You are on page 1of 6

If there are images in this attachment, they will not be displayed.

Download th
e
original attachment
RHCSA Exam Objectives (as of 30/03/2011)


Understand and Use Essential Tools


ACCESS A SHELL PROMPT AND ISSUE COMMANDS WITH CORRECT SYNTAX
Use /bin/sh -or- /bin/bash

USE INPUT-OUTPUT REDIRECTION (>, >>, |, 2>, ETC.)
stdout to file (>)
stderr to file (2>)
append to file (>>)
stderr to stdout (2>&1)
ex. iptables -L -n -v -x >> /tmp/ipt.out 2>&1 * redirect stdin and stdout to /tm
p/ipt.out

USE GREP AND REGULAR EXPRESSIONS TO ANALYZE TEXT
grep expr -or- egrep expr
ex. tail -f /var/log/messages | egrep *(kernel|error)* * only show lines contain
ing kernel or error
strings
ex. cat /etc/httpd/conf/httpd.conf | grep -v *^#* * omit lines starting with # c
haracter

ACCESS REMOTE SYSTEMS USING SSH AND VNC
SSH:
ssh user@host
VNC:
vncviewer host:display
vncviewer host::port

LOG IN AND SWITCH USERS IN MULTI-USER RUNLEVELS
su * user

ARCHIVE, COMPRESS, UNPACK AND UNCOMPRESS FILES USING TAR, STAR, GZIP,
AND BZIP2
Compress:
tar cfz archive.tar.gz infile1 infile2
ex. tar cfz /tmp/httpd_conf.tar.gz /etc/httpd
Uncompress:
tar xfz archive.tar.gz
The rest of the commands are similar. Use *help and read their man page

CREATE AND EDIT TEXT FILES
vim file -or- nano file


CREATE, DELETE, COPY AND MOVE FILES AND DIRECTORIES
Create/touch: touch file
ex. touch /tmp/i_was_here
Move/rename: mv srcfile dstfile
ex. mv /home/john/httpd.conf /etc/httpd/conf/httpd.conf
Remove: rm file
ex. rm /home/john/httpd.conf.old
Copy: cp srcfile dstfile
ex. cp httpd.conf httpd.conf.backup

CREATE HARD AND SOFT LINKS
Soft link: ln -s srcfile dstlink
ex. ln -s /mnt/data/docs /home/john/Desktop/documents * soft link from /mnt/data
/docs to
Desktop
Hard link: ln srcfile dstlink

LIST, SET AND CHANGE STANDARD UGO/RWX PERMISSIONS
List: ls -l
Change: chmod mode file
ex.
chmod u=rwx,g=rx,o=rx myscript.sh
chmod 755 myscript.sh
(755 is equivalent to u=rwx,g=rx,o=rx)

LOCATE, READ AND USE SYSTEM DOCUMENTATION INCLUDING MAN, INFO, AND
FILES IN /USR/SHARE/DOC
apropos keyword
whatis keyword
man -k keyword
man command
info command
fgrep -Ri keyword /usr/share/doc/package
Red Hat may use applications during the exam that are not included in RHEL for t
he purpose of
evaluating candidate*s abilities to meet this objective.

Operate Running Systems

BOOT, REBOOT, AND SHUT DOWN A SYSTEM NORMALLY
reboot
shutdown -h now

BOOT SYSTEMS INTO DIFFERENT RUNLEVELS MANUALLY
append 1 up to 5 to kernel boot options (press e in grub menu to edit a line)

USE SINGLE-USER MODE TO GAIN ACCESS TO A SYSTEM
append 1 to kernel boot options (press e in grub menu to edit a line)

IDENTIFY CPU/MEMORY INTENSIVE PROCESSES, ADJUST PROCESS PRIORITY
WITH RENICE, AND KILL PROCESSES
Identify: top (use shift-f to select sort column)
Adjust priority: renice -20|0|20 pid
Kill: kill -9 pid -or- killall -9 name -or- pkill -f expr

LOCATE AND INTERPRET SYSTEM LOG FILES
Look for logs in /var/log/.
/var/log/messages file is an important system log!

ACCESS A VIRTUAL MACHINE*S CONSOLE
virt-manager
OR virt-viewer
OR:
1. virsh vncdisplay domain
2. vncviewer localhost:display

START AND STOP VIRTUAL MACHINES
virt-manager
OR:
1. virsh start domain
2. virsh shutdown domain

START, STOP AND CHECK THE STATUS OF NETWORK SERVICES
service service_name stop
service service_name start
service service_name status
ex. service httpd stop * stop http server

Configure Local Storage

LIST, CREATE, DELETE AND SET PARTITION TYPE FOR PRIMARY, EXTENDED, AND
LOGICAL PARTITIONS
List: fdisk -l
Modify: cfdisk device -or- fdisk device -or- parted

CREATE AND REMOVE PHYSICAL VOLUMES, ASSIGN PHYSICAL VOLUMES TO
VOLUME GROUPS, CREATE AND DELETE LOGICAL VOLUMES
Physical volumes:
pvcreate *help
pvremove *help
Volume groups:
vgcreate *help
vgremove *help
Logical volumes:
lvcreate *help
lvremove *help

CREATE AND CONFIGURE LUKS-ENCRYPTED PARTITIONS AND LOGICAL
VOLUMES TO PROMPT FOR PASSWORD AND MOUNT A DECRYPTED FILE SYSTEM
AT BOOT
1. cryptsetup luksFormat device
2. cryptsetup luksOpen device mappername
3. mkfs.fs mappername
4. edit /etc/crypttab: mappername device none
1. (/etc/crypttab: use UUID or LABEL for device)
5. edit /etc/fstab: /dev/mapper/mappername /mpoint (*)

CONFIGURE SYSTEMS TO MOUNT FILE SYSTEMS AT BOOT BY UNIVERSALLY
UNIQUE ID (UUID) OR LABEL
Find a device*s UUID or LABEL:
blkid device
OR*ls -l /dev/disk/by-* | grep device
Edit /etc/fstab:
use LABEL=label or UUID=uuid to specify the device

ADD NEW PARTITIONS, LOGICAL VOLUMES AND SWAP TO A SYSTEM NON-
DESTRUCTIVELY
Create a partition:
cfdisk device -or- fdisk device -or- parted
Create a logical volume:
lvcreate *help
Add swap:
1. mkswap device
2. swapon device

Create and Configure File Systems

CREATE, MOUNT, UNMOUNT AND USE EXT2, EXT3 AND EXT4 FILE SYSTEMS
Create: mkfs.extfs
Mount: mount device /mpoint
Unmount: umount device

MOUNT, UNMOUNT AND USE LUKS-ENCRYPTED FILE SYSTEMS
1. cryptsetup luksOpen device mappername
2. mount /dev/mapper/mappername /mpoint
3. umount /dev/mapper/mappername
4. cryptsetup luksClose mappername

MOUNT AND UNMOUNT CIFS AND NFS NETWORK FILE SYSTEMS
Mount:
NFS: mount -t nfs host:/share /mpoint
CIFS: mount -t cifs -o *username=,password=* //host/share /mpoint
Unmount: umount /mpoint

CONFIGURE SYSTEMS TO MOUNT EXT4, LUKS-ENCRYPTED AND NETWORK FILE
SYSTEMS AUTOMATICALLY
Configure /etc/auto.*:
nfs: mpoint -rw,intr host:/remote/mpoint
device: mpoint -fstype=fstype :device

EXTEND EXISTING UNENCRYPTED EXT4-FORMATTED LOGICAL VOLUMES
lvresize *help -or- lvextend *help
ex. lvresize -L+1G lv * add 1G to lv

CREATE AND CONFIGURE SET-GID DIRECTORIES FOR COLLABORATION
1. chmod g+s dir
2. create group shared_grp
3. chgrp shared_grp dir
4. Add users to shared_grp

CREATE AND MANAGE ACCESS CONTROL LISTS (ACLS)
View acl: getfacl file
Modify: setfacl -m mode file
ex. setfacl -m u:john:rw /home/anna/prv_file
Remove: setfacl -x mode file

DIAGNOSE AND CORRECT FILE PERMISSION PROBLEMS
Diagnose:
ls -laZ
getfacl file
check /var/log/audit/audit.log for selinux errors
Fix:
chmod mode file
setfacl -m mode file

Deploy, Configure and Maintain Systems

CONFIGURE NETWORKING AND HOSTNAME RESOLUTION STATICALLY OR
DYNAMICALLY
Create static hostnames: /etc/hosts
Configure dns servers: /etc/resolv.conf
Manage resolution order: /etc/nsswitch.conf

SCHEDULE TASKS USING CRON
crontab -e
OR edit /etc/cron.*/file:
ex. vim /etc/cron.daily/mycron

CONFIGURE SYSTEMS TO BOOT INTO A SPECIFIC RUNLEVEL AUTOMATICALLY
Edit /etc/inittab and modify initdefault with values from 1..5

INSTALL RED HAT ENTERPRISE LINUX AUTOMATICALLY USING KICKSTART
Use kernel boot options:
linux ks=ftp/http://host/ks.cfg
linux ks=nfs:host:/ks.cfg
linux ks=cdrom:/dev/dir/ks.cfg
linux ks=hd:/dev/dir/ks.cfg
linux ks=file:/dev/dir/ks.cfg

CONFIGURE A PHYSICAL MACHINE TO HOST VIRTUAL GUESTS
Use virt-manager

INSTALL RED HAT ENTERPRISE LINUX SYSTEMS AS VIRTUAL GUESTS
Use virt-manager

CONFIGURE SYSTEMS TO LAUNCH VIRTUAL MACHINES AT BOOT
Use virt-manager -or- virsh autostart domain

CONFIGURE NETWORK SERVICES TO START AUTOMATICALLY AT BOOT
Configure: chkconfig service on -or- ntsysv
View startup services: chkconfig *list

CONFIGURE A SYSTEM TO RUN A DEFAULT CONFIGURATION HTTP SERVER
1. yum install httpd
2. service httpd start
3. chkconfig httpd on
4. update /etc/sysconfig/iptables (open port tcp 80)

CONFIGURE A SYSTEM TO RUN A DEFAULT CONFIGURATION FTP SERVER
1. yum install vsftpd
2. service vsftpd start
3. chkconfig vsftpd on
4. update /etc/sysconfig/iptables (open port tcp 21)

INSTALL AND UPDATE SOFTWARE PACKAGES FROM RED HAT NETWORK, A
REMOTE REPOSITORY, OR FROM THE LOCAL FILESYSTEM
yum search name
yum install package
yum update package

UPDATE THE KERNEL PACKAGE APPROPRIATELY TO ENSURE A BOOTABLE
SYSTEM
rpm -ivh new_kernel.rpm
OR yum install kernel

MODIFY THE SYSTEM BOOTLOADER
Edit /boot/grub/grub.conf
Manage Users and Groups

CREATE, DELETE, AND MODIFY LOCAL USER ACCOUNTS
Add: useradd
Delete: userdel
Modify: usermod
View /etc/passwd

CHANGE PASSWORDS AND ADJUST PASSWORD AGING FOR LOCAL USER
ACCOUNTS
Change password: passwd user
Change aging: chage -E YYYY-MM-DD user

CREATE, DELETE AND MODIFY LOCAL GROUPS AND GROUP MEMBERSHIPS
Add: groupadd
Delete: groupdel
Modify: groupmod
Memberships: edit /etc/group

CONFIGURE A SYSTEM TO USE AN EXISTING LDAP DIRECTORY SERVICE FOR
USER AND GROUP INFORMATION
Use*system-config-authentication

Manage Security

CONFIGURE FIREWALL SETTINGS USING SYSTEM-CONFIG-FIREWALL OR
IPTABLES
Insert: iptables -t TABLE -I CHAIN *
Append: iptables -t TABLE -A CHAIN *
Delete: iptables -t TABLE -D CHAIN *
Flush table: iptables -t TABLE -F
Save persistent changes to /etc/sysconfig/iptables

SET ENFORCING AND PERMISSIVE MODES FOR SELINUX
Persistent change:
/etc/selinux/config:
SELINUX=enforcing|permissiveCurrent session:
Non persistent change:
setenforce 1|0|enforcing|permissive

VIEW SELINUX STATUS:
Sestatus

LIST AND IDENTIFY SELINUX FILE AND PROCESS CONTEXT
ls -lZ
ps -efZ

RESTORE DEFAULT FILE CONTEXTS
restorecon -R*file

USE BOOLEAN SETTINGS TO MODIFY SYSTEM SELINUX SETTINGS
View booleans:
getsebool -a | grep keyword
OR*semanage boolean -l | grep keyword
Change booleans:
setsebool -P boolean on|off

DIAGNOSE AND ADDRESS ROUTINE SELINUX POLICY VIOLATIONS
Diagnose:
/var/log/audit/audit.log
/var/log/messages
view service logs
sealert
Fix:
audit2allow
setsebool -P boolean on|off