rhcsa 9 lab

Ace your homework & exams now with Quizwiz!

resize the logical volume

Create 2 partitions with a size of 1GiB each and set the lvm partition type vgcreate vgfiles /dev/sde1 lvcreate -l 255 -n lvfiles /dev/vgfiles mkfs.ext4 /dev/vgfiles/lvfiles df -h vgs vgextend vgfiles /dev/sde2 lvextend -r -l +50%FREE /dev/vgfiles/lvfiles df -h

Container Mapping Ports

podman run -d --name mynginx -p 8080:80 nginx podman port -a sudo firewall-cmd --add-port=8080/tcp --permanent sudo firewall-cmd --reload

Manage Systemd Install and manage httpd service. Make sure it started automatically Edit its configuration such that on failure, it will resume after 1 minute

systemctl edit httpd.service restart=always restartSec=60s systemctl restart httpd.service systemctl enable httpd.service

Configure sudo Use useradd linda Create a sudo configuration that allows linda to perform common user management tasks: allow useradd, usermod, userdel, and passwd except root. Ensure that user only need to enter password for sudo every 60 min

useradd linda sudo visudo -f linda linda ALL=/usr/sbin/useradd, /usr/sbin/usermod, /usr/sbin/userdel , /usr/bin/passwd, ! /usr/bin/passwd root defaults timestamp type=global,timestamp_timeout=60

Manage Users and Groups Make sure new users require a password with a maximum validity of 90 days. Ensure that while create users, an empty with the name newfile is create in their home directory create users anna, audrey, linda, and lisa set the password for anna and audrey to 'password', disable the password for linda and lisa. create the group profs and students, make sure users anna and audrey are member of profs and linda and lisa member of students

vi /etc/login.defs PASS_MAX_DAY 90 touch /etc/skel/newfile useradd passwd passwd -l user will lock the password groupadd profs groupadd students groupmod -U anna,audrey profs lid -g students

Write shell script

vi script.sh #!/bin/bash if [ -z $1 ] then echo you need to specify a directory name exit 9 fi for i in $1/*.txxt do cp $i $i.bak mv $i.bak /tmp done

Modify Grub2 Persistent Parameters

vim /etc/default/grub on mbr system: grub2-mkconfig -o /boot/grub2/grub.cfg on UFI system: grub2-mkconf -o /boo/efi/EFI/redhad/grub.cfg do lsblk look at boot disk only as boot partition then you are on mbr. if you on ufi you can see a separate vfat partition

Managing SSH setup ssh on port 22 allow root to login GUI can be forward

vim /etc/ssh/sshd_config PermitRootLogin yes X11Forwarding yes systemctl restart sshd

Understand Wildcard Mounts

* -rw nfsserver:/home/ldap/& systemctl restart autofs

Understand Automount

/etc/auto.master identify the directory automount and file that has additional mount option /nfsdata /etc/auto.nfsdata in /etc/auto.nfsdata identify the subdirectory on which to mount and what to mount exactly files -rw nfsserver:/nfsdata Ensure that autofs service is started systemctl enable --now autofs chedc /etc/auto.misc for syntax examples

Managing Software Ensure system is using a reposity of base packages as well as appstream find the package that contains the seinfo program file and install it download the httpd package and query to see if there any script

cd /etc/yum.repos.d/ vi base.repo [BaseOS] name=BaseOS baseurl=file:////repo/BaseOS gpgcheck=0 vi appstream.repo [AppStream] name=AppStream baseurl=file:///repo/AppStream gpgcheck=0 dnf search all seinfo or dnf provides */seinfo dnf install -y setools-console rpm -qp --scripts httpd

Configure a Kickstart file Create a kickstart file with the name my-ks.cfg and make sure it can be used for automated installation: Installer prompts for a password enable network connectivity at boot set servername to server10.example.com

cd /root copy anaconda-ks.cfg my-ks.cfg vim my-ks.cfg network --bootproto=dhcp --device=ens160 --ipv6=auto --activate --hostname=server10.example.com remove rootpw dnf provides */ksvalidator dnf install -y pykickstart ksvalidator my-fs.cfg

Configure a Base NFS Server

dnf install nfs-utils mkdir -p /nfsdata /home/ldap/ldapuser{1..9} echo "/nfsdata *(rw,no_root_squash)" >> /ext/exports echo "/home/ldap *(rw,no_root_squash) >> /etc/exports systemctl enable --now nfs-server for i in nfs mountd rpc-bind; do firewall-cmd --add-service $i --permanent; done firewall-cmd --reload

Managing Stratis Volumes

dnf install stratis-cli stratisd systemctl enable --now stratisd stratis pool create mypool /dev/sdb stratis pool list stratis pool add-data mypool /dev/sdc stratis blockdev list stratis fs create mypool myfs stratis fs list mkdir /myfs lsblk --output=UUID /dev/stratis/mypool/myfs >> /etc/fstab edit /etc/fstab to include: UUID=d8ff.../myfs xfs defaults, x-systemd.requires=stratisd.service 0 0

Change a lost Root Password

enter the Grub menu by add init=/bin/bash mount -o remount,rw / passwd root touch /.autorelabel exec /usr/lib/systemd/systemd

Working with Text Files 1. Use head and tail to display the 5th line of the file /etc/passwd 2. Use sed to display the 5th line of the file /etc/passwd 3. Use awk in a pipe to filter the last column out on the ps aux 4. Use grep to show the names of all files in /etc/that have lines that contain the text 'root' as a word 5. Use grep to show all lines from all files in /etc that contain exactly 3 characters. 6. Use grep to find all files that contain the string "alex" but not "alexander".

head -5 /etc/passwd | tail -1 sed -n 5p /etc/passwd ps aux | awk '{ print $NF }' cd /etc ; grep 'root\b' * 2>/dev/null grep '^...$' * 2>/dev/null grep '\balex\b' *

Managing Partitions Create a primary partion with a size 1G. Format ext4 and mount /mount/files using uuid Create an extended partition with all remain disk and create a 500MG Xfs logical partition and mount on /mount/xfs using label myxfs Create a 500Mb swap partition and mount it persistently

lsblk fdisk /dev/nvme01n1 n p enter +1G n e enter enter n enter enter +500M n enter enter +500M t swap p w mkdir -p /mounts/files /mounts/xfs mkfs.ext4 /dev/nvme0n1p1 -- note the UUID mkfs.xfs -L myxfs /dev/nvme0n1p5 mkswap /dev/nvme0n1p6 blkid vim /etc/fstab UUID="whateveruuid" /mounts/files ext4 defaults 0 0 LABEL=myxfs /mounts/xfs xfs defaults 0 0 /dev/nvme0n1p6 none swap defaults 0 0 findmnt --verify mount -a reboot

Managing Stratis Create a stratis pool with a size of 10GB with name stratispool, containing 2 filesystems: myfiles and myprograms Mount these volumes persistently on /myfiles and /myprograms Copy all files from /etc/ with name start with a, c, or f to /myfiles Create a snapshop of myfiles delete all files from /myfiles with name start with a Verify that you can access those files from snapshot

lsblk stratis pool create pool20 /dev/sde stratis pool list stratis fs create pool20 myfiles stratis fs create pool20 myprograms stratis fs list stratis fs list | awk '/progra/ { print $NF }' >> /etc./fstab stratis fs list | awk '/files/ { print $NF }' >> /etc/fstab vi /etc/fstab UUID=dkdkdkdk /myfiles xfs x-systemd.requires=stratisd.service 0 0 UUID=dkledwwlw /myprograms xfs x-systemd.requires=stratisd.service 0 0 mkdir /myfiles /myprograms mount -a cp /etc/[acf]* /myfiles stratis filesystem snapshot pool20 myfiles myfiles-snap mkdir /myfiles-snap rm /myfiles/a* -f mount /dev/stratis/pool20/myfiles-snap /myfiles-snap

Mount NFS Share

make sure nfs-utils installed showmount -e nfsserver mount nfsserver:/share /mnt

Manage Permissions Create a shared group /data/profs and /data/students members of the group have full read/write to their directory modify default permission so normal users have umask that allows user and group to write, create and execute files and directories while deny others

mkdir -p /data/profs mkdir -p /data/students chgrp profs profs chgrp students students chmod 770 students chmod 770 profs vi /etc/bashrc umask 007

Configure logging Make sure the systemd journal is logged persistently Create an entry in rsyslog that writes all messages with severity of error or higher to /var/log/error Ensure that /var/log/error is rotated on monthly basis, and the last 12 logs are kept.

mkdir -p /var/log/journal vim /etc/systemd/journald.conf #Storage=auto vim /etc/rsyslog.conf *.err /var/log/error systemctl restart rsyslog.service logger -p err hello cat /var/log/error cd /etc/logrotate.d cp chrony error vim error /var/log/error.log { monthly create rotate 12 dateext }

Manage Processes open a shell as linda run 2 background processes sleep 600; one with highest priority and one with lowest priority use the most efficient way to terminate all current sessions for linda

nice -n 10 sleep 600 & sleep 600 & pkill -u linda

Manage Network Configuration set hostname on server to rhcsaserver.example.com set server to a fixed ip address that match the current network configuration set 2nd ip address of 10.0.0.10/24 on the same network interface enable host name resolution for your local server hostname

nmtui set system hostname add connection new profile device ens160 or whatever the device ipv4 configuration addresses add 2nd ip address here gateway dns server

Understand Non-root User Mappings

podman inspect imagename podman unshare chown nn:nn directoryname podman unshare cat /proc/self/uid_map to verify mapping

Bind Mount Rootless containers

podman run -d --name mydb -e MYSQL_ROOT_PASSWORD=password quay.io/centos7/mariadb-103-centos7 podman exec mydb grep mysql /etc/passwd mkdir ~/mydb podman unshare chown 27:27 mydb podman unshare cat /proc/self/uid_map ls -ld mydb podman stop mydb podman rm mydb podman run -d --name mydb -e MYSQL_ROOT_PASSWORD=password -v /home/student1/mydb:/var/lib/mysql:Z quay.io/centos7/mariadb-103-centos7 podman ps ls -Z /home/student

Running Scheduled Jobs Ensure that systemd time that leans up tmp files is enabled Run a cron job that issue the command touch /tmp/cronfile 5 min from now Use at to schedule a job to poweroff your system at a convenient time later

systemctl list-unit-files -t timer systemctl cat systemd-tmpfiles-clean.timer crontab -e 13 15 * * * touch /tmp/cronfile at 5pm poweroff EOT

Allow Incoming HTTP traffic

systemctl status firewalld firewall-cmd --list-all firewall-cmd --get-services firewall-cmd --add-service http --permanent firewall-cmd --reload

Managing Files Use tar to create a compressed archive of all files in the /etc and /opt directorries. Write this archive to your home directory. Create a symbolic link to the archive you've just created in the /tmp directory Remove the archive from your home directory. What happens to the symbolic link

tar czvf etcandopt.tgz /etc /opt ln -s etcandopt.tgz /tmp/etcandopt.link rm etcandopt.tgz

Monitor Activity Use appropriate tools to check process and memory

top check load average check Mem

Using Bash Shell Set a variable color to the value red and ensure that this setting is available every time your current user account logs in. Also create an alias that runs the command ls -ltr while executing the dir command. Ensure that the Bash history file can grow to maximum size of 2500 entries.

vi .bash_profile export color=red alias dir='ls -ltr' export HIST_FILE_SIZE=2500 source .bash_profile dir echo $HIST_FILE_SIZE echo $color

Managing SELinux Configure httpd to bind on port 82 mv /etc/hosts /var/www/html and ensure file get SELinx context

vi /etc/httpd/conf/httpd.conf Listen 82 mv /etc/hosts /var/www/html semanage port -a -t http_port_t -p tcp 82 semanage fcontext -a -t httpd_syscontent_t "/web(/.*)?" restorecon -Rv /var/www/html systemctl restart httpd

Removing a VG from a PV

Create 2 partitions with size of 2GB each type lvm vgcreate vgdemo /dev/sdf1 lvcreate -L 1G -n lvdemo /dev/vgdemo vgextend vgdemo /dev/sdf2 pvs lvedtend -L +500M /dev/vgdemo/lvdemo /dev/sdf2 pvs mkfs.ext4 /dev/vgdemo/lvdemo mount /dev/vgdemo/lvdemo /mnt df -h | grep mnt dd if=/dev/zero of=/mnt/bigfile bs=1M count=1100 pvmove -v /dev/sdf2 /dev/sdf1 vgreduce vgdemo /dev/sdf2 pvs

starting containers as Systemd Services

loginctl enable-linger linda loginctl show-user linda login as the user mkdir ~/.config/systemd/user cd ~/.config/systemd/user podman run -d --name mynginx -p 8081:80 nginx podman generate systemd --name mynginx --files --new edit the file and check WantedBy=default.target systemctl --user daemon-reload systemctl --user enable container-mynginx.service systemctl --user start container-mynginx.service systemctl --user only work when login on the console or ssh not sudo or su reboot ps -faux | less /linda man pod-man-generate-systemd to view examples


Related study sets

Prep U: Chapter 65 Managment of patients with oncologic or degenerative neurologic disorders.

View Set

A&P II - Reproductive System - Exam

View Set

Organizational Behavior: The Foundation of an Organization

View Set

OT Poetry- Wisdom Testament Test

View Set

Comptia A+ Core 2 Practice Exam A

View Set

Chapter 7: Creating and Communicating a Vision

View Set