This action might not be possible to undo. Are you sure you want to continue?
PAPER AND ANSWERS Duration: 3 hours SECTION 1---Troubleshooting and System Maintenance Start your pc in Single usermode and set one password for user root . (No dictionary word,Min.8Char.) The System loaded to graphics mode manually. Then, you saw a Question paper link in Dektop and Open that link. Sometimes Graphical mode is in error. Then you login your pc in text mode #vi /e tc/inittab line no. 18 id:5:initdefault remove # symbol of the last line(by default no #symbol) :wq #service xfs restart #chattr -i /etc/X11/xorg.conf #system-config-display Open t erminal in Graphics mode and type hostname command for checking your machine hostn ame 1. The examiner can log into your system as root using the passwordu X 4L 7j W R. The home directory must be /root. Ans:#pwconv passwd command for changing roo tpassword 2. ping 192.168.0.254 is successful, and your system uses static networking as d escribed in /root/network.txt Ans:#cat /etc/network.txt Then read ip,subnet mask ,gateway and dns addresses type system-config-network enter ip,subnet mask and gateway? apply? ok #vi /etc/resolv.conf nameserver <dns ip address> :wq #service network restart 3. dig server1.example.com successfully resolves that hostname using DNS Ans: it s dns problem. Already configured in 2nd questn. 4. Your system has a new 300MB partition mounted under /mnt/policy with a 300MB ext3 filesystem. Note: because partition sizes are seldom exactly what is specif ied when they are created, anything within the range of 275 to 375MB is acceptab le . Ans:fdisk l fdisk /dev/hda type n button?enter first cylindersize: enter last c ylindersize:+300M?enter type w for save and exit #partprobe #mkfs.ext3 /dev/hda10(new partition) #mkdir /mnt/policy #vi /etc/fstab type /dev/hda10 /mnt/policy auto defaults 0 0 :wq #mount a #df (display mounted partition size information) 5.Services:(T05) the requirement described in /root/services is met Ans:#cat /ro ot/services #vim /etc/exports /documents *(rw,sync) :wq #service portmap restart #service nfs restart 6.Wildcard:(T06) the requirement described in /root/wildcard is met Ans:#cat /et c/wildcard #vim /etc/fstab edit home entry line. /dev/hda10 /home auto defaults, usrquota 0 0 :wq #mount o remount /home #mount #quotacheck c /home #quotaon /home 7. Storage:(T10) the requirement described in /root/lvm is met Ans:#cat /root/servi ces #lvdisplay umount logical volume #lvextend -L+80M /dev/vol/homevol #resize2f s /dev/vol/homevol mount logical volume SECTION2---Installation and Configuratio n 1.Install the dialog RPM package using YUM. (optional) YUM ftp://server1.examp le.com/pub/Server Ans:#cd /etc/yum.repos.d #cp rhel-deguginfo.repo abc.repo #vim abc.repo change base url line and enabled yum baseurl=ftp://server1.example.com/p ub/Server enabled = 0? 1 (change to 1) :wq #yum install dialog* 2.Create the fol lowing users, groups, and group memberships: A group named usergroup
paula. and mario should all have the password of password Ans :#groupadd u sergroup #useradd tony #useradd paula #gpasswd -a tony usergroup #gpasswd -a pau la usergroup #useradd -s /bin/nologin Mario #passwd tony New password:pa ssw o rd Retype password:p assw or d 3.example.com Login: anonymous password: <none> ftp> cd pub/updates #ftp>ls #ftp>get <kernel RPM name> #ftp>bye #ls #rpm ivh <kernel RPM name> OR #rpm -ivh ftp://server1.com Printername= station4 forward ?select Generic ?forward?select Text Only from Models?forward?Apply Select printer nam e(station4) in side bar? click Make Default Printer and Print test page close #service cups restart #chkconfig network on #chkconfig cups on 7. but not to any other user.ipv4. where x is your station number.text only print queue. .example. Ans:#vi /etc/s ysctl.Set up the default local print queue to forward jobs to the IPP (CUPS) print queuestationxo nserver1.example.c om/pub/updates.com.example. Create a collaborative directory /common/usergroup with the following charact eristics: Group ownership of /common/usergroup is usergroup The directory should be readable.A user who tony belongs to usergroup as a secondary group A user paula who also belongs to usergroup as a secondary group A user mario who does not have access to an interactive shell on the system.) Files created in /common/usergroup automatically have group ownership set to the usergroup Group Ans:mkdir /common/usergroup chgrp usergroup /common/usergroup chmod 2770 /common /usergroup 4. and who is not a member of usergroup tony. Enable IP forwarding on your machine.co nf Change default is 0 :wq 5.example. Install the appropriate kernel update from ftp://server1. writable. Note: The queue stationx on server1 dumps print jo bs into the file http://server1/printers/stationx. This file can be examined to confirm that you have configured the print queue correctly.168. Ans:Open new termina l? type service cups restart ?enter type system-config-printer ?enter?click New Printer type printer name as station4 ?forward select internet printing protocol and type Hos tname and Domainname Hostname= server1. Configure this printer as G eneric.ip_forward=0 ---? 1 (change to 1) :wq 6. Note the following: nisuserx should be able to log into your system. The following criteria must also be met: The updated kernel is the default kernel when the system is rebooted The original kernel remains available and bootable on the system Ans:#ftp server1.254 for user authentication.conf line no. Bind to the NIS domain GELATO pr ovided by 192.0. (It is understood that root has access to all files and director ies on the system. The user tony must configure a cron job that runs daily at 16:45 local time a nd executes /bin/echo ciao Ans:#crontab -e -u tony 45 16 * * * /bin/echo ciao :w q #service crond restart #chkconfig crond on 8. and accessible to members of usergro up.com/pub/updates/kernel* Then #vi /etc/grub.7 net. where x is your station number.
Ans:#vi /etc/auto.254) NFS-exports /rhome/stationx to your syste m. Note the followin g: server1.254 ok login your user (eg:username is nisuser10.168.0/255.0. Copy the file /etc/fstab to /var/tmp.com Ans: Open terminal?type system-config-date select Network Time Protocol ?click enable netwo rk time protocol ?delete all entries click Add button?type server1.example.misc move to last line and type this nisuser10 .1. the file /var/tmp/fstab belongs to the group root.1. Co nfigure autofs to automount the home directories of NIS users.0/255. We are using tw o Networks in this section. the user tony is able to read and write /var/tmp/fstab the user paula can neither write nor read /var/tmp/fstab all other users (current or future) have the ability to read /var/tmp/fstab.com:/rhome/stationx/nisuserx nisuserx's home directory should be automounted locally beneath /rhome as /rhome /nisuserx home directories must be writable by their users While you are able to log in as any of the users nisuser1 through nisuser20. Networks and dns names are mentioned below 192.168.255.0 .255.168.254:/rhome/station10/nisuser10 :wq #service autofs restart #chkconfig autofs on Login your user . Ans:#cp /etc/fstab /var/tmp #ls .example. the file /var/tmp/fstab should not be executable by anyone.deny s shd:192.0 :wq #vi /etc/hosts.0.0 my133t.255.com 192.255.255.master move to end line and type /rhome /etc/auto.allow sshd:192. Configure the permissions of /var/tmp/ fstab so that the file /var/tmp/fstab is owned by the root user.misc :wq #vi /etc/auto.org 22.214.171.124.255.0.0 :wq .Configure SSH access as follows: paula has remote SSH access to your machine from within examp le.Configure your system so that it is an NTP client of server1.-rw.com and clic k enter button Then click show advanced option ?enable synchronize system clock before starting service and disable use local time source ?ok RHCE (Network Services and S ecurity) Requirements SELinux must be running in Enforcing mode.0 example. where x is your station number nisuserx's home directory is server1.0/255.255.l /var/tmp/fstab #setfacl m u:tony:rw /var/tmp/fstab #setfacl m u:paula:0 /var/tmp/fstab #chmod 644 /var/tmp/fstab #umask 022 11.168.255.example.org should NOT have access to ssh on your system An s:#service sshd restart #iptables -A INPUT -p tcp -s 192.168. is 10) and password isp a ssw o rd we can t get home directory 9.0 -dport 22 -j REJECT #service iptables save #service iptables restart OR #vi /etc/hosts.com (192.168.if you r station no.com Clients within my133t.0/255.1.then we get home directory of that particu lar user 10.0. the only home directory that is accessible from your system is nisuserx.sync 192.0/255.but will not have a home directory until you have completed the autofs requirement below All NIS users have a password of password Ans:#authconf ig-tui click Use NIS ?Next type Domain name and server address Domain GELATO Server 192.example.255.
example.com Cli ents within the my133t.example. then perform the following steps: Download ftp://ser ver1. authenticating with the same password password.Export your /common directory via NF S to the example.html Copy this index. co m?e n te r 6.deny vsftpd:ALL EXCEPT 192.com/pub/rhce/station.com-access_log common </Virtual Host> :wq #service httpd restart #chkconfig httpd on Open Mozilla Web Browser typeh tt p:/ /sta tio n1 2 .Implement a web server for the site h ttp://stationX.html #vi /et c/httpd/conf/httpd.0/255.255.conf move to line no.168.Share the /common directory via SM B: Your SMB server must be a member of the STAFF workgroup The share's name must be common The common share must be available to example.168 .p command Changes:.example.168.com domain clients only The common share must be browseable paula must have read access to the share.Configure POP3 email on your system according to these criteria: mario must be able to retrieve email from your machine using POP3 from within example.255 .example.[common] #smbpasswd -a paula New smb password:pa ssword Retype New smb password:p a sswor d #service smb restart #chkconfig smb on 5.example. 972 #NameVirtual Host *:80 remove # sym bol and change * to your pc ip address eg: NameVirtualHost 192.-dport pop3 -j REJECT #chkconfig sendmail on 3.example.255.html to the DocumentRoot of your web server Do NOT make any modifications to the content of index.org domain should not have access to your POP3 service An s:#service sendmail restart #iptables -A INPUT -p tcp -s 192.com domain should have anonymous FTP access to your machine Clients outside example.com domain only.html Rename the downloaded file to index.168.com ErrorLog logs/dummy-host.#chkconfig sshd on 2. 74 Change Workgroup name workgroup = STAFF copy and then paste last 7 lines using comment = public stuff path = /common valid users = paula public = yes browseable = yes writable = yes hosts allow = 192.0.conf Line no.com login:anonymous password: <none> ftp>cd pub/rhce ftp>get station.com-error_log CustomLog logs/dummy-host.0/255.example.168.Configure FTP access on your system: Clients within the example.html Ans:#service httpd restart #cd /var/www/html #ftp server1.com should NOT have access to your FTP s ervice Ans:#service vsftpd restart #vi /etc/hosts.com DocumentRoot /va r/www/html server Name station12. :wq yy. if necessary Ans:#service smb restart #vi /etc/samba/smb.html index. Note: because you will not have root access.12:80> ServerAdmin firstname.lastname@example.org xa mp le.0 :wq #chkconfig vsftpd on 4..0.0.0 .255.1.12:80 copy last 7 lines and paste Remove all # symbols of these lines Changes: <Virtual Hos t 192.0.html ftp>bye #mv station.com. y . 127.
example. Ans:#vi /etc/al iases admin: tony :wq #newaliases 8.com and Email Address to email@example.com Don t change other entries #vi /etc/dovecot. Locality.0/255.pem :wq #vi /etc/hosts.pem ssl_key_file = /etc/pki/dovecot/private/dovecot. where x is your station number.protocols = IMAPs POP3 Line No.116 Typednl in front of the line Eg: dnl D AEMON_OPTIONS .conf Line No.example.255. Common Name to station12.com Set Email Address to firstname.lastname@example.org/255.com should NOT have access to your proxy server Ans: #ser vice squid restart #vi /etc/squid/squid.17 Remove # symbol. /var /spool/mail/paula Ans:#vi /etc/mail/sendmail.Configure SMTP mail service according to the following requirements: Your mail server should accept mail from remote hosts and localhost paula must be able to receive mail from remote hosts Mail delivered to paula should spool into the default mail spool for paula.0 :wq #service dovecot restart #chkconfig dovecot on 2.0. Clients within example. success ful execution of ls /home/guestx/nfs/stationx indicates that the automounter was able to automoun t your NFS share.255.Additional RHCE Requirements 1.168.sync) :wq #exportfs #service portmap restart #service nfs restart #chkconfig portmap on #chkconfig nfs on 7.0.Configure an email alias for your MTA such that mail sent to admin is received by the local user tony.com should have access to your proxy server Clie nts outside of example.pem set Organizational Unit name to GLS. State. Consequently.com Ans:#cd /etc/pki/tls/certs make dovecot.Implement a web proxy server bound to po rt 8080. the automounter on the system has been configured such that it will automount your /common direc tory under /home/guestx/nfs/stationx.mc Line No. :wq #make -C /etc/mail #service sendmail restart #chkconfig sendmail on .example.ou will not be able to directly mount your exported /common directory using your guest account on the system provided for testing.com IMAPS must NOT be available to other networks or domains.0(rw. Ans:#vi /etc/exports /common 192. The SSL certi_cate for the IMAPS server must be created as follows: Use the defaults for Country..conf Line No:73 http port 3128?change to 8080 . and Organization Name Set Organizational Unit to GLS Set Common Name to stationx.255.255. H owever. 87 & 88 Remove # symbols ssl_cert_file = /etc/pki/dovecot/certs/dovecot. Provide SSL-encapsulated IMAP access (IMAPS): I MAPS must be available to mario from example.deny dovecot : ALL EXCEPT 192.IMAP and POP3s Correct Line:.
com.example.conf copy last 7 lines and pa ste Remove all # symbols of these lines Changes: <Virtual Host 192. DNS resolution for the hostname wwwx.e xamp le.example. w here x is your station number.html Place this index.com/pub/rhce/www.0.com Login: anonymous Password:<none> ftp>cd pub/rhce ftp>get www.2527 & 2528 Change to http_access allow hello http_access deny all :wq #chkconfig squid on 3.html index.255.html Rename the downloaded file to index.com/.example. PLEASE VERIFY ALL CONFIGURED SERVICES ARE IN START CONDITION .html Ensure that paula is able to create content in /var/www/virtual Note: The original web site http://stationX.example.com ErrorLog logs/dummy-host. Ans:#mkdir /var/www/virtual #cd /var/www/virtual #ftp server1.html #vi /etc/httpd/conf/httpd.example.com DocumentRoot /var/www/virtual serve r Name www12.example.2394 Copy the line and paste acl hello src 192.com-error_log CustomLog logs/dummy-host.168.example.com-access_log common </Virtual Host> :wq #service httpd restart Open Mozilla Web Browser typeh tt p:/ /ww w12 .example.html ftp>bye #mv www.html in the DocumentRoot of the virtual host Do NOT make any modi_cations to the content of index.0/255.example.com is already provided by the name server on serv er1.0. then perform the following steps: Set the DocumentRoot to /var/www/virtual Download ftp://server1.168.Line No.Extend yo ur web server to include a virtual host for the site http://wwwx. co m?enter NOTE:PLEASE USE GRAPHICS MODE FOR WRITING RHCE EXAM BEFORE REBOOTING .12:80> ServerAdmin email@example.com must still be accessable .example.255.0 Line No.
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue listening from where you left off, or restart the preview.