount the home directories of LDAP users. Note the following: .Download the certificate from http://instructor.com/pub/EXAMPLE-CA-CERT authentication method LDAP password # getent passwd ldapuserx # service sssd restart # chkconfig sssd on ==================================================== Q8.example.Home directories must be writable by their users.dc=com ldap://instructor.168.Dc=station.Ldapuserx’s home directory should be automounted locally beneath /home as /hom e/ldapuserx. the only home directory that is accessible from your system is ldapuserx.instructor.example.guests # Vim /etc/auto.Ldapuserx’s home directory is instructor.ldapuserx should be able to log into your system. where is x is your station ip.example. # System-config-authentication User account LDAP Dc=station. # Vim /etc/auto. but will not have a home directory until you have completed the autofs req uirement.master /home/guests /etc/auto.guests LdapuserX -rw instructor.While you are able to log in as any of the users ldapuser1 through ldapuser2 0.com(192.For Extending: # lvs # df –h /dev/vgname/lvname # Lvextend –L +210M /dev/vgname/lvname (or) # Lvresize –L 420M /dev/vgname/lvname # Resize2fs –P /dev/vgname/lvname # df –h /dev/vgname/lvname # lvs (or) lvdisplay For Shrinking # # # # # # # # # lvs df –h /dev/vgname/lvname umount /dev/vgname/lvname e2fsck –f /dev/vgname/lvname Resize2fs /dev/vgname/lvname 150M Lvresize –L 150M /dev/vgname/lvname mount /dev/vgname/lvname df –h /dev/vgname/lvname Lvs (or) lvdisplay Q7. where x is your station nu mber.example. dc=example. dc=example.com/pub/EXAMPLE-CA-C ERT .Ldap path ldap://instructor.com:/home/guests/ldapuserx .com:/home/guests/ldapuserX # Service autofs reload .254) NFS-exports /home/guests to your syste m.

# # # # # # # Cp /etc/fstab /var/tmp/fstab Chown root /var/tmp/fstab Chgrp root /var/tmp/fstab Chmod 664 /var/tmp/fstab Setfacl –m u:saara:rw.All other users (current and future) have the ability to read /var/tmp/fstab ./var/tmp/fstab Setfacl –m o::r-. Copy the file /etc/fstab to /var/tmp./var/tmp/fstab Setfacl –m u:Natasha:--. .c om # System-config-date Synchronize date and time over network Add instructor. ./var/tmp/fstab ================================================================================ Q10. . Configure the permissions of /var/tm p/fstab so that: . .# Su – ldapuserX Q9.The user Natasha can neither write nor read /var/tmp/fstab.The file /var/tmp/fstab should not be executable by anyone.The file /var/tmp/fstab is owned by the root user.The file /var/tmp/fstab belongs to the group root.example.com in NTP server In advance speed up initial synchronize Ok .The user saara is able to read and write /var/tmp/fstab. Configure your system so that it is an NTP client of instructor.example. .

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer: Get 4 months of Scribd and The New York Times for just $1.87 per week!

Master Your Semester with a Special Offer from Scribd & The New York Times