Professional Documents
Culture Documents
Rhcsafinal 131112062655 Phpapp02 PDF
Rhcsafinal 131112062655 Phpapp02 PDF
RHCE Questions
You will note that some requirements specify that a service should not be available from the DNS
domain cracker.org. All systems in that domain are in the
172.24.0.0/255.255.0.0 subnet, and all systems in that subnet are in cracker.org.
1. Create a repositary for
http://station.domain254.example.com/pub/rhel6/dvd
Ans:
[root@krishna ~]# vi /etc/yum.repo.d/sample.repo
[rhec]
baseurl=http://station.domainx.example.com/pub/rhel6/dvd
gpgckeck=0
save& quit
[root@krishna ~]# yum clean all
[root@krishna ~]# yum list all
2. Configure SELINUX
The machine should be running in enforcing mode
[root@krishna ~]# vi /etc/selinux/config
[root@krishna ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing SELinux security policy is enforced.
# permissive SELinux prints warnings instead of enforcing.
# disabled No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted Targeted processes are protected,
# mls Multi Level Security protection.
SELINUXTYPE=targeted
3. Cronfigure Cron deny
[root@krishna ~]# yum install cron* y
Loaded plugins: fastestmirror, refreshpackagekit, security
Loading mirror speeds from cached hostfile
* base: centosmirror.go4hosting.in
* extras: mirrors.digipower.vn
* updates: centosmirror.go4hosting.in
Setting up Install Process
Package crontabs1.1033.el6.noarch already installed and latest version
Package cronieanacron1.4.47.el6.x86_64 already installed and latest version
Package cronie1.4.47.el6.x86_64 already installed and latest version
Resolving Dependencies
Transaction Test Succeeded
Running Transaction
Installing : cronienoanacron1.4.47.el6.x86_64 1/1
Verifying : cronienoanacron1.4.47.el6.x86_64 1/1
Installed:
cronienoanacron.x86_64 0:1.4.47.el6
Complete!
[root@krishna ~]# vi /etc/cron.deny
[root@krishna ~]# cat /etc/cron.deny
Lason
root@krishna ~]# chkconfig crond on
[root@krishna ~]# service crond restart
Stopping crond: [ OK ]
Starting crond: [ OK ]
Configure a cron access Lason should not be allowed to use cron
Note:This restriction must not affect any other user
4 .Configure Boot Parameter
Modify your system ,so that when it boots the parameter.kernstack is set to value of [1].
[root@krishna ~]# cat /etc/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuzversion ro root=/dev/mapper/vg_krishnalv_root
# initrd /initrd[generic]version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.32358.23.2.el6.x86_64)
root (hd0,0)
kernel /vmlinuz2.6.32358.23.2.el6.x86_64 ro root=/dev/mapper/vg_krishnalv_root
rd_NO_LUKS rd_LVM_LV=vg_krishna/lv_swap rd_NO_MD SYSFONT=latarcyrhebsun16
crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_LVM_LV=vg_krishna/lv_root
rd_NO_DM LANG=en_US.UTF8 rhgb quiet
initrd /initramfs2.6.32358.23.2.el6.x86_64.img
title CentOS (2.6.32358.el6.x86_64)
root (hd0,0)
kernel /vmlinuz2.6.32358.el6.x86_64 ro root=/dev/mapper/vg_krishnalv_root
rd_NO_LUKS rd_LVM_LV=vg_krishna/lv_swap rd_NO_MD SYSFONT=latarcyrhebsun16
crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us kernstack=1
rd_LVM_LV=vg_krishna/lv_root rd_NO_DM LANG=en_US.UTF8 rhgb quiet
initrd /initramfs2.6.32358.el6.x86_64.img
Note:your changes should be visible from /proc/cmdline.
[root@krishna ~]# cat /proc/cmdline
ro root=/dev/mapper/vg_krishnalv_root rd_NO_LUKS rd_LVM_LV=vg_krishna/lv_swap
rd_NO_MD SYSFONT=latarcyrhebsun16 KEYBOARDTYPE=pc KEYTABLE=us
rd_LVM_LV=vg_krishna/lv_root rd_NO_DM LANG=en_US.UTF8 rhgb quiet krenstack=1
5.Mount An IMAGE FILE
[root@krishna ~]# mkdir /mnt/iso
configure your system so that the filesystem image located in
/root/test.iso is automatically mount on /mnt/container at system
boot time
[root@krishna ~]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Mon Dec 31 19:08:36 2001
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/vg_krishnalv_root / ext4 defaults 1 1
UUID=013007475655408b93d266c4ced493d6 /boot ext4 defaults 1 2
/dev/mapper/vg_krishnalv_home /home ext4 defaults 1 2
/dev/mapper/vg_krishnalv_swap swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/root/CentOS6.4x86_64binDVD1.iso /mnt/iso iso9660 loop 0 0
[root@krishna ~]# mkdir /mnt/iso
[root@krishna ~]# mount a
[root@krishna ~]# df h
6. Configure a FTP access
Implement An FTP server for the following requirements.
(i)The FTP server allows anonymous file downloads from /var/ftp/pub
(ii)The clients outside the example.com should not have the anonymous FTP access
in your machine
[root@krishna ~]# yum install vsftp* y
Loaded plugins: fastestmirror, refreshpackagekit, security
Loading mirror speeds from cached hostfile
* base: centosmirror.go4hosting.in
* extras: mirrors.digipower.vn
* updates: centosmirror.go4hosting.in
Setting up Install Process
Resolving Dependencies
> Running transaction check
> Package ftp.x86_64 0:0.1753.el6 will be installed
> Finished Dependency Resolution
Transaction Test Succeeded
Running Transaction
Installing : vsftp0.1753.el6.x86_64 1/1
Verifying : vsftp0.1753.el6.x86_64 1/1
Installed:
vsftp.x86_64 0:0.1753.el6
Complete!
[root@krishna ~]# chkconfig vsftpd on
[root@krishna ~]# service vsftpd start
Starting vsftpd for vsftpd: [ OK ]
[root@krishna ~]# cat /etc/vsftpd/vsftpd.conf
# Example config file /etc/vsftpd/vsftpd.conf
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware allowed by default if you comment this out).
anonymous_enable=YES
[root@krishna ~]# getsebool a | grep ftp
allow_ftpd_anon_write > off
allow_ftpd_full_access > off
allow_ftpd_use_cifs > off
allow_ftpd_use_nfs > off
ftp_home_dir > off
[root@krishna ~]# setsebool P allow_ftpd_full_access on
[root@krishna ~]# getsebool a | grep ftp
allow_ftpd_anon_write > off
allow_ftpd_full_access > on
allow_ftpd_use_cifs > off
[root@krishna ~]# vi /etc/hosts.deny
#
# hosts.deny This file contains access rules which are used to
# deny connections to network services that either use
# the tcp_wrappers library or that have been
# started through a tcp_wrappersenabled xinetd.
#
# The rules in this file can also be set up in
# /etc/hosts.allow with a 'deny' option instead.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#
vsftpd: ALL EXCEPT 192.168.1.0/255.255.255.0
7.Configure an Email alias
[root@krishna ~]# yum install postfix* y
Loaded plugins: fastestmirror, refreshpackagekit, security
Loading mirror speeds from cached hostfile
* base: centosmirror.go4hosting.in
* extras: mirrors.digipower.vn
* updates: centosmirror.go4hosting.in
Setting up Install Process
Package 2:postfix2.6.62.2.el6_1.x86_64 already installed and latest version
Resolving Dependencies
> Running transaction check
> Package postfixperlscripts.x86_64 2:2.6.62.2.el6_1 will be installed
> Processing Dependency: perl(Date::Calc) for package: 2:postfixperlscripts2.6.6
2.2.el6_1.x86_64
> Running transaction check
> Package perlDateCalc.noarch 0:6.32.el6 will be installed
> Processing Dependency: perl(Bit::Vector) >= 7.1 for package: perlDateCalc6.3
2.el6.noarch
Running Transaction
Installing : perlCarpClan6.032.el6.noarch 1/4
Installing : perlBitVector7.12.el6.x86_64 2/4
Installing : perlDateCalc6.32.el6.noarch 3/4
Installing : 2:postfixperlscripts2.6.62.2.el6_1.x86_64 4/4
Verifying : perlCarpClan6.032.el6.noarch 1/4
Verifying : perlBitVector7.12.el6.x86_64 2/4
Verifying : perlDateCalc6.32.el6.noarch 3/4
Verifying : 2:postfixperlscripts2.6.62.2.el6_1.x86_64 4/4
Installed:
postfixperlscripts.x86_64 2:2.6.62.2.el6_1
Dependency Installed:
perlBitVector.x86_64 0:7.12.el6 perlCarpClan.noarch 0:6.032.el6
perlDateCalc.noarch 0:6.32.el6
Complete!
[root@krishna ~]# cat /etc/postfix/main.cf
# See also the proxy_interfaces parameter, for network addresses that
# are forwarded to us via a proxy or network address translator.
#
# Note: you need to stop/start Postfix when this parameter changes.
#
inet_interfaces = all
#inet_interfaces = $myhostname
#inet_interfaces = $myhostname, localhost
#inet_interfaces = localhost
# Enable IPv4, and IPv6 if supported
inet_protocols = all
confiure an email alias for your MTA such that the mail sent to gls is receiced by the local
user "anand"
[root@krishna ~]# cat /etc/aliases
webmaster: root
noc: root
security: root
hostmaster: root
info: postmaster
marketing: postmaster
sales: postmaster
support: postmaster
gls: anand
7.1 Configure a group email alias
configure an email alias for your MTA.such that mail sent to(acct)is received by the local
users
(i)anand,sasi,Rajkumar
[root@krishna ~]# cat /etc/aliases
marketing: postmaster
sales: postmaster
support: postmaster
gls: anand
acct: anand,sasi,Rajkumar
[root@krishna ~]# chkconfig postfix on
[root@krishna ~]# service postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
7.1 Configure SMTP
configure your system to provide SMTP mail service according to the following
requirements
(i)your mail server should accept mail from remote hosts and local host.
(ii)harry must able to receive mail from remote hosts
iii)mail delivered to harry should spool into the default mail
spool for harry,/var/spool/mail/harry
[root@krishna ~]# mail sasi
Subject: hi
h r u
EOT
[root@krishna ~]# cat /var/spool/mail/sasi
From root@krishna.localdomain Mon Nov 11 15:10:37 2013
ReturnPath: <root@krishna.localdomain>
XOriginalTo: sasi
DeliveredTo: sasi@krishna.localdomain
Received: by krishna.localdomain (Postfix, from userid 0)
id B70F01A0198; Mon, 11 Nov 2013 15:10:37 0500 (EST)
Date: Mon, 11 Nov 2013 15:10:37 0500
To: sasi@krishna.localdomain
Subject: hi
UserAgent: Heirloom mailx 12.4 7/29/08
MIMEVersion: 1.0
ContentType: text/plain; charset=usascii
ContentTransferEncoding: 7bit
MessageId: <20131111201037.B70F01A0198@krishna.localdomain>
From: root@krishna.localdomain (root)
h r u
8. [root@krishna ~]# yum install nfs* y
Loaded plugins: fastestmirror, refreshpackagekit, security
Loading mirror speeds from cached hostfile
* base: centosmirror.go4hosting.in
* extras: mirrors.digipower.vn
* updates: centosmirror.go4hosting.in
Setting up Install Process
Package nfsutilslib1.1.56.el6.x86_64 already installed and latest version
Package 1:nfsutils1.2.336.el6.x86_64 already installed and latest version
Package nfs4acltools0.3.36.el6.x86_64 already installed and latest version
Resolving Dependencies
> Running transaction check
> Package nfsutilslibdevel.x86_64 0:1.1.56.el6 will be installed
> Processing Dependency: pkgconfig(libgssglue) for package: nfsutilslibdevel1.1.5
6.el6.x86_64
> Running transaction check
> Package libgssgluedevel.x86_64 0:0.111.el6 will be installed
Running Transaction
Installing : libgssgluedevel0.111.el6.x86_64 1/2
Installing : nfsutilslibdevel1.1.56.el6.x86_64 2/2
Verifying : nfsutilslibdevel1.1.56.el6.x86_64 1/2
Verifying : libgssgluedevel0.111.el6.x86_64 2/2
Installed:
nfsutilslibdevel.x86_64 0:1.1.56.el6
Dependency Installed:
libgssgluedevel.x86_64 0:0.111.el6
Complete!
[root@krishna ~]# chkconfig nfs on
[root@krishna ~]# service nfs restart
Shutting down NFS daemon: [FAILED]
Shutting down NFS mountd: [FAILED]
Shutting down NFS quotas: [FAILED]
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS mountd: [ OK ]
Stopping RPC idmapd: [ OK ]
Starting RPC idmapd: [ OK ]
Starting NFS daemon: [ OK ]
[root@krishna ~]# service nfs restart
Shutting down NFS daemon: [ OK ]
Shutting down NFS mountd: [ OK ]
Shutting down NFS quotas: [ OK ]
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS mountd: [ OK ]
Stopping RPC idmapd: [ OK ]
Starting RPC idmapd: [ OK ]
Starting NFS daemon: [ OK ]
[root@krishna ~]# service nfslock restart
Stopping NFS locking: [ OK ]
Stopping NFS statd: [ OK ]
Starting NFS statd: [ OK ]
(i)export your /common directory via NFS to the example.com domain or ip
[root@krishna ~]# mkdir /common
[root@krishna ~]# vi /etc/export
/common 192.168.0.0/255.255.255.0(wr)
[root@krishna ~]# exportfs a
[root@krishna ~]# service nfs restart
Shutting down NFS daemon: [ OK ]
Shutting down NFS mountd: [ OK ]
Shutting down NFS quotas: [ OK ]
Shutting down NFS services: [ OK ]
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS mountd: [ OK ]
Stopping RPC idmapd: [ OK ]
Starting RPC idmapd: [ OK ]
Starting NFS daemon: [ OK ]
[root@krishna ~]# service nfslock restart
Stopping NFS locking: [ OK ]
Stopping NFS statd: [ OK ]
Starting NFS statd: [ OK ]
Client side
[root@vrndavan ~]# mkdir /var/ftp
[root@vrndavan ~]# mount t nfs 192.168.1.71:/common/ /var/nfs/
[root@vrndavan ~]# mount
/dev/mapper/vg_vrndavanlv_root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
/dev/mapper/vg_vrndavanlv_home on /home type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nfsd on /proc/fs/nfsd type nfsd (rw)
192.168.1.71:/common/ on /var/nfs type nfs
(rw,vers=4,addr=192.168.1.71,clientaddr=192.168.1.70)
[root@vrndavan ~]# vi /etc/fstab
[root@vrndavan nfs]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Wed Aug 14 22:46:20 2013
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/vg_vrndavanlv_root / ext4 defaults 1 1
UUID=638d1e1acc4c402da3dc7fbee2ecafe9 /boot ext4 defaults 1 2
/dev/mapper/vg_vrndavanlv_home /home ext4 defaults 1 2
/dev/mapper/vg_vrndavanlv_swap swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
192.168.1.71:/common /var/nfs/ nfs rw,sync,hard,intr 0 0
Note:Because you will not have root access you will not be able directly mount your
exported
/common directory on your virtual system,however autofs is running on your physical
[root@vrndavan ~]# mount
/dev/mapper/vg_vrndavanlv_root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/sda1 on /boot type ext4 (rw)
/dev/mapper/vg_vrndavanlv_home on /home type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nfsd on /proc/fs/nfsd type nfsd (rw)
192.168.1.71:/common/ on /var/nfs type nfs
(rw,vers=4,addr=192.168.1.71,clientaddr=192.168.1.70)
[root@vrndavan ~]# df h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_vrndavanlv_root
50G 35G 13G 75% /
tmpfs 1.9G 900K 1.9G 1% /dev/shm
/dev/sda1 485M 93M 368M 21% /boot
/dev/mapper/vg_vrndavanlv_home
176G 6.8G 161G 5% /home
192.168.1.71:/common/
50G 9.5G 38G 21% /var/nfs
9 .SAMBA
– Your SMB server must be a member of the SMBGROUP workgroup
– The share’s name must be common
– The common share must be available to example.com domain clients only
– The common share must be browseable
– GNANA must have read access to the share, authenticating with the same
password
[root@krishna ~]# yum install samba* y
Loaded plugins: fastestmirror, refreshpackagekit, security
Loading mirror speeds from cached hostfile
* base: centosmirror.go4hosting.in
* extras: mirrors.digipower.vn
* updates: centosmirror.go4hosting.in
Setting up Install Process
Package sambacommon3.6.9151.el6_4.1.x86_64 already installed and latest version
Package samba4libs4.0.055.el6.rc4.x86_64 already installed and latest version
Package sambaclient3.6.9151.el6_4.1.x86_64 already installed and latest version
Package sambawinbind3.6.9151.el6_4.1.x86_64 already installed and latest version
Package sambawinbindclients3.6.9151.el6_4.1.x86_64 already installed and latest version
Resolving Dependencies
> Running transaction check
> Package samba.x86_64 0:3.6.9151.el6_4.1 will be installed
> Package sambadoc.x86_64 0:3.6.9151.el6_4.1 will be installed
> Package sambadomainjoingui.x86_64 0:3.6.9151.el6_4.1 will be installed
> Package sambaswat.x86_64 0:3.6.9151.el6_4.1 will be installed
> Processing Dependency: xinetd for package: sambaswat3.6.9151.el6_4.1.x86_64
> Package sambawinbinddevel.x86_64 0:3.6.9151.el6_4.1 will be installed
> Package sambawinbindkrb5locator.x86_64 0:3.6.9151.el6_4.1 will be installed
> Package samba4.x86_64 0:4.0.055.el6.rc4 will be installed
> Package samba4client.x86_64 0:4.0.055.el6.rc4 will be installed
> Package samba4common.x86_64 0:4.0.055.el6.rc4 will be installed
> Package samba4dc.x86_64 0:4.0.055.el6.rc4 will be installed
Total download size: 5.0 M
Installed size: 18 M
Downloading Packages:
samba3.6.9151.el6_4.1.x86_64.rpm | 5.0 MB 02:17
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : samba3.6.9151.el6_4.1.x86_64 1/1
Verifying : samba3.6.9151.el6_4.1.x86_64 1/1
Installed:
samba.x86_64 0:3.6.9151.el6_4.1
Complete!
[root@vrndavan ~]# chkconfig smb on
[root@vrndavan ~]# chkconfig nmb on
[root@vrndavan ~]#service smb restart
[root@vrndavan ~]#service nmb restart
[root@vrndavan ~]# vi /etc/samba/smb.conf
workgroup = SMBGROUP
server string = Samba Server Version %v
; netbios name = MYSERVER
; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
hosts allow = 192.168.1.0/24
[samba]
path = /samba
browseable = yes
write list = no
[root@krishna ~]# useradd gnana
[root@krishna ~]# passwd gnana
Changing password for user gnana.
New password:
BAD PASSWORD: it is too short
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
[root@krishna ~]# smbpasswd a gnana
New SMB password:
Retype new SMB password:
Added user gnana.
[root@krishna ~]# smbpasswd e gnana
Enabled user gnana.
[root@krishna ~]#
[root@krishna ~]# getsebool a | grep samba
samba_create_home_dirs > off
samba_domain_controller > off
samba_enable_home_dirs > off
samba_export_all_ro > off
[root@krishna ~]# setsebool P samba_enable_home_dirs on
[root@krishna ~]# getsebool a | grep samba
samba_create_home_dirs > off
samba_domain_controller > off
samba_enable_home_dirs > on
samba_export_all_ro > off
samba_export_all_rw > off
samba_portmapper > off
samba_run_unconfined > off
samba_share_fusefs > off
samba_share_nfs > off
sanlock_use_samba > off
use_samba_home_dirs > off
virt_use_samba > off
[root@krishna ~]# chcon R t samba_share_t /samba/
[root@krishna ~]# service smb restart
Shutting down SMB services: [ OK ]
Starting SMB services: [ OK ]
[root@krishna ~]# service nmb restart
Shutting down NMB services: [ OK ]
Starting NMB services: [ OK ]
ssh server
– susan has remote SSH access to your machine from within example.com
– Clients within cracker.org should NOT have access to ssh on your system
[root@krishna ~]# yum install openssh* y
[root@krishna ~]# chkconfig sshd on
[root@krishna ~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[root@krishna ~]# vi /etc/host
host.conf hosts hosts.allow hosts.deny
[root@krishna ~]# vi /etc/hosts.deny
[root@krishna ~]# cat /etc/hosts.deny
sshd: 172.24.0.0/255.255.255.0
10. IP Forwarding
– Enable IP forwarding
[root@krishna ~]# vi /etc/sysctl.conf
[root@krishna ~]# service network restart
[root@krishna ~]# cat /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multithreaded applications.
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
# Disable netfilter on bridges.
net.bridge.bridgenfcallip6tables = 0
net.bridge.bridgenfcalliptables = 0
net.bridge.bridgenfcallarptables = 0
# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536
# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
11.HTTP SERVER
[root@krishna ~]# yum install http*
Loaded plugins: fastestmirror, refreshpackagekit, security
Loading mirror speeds from cached hostfile
* base: centosmirror.go4hosting.in
* extras: mirrors.digipower.vn
* updates: centosmirror.go4hosting.in
Setting up Install Process
Package httpd2.2.1529.el6.centos.x86_64 already installed and latest version
Package httpdtools2.2.1529.el6.centos.x86_64 already installed and latest version
Resolving Dependencies
> Running transaction check
> Package httpddevel.x86_64 0:2.2.1529.el6.centos will be installed
> Processing Dependency: aprutildevel for package: httpddevel2.2.1529.el6.centos.x86_64
> Processing Dependency: aprdevel for package: httpddevel2.2.1529.el6.centos.x86_64
Verifying : expatdevel2.0.111.el6_2.x86_64 5/5
Installed:
httpddevel.x86_64 0:2.2.1529.el6.centos
httpdmanual.noarch 0:2.2.1529.el6.centos
Dependency Installed:
aprdevel.x86_64 0:1.3.95.el6_2
aprutildevel.x86_64 0:1.3.93.el6_0.1
expatdevel.x86_64 0:2.0.111.el6_2
Complete!
[root@krishna ~]# chkconfig httpd on
[root@krishna ~]# service httpd restart
Stopping httpd: [FAILED]
Starting httpd: httpd: apr_sockaddr_info_get() failed for krishna
httpd: Could not reliably determine the server's fully qualified domain name, using
127.0.0.1 for ServerName
[ OK ]
[root@krishna ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: httpd: apr_sockaddr_info_get() failed for krishna
httpd: Could not reliably determine the server's fully qualified domain name, using
127.0.0.1 for ServerName
[ OK ]
* Web Server
–Implement a web server for the site http://station.domainX.example.com,
Then perform the following steps:
– Download ftp://station.domain254.example.com/pub/rhce/station.html
– Rename the downloaded file to index.html
– Copy this index.html to the DocumentRoot of your web server
– Do NOT make any modifications to the content of index.html
* create a script under /root/case that provides the following details:
i) when run as /root/case KERNEL it produces the output "USER".
ii) when run as /root/case USER ,it produces the output "KERNEL".
iii) when run without argrument or any other argument, other than KERNEL or USER it sends
the following
output "KERNEL USER"
script
#! /bin/bash
Case “$@” in
KERNEL)echo “USER”;;
USER) echo “KERNEL”;;
*)echo “KERNEL USER”;;
Casc
[root@krishna ~]# chmod u+x script
[root@krishna ~]# ./seript