Jump to content

Search the Community

Showing results for tags 'red hat'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


    • LINUX
    • ORACLE
    • GNS3

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 5 results

  1. Red Hat Certified System Administrator (RHCSA) RHEL 8 Complete Video Course, 3rd Edition 16+ Hours of Video Instruction Red Hat Certified System Administrator (RHCSA) Complete Video Course 3rd Edition has more than 16 hours of comprehensive video training—which includes whiteboard concept teaching, live CLI work, screencast teaching, and hands-on labs—so you have everything you need to study for and pass the RHCSA exam. This new edition of the best-selling RHCSA Complete Video Course, is fully updated for the RHEL 8 version of the exam. Overview The Red Hat Certified System Administrator (RHCSA) Complete Video Course, 3rd edition is all new and fully updated for RHEL 8. This course is designed to teach you everything you need to know to pass the RHCSA exam. Every objective in the exam is discussed, along with in-depth lessons on complex topics, so they are not confusing. Each lesson ends with a lab, so you can dive into your own projects and see Red Hat in action; many of these labs mimic scenarios you might find on the exam, so you get the experience you need to practice for the exam. These labs also include video solutions, so you can also see in real-time how to work through the problems and figure out the best methods for working through each scenario. This course includes: All new videos Whiteboard instruction to help you grasp difficult concepts CLI instruction so you can see Red Hat in action Labs so you can practice your skills, plus solution videos so you can then compare your work to the author's Two full practice exams that include video solutions Module quizzes to help you test yourself on concepts and commands Topics include: Module 1: Performing Basic System Management Tasks Module 2: Operating Running Systems Module 3: Performing Advanced System Administration Tasks Module 4: Managing Network Services Module 5: Sample Exam This engaging self-paced video training solution provides learners with more than 16 hours of video instruction from an expert trainer with more than 20 years of practical Linux teaching experience. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of all topics on the Red Hat Certified Administrator (RHCSA) exam, as well as a deeper understanding of Red Hat Enterprise Linux, so you master the key foundational principles of systems administration. The combination of video, labs, practice exams, and virtual machines is a unique offering that gives you a full toolkit to learn and excel on your exam. Skill Level Beginner/Intermediate Learn How To Perform basic system management tasks Operate running systems Perform advanced system administration tasks Manage network services Prepare for the RHCSA exam Who Should Take This Course Anyone planning to take the RHCSA exam and become a Red Hat Certified System Administrator. Course Requirements Know your way around a computer Basic IT knowledge No experience of Linux is necessary, but it is helpful Module Descriptions Module 1, “Performing Basic System Management Tasks,” introduces you to Linux systems management. It starts by installing Red Hat Enterprise Linux, after which basic utilities are covered. Then, it will dig into the different ways to log in to a Linux server, and to run administrator tasks. In the last three lessons of this module, how to work with users and permissions and how to configure networking is discussed. Module 2, “Operating Red Hat Enterprise Linux Servers,” will teach the common tasks that are involved in day-to-day administration of RHEL servers. This includes installing software, managing processes, configuring logging, working with virtual machines, and managing storage, which is about partitions and logical volumes. Module 3, “Performing Advanced System Administration Tasks,” goes over the tasks that won't be performed on a daily basis. Managing the Linux kernel and the boot procedure will be discussed, and in the last part of this module, there will be a walk-through of some common troubleshooting scenarios. Module 4, “Managing Network Services,” shows how to configure those services where networking is involved. It starts by looking at the SSH server, followed by the Apache web. Next, SELinux, a vital part of RHEL that helps make it a secure platform, will be explained. Firewalling, network based automatic installation, and time are also covered. Module 5 provides an RHCSA Sample exam. Torrent Link: 50 GB [Hidden Content]
  2. I just found those questions helpful so i thought to share them with all of you, below questions are based on RHEL 6 and i believe we should consider below points too with it : Firewall, ipv6, link aggregation, mail, two shell scripts, complete client and server configuration of NFS samba iscsi, secured and dynamic web server setup, mariaDB setup, Port forwarding using RICH rule are part of exam. Question 1 In accordance with the following requirements to deploy ssh login service: (1) harry belongs to example.com which can remote login your systems. (2) However, users of remote.test can not use ssh login to your machine. Answer: [[email protected] ~]# grep sshd /etc/hosts.allow sshd:.example.com [[email protected] ~]# grep sshd /etc/hosts.deny sshd:.remote.test Notice: tcp_wrappers has two configuration files and their priority level is /etc/hosts.allow->/etc/hosts.deny Question 2 Via nfs service share the /common directory in your system, just doine ONE share in example.com domain. Answer: [[email protected] ~]# grep common /etc/exports /common *.example.com(ro,sync) Question 3 According to the following requirements, deploying your ftp login rule: (1) Users in example.com domain must be able to login to your ftp server as an anonymous user. (2) But users outside the example.com domain are unable to login to your server Answer: [[email protected] ~]# grep vsftpd /etc/hosts.deny vsftpd:.example.com [[email protected] ~]# grep vsftpd /etc/hosts.deny vsftpd:ALL /etc/vsftpd/vsftpd.conf: anonymous_enable=YES Question 4 Deploying your exam system: linking to the iscsi target in the instructor.example.com and distinguish it well, then formatted as ext3 file system. You must can be able to mout the file system of the iscsi target to the /mnt/iscsi directory in your own system and make this file system can automatically mount (permanently mount) after system restart. Answer: [[email protected] ~]# iscsiadm –mode discoverydb –type sendtargets –portal instructor.example.com –discover,1 iqn.2010-09.com.example:rdisks.server1 [[email protected] ~]# iscsiadm –mode node -targetname iqn.2010-09.com.example:rdisks.server1 –portal instructor.example.com –login Logging in to [iface: default, target: iqn.2010-09.com.example:rdisks.server1, portal:,3260] (multiple) Login to [iface: default, target: iqn.2010-09.com.example:rdisks.server1, portal:,3260] successful. Note: This part also need to be formatted and modify /etc/fstab mount Question 5 In accordance with the following requirements, sharing /common directory through smb service. – your sub service must be in the SAMBA working-set – the shared name of common is common – the common share just can be shared by the customers in the example.com domain – the common must can be available for browsing – mary must cann login to the smb share and for read operation, “password”is the secret code if it need to be verified. Answer: [[email protected] iscsi]# grep -v “^\s*#” /etc/samba/smb.conf | grep -v “^\s*;” | grep -v “^\s*$” [global] workgroup = SAMBA server string = Samba Server Version %v hosts allow = 127. 192.168.0. security = user passdb backend = tdbsam [common] comment = Public Stuff path = /common public = no browseable = yes printable = no read only = mary Add SMB Mary users smbpasswd -a mary Modify the security context of /common directory chcon -R -t samba_share_t /common Question 6 Arrange a web service address is: [Hidden Content], X is the number of your exam machine. Deploy it in accordance with the following requirements: — Download ftp://instructor.example.com/pub/rhce/server.html — Can not do any modification to file documwent server.html — Rename file document server.html as index.html — Copy the file document server.html to DocumentRoot Answer: [[email protected] common]# cd /var/www/html/ [[email protected] html]# lftp instructor.example.com lftp instructor.example.com:~> cd pub/rhce cd ok, cwd=/pub/rhce lftp instructor.example.com:/pub/rhce> get server.html 20 bytes transferred [[email protected] html]# mv server.html index.html [[email protected] html]# restorecon -Rv /var/www/html/ [[email protected] html]# /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] [[email protected] html]# chkconfig httpd on Question 7 Expand your web service including a virtual hosting, address is:[Hidden Content], X is the number of your exam machine. However, requiring you do as the following: – Set up the DocumentRoot of this virtual hosting as /var/http/virtual – Download ftp://instructor.example.com/pub/rhce/www.html – Rename www.html file document as index.html – Move this file document to this virtual hosting’s DocumentRoot – Don’t do any changes to this document – Making sure that harry users are able to creat project in /var/http/virtual Attention: Original web address is [Hidden Content] must also can be browsed. The DNS of the Server instructor.example.com has already been analyzed as the domain wwwX.example.com. Answer: [[email protected] html]# mkdir -p /var/http/virtual [[email protected] html]# cd /var/http/virtual/ [[email protected] virtual]# lftp instructor.example.com lftp instructor.example.com:~> cd pub/rhce lftp instructor.example.com:/pub/rhce> get www.html 17 bytes transferred lftp instructor.example.com:/pub/rhce> quit [[email protected] virtual]# mv www.html index.html [[email protected] virtual]# useradd harry [[email protected] virtual]# chgrp harry . [[email protected] virtual]# chmod 775. Edit /etc/httpd/conf/httpd.conf, add the follow content: NameVirtualHost *:80 <VirtualHost *:80> DocumentRoot /var/http/virtual ServerName www1.example.com <Directory /var/http/virtual/limited> Options Indexes MultiViews FollowSymlinks order deny,allow deny from all allow from 192.168.0. </Directory> </VirtualHost> <VirtualHost *:80> DocumentRoot /var/www/html/ ServerName server1.example.com Notice: The priority level of order deny,allow is deployed: The back is higher than in front of the priority. It means allow -> deny Question 8 Creating a directory /var/http/virtual/limited, Just limiting the local user to enter and browse the shared web page in this directory and users can’t access this webpage if they are not the local user. Answer: The deploy of <Directory> in the seventh question has been done. Question 9 Deploy your SMTP mail service and complete it by the following requirements: – Your mail service must can receive the local and remote mails – harry must can receive the remote mail – The mail which is delivered to mary should be put into the mail /var/spool/mail/mary Answer: Modify /etc/postfix/main.cf, open the following parameters: inet_interfaces = all [[email protected] virtual]# /etc/init.d/postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] [[email protected] virtual]# chkconfig postfix on Question 10 Configure a mail alias to your MTA, for example, send emails to harry but mary actually is receiving emails. Answer: Modify /etc/aliases,add: harry: mary harry After completing modification: [[email protected] virtual]# newaliases Notice: This problem is a trap.The ninth questions require harry must be able to receive remote emails but the tenth problems requires mary to receive harry’s emails. So harry msut be added when you are deploying aliaes. Question 11 Create a Shell script /root/program: — The shell script will come back to “user” parameter when you are entering“kernel” parameter. — The shell script will come back to “kernel” when you are entering “user” parameter. — It will output the standard error when this script“usage:/root/program kernel|user” don’t input any parameter or the parameter you inputted is entered as the requirements. Answer: [[email protected] virtual]# cat /root/program #!/bin/bash param1=”$1″ if [ “$param1″ == “kernel” ]; then echo “user” elif [ “$param1″ == “user” ]; then echo “kernel” else echo “usage:/root/program kernel|user” fi [[email protected] ~]# chmod +x /root/program Question 12 Given the kernel of a permanent kernel parameters: sysctl=1. It can be shown on cmdline after restarting the system. Kernel of /boot/grub/grub.conf should be added finally, as: Answer: Kernel of /boot/grub/grub.conf should be added finally, as: kernel /vmlinuz-2.6.32-279.1.1.el6.x86_64 ro root=/dev/mapper/vgsrv-root rd_LVM_LV=vgsrv/root rd_NO_LUKS LANG=en_US.UTF-8 rd_LVM_LV=vgsrv/swap rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet rhgb quiet sysctl=1 Question 13 Forbidden the Mary user configuration tasks in your system. Answer: Modify the /etc/cron.deny, add: [[email protected] ~]# cat /etc/cron.deny mary Conclusions: 1. I find that it is common to add various service access limits in the exam RHCE. The exercises like: require one network segment can be accessed another network segments can not be accessed,the following are some conclusions for various service: tcp_wrappers:/etc/hosts.allow,/etc/hosts.deny tcp_wrappers can filter the TCP’s accessing service. TCP whether has the filtering function which depends on this service whether use the function library of tcp_wrappers, or this service whether has the xinetd process of starting function of tcp_wrappers. tcp_wrappers’s main configuration file is /etc/hosts.allow,/etc/hosts.deny. And the priority of the documents in hosts.allow is higher than hosts.deny. Visit will be passed if no match was found. sshd,vsftpd can use the filtering service of tcp_wrappers. Configuration example: sshd:.example.com 192.168.0. 150.203. EXCEPT Notice: The two configuration files’ syntax can refer to hosts_access(5) and hosts_options(5) sshd_config There are four parameters in this configuration file: DenyUsers, AllowUsers, DenyGroups, AllowGroups, they are used to limit some users or user groups to proceed Remote Login through the SSH. These parameters’ priority level is DenyUsers->AllowUsers->DenyGroups->AllowGroups Configuration example: AllowUsers tim [email protected] [email protected]*.example.com httpd Service Through the /etc/httpd/conf/httpd.conf in parameters, can add <Directory> to control the url access. Just as: <VirtualHost *:80> DocumentRoot /var/http/virtual ServerName www1.example.com <Directory /var/http/virtual/limited> Options Indexes MultiViews FollowSymlinks order deny,allow deny from all allow from 192.168.0. </Directory> </VirtualHost> Notice: So pay attention, deny’s and allow’s priority level in order deny,allow is: the backer has the higher priority level. But here, allow’s priority has a higher priority level. nfs Service nfs service directly control the visits through file /etc/exports, just as: /common *.example.com(rw,sync),sync) samba Service Parameter hosts allow in /etc/samba/smb.conf which is used as Access Control,just as: hosts allow = 192.168.0. .example.com 2. Paying attention to use Mount parameters: _netdev,defaults when you are mounting ISCSI disk. 3. Stop the NetworkManager /etc/init.d/NetworkManager stop chkconfig NetworkManager off 4. When you are deploying ifcfg-ethX, add parameters: PEERDNS=no 5. Empty the firewall in RHCSA、RHCE: iptables -F iptables -X iptables -Z /etc/init.d/iptables save 6. Narrow lv steps: 1.umount /dev/mapper/lv 2.e2fsck -f /dev/mapper/lv 3.resize2fs /dev/mapper/lv 100M 4.lvreduce -L 50M /dev/mapper/lv 5.mount -a 7. Mount the using command – swap which is newly added in /etc/fstab 8. If Verification is not passed when you are installing software, can import public key: rpm -import /etc/pki/rpm…/…release and so on. In yum.repo, you also can deploy gpgkey, for example, gpgkey=/etc/pki/rpm…/…release 9. When you are using “Find” command to search and keep these files, paying attention to use cp -a to copy files if you use user name and authority as your searching methods. Part 2 Question 14 Please set the selinux status as enforcing. Answer: # getenforce 1 # vim /etc/sysconfig/selinux SELINUX=enforcing Question 15 Please open the ip_forward, and take effect permanently. Answer: # vim /etc/sysctl.conf net.ipv4.ip_forward = 1 # sysctl -w (takes effect immediately) If no “sysctl.conf” option, use these commands: # sysctl -a |grep net.ipv4 # sysctl -P net.ipv4.ip_forward = 1 # sysctl –w Question 16 Configure ssh to allow user harry to access, reject the domain t3gg.com ( to access. Answer: # yum install -y sshd # chkconfig sshd on # vim /etc/hosts.deny sshd: # service sshd restart Use iptables: # chkconfig iptables on # iptables -F # iptables -X # iptables -Z # iptables -nvL # iptables -A INPUT -s -p tcp –dport 22 -j REJECT # services iptables save # iptables -nvL # cat /etc/services (check port) Question 17 Configure the ftp to allow anonymously download the directory /var/ftp/pub, and reject the domain t3gg.com to access. Answer: # yum install -y vsftpd # chkconfig vsftpd on # services vsftpd start # vim /etc/hosts.deny vsftpd: OR # iptables -A INPUT -s -p tcp -dport 20:21 -j REJECT # services iptables save Question 18 Shutdown the /root/cdrom.iso under /opt/data, and set as boot automatically mount. Answer: # cd /opt/ # mkdir data # mount -t iso9660 -o loop /root/cdrom.iso /opt/data # vim /etc/fstab /root/cdrom.iso /opt/data iso9660 defaults,loop 0 0 # mount -a # mount Question 19 Configure the web server, which can be accessed by [Hidden Content]. Answer: # yum install -y httpd # chkconfig httpd on # cd /etc/httpd/conf/ # vim httpd.conf NameVirtualHost <VirtualHost> DocumentRoot /var/www/html/ ServerName tation.domain30.example.com </VirtualHost> # service httpd restart Question 20 Configure the web server, and implement the virtual host. [Hidden Content] can access the pages under the directory: [Hidden Content]. And make sure, [Hidden Content] can also access the previous content. Answer: # mkdir -p /www/virtual # cd /www/virtual # wget [Hidden Content] # cp example.com index.html # se manage fcontext -a -t httpd_sys_content_t ‘/www(/.*)?’ restorecon -vRF /www # vim /etc/httpd/conf/httpd.conf (Add new VirtualHost) <VirtualHost> DocumentRoot /www/virtual/ ServerName www.domain30.example.com </VirtualHost> # chcon -R –reference=/var/www/html/ /www/ # service httpd restart Use elinks to test. OR # mkdir -p /www/virtual # cd /www/virtual # wget [Hidden Content] # mv example.html index.html # chcon -R –reference=/var/www/html/ /www/ # ls -ldZ /www/virtual # vim /etc/httpd/conf/httpd.conf NameVirtualHost *:80 <VirtualHost *:80> DocumentRoot /var/www/html/ ServerName station.domain30.example.com </VirtualHost> <VirtualHost *:80> DocumentRoot /www/virtual/ ServerName www.domain30.example.com </VirtualHost> # service httpd restart Question 21 Download file from [Hidden Content], and the local user harry can access it by[Hidden Content]/restircted.html, and cannot be accessed by t3gg.com. Answer: # cd /var/www/html # wget [Hidden Content] # iptables -A INPUT -s -p tcp -dport 80 -j REJECT # service iptables save OR # yum install httpd # service httpd restart # chkconfig httpd on # cd /var/www/html # wget [Hidden Content] # iptables -A INPUT -p tcp –dport 80 -j REJECT # service iptables save # service iptables restart # elinks [Hidden Content]/restricted.html Question 22 Configure the nfs server, share the /common directory to domain30.example.com, and allow client to have the root user right when access as root user Answer: # yum install -y nfs # chkconfig nfs on # chkconfig rpcbind on # vim /etc/exports /common,no_root_squash) # showmount -e # mount -t nfs /mnt (Test) Question 23 Configure the samba server, share /common, which can be browsed. The user harry can only read it. If it is needed, the password for harry is harryuser. Answer: # yum install -y samba samba-common samba-client # chkconfig smb on # chkconfig nmb on (nmb is a dependency of smb to resolve netbios) # service smb start # service nmb start # useradd harry # smbpasswd -a harry # mkdir /common # vim /etc/samba/smb.conf [common] comment = common path = /common browseable = yes valid user = harry read only = yes testparm # getsebool -a |grep samba_share_nfs # setsebool -P samba_share_nfs=1 # chcon -R –reference=/var/spool/samba/ /common/ # services smb restart # mount -t cifs // /mnt -o username=harry,password=harryuser # smbclient // -U harry Question 24 Configure an email server domian30.example.com, and it requests to send and receive emails from the local server or the user harry can send or receive emails from network. The email of user harry is /var/spool/mail/harry. Please note: the DNS server has already been MX record analyzed. Answer: # yum install -y postfix # service postfix restart # chkconfig postfix on # vim /etc/postfix/main.cf inet_interfaces = all mydestination = example.com, domain30.example.com, localhost mynetworks =, # services postfix restart Test: # netstat -tulnp |grep 25 # hostname # echo hello |mail -s “test”[email protected] # cat /var/spool/mai/harry Question 25 Connect to the email server and send email to admin, and it can be received by harry. Answer: # vim /etc/aliases admin: harry # newaliases Question 26 Configure the kernel parameters: rhelblq=1, and it is requested that your kernel parameters can be verified through /proc/cmdline. Answer: # vim /boot/grub/grub.conf rhelblq=1 (Add to end of the line “kernel….) Restart # cat /proc/cimline Question 27 Configure cron and don’t allow the user tom to use. Answer: # useradd tom # vim /etc/cron.deny tom Question 28 Write a script /root/program. The request is when input the kernel parameters for script, the script should return to user. When input the user parameters, the script should return to kernel. And when the script has no parameters or the parameters are wrong, the standard error output should be “usage:/root/program kernel|user”. Answer: # vim /root/program # !/bin/bash if [ $# -ne 1 ];then echo “usage:/root/program kernel|user” else if [ “$1″ -eq “kernel”];then echo “user” elif [“$1″ -eq “user”];then echo “kernel” else echo “usage:/root/program kernel|user” fi fi Test: # chmod a+x /root/program .root/program kernel ./root/program user ./root/program lll Question 29 You access the iscsi shared storage. The storage server ip is Separate of 1500M space, format as ext3 file system, mount under /mnt/data, and make sure the root-start automatically mount. Answer: # yum install -y iscsi* # chkconfig iscsid on # iscsiadm -m discovery -t st -p # iscsiadm -m node -T iqn.2011 -p -l # dmesg|tail # fdisk /dev/sdb9 …… # mkfs.ext3 /dev/sdb9 # cd /mnt # mkdir data # blkid /dev/sdb1 (Check UUID number) # vim /etc/fstab UUID=xxxxxxxxxxxxxxxxxxxx /mnt/data ext3 _netdev,defaults 0 0 # mount -a # mount OR # vim /dev/fstab UUID=xxxxxxxxxxxxxxxxxxxx /mnt/data ext3 defaults 0 0 # chkconfig netfs2 on Part 3 Question 30 There are two different networks and Where and IP Address are assigned on Server. Verify your network settings by pinging Network’s Host. Answer: 1. vi /etc/sysconfing/network NETWORKING=yes HOSTNAME=station?.example.com GATEWAY= 2. service network restart Or 1. vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=static IPADDR=X.X.X.X NETMASK=X.X.X.X GATEWAY= 2. ifdown eth0 3. ifup eth0
  3. I'll be taking the clustering course/exam in a few months and I'm wanting to start studying and preparing my home lab. But I don't know what practical objectives I need to be shooting for. Resources for the Red Hat expertise courses are scarce so I'm not betting on being able to find the workbook, exam questions, or any other comprehensive preparatory material before I take the course. Can anyone suggest how I need to be setting up my lab and what I need to be practicing for the exam? How many systems should I cluster, what storage will I be provisioning, what HA and failover objectives are covered, GFS, fencing, etc... Any help?
  4. looking for Redhat voucher. PM me.
  5. Hi Guys, Anyone who can assist with material for ex415: Red Hat Certified Specialist in Security.
  • Create New...