Red Hat Exam Test Preparation questions & answers
v EXAM TIME: 2 1/2 HRS All questions are mandatory to be solved.
v .example.com and remote.test HAS 192.168.0.0 AND 192.168.1.0 NETWORK RESPECTIVELY.
v YOU HAVE ONE SYSTEM WITH ONE VIRTUAL SYSTEM IN BUILD
v THE PASSWORD FOR root SHOULD BE AS EARLIER INFORMED SO THAT THE EVALUATOR CAN EVALUATE.
v PACKET FILTERING SHOULD NOT AFFECT THE NETWORK INTERGITY.
v YUM BASEURL IS base url =ftp://192.168.0.254/pub/rhel6/dvd.
Questions 1 | CREATE LVM
Create the "LVM" with the name "wshare" by using 100PE's from the volume group "devgroup". Consider the PE size as "8MB". Mount it on /mnt/secret with filesystem vfat.
Questions 2 | USER'S GROUPS AND PERMISSION:
Create a group named "sysadmin"
A user Sarah and Natasha should belongs to "manager" group as a secondary group with users password "wakennym". A user harry should not have access to interactive shell and he should not be a member of "manager" group.
Questions 3 | DIRECTORY COLLABORATION:
Create the Directory "/home/manager" with the following characteristics. Group ownership of "/home/manager" should go to "manager" group. The directory should be have full permission for all members off "manager" group but not to any other users accept "root". Files created under "/home/manager" should get the same group ownership is set to the "manager" group.
Questions 4 | UPDATE THE KERNEL:
Install the appropriate Kernel from ftp://instructor.example.com/ftp/updates. Your machine should boot with updated kernel.
Questions 5 | CRON JOB:
The user Sarah must configure a cron job that runs daily at 14:23 every day. and executes "/bin/echo "hyer"
Questions 6 | RESIZE LVM:
Resize to 100MB of the lvm "/dev/vgsrv/home" (/dev/myvol/vo) after reboot size should be in between 100MB to 120MB..
Questions 7 | BIND THE "LDAP" FOR USER AUTHENTICATION:
Note the following. BASE DN: dc=example,dc=com ldap path ldap://instructor.example.com/ Download the certificate from "ftp://instructor.example.com/pub/EXAMPLE-CA-CERT"Ldap user should login into your system . Where "X" is your system no.
Questions 8 | "NTP" CLIENT:
Configure your system as "NTP" client for "instructor.example.com".
Questions 9 | AUTOMOUNT THE HOME DIRECTORY
Note the following. instructor.example.com(192.168.0.254) "Nfs exports" /home/guests to your system where "x" is your station ip. Ldapuser's home directory is instructor.example.com:/home/guests/ldapuserx. Ldapuser's home directory should be automounted locally beneath /home as /home/ldapuserx. While login with any of the ldapuser then only home directory should accessible from your system that ldapuserx.
Questions 10 | ACCESS CONTROL LIST:
Copy the file /etc/fstab to /var/tmp and configure the "ACL" as mention following. The file /vat/tmp/fstab is owned by the "root". The file /var/tmp/fstab belongs to the group "root" The file /var/tmp/fstab should not be executable by others. The user "Sarah" should able to read and write to the file. The user "Natasha" can neither read nor write to the file. Other users (future and current) should be able to read /var/tmp/fstab.
Questions 11 | CONFIGURE FTP SERVER:
Configure FTP access from your system. Clients within the example.com should have anonymous FTP access to your system.
Questions 12 | CONFIGURE "web server":
Configure your system as "web server" for the site http://serverX.example.com. Download the web page from ftp://instructor.example.com/updates/station.html Rename the the downloaded page as "index.html" Copy the "index.html" page to the "document root" Do not make any modifications to the content of index.html.
Questions 13 | USER ADD:
Create the user "dax" with uid 4223.
Questions 14 | EXTEND SWAP SPACE:
Extend the SWAP space with "200" MB dont remove the existing swap.
Questions 15 | LOCATE THE FILES:
Locate the files of owner "dax" and copy to the location /root/found directory
Questions 16 | SEARCH FOR WORD:
Find the keyword "strator" from "/usr/share/dict/words" file and copy the lines in /root/lists.txt.
v EXAM TIME: 2 1/2 HRS All questions are mandatory to be solved.
v .example.com and remote.test HAS 192.168.0.0 AND 192.168.1.0 NETWORK RESPECTIVELY.
v YOU HAVE ONE SYSTEM WITH ONE VIRTUAL SYSTEM IN BUILD
v THE PASSWORD FOR root SHOULD BE AS EARLIER INFORMED SO THAT THE EVALUATOR CAN EVALUATE.
v PACKET FILTERING SHOULD NOT AFFECT THE NETWORK INTERGITY.
v Use the DHCP IP address YUM BASEURL IS base url =ftp://192.168.0.254/pub/rhel6/dvd.
Questions 1 | selinux:
Set the "selinux" in enforcing mode.
Questions 2 | Ip forwarding:
Enable the ip forwarding.
Questions 3 | Configure the "ssh" :
Natasha should have remote "SSH" access to your machine within example.com. Clients within remote.test should not "SSH" your system.
Questions 4 | Configure FTP access:
Clients within the example.com domain should have anonymous Download/Upload access. Clients from remote.test domain shouldn't have any access to ftp service. The client should upload the files to /var/ftp/upload directory.
Questions 5 | Configure SAMBA SHARE:
Share the directory "/common" via samba. Your Samba server must be a member of "SMBGROUP" workgroup. The share name must be "common" The shared must be available to example.com clients only. The user "Natasha" should have read access to the share with samba password "red hat"
Questions 6 | Configure "web server":
Configure your system as "web server" for the site http://serverX.example.com. Download the web page from ftp://instructor.example.com/updates/station.html Rename the the downloaded page as "index.html" Copy the "index.html" page to the "document root" Do not make any modifications to the content of index.html..
Questions 7 | Configure name virtual hosting server:
Configure the the name virtual hosting server for the site http://wwwX.example.com. Download the page "www.html" from ftp://instructor.example.com/updates under Documen Root "/var/www/virtual".
Questions 8 | Configure "web server":
Create the directory "secret" for the Document Root of your webserver. Download the page "host.html" from ftp://instructor.example.com/updates.It should be accessible to local host and not to any other host.
Questions 9 | NFS Server:
Export your "/common" (created Default) directory via NFS to the example.com domain. Note: you dont have permission to mount. you can check nfs client using /net/(ip address).
Questions 10 | Configure SMTP:
Configure your "SMTP" mail service according to the following requirements. Your mail server should accept the mail from remote hosts as well as localhost. Natasha with password "Natasha" should receive the mails from remote hosts.
Questions 11 | CONFIGURE Aliases:
admin alias mail should be received by harry with password "Natasha"
Questions 12 | CONFIGURE "Iscsi":
Access the remote storage from "instructor.example.com" and create the partition "30MB" and mount it on "/storage"
Questions 13 | Script:
Write the script for. If you won't search anything or give anything expect ftp and nfs it should give you the following output stderr: /root/script foo|bar . If you search for a word "foo" id should show you "bar" If you search for word "bar" it should show you "foo".
Questions 14 | Mount ISO:
Download the iso "boot.iso" under root from instructor.example.com/pub/iso and mount it on /mnt/discimg directory ..
Questions 15 | Set kernel parameter:
Set default kernel parameter to set sysvctl to 1. And is should reflect to /proc/cmdline.
These are some Instructions before Exam:
Please read carefully and understand each step
1. First when you sit in the exam, fill all the details and then the screen will provide you with a domain number. Note your systems domain number on a paper. (Ex. Domain10)
2. In the next screen you will get a user name and password for the base system that is your desktop, please make a note of the information in the paper provided to you.
3. You will be provided with a login prompt then login with the details provided with user name & password
4. On the desktop you will find 2 icons
(i) View Exam
(ii) VM Control (something similar to that)
5. When you click view exam you will get all the necessary information for your VM machine like:
Host name, IP address, Network Mask, Default Gateway, Name Server (or DNS) and root user password will also be given for the VM that we need to set. Also note Yum server configuration path and the link to the question paper. Please make a note of each item carefully.
6. Click on the second option VM Control it will open 4 buttons again like
(i) Start Exam (ii) Shutdown VM (iii) Force Shutdown (iv) Exam VM Console
7. First click on Start Exam button and then click on last button Exam VM Console. It will open VM console for you.
8. Reboot the VM and go into single user mode and change the root password with the exact information that they have provided.
9. Login into VM with root credentials and open the terminal
10. Start typing these commands
# iptables -L
# iptables -F
# service iptables save
# setup
----> Network Configuration ----> Device Configuration ---> eth0 ---> Remove the * mark (from Use DHCP and provide the information that you have already noted like IP, Netmask, Default Gateway, DNS (i.e., Name Server) )
# chkconfig network on
# service network restart
# vim /etc/sysconfig/network
HOSTNAME=station.domainX.example.com (Replace X with your domain number)
11. Configure Yum as below
# vim /etc/yum.repos.d/my.repo
[station]
name=station repo
baseurl=http://server.domainX.example.com/pub/x86_64/Server
gpgcheck=0
enabled=1
# yum list (Here if you get a big list scrolling then your yum configuration is correct otherwise
check for correct path & spellings)
12. Install firefox
# yum install firefox –y
13. Open question paper in firefox browser with the link you already noted down.
===========================================
Question & Answers for the Mock Exam
===========================================
1.Create the "LVM" with the name "wshare" by using 100PE's from the volume group "devgroup". Consider the PE size as "8MB". Mount it on /mnt/secret with filesystem vfat.
# fdisk -cu /dev/vda
--> p (to print the partitions available)
--> n (if its already 3 partitions availble create full extended partition)
--> n ( to create a logical partition )
--> press enter
--> +808M
--> t (type for the partition created)
--> 5 (select fifth partition that is newly created)
--> 8e ( Linux LVM type)
--> w (save & exit)
# partx -a /dev/vda
# pvcreate /dev/vda5
# vgcreate -s 8M devgroup /dev/vda5
# lvcreate -l 100 -n wshare devgroup
# lvdisplay (to check the answer)
# mkfs.vfat /dev/devgroup/wshare
# mkdir /mnt/secret
# vim /etc/fstab
/dev/devgroup/wshare /mnt/secret ext4 defaults 0 0
# mount -a
# df -TH
2.Users sarah and natasha should belongs to "manager" group as a secondary group with users password "wakennym". A user harry should not have access to interactive shell and he should not be a member of "manager" group.
# groupadd manager
# useradd -G manager sarah
# useradd -G manager natasha
# useradd -s /sbin/nologin harry
# echo "wakennym" | passwd --stdin sarah
# echo "wakennym" | passwd --stdin natasha
3.Create the Directory "/home/manager" with the following characteristics. Group ownership of "/home/manager" should go to "manager" group. The directory should be have full permission for all members off "manager" group but not to any other users accept "root". Files created under "/home/manager" should get the same group ownership is set to the "manager" group.
# mkdir /home/manager
# chgrp manager /home/manager
# chmod g+w /home/manager
# chmod o=- /home/manager
# chmod g+s /home/manager
4.Install the appropriate Kernel from ftp://instructor.example.com/pub/updates. Your machine should boot with updated kernel.
# wget ftp://instructor.example.com/pub/updates/kernel*
# rpm -ivh kernel-firmware
# rpm -ivh kernel-2.
# reboot
5.An user sarah must configure a cron job that runs daily at 14:23 every day. and executes "/bin/echo "hyer"
# crontab -e -u sarah
23 14 * * * /bin/echo "hyer"
6.Resize to 100MB of the lvm "/dev/vgsrv/home" (/dev/myvol/vo) after reboot size should be in between 100MB to 120MB.
# cp -rvpf /home /tmp
# vgdisplay (check the PE size of vgsrv volume group and calculate the size required for reaching between
100-200MB)
# umount /home (if not unmounted then run # service autofs stop & then try # umount /home)
# e2fsck -f /dev/vgsrv/home
# resize2fs /dev/vgsrv/home 100M (because in exam the PE size is 1MB so 100M we can take)
# lvreduce -L 100M /dev/vgsrv/home (when prompted for reducing press "y")
# mount -a
# reboot
If it fails to start up with Ctrl+D message then follow these commands below :-
Provide root password
# mount -o remount,rw /
# vim /etc/fstab
comment the line of the /home partition
# init 5
After logging into the system open terminal and follow these commands
# mkfs.ext4 /dev/vgsrv/home
# vim /etc/fstab
remove the hash mark before the /home partition
# mount -a
# cp -rvpf /tmp/home/* /home
# su - sarah (if it logins without any errors then system is ok otherwise check from the above for any mistakes)
7.Note the following. BASE DN: dc=domainX dc=example,dc=com ldap path ldap://host.domainX.example.com/ Download the certificate from ftp://host.domainX.example.com/pub/cert. Ldap user should login into your system . make sure that autofs requirement is fulfilled.
# system-config-authentication
--> select LDAP
--> dc=domainX,dc=example,dc=com
--> ldap://server.domainX.example.com
--> Check TLS and provide the path for the certificate
--> select LDAP authentication
--> click OK
# chkconfig autofs on
# service autofs stop
# service autofs start
8.Configure your system as "NTP" client for "instructor.example.com".
# system-config-date
Check synchronize date and time over network
Remove the entries and add the entry instructor.example.com
Expand Additional configuration --> speed up initial synchronization --> click OK
# chkconfig ntpd on
# service ntpd restart
9.Note the following. instructor.example.com(192.168.0.254) "Nfs exports" /rusers/ldapuserX to your system where "x" is your station ip. Ldapuser's home directory is host.domainX.example.com:/rusers/ldapuserX. Ldapuser's home directory should be automounted locally beneath /rusers as /rusers/ldapuserX. While login with any of the ldapuser then only home directory should accesible from your system that ldapuserX.
# vim /etc/auto.master
/rusers /etc/auto.ldap
# vim /etc/auto.ldap
ldapuserX -rw host.domainX.example.com:/rusers/ldapuserX
# service autofs stop
# service autofs start
# su - ldapuserX
10.Copy the file /etc/fstab to /var/tmp and configure the "ACL" as mention following. The file /vat/tmp/fstab is owned by the "root". The file /var/tmp/fstab belongs to the group "root" The file /var/tmp/fstab should not be executable by other's. The user "sarah" should able to read and write to the file. The user "natasha" can neither read nor write to the file. other users (future and current) shuold be able to read /var/tmp/fstab.
# cp -rvpf /etc/fstab /var/tmp/
# setfacl -m u:sarah:rw- /var/tmp/fstab
# setfacl -m u:natasha:- /var/tmp/fstab
# getfacl /var/tmp/fstab
11.Configure FTP access from your system. Clients within the example.com should have anonomyous FTP access to your system.
# yum install vsftpd* -y
# chkconfig vsftpd on
# service vsftpd restart
12.Configure your system as "web server" for the site http://station.domainX.example.com . Download the web page from ftp://server.domainX.example.com/updates/station.html Rename the the downloaded page as "index.html" Copy the "index.html" page to the "document root" Do not make any modifications to the content of index.html.
# yum install http -y
# cd /var/www/html
# wget ftp://server.domainX.example.com/updates/station.html
# mv station.html index.html
# vim /etc/httpd/conf/httpd.conf
uncomment the NameVirtualHost line
NameVirtualHost 192.168.1.108:80 (here give your server ip)
copy last 7 lines and paste it below
ServerAdmin webmaster@station.domainX.example.com
DocumentRoot /var/www/html
ServerName station.domainX.example.com
ErrorLog logs/station.domainX.example.com-error_log
CustomLog logs/station.domainX.example.com-access_log common
# chkconfig httpd on
# service httpd restart
13.Create the user "dax" with uid 4223.
# useradd -u 4223 dax
14.Extend the SWAP space with "200" MB dont remove the existing swap.
# fdisk -cu /dev/vda
--> n
--> enter
--> +200M
--> t (type for the partition)
--> 6 (sixth partition )
--> 82 (linux Swap type)
--> w (save & exit)
# partx -a /dev/vda
# mkswap /dev/vda6
# swapon /dev/vda6
# blkid /dev/vda6
UUID=afdjlafjdlkfjldkjlfajldl (some uid will be generated copy and paste in /etc/fstab file)
# vim /etc/fstab
UUID=afdjklfjdlkjflka swap swap defaults 0 0
# mount -a
15.locate the files of owner "dax" and copy to the location /root/found directory
# mkdir /root/found
# find / -user dax 2> /dev/null -exec cp -rpf {} /root/found \;
Find the keyword "strato" from "/usr/share/dict/words" file and copy the lines in /root/lists.txt.
# grep "strato" /usr/share/dict/words > /root/lists.txt
# cat /root/lists.txt
====================
RHCE Exam
====================
When you sit for RHCE exam things to do are as follows:
1. Note down the following things in your paper
domain number (domainX), question paper link, yum server path
# host station.domainX.example.com (to view your systems ip address)
follow the instructions that are provided in the starting page of this document but make sure that your don’t configure networking in VM
2. Clear IPtables
# iptables -F
# service iptables save
3. Configure yum as discussed above in the first paper and run yum list command to check the yum configuration
4. Install firefox
# yum install firefox -y
5. Open the question paper in the firefox browser
====================
Q & A Solutions
====================
1.Set the "selinux" in enfrocing mode.
# vim /etc/sysconfig/selinux
SELINUX=enforcing
# reboot
2.Enable the ip forwarding.
# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
# sysctl -p
3.natasha should have remote "SSH" access to your machine within domainX.example.com. clients within my133t.org should not "SSH" your system.
# vim /etc/hosts.deny
sshd: .my133t.org
# chkconfig sshd on
# service sshd restart
4.Clients within the domainX.example.com domain should have annonomyous Download access. Clients outside domainX.example.com doamin should have any access to ftp service.
# yum install vsftpd* -y
# chkconfig vsftpd on
# service vsftpd restart
# vim /etc/hosts.deny
vsftpd: ALL EXCEPT .domainX.example.com
# service vsftpd restart
5.Share the directory "/common" via samba. Your Samba server must be a member of "STAFF" workgroup. The share name must be "common". Share must be browseable. The shared must be available to example.com clients only. The user "natasha" should have read access to the share with samba password "redhat"
# yum install samba* -y
# mkdir /common
# man samba_selinux | grep chcon
# chcon -t samba_share_t /common
# vim /etc/samba/smb.conf
at line number 74, workgroup = STAFF
go to the bottom of the configuration file
[common]
path = /common
valid users = natasha
read only = yes
browseable = yes
hosts allow = 172.24.10. (type only first three columns of your system ip ending with a (.)
this is compulsory, this is called host notation )
# smbpasswd -a natasha
specify password as "redhat"
# chkconfig smb on
# service smb restart
6.Configure your system as "web server" for the site http://serverX.domainX.example.com . Download the web page from ftp://server.domainX.example.com/updates/station.html Rename the the downloaded page as "index.html" Copy the "index.html" page to the "document root" Do not make any modifications to the content of index.html.
# yum install http -y
# cd /var/www/html
# wget ftp://server.domainX.example.com/updates/station.html
# mv station.html index.html
# vim /etc/httpd/conf/httpd.conf
uncomment the NameVirtualHost line
NameVirtualHost 172.24.10.20:80 (here give your server ip, if your server ip is 172.24.10.20)
copy last 7 lines and paste it below
ServerAdmin webmaster@station.domainX.example.com
DocumentRoot /var/www/html
ServerName station.domainX.example.com
ErrorLog logs/station.domainX.example.com-error_log
CustomLog logs/station.domainX.example.com-access_log common
# chkconfig httpd on
# service httpd restart
7.Configure the the name virtual hosting server for the site http://www.domainX.example.com. Download the page "www.html" from ftp://server.domainX.example.com/pub/updates under DocumenRoot "/var/www/virtual".
# mkdir /var/www/virtual
# cd /var/www/virtual
# wget ftp://server.domainX.example.com/pub/updates/www.html
# mv www.html index.html
# vim /etc/httpd/conf/httpd.conf
copy last 7 lines and paste it below
(if your server ip is 172.24.10.20)
ServerAdmin webmaster@www.domainX.example.com
DocumentRoot /var/www/virtual
ServerName www.domainX.example.com
ErrorLog logs/www.domainX.example.com-error_log
CustomLog logs/www.domainX.example.com-access_log common
# chkconfig httpd on
# service httpd restart
8.Create the directory "restricted" for the DocumentRoot of your webserver. Download the page "host.html" from ftp://server.domainX.example.com/pub/updates.It should be accessable to localhost and not to any other hosts.
# mkdir /var/www/html/restricted
# cd /var/www/html/restricted
# wget ftp://server.domainX.example.com/pub/updates/www.html
# mv host.html index.html
# vim /etc/httpd/conf/httpd.conf
go to the last in the configuration file
Order deny,allow
Deny from all
Allow from station.domainX.example.com
# chkconfig httpd on
# service httpd restart
9.Export your "/common" (created Default) directory via NFS to the domainX.example.com domain. Note: you dont have permssion to mount. you can check nfsclinet using /net/(ipaddress).
# yum install nfs* -y
# vim /etc/exports
/common *.domainX.example.com(ro,sync)
# chkconfig nfs on
# service nfs restart
10.Configure your "SMTP" mail service according to the following requirements. Your mail server should accept the mail from remote hosts as well as localhost. natasha with password "natasha" should recieve the mails from remote hosts.
# yum install postfix* -y
# vim /etc/postfix/main.cf
at line number 116 remove hash from inet_interfaces = all
at line number 119 put a hash for inet_interfaces = localhost ( save and exit)
# chkconfig postfix on
# service postfix restart
# echo "natasha" | passwd --stdin natasha
11.admin alias mail should be received by harry with password "natasha"
# vim /etc/aliases
goto the last line
admin: natasha
# newaliases
# postfix reload
12.Access the remote storage from "host.domainX.example.com" and create the partiton "1500MB" and mount it on "/storage" download the page from ftp://server.domainX.example.com/pub/updates/iscsi_text.txt. Change the permissions for the downloaded document to 0644.
# host host.domainX.example.com (here u will get the ip address for iscsi target server, note it down,
ex. 172.24.10.250)
# yum install iscsi-initiator-utils -y
# iscsiadm -m discovery -t st -p 172.24.10.250 ( here ip address is for iscsi target server machine)
# vim /etc/iscsi/initiatior.isci
specify the iqn name that got generated when running the first command
# iscsiadm -m node -T -p 172.24.10.250 -l
# tail /var/log/messages
view the storage that will be available for your machine for example. sda
# fdisk -cu /dev/sda
--> n
--> p (primary partition)
--> 1 (first partition)
--> enter (first sector is default)
--> +1500M
--> w
# mkfs.ext4 /dev/sda1
# mkdir /storage
# blkid /dev/sda1 (copy the UUID for sda1)
UUID=adlfjalfjdlkafa
# vim /etc/fstab
UUID=adkjfaljklkadjlk /storage ext4 _netdev 0 0
# mount -a
# df -TH
# cd /storage
# wget ftp://server.domainX.example.com/pub/updates/iscsi_text.txt
# chmod 0644 iscsi_text
# ll
# iscsiadm -m node -T -p 172.24.10.250 -u ( u option for logout, dont forget to logout before
rebooting)
# reboot
13.Mount the iso "/root/boot.iso" and mount it on /mnt/discimg directory
# mkdir /mnt/discimg
# vim /etc/fstab
/root/boot.iso /mnt/discimg iso9660 loop 0 0
# mount -a
14.Set default kernel parameter to set sysvctl to 1. and is should reflect to /proc/cmdline.
# vim /etc/grub.conf
in the kernel line, press end button on keyboard and go towards the last add the following line
sysvctl=1 (no spaces should be there otherwise system will always go into single user mode)
# reboot