RH200-EX300
210/300 Marks RHCSA EXAM 3 Hrs
You have to configure servera.lab.example.com and serverb.lab.example.com with the following requirements.
Your Domain name:- lab.example.com
Your Network:- 172.25.250.0/255.255.255.0
Hostname:- servera.lab.example.com and serverb.lab.example.com
Your root user password for serverb.lab.example.com is redhat
Your ip address for servera.lab.example.com is 172.25.250.10
Container registry server is registry.access.redhat.com
Use admin as username and redhat as password for container registry
serverb.lab.example.com(node1)
Note:
1) Node 1 -> 1st question should be work on node1 console(serverb)
2) Node 2 -> 1st question should be work on node2 console(servera)
1. Configure the network
a) Assign Hostname and Ip address for your virtual machine.
Hostname serverb.lab.example.com
IP Address 172.25.250.11
Netmask 255.255.255.0
Gateway 172.25.250.254
Nameserver 172.25.250.254
Answer: -
(Do this on serverb console)
# vim /etc/ssh/sshd_config
PermitRootLogin yes
# hostnamectl set-hostname serverb.lab.example.com
# hostname
# nmcli connection
(To Check the Connection should be Ethernet, the connection should be up state)
# nmcli connection modify "Wired connection 1" ipv4.addresses 172.25.250.11/24 ipv4.gateway 172.25.250.254
ipv4.dns 172.25.250.254 ipv4.method manual
# nmcli connection up "Wired connection 1"
# reboot
verify:
# ping 172.25.250.11
# ping 172.25.250.254
# ping 172.25.250.254
Open Terminal
# [student@workstation]$ ssh root@172.25.250.11
Password: redhat
---------------------------------X---------------------------------------
2. Create a repository file
http://classroom.example.com/content/rhel9.0/x86_64/dvd/AppStream
http://classroom.example.com/content/rhel9.0/x86_64/dvd/BaseOS
Answers:
# dnf clean all
# vim /etc/yum.repos.d/local.repo (suppose vim is not work, use vi )
[123]
name=repo1
baseurl=http://classroom.example.com/content/rhel9.0/x86_64/dvd/AppStream
enabled=1
gpgcheck=0
[456]
name=repo2
baseurl=http://classroom.example.com/content/rhel9.0/x86_64/dvd/BaseOS
enabled=1
gpgcheck=0
(Save and quit -> :wq)
# dnf repolist all
verify:
# dnf install vim -y
---------------------------------X---------------------------------------
3. Configure the Selinux
The webserver is running on non-stardard port 82 having a issue serve the web content. Debug and fix the issue:
a) The webserver can serve all the existing HTML file located at /var/www/html directory
(Don't alter or remove any files in this directory)
b) The webserver can serve the content on port 82.
c) Make the content accessible.
Answers:
# semanage port -l |grep http
# semanage port -a -t http_port_t -p tcp 82
# firewall-cmd --add-port=82/tcp --permanent
# firewall-cmd --reload
# firewall-cmd --list-ports
# dnf install httpd -y
# systemctl start httpd
# systemctl enable httpd
# vim /etc/httpd/conf/httpd.conf
(use shift+g to go to last line of the file, Press 'O' for go to new line)
<virtualhost 172.25.250.11:82>
servername serverb.lab.example.com
documentroot /var/www/html
</virtualhost>
(Save and quit -> :wq)
# httpd -t
# systemctl restart httpd
verify:
# curl http://serverb.lab.example.com:82 (Will Work on Exam)
---------------------------------X---------------------------------------
4. Create the following users, groups and group memberships:
a) A group named admin.
b) A user harry who belongs to admin as a secondary group.
c) A user natasha who belongs to admin as a secondary group.
d) A user sarah who does not have access to an interactive shell on the system
and who is not member of admin.
e) harry, natasha and sarah should have password of redhat.
Answers:
# groupadd admin
# useradd -G admin harry
# id harry
# useradd -G admin natasha
# id natasha
# useradd -s /sbin/nologin sarah
# passwd --stdin harry
redhat
# passwd --stdin natasha
redhat
# passwd --stdin sarah
redhat
---------------------------------X---------------------------------------
5. Create a collaborative directory /common/admin with the following characteristics:
a) Group ownership of /common/admin is admin.
b) The directory should be readable,writable and accessible to members of admin, but not to any other user.
(It is understood that root has access to all files and directories on the system.)
c) Files created in /common/admin automatically have group ownership set to the admin group.
Answers:
# mkdir -p /common/admin
# ls -ld /common/admin
# chgrp admin /common/admin
# ls -ld /common/admin
# chmod 770 /common/admin
# ls -ld /common/admin
# chmod g+s /common/admin
# ls -ld /common/admin
verify:
# su - harry
# touch /common/admin/file1
# ls -l /common/admin/file1
# exit
---------------------------------X---------------------------------------
6. Configure autofs to automount the home directories of production5 domain users. Note the following:
a) servera.lab.example.com (172.25.250.10) NFS -exports /user-homes to your system.
b) production5 home directory is servera.lab.example.com:/user-homes/production5
c) production5 home directory should be automounted locally beneath to /localhome as /localhome/production5 .
d) home directories must be writable by their users.
e) production5's password is redhat.
Answers:
__________________________________________________________
| # Not For Exam # |
| # ssh student@workstation |
| Password: student |
| # lab start rhcsa-compreview3 |
| # exit |
|__________________________________________________________|
# dnf install autofs -y
# systemctl start autofs
# systemctl enable autofs
# getent passwd production5
# su - production5 -> (will get warning)
# pwd
# exit
# vim /etc/auto.master
(use shift+g to go to last line of the file, Press 'O' for go to new line)
/localhome /etc/auto.misc
(Save and quit -> :wq)
# vim /etc/auto.misc
(use shift+g to go to last line of the file, Press 'O' for go to new line)
production5 -rw,soft,intr servera.lab.example.com:/user-homes/production5
(Save and quit -> :wq)
# systemctl restart autofs
verify:
# su - production5
# pwd
# exit
---------------------------------X---------------------------------------
7. The user harry must configure cron job that runs daily at 12:30 local time and execute /bin/echo "hello".
Answers:
# crontab -eu harry
30 12 * * * /bin/echo "hello"
Alternatives,
*/3 * * * * /bin/echo "hello"
*/2 * * * * logger user.debug "hello"
verify:
# crontab -lu harry
---------------------------------X---------------------------------------
8. Configure the NTP
a) Configure your system so that it is an NTP client of classroom.example.com
Answers:
# vim /etc/chrony.conf
(Give the "#" mark for existing server)
#server 172.25.254.254 iburst
(Add another server in new line)
server classroom.example.com iburst
(Save and quit -> :wq)
# systemctl restart chronyd.service
# chronyc sources
---------------------------------X---------------------------------------
9. Locate the Files
a) Locate all the files owned by sarah and make a copy of them in the given path /root/find.user
Answers:
# mkdir /root/find.user
# find / -user sarah -type f
# find / -user sarah -type f -exec cp {} /root/find.user/ \;
(Please ignore the "find:" warnings)
verify:
# ls -a /root/find.user/
---------------------------------X---------------------------------------
10. Find the string
a) Find a string "home" in /etc/passwd and searching string as been stored in /root/search.txt
Answers:
# grep "home" /etc/passwd > /root/search.txt
verify:
cat /root/search.txt
---------------------------------X---------------------------------------
11. Create an user account
a) Create an user account with Userid 1326 and user name as alies.
b) Set the password for the user as redhat
Answers:
# useradd -u 1326 alies
# id 1326
# passwd --stdin alies
redhat
---------------------------------X---------------------------------------
12. Create a tar archive file
a) Backup the /var/tmp as /root/test.tar.gz (or) /root/test.tar.bz2
Answers: (Gun zip)
# dnf install gzip -y
# tar -zcvf /root/test.tar.gz /var/tmp
verify:
# ls
Alternates: (Bun Zip2)
# dnf install bzip2 -y
# tar -jcvf /root/test.tar.bz2 /var/tmp
verify:
# ls
---------------------------------X---------------------------------------
13. Build a container as student user.
a) Using the URL to build the container image with name monitor.
http://classroom.example.com/Containerfile
c) Do not modify the container file
Answers:
# dnf install container-tools -y
# ssh student@172.25.250.11
# wget http://classroom.example.com/Containerfile (only in Exam and Mock Test)
-----------------------------------------------------------------------------------------------------
# Not For Exam and Mock Test #
# cat > Containerfile [For Practice -> Copy paste the below content]
#!/bin/bash
FROM registry.access.redhat.com/ubi9/ubi
MAINTAINER nobody@redhat.com
RUN mkdir /opt/incoming
RUN mkdir /opt/outcoming
RUN echo "while true" >> /usr/local/bin/ascii2pdf
RUN echo "do" >> /usr/local/bin/ascii2pdf
RUN echo "CURRENT_DIR='/opt/incoming'" >> /usr/local/bin/ascii2pdf
RUN echo "#app=#(ls -Art1 datas | tail -n 1)" >> /usr/local/bin/ascii2pdf
RUN echo "text1 " >> /usr/local/bin/ascii2pdf
RUN echo "enscript /opt/incoming/-o - | ps2pdf - /opt/outcoming/.txt" >> /usr/local/bin/ascii2pdf
RUN echo "done" >> /usr/local/bin/ascii2pdf
RUN sed -i 's/text1/echo $FILE/g' /usr/local/bin/ascii2pdf
RUN sed -i 's/-o/$FILE -o/g' /usr/local/bin/ascii2pdf
RUN sed -i 's/.txt/$FILE.pdf/g' /usr/local/bin/ascii2pdf
RUN sed -i 's/#app=#/FILE=$/g' /usr/local/bin/ascii2pdf
RUN sed -i 's/datas/${CURRENT_DIR}/g' /usr/local/bin/ascii2pdf
RUN chmod 777 /usr/local/bin/ascii2pdf
RUN yum install -y http://mirror.stream.centos.org/9-stream/AppStream/x86_64/os/Packages/enscript-1.6.6-28.el9.x86_64.rpm
RUN yum install -y http://mirror.stream.centos.org/9-stream/AppStream/x86_64/os/Packages/ghostscript-9.54.0-7.el9.x86_64.rpm
CMD [ "/bin/bash", "-c", "/usr/local/bin/ascii2pdf" ]
[ctrl+d to close]
------------------------------------------------------------------------------------------------------
# podman login registry.access.redhat.com
username: admin
password: redhat
# podman build -t monitor .
verify:
# podman images
---------------------------------X---------------------------------------
14. Configure the container as a system start-up service and mount volumes persistently
a) Create the container name as ascii2pdf as student user
b) Run the container by using image monitor which one was already done in previous
c) Create the container as a system start-up service, While reboot it will automatically start the service without any human intervention.
d) The system service should be container-ascii2pdf.
e) The local directory /opt/files should be persistently mount on container’s /opt/incoming directory.
f) The local directory /opt/processed should be persistently mount on container’s /opt/outcoming directory.
Note: In working of service starts, any file create/store under the /opt/files automatically creates into pdf on /opt/outgoing directory.
Answers:
# su - root
Password: redhat
# mkdir /opt/files /opt/processed
# chown student:student /opt/files /opt/processed
# exit
# podman run -d --name ascii2pdf -v /opt/files:/opt/incoming:Z -v /opt/processed:/opt/outcoming:Z monitor
# podman ps (it should be in "up" state)
-------------------------------------------------------------------------
(if it was not in "up" state)
# podman ps -a
# podman rm ascii2pdf
# podman run ........... (Re-Run the "podman run" command correctly)
# podman ps
-------------------------------------------------------------------------
# podman ps
# mkdir -p ~/.config/systemd/user
# cd ~/.config/systemd/user
# podman generate systemd --name ascii2pdf --files --new
# ls
# systemctl --user daemon-reload
# systemctl --user start container-ascii2pdf.service
# systemctl --user enable container-ascii2pdf.service
# podman ps
# su - root
# loginctl enable-linger student
# reboot
verify,
# ssh student@172.25.250.11
# podman ps
# exit
---------------------------------X---------------------------------------
15.1 Set the Permission
a) All new creating files for user natasha as -r-------- as default permission.
b) All new creating directories for user natasha as dr-x------ as default permission.
Answers:
# su - natasha
(Calculate the UMASK value for the directory permission)
# bc
777-500 (Full permission - Required permission [dr-x------])
277
# ls -a
# vim .bash_profile
(use shift+g to go to last line of the file, Press 'O' for go to new line)
umask 277
(Save and quit -> :wq)
# source .bash_profile
verify:
# mkdir testdir
# touch testfile
# ls -l
# exit
---------------------------------X---------------------------------------
15.2 Set the Password expire date
a) The password for all new users in serverb.lab.example.com should expires after 20 days.
Answers:
# vim /etc/login.defs
PASS_MAX_DAYS 20 (Change the password max days)
(Save and quit -> :wq)
---------------------------------X---------------------------------------
15.3 Assign Sudo Privilege
Assign the Sudo Privilege for Group "admin" and Group members can administrate without any password.
Answers:
# vim /etc/sudoers
:110 (Go to Line '110' and Insert mode)
%admin ALL=(ALL) NOPASSWD:ALL
(Save and quit -> :wq!)
---------------------------------X---------------------------------------
15.4 Configure the application RHCSA as an alies user, When login it will show the message
"Welcome to Advantage Pro"
Answers:
# su - alies
# ls -a
# vim .bash_profile
(use shift+g to go to last line of the file, Press 'O' for go to new line)
RHCSA="Welcome to Advantage Pro"
export RHCSA
echo $RHCSA
(Save and quit -> :wq)
# source .bash_profile
verify:
# exit
# su - alies
# exit
---------------------------------X---------------------------------------
15.5 Create the script file
a) Create a mysearch script file under /usr/local/bin to locate files under /usr/share directory having size less than 1M.
b) After executing the mysearch script file and listed(searched) files has to be copied under /root/myfiles.
Answers:
# mkdir /root/myfiles
# vim mysearch
find /usr/share -type f -size -1M -exec cp {} /root/myfiles/ \;
Alternates,
find /usr/share -type f -size +30M -size -50M -perm /4000 - exec cp {} /root/myfiles/ \;
find /usr/share -type f -size +10M -perm /2000 -exec cp {} /root/myfiles/ \;
(Save and quit -> :wq)
# chmod +x mysearch
# cp mysearch /usr/local/bin
# mysearch
verify:
# ls -l /root/myfiles
---------------------------------X---------------------------------------
servera.lab.example.com
1. Assign root user password as northate.
Answers:
__________________________________________________________
| # Not For Exam # |
| # ssh student@workstation |
| Password: student |
| # lab start boot-resetting |
| # exit |
|__________________________________________________________|
- Reboot the servera machine
- Press "Down" arrow to select the Rescue Kernel
- Press "e" to edit the kernel
- Find the linux line, Go to End of the linux line
- Give [space], type rd.break
- Press "ctrl+x" to start the kernel
IN Maintainance mode,
- Give enter, then
# mount -o remount,rw /sysroot
# chroot /sysroot
# passwd --stdin root
northate
# touch /.autorelabel
# exit
# exit
(Wait for a while)
servera login: root
Password: northate
[root@servera]#
---------------------------------X---------------------------------------
2. Create a repository file
http://classroom.example.com/content/rhel9.0/x86_64/dvd/AppStream
http://classroom.example.com/content/rhel9.0/x86_64/dvd/BaseOS
Answers:
# dnf clean all
# vim /etc/yum.repos.d/local.repo (suppose vim is not work, use vi )
[123]
name=repo1
baseurl=http://classroom.example.com/content/rhel9.0/x86_64/dvd/AppStream
enabled=1
gpgcheck=0
[456]
name=repo2
baseurl=http://classroom.example.com/content/rhel9.0/x86_64/dvd/BaseOS
enabled=1
gpgcheck=0
(Save and quit -> :wq)
# dnf repolist all
verify:
# dnf install vim -q
---------------------------------X---------------------------------------
3. Create a swap partition 512MB size.
Answers:
# lsblk
# fdisk /dev/vdb
n (for new partition)
p (for primary partition)
3 (Give partition no '3')
[enter] (First sector default enter)
+512M (Last sector value)
t (Change Type)
swap
p (For print the partitions)
w (Write the changes and quit)
# lsblk
# mkswap /dev/vdb3
# vim /etc/fstab
(use shift+g to go to last line of the file, Press 'O' for go to new line)
(Don't distrub the existing line, Will leads to server maintainance)
/dev/vdb3 swap swap defaults 0 0
(Save and quit -> :wq)
# swapon -a
verify:
# free -h
---------------------------------X---------------------------------------
4. Create one logical volume named database and it should be on datastore volume group
with size 50 extent and assign the filesystem as ext3.
(i) the datastore volume group extend should be 8MiB.
(ii)mount the logical volume under mount point /mnt/database.
Answers:
# lsblk
# fdisk /dev/vdb
n (for new partition)
p (for primary partition)
4 (Give partition no '4')
[enter] (First sector default enter)
+2G (Last sector -> Recommend Size '2G')
t (Change Type)
lvm
p (For print the partitions)
w (Write the changes and quit)
# lsblk
# vgcreate -s 8 datastore /dev/vdb4
# lvcreate -l 50 -n database datastore
# lsblk
# mkfs.ext3 /dev/datastore/database
# mkdir /mnt/database
# vim /etc/fstab
(use shift+g to go to last line of the file, Press 'O' for go to new line)
(Don't distrub the existing line, Will leads to server maintainance)
/dev/datastore/database /mnt/database ext3 defaults 0 0
(Save and quit -> :wq)
# mount -a
verify:
# lsblk
---------------------------------X---------------------------------------
5. Resize the logical volume size of 100 extent on /mnt/database directory.
Answers:
# df -hT
# lvextend -l 100 -r /dev/datastore/database
verify:
# lsblk
# df -hT
---------------------------------X---------------------------------------
6. Set the recommend tuned profile for your system.
Answers:
# dnf install tuned -y
# systemctl start tuned
# systemctl enable tuned
# tuned-adm recommend
# tuned-adm profile virtual-guest
# tuned-adm active
# systemctl restart tuned
---------------------------------X---------------------------------------
Comments
Post a Comment