#system-config-authentication
Then select "ldap"
Enter base dn and ldap server name
Download certificate by entering given url.
select authentication method
Sunday, July 31, 2011
Diagnose and address routine SELinux policy violations
Use either of the given below files to check logs
/var/log/audit/audit.log
/var/log/messages
#sealert
/var/log/audit/audit.log
/var/log/messages
#sealert
Use boolean settings to modify system SELinux settings
To find boolean selinux of a service
# getsebool -a | grep servicename
eg:
# getsebool -a | grep http
Change boolean
#setsebool -P [boolean =]
eg:
# setsebool -P httpd_enable_homedirs=1
# getsebool -a | grep servicename
eg:
# getsebool -a | grep http
Change boolean
#setsebool -P [boolean =
eg:
# setsebool -P httpd_enable_homedirs=1
List and identify SELinux file and process context
List file context
#ll -Z filename
SELinux uses three different contexts to enforce security: user, role, and domain
User context:
unconfined_u Unprotected user
system_u System user
user_u Normal user
Role context:
object_r File
system_r Users and processes
Domain context:
unconfined_r Unprotected file or process
To see Process context
#ps -Zl
#ll -Z filename
SELinux uses three different contexts to enforce security: user, role, and domain
User context:
unconfined_u Unprotected user
system_u System user
user_u Normal user
Role context:
object_r File
system_r Users and processes
Domain context:
unconfined_r Unprotected file or process
To see Process context
#ps -Zl
Set enforcing and permissive modes for SELinux
#lokkit --selinux=permissive
#lokkit --selinux=enforcing
#lokkit --selinux=enforcing
Configure firewall settings using system-config-firewall or iptables
#system-config-firewall
Then either enable or disable firewall
Using iptables:
Flushing the default filter table
#iptables -F
List the default filter table
#iptables -L
Block ALL inbound traffic
#iptables -A INPUT -j REJECT
Block ALL outbound traffic
#iptables -A OUTPUT -j REJECT
Saving firewalls
#service iptables save
Drop all pkts coming to eth0
#iptables -A INPUT -i eth0 -j DROP
Deleting a Rule
# iptables -D INPUT -i eth0 -j DROP
Match protocol
# iptables -A INPUT -p tcp -j DROP
Setting the default Policy
# iptables -P INPUT DROP
Match destination port
# iptables -A INPUT -p tcp --dport 21 -j REJECT
Then either enable or disable firewall
Using iptables:
Flushing the default filter table
#iptables -F
List the default filter table
#iptables -L
Block ALL inbound traffic
#iptables -A INPUT -j REJECT
Block ALL outbound traffic
#iptables -A OUTPUT -j REJECT
Saving firewalls
#service iptables save
Drop all pkts coming to eth0
#iptables -A INPUT -i eth0 -j DROP
Deleting a Rule
# iptables -D INPUT -i eth0 -j DROP
Match protocol
# iptables -A INPUT -p tcp -j DROP
Setting the default Policy
# iptables -P INPUT DROP
Match destination port
# iptables -A INPUT -p tcp --dport 21 -j REJECT
Configure a system to use an existing LDAP directory service for user and group information
#system-config-authentication
Then select "ldap"
Download certificate from the given url
Then select "ldap"
Download certificate from the given url
Create, delete and modify local groups and group memberships
Create group
#grpadd groupname
Delete group
#groupdel groupname
Add members
#groupadd -G groupname username
#grpadd groupname
Delete group
#groupdel groupname
Add members
#groupadd -G groupname username
Change passwords and adjust password aging for local user accounts
Change password
#passwd username
Adjust password aging
#chage username
#passwd username
Adjust password aging
#chage username
Create, delete, and modify local user accounts
Create user account
# useradd username
Delete user account
#userdel username
Modify user account
#usermod -G groupname username
# useradd username
Delete user account
#userdel username
Modify user account
#usermod -G groupname username
Configure a system to run a default configuration NTP server and synchronize time using other NTP peers
Go to system -> administration -> date and time
Then tick "synchronize date and time over network"
Enter NTP server address
Then tick "synchronize date and time over network"
Enter NTP server address
Update the kernel package appropriately to ensure a bootable system Modify the system bootloader
At first find the kernel package to be installed
Then to install type
#rpm -ivh kernel_package_name
Then to decide which kernel to boot first, go to /etc/grub.conf and change
default 1 or 2 as per required kernel
Then to install type
#rpm -ivh kernel_package_name
Then to decide which kernel to boot first, go to /etc/grub.conf and change
default 1 or 2 as per required kernel
Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem
Enter url of yum server in /etc/yum.repos.d/filename.repo (only in lan)
ELSE
#yum install package_to_download
#yum search package_name
#yum update package_name
ELSE
#yum install package_to_download
#yum search package_name
#yum update package_name
Configure a system to run a default configuration FTP server
1)yum install vsftpd
2)Go to /etc/vsftpd/vsftpd.conf
check
local_enable=YES
3)Make anonymouse_enable=YES if required
4)service vsftpd restart
5)chkconfig vsftpd on
2)Go to /etc/vsftpd/vsftpd.conf
check
local_enable=YES
3)Make anonymouse_enable=YES if required
4)service vsftpd restart
5)chkconfig vsftpd on
Configure a system to run a default configuration HTTP server
yum install httpd
1)Place the index.html file in /var/www/html
2)Go to /etc/httpd/conf/httpd.conf
Find ServerName in that file and modify it according to your required site
eg:
ServerName www.host1.domain10.com
3)service network restart
4)chkconfig httpd --level 5 on
Now go in browser and enter the site for eg. www.host1.domain10.com to get the required index.html site
1)Place the index.html file in /var/www/html
2)Go to /etc/httpd/conf/httpd.conf
Find ServerName in that file and modify it according to your required site
eg:
ServerName www.host1.domain10.com
3)service network restart
4)chkconfig httpd --level 5 on
Now go in browser and enter the site for eg. www.host1.domain10.com to get the required index.html site
Configure network services to start automatically at boot
To start network service automatically at boot type
#chkconfig servicename --level 5 on
#chkconfig servicename --level 5 on
Install Red Hat Enterprise Linux automatically using Kickstart
First boot the system with CD-ROM and at the boot prompt type a command like this, substituting your own info:
linux ks=http://192.168.1.2/pub/ks.kfg
or
linux ks=ftp/http://host/ks.cfg
or
linux ks=nfs:host:/ks.cfg
linux ks=http://192.168.1.2/pub/ks.kfg
or
linux ks=ftp/http://host/ks.cfg
or
linux ks=nfs:host:/ks.cfg
Configure systems to boot into a specific runlevel automatically
Go to /etc/inittab and modify inittab default with values from 1 to 5 depending on the runlevel which we want
Schedule tasks using cron
#crontab -e -u username
Now enter something like below where * have meaning as given below
* * * * * command
mins hrs DOM MOY DOW
00-59 00-23 1-31 1-12 0-7 0=7=Sun 1=Mon,..
Example : Users often forget to shutdown their machines and go home
Hence, machine should auto shutdown at 11 pm
# crontab -e
============
00 23 * * * root /sbin/shutdown -h now
To see cron jobs for user
#crontab -l -u usernaem
Now enter something like below where * have meaning as given below
* * * * * command
mins hrs DOM MOY DOW
00-59 00-23 1-31 1-12 0-7 0=7=Sun 1=Mon,..
Example : Users often forget to shutdown their machines and go home
Hence, machine should auto shutdown at 11 pm
# crontab -e
============
00 23 * * * root /sbin/shutdown -h now
To see cron jobs for user
#crontab -l -u usernaem
Configure networking and hostname resolution statically or dynamically
Static configuration of dns:
Go to /etc/resolv.conf and enter
nameserver ip_dns_server
Configuring hostnames statically
go in /etc/hosts and enter resolution for eg
192.168.1.1 abc.xyz.org
Go to /etc/resolv.conf and enter
nameserver ip_dns_server
Configuring hostnames statically
go in /etc/hosts and enter resolution for eg
192.168.1.1 abc.xyz.org
Create and manage Access Control Lists (ACLs)
ACLs are an addition to the standard Unix file permissions (r,w,x,-) for User, Group, and Other for read, write, execute and deny permissions. ACLs give users and administrators flexibility and direct fine-grained control over who can read, write, and execute files.
#getfacl filename
(will show file permissions)
#setfacl -m u:user:rw- filename
(Gives user read,write permission over filename
#ll
show files which have acces control lists applied ("+" sign in last collumn)
Example: -rw-rw-r--+
#getfacl filename
(will show file permissions)
#setfacl -m u:user:rw- filename
(Gives user read,write permission over filename
#ll
show files which have acces control lists applied ("+" sign in last collumn)
Example: -rw-rw-r--+
Create and configure set-GID directories for collaboration
The Linux Files can be setuid or setgid. When a user executes a setuid file, the program runs with the effective user ID of the file’s owner, rather than that of the user. Similarly, when a user executes a setgid file, the program runs with the effective group ID of the file’s group owner, rather than that of the user.
Directories can also be setgid. When a user creates a file in a non-setgid directory, the group ownership of the file is set to the user’s group ID. However, when a user creates a file in a setgid directory, the group ownership of the file is set to the group owner of the directory.
#chmod u+s filename/directoryname
#chmod g+s filename/directoryname
Directories can also be setgid. When a user creates a file in a non-setgid directory, the group ownership of the file is set to the user’s group ID. However, when a user creates a file in a setgid directory, the group ownership of the file is set to the group owner of the directory.
#chmod u+s filename/directoryname
#chmod g+s filename/directoryname
Extend existing unencrypted ext4-formatted logical volumes
For extending lvm /dev/vgname/lvname
#e2fsck -f /dev/vgname/lvname
#lvextend -L size /dev/vgnamae/lvname
#resize2fs /dev/vgname/lvname
#e2fsck -f /dev/vgname/lvname
#lvextend -L size /dev/vgnamae/lvname
#resize2fs /dev/vgname/lvname
Configure systems to mount ext4, LUKS-encrypted and network file systems automatically
Mount ext4 automatically
Open /etc/fstab and enter
/dev/sdb1 /mountpoint ext4 defaults 0 0
Mount LUKS-encrypted automatically
Discussed in
Luks
Mount nfs automatically
Open /etc/fstab and enter
nfsserver:/mount_dir /mountpoint nfs defaults 0 0
Open /etc/fstab and enter
/dev/sdb1 /mountpoint ext4 defaults 0 0
Mount LUKS-encrypted automatically
Discussed in
Luks
Mount nfs automatically
Open /etc/fstab and enter
nfsserver:/mount_dir /mountpoint nfs defaults 0 0
Mount and unmount CIFS and NFS network file systems
CIFS
# mount -t cifs //server/share /mountpoint -o user=username
#umount /mountpoint
NFS
#mount -t nfs hostname:/mountpoint /mountpoint
#umount /mountpoint
# mount -t cifs //server/share /mountpoint -o user=username
#umount /mountpoint
NFS
#mount -t nfs hostname:/mountpoint /mountpoint
#umount /mountpoint
Create, mount, unmount and use ext2, ext3 and ext4 file systems
Creation of filesystem
Its same as discussed before
#fdisk /dev/sda
then press
n
select extended or primary partition
Give size
Then type t
And then give code for particular filesystem like Linux swap, LVM, etc.
finally type
w
Mount and umount filesystem
#mount /dev/sdb1 /mountpoint
#umount /mountpoint
Its same as discussed before
#fdisk /dev/sda
then press
n
select extended or primary partition
Give size
Then type t
And then give code for particular filesystem like Linux swap, LVM, etc.
finally type
w
Mount and umount filesystem
#mount /dev/sdb1 /mountpoint
#umount /mountpoint
Add new partitions, logical volumes and swap to a system non-destructively
At first make a partition of type "linux swap" using fdisk. Suppose /dev/sdb2 is that partition.
then type
#mkswap /dev/sdb2
#swapon /dev/sdb2
#swapon -s
(this will show u all swap devices)
then type
#mkswap /dev/sdb2
#swapon /dev/sdb2
#swapon -s
(this will show u all swap devices)
Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label
To find uuid type
#blkid devicename
devicename can be /dev/sdb1 etc
Then go in /etc/fstab and enter
UUID=... /mountpoint ext4 defaults 0 0
where u will get uuid value from blkid command
Also ext4 can be replaced by type of file system
#blkid devicename
devicename can be /dev/sdb1 etc
Then go in /etc/fstab and enter
UUID=... /mountpoint ext4 defaults 0 0
where u will get uuid value from blkid command
Also ext4 can be replaced by type of file system
Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot
Suppose a partition named /dev/sdb1 is available
Now we have to format it with luks
#cryptsetup luksFormat /dev/sdb1
Now partition needs to be labeled
#cryptsetup luksOpen /dev/sdb1 newname
Now format that partition with ext4 or ext3
#mkfs.ext4 /dev/mapper/newname
Now in /etc/crypttab enter
newname /dev/sdb1
Finally in fstab enter
/dev/mapper/newname /mountpoint ext4 defaults 1 2
or if permanent changes are not required then
#mount /dev/mapper/newname /mountpoint
#umount /mountpoint
Now we have to format it with luks
#cryptsetup luksFormat /dev/sdb1
Now partition needs to be labeled
#cryptsetup luksOpen /dev/sdb1 newname
Now format that partition with ext4 or ext3
#mkfs.ext4 /dev/mapper/newname
Now in /etc/crypttab enter
newname /dev/sdb1
Finally in fstab enter
/dev/mapper/newname /mountpoint ext4 defaults 1 2
or if permanent changes are not required then
#mount /dev/mapper/newname /mountpoint
#umount /mountpoint
Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes
Create and remove physical volumes
Suppose there is partition named /dev/sdb which is of type lvm
To create pv
#pvcreate /dev/sdb
To remove pv
#pvremove /dev/sdb
Assign physical volumes to volume groups
#vgcreate -s size vgname /dev/sdb
Create and delete logical volumes
#lvcreate -L size -n lvname vgname
Delete
#lvremove /dev/vgname/lvname
Suppose there is partition named /dev/sdb which is of type lvm
To create pv
#pvcreate /dev/sdb
To remove pv
#pvremove /dev/sdb
Assign physical volumes to volume groups
#vgcreate -s size vgname /dev/sdb
Create and delete logical volumes
#lvcreate -L size -n lvname vgname
Delete
#lvremove /dev/vgname/lvname
List, create, delete and set partition type for primary, extended, and logical partitions
List partitions
#fdisk -l
Create partition
#fdisk /dev/vda
(vda can be replaced by sda if its not virtual machine)
Then press
n
After that select e or p for extended or primary partition type.
Then give appropriate size
Finally type
w
Then type
p
to check partition table where you can see the newly created partition.
#fdisk -l
Create partition
#fdisk /dev/vda
(vda can be replaced by sda if its not virtual machine)
Then press
n
After that select e or p for extended or primary partition type.
Then give appropriate size
Finally type
w
Then type
p
to check partition table where you can see the newly created partition.
Start, stop and check the status of network services
#service network start
#service network stop
#service network status
#service network restart
#service network stop
#service network status
#service network restart
Access a virtual machine's console
This should preferably done in GUI mode as its very friendly to understand. Go to Applications and find vm manager and start it. You can even stop it from there itself. You can even shutdown your VM forcefully.
From command line use
#virt-manager
I have also discussed about this in my post
VM installation
From command line use
#virt-manager
I have also discussed about this in my post
VM installation
Locate and interpret system log files
/var/log/messages file is an important system log
#tail -10f /var/log/messages
Above command give recent 10 lines of log information and gets refreshed automatically
#tail -10f /var/log/messages
Above command give recent 10 lines of log information and gets refreshed automatically
dentify CPU/memory intensive processes, adjust process priority with renice, and kill processes
Identify CPU/memory intensive processes
#top
and
#ps -el
Adjust priority:
#renice no pid
where no is -20 or 0 or 20
Kill process
#egrep process
Find process id
Then with that process id
#kill -9 pid
#top
and
#ps -el
Adjust priority:
#renice no pid
where no is -20 or 0 or 20
Kill process
#egrep process
Find process id
Then with that process id
#kill -9 pid
Use single-user mode to gain access to a system
Reboot the system and then press 'a' when grub screen comes. After that enter ' 1' to enter into single user mode. Now you directly enter as root. To get back to gui mode enter init 5.
Boot systems into different runlevels manually
There are total following number of run-levels
Runlevel 0 - Halt
Runlevel 1 - Single User mode.
Runlevel 2 - This is basic functions, multi-user mode, without any networking.
Runlevel 3 - This is what servers usually run in, as it provides all of the services of the normal server, without the graphical user interface.
Runlevel 4 - For future use
Runlevel 5 - GUI mode
Runlevel 6 - Reboot
Command to be given is
#init no.
where no is from 0 to 6
Runlevel 0 - Halt
Runlevel 1 - Single User mode.
Runlevel 2 - This is basic functions, multi-user mode, without any networking.
Runlevel 3 - This is what servers usually run in, as it provides all of the services of the normal server, without the graphical user interface.
Runlevel 4 - For future use
Runlevel 5 - GUI mode
Runlevel 6 - Reboot
Command to be given is
#init no.
where no is from 0 to 6
Locate, read and use system documentation including man, info, and files in /usr/share/doc .
#man command
#info command
#fgrep -Ri keyword /usr/share/doc/package
#info command
#fgrep -Ri keyword /usr/share/doc/package
List, set and change standard ugo/rwx permissions
Modify user
# usermod -g groupname user_to_be_added
Change group ownership
#chgrp root filename
Change ownership
# chown username.groupname filename
Change permission
#chmod xxx filename
(where xxx can be digits like 644, 755, etc representing user,group and other permission)
or
chmod u=rwx,g=rx,o=rx filename
List permission
#ls -l
# usermod -g groupname user_to_be_added
Change group ownership
#chgrp root filename
Change ownership
# chown username.groupname filename
Change permission
#chmod xxx filename
(where xxx can be digits like 644, 755, etc representing user,group and other permission)
or
chmod u=rwx,g=rx,o=rx filename
List permission
#ls -l
Create hard and soft links
1) Soft link
It is a shortcut.
#ln -s targetfile nameoflink
For eg -> ln -s /usr/bin/clear /sbin/c
2)Hard link
It is also a shortcut
#ln targetfile nameoflink
It is a shortcut.
#ln -s targetfile nameoflink
For eg -> ln -s /usr/bin/clear /sbin/c
2)Hard link
It is also a shortcut
#ln targetfile nameoflink
Create, delete, copy and move files and directories
cp -> copy (for files)
cp -a -> copy (for directories)
cp -p -> copy and preserve date and time
mv -> move OR rename
rmdir -> remove empty directory
rm -> remove (for files)
rm -f -> remove forcefully (for files)
rm -r -> remove recursively (for directories)
cp -a -> copy (for directories)
cp -p -> copy and preserve date and time
mv -> move OR rename
rmdir -> remove empty directory
rm -> remove (for files)
rm -f -> remove forcefully (for files)
rm -r -> remove recursively (for directories)
Create and edit text files
To create file
#touch filename
#vi filename
i = to enter edit mode
esc = to move to out of edit mode
dd = to delete line
yy = to copy line
p = to paste
:wq = save and quit
#touch filename
#vi filename
i = to enter edit mode
esc = to move to out of edit mode
dd = to delete line
yy = to copy line
p = to paste
:wq = save and quit
Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2
1)Making tar from folder named test
#tar -cvf test.tar test
2)Untarring
#tar -xvf test.tar
3)To convert to test.Z
# compress test.tar
4)uncompress
# uncompress test.tar.Z
5)gzip
(compress)
#gzip test.tar
(uncompress)
#gunzip test.tar.gz
or
(compress)
#tar -zcvf test.tar.gz folder_to_compress
(uncompress)
#tar -zxvf test.tar.gz
6)bzip2
#bzip2 test.tar
or
(compress)
#tar -jcvf test.tar.bz2 folder_to_compress
(uncompress)
#tar -jxvf test.tar.bz2
#tar -cvf test.tar test
2)Untarring
#tar -xvf test.tar
3)To convert to test.Z
# compress test.tar
4)uncompress
# uncompress test.tar.Z
5)gzip
(compress)
#gzip test.tar
(uncompress)
#gunzip test.tar.gz
or
(compress)
#tar -zcvf test.tar.gz folder_to_compress
(uncompress)
#tar -zxvf test.tar.gz
6)bzip2
#bzip2 test.tar
or
(compress)
#tar -jcvf test.tar.bz2 folder_to_compress
(uncompress)
#tar -jxvf test.tar.bz2
Log in and switch users in multi-user runlevels
To switch user
# su - username
To switch to root
# su
# su - username
To switch to root
# su
Access remote systems using ssh and VNC
1)Basic ssh access
#ssh user@host
2)VNC
vncviewer is an Xt-based client application for the VNC (Virtual Network Computing) system. It can connect to any VNC-compatible server such as Xvnc or WinVNC, allowing you to control desktop environment of a different machine.
#vncviewer host:port
#ssh user@host
2)VNC
vncviewer is an Xt-based client application for the VNC (Virtual Network Computing) system. It can connect to any VNC-compatible server such as Xvnc or WinVNC, allowing you to control desktop environment of a different machine.
#vncviewer host:port
Use grep and regular expressions to analyze text
1) grep 'word' filename
2)cat filename | grep 'something'
Regular expressions
1)The following example displays lines starting with the vivek only
grep ^vivek /etc/passwd
2)Find lines ending with word foo:
grep 'foo$' filename
3)Match line only containing foo:
grep '^foo$' filename
4)You can match two numeric digits (i.e. match foo11, foo12 etc):
grep 'foo[0-9][0-9]' filename
2)cat filename | grep 'something'
Regular expressions
1)The following example displays lines starting with the vivek only
grep ^vivek /etc/passwd
2)Find lines ending with word foo:
grep 'foo$' filename
3)Match line only containing foo:
grep '^foo$' filename
4)You can match two numeric digits (i.e. match foo11, foo12 etc):
grep 'foo[0-9][0-9]' filename
Use input-output redirection (>, >>, |, 2>, etc.)
> : is used to overwrite contents of one file to other
>> : is used to append contents from one file to other
0> : std input
1> : redirect to std output
2> : redirect to std error
2>&1: std error to std output
Examples:
1)cat file1 > file2
(overwriting contents of file2 with file1)
2)cat file1 >> file2
(appending file2 with file1)
3)cat file1 > /dev/test 2>&1
(if the above copy command is wrong then that error will also be directed to output. In this case whether command is right or wrong it will be directed to /dev/test file)
>> : is used to append contents from one file to other
0> : std input
1> : redirect to std output
2> : redirect to std error
2>&1: std error to std output
Examples:
1)cat file1 > file2
(overwriting contents of file2 with file1)
2)cat file1 >> file2
(appending file2 with file1)
3)cat file1 > /dev/test 2>&1
(if the above copy command is wrong then that error will also be directed to output. In this case whether command is right or wrong it will be directed to /dev/test file)
Saturday, July 30, 2011
Access a shell prompt and issue commands with correct syntax
After logging into linux whatever you see is bash shell where you can issue commands.
I am just listing out basics commands here which can be used in exam. More commands will follow.
ls -> list content
ls -l -> list content in long listing format
alias -> display all aliases for current user
exit -> log out from the system
cd .. -> change to parent directory
cd - -> change to previous directory
cd -> change to home directory
ps -> display process status of current terminal
ps -l -> display process status of current terminal in Ctrl+c -> cancel/quit process
Ctrl+r -> search command
Ctrl+l -> clear screen
Ctrl+d -> log out
Ctrl+Alt+Delete -> reboot
I am just listing out basics commands here which can be used in exam. More commands will follow.
ls -> list content
ls -l -> list content in long listing format
alias -> display all aliases for current user
exit -> log out from the system
cd .. -> change to parent directory
cd - -> change to previous directory
cd -> change to home directory
ps -> display process status of current terminal
ps -l -> display process status of current terminal in Ctrl+c -> cancel/quit process
Ctrl+r -> search command
Ctrl+l -> clear screen
Ctrl+d -> log out
Ctrl+Alt+Delete -> reboot
Installing RHEL 6 on Vmware/Virtual box
I personally installed virtual box in ubuntu and then installed rhel 6. Virtual box is freely available.
For installing virtual box in ubuntu give command
apt-get install virtualbox
Then after starting virtual box, create a new virtual machine inside it by selecting the os as linux and then giving approximate maximum size of the disc to be 10gb. Minimum 6.5 gb will be required for installing rhel 6. After that point to .iso file of rhel6 and keep everything else default.
After that power on that virtual machine and start installing rhel. And after that you can install rhel just like installing it on physical machine and without worrying about corrupting or losing your actual physical machine.
Steps for installing rhel 6 ( Same for vmware and virtualbox )
1) Select Install or upgrade option.
2)Then keep other things default till you are asked for device where you need to select cd/dvd and skip checking of the external device.
3)Then warning comes where you should select "Install anyway"
4)Then again you will see another warning where you have to select "Reinitialize all".
5)Do simple steps as indicated till you reach where you need to select custom layout. Now make one partition of 6.5gb, mount point as "/" and "ext4" partition. Then format it.
6)Then select "Software Development Workstation software set" for installing and click next.
7)After that progress bar comes where you just need to allow things to happen on its own. Finally reboot.
8)Finally you are done and now rhel 6 starts as usual.
For installing virtual box in ubuntu give command
apt-get install virtualbox
Then after starting virtual box, create a new virtual machine inside it by selecting the os as linux and then giving approximate maximum size of the disc to be 10gb. Minimum 6.5 gb will be required for installing rhel 6. After that point to .iso file of rhel6 and keep everything else default.
After that power on that virtual machine and start installing rhel. And after that you can install rhel just like installing it on physical machine and without worrying about corrupting or losing your actual physical machine.
Steps for installing rhel 6 ( Same for vmware and virtualbox )
1) Select Install or upgrade option.
2)Then keep other things default till you are asked for device where you need to select cd/dvd and skip checking of the external device.
3)Then warning comes where you should select "Install anyway"
4)Then again you will see another warning where you have to select "Reinitialize all".
5)Do simple steps as indicated till you reach where you need to select custom layout. Now make one partition of 6.5gb, mount point as "/" and "ext4" partition. Then format it.
6)Then select "Software Development Workstation software set" for installing and click next.
7)After that progress bar comes where you just need to allow things to happen on its own. Finally reboot.
8)Finally you are done and now rhel 6 starts as usual.
RHCE objectives
I am listing down the RHCE objectives directly from red hat website.
System Configuration and Management
Route IP traffic and create static routes
Use iptables to implement packet filtering and configure network address translation (NAT)
Use /proc/sys and sysctl to modify and set kernel run-time parameters
Configure system to authenticate using Kerberos
Build a simple RPM that packages a single file
Configure a system as an iSCSI initiator that persistently mounts an iSCSI target
Produce and deliver reports on system utilization (processor, memory, disk, and network)
Use shell scripting to automate system maintenance tasks
Configure a system to log to a remote system
Configure a system to accept logging from a remote system
Network Services
Network services are an important subset of the exam objectives. RHCE candidates should be capable of meeting the following objectives for each of the network services listed below:
Install the packages needed to provide the service
Configure SELinux to support the service
Configure the service to start when the system is booted
Configure the service for basic operation
Configure host-based and user-based security for the service
RHCE candidates should also be capable of meeting the following objectives associated with specific services:
HTTP/HTTPS
Configure a virtual host
Configure private directories
Deploy a basic CGI application
Configure group-managed content
DNS
Configure a caching-only name server
Configure a caching-only name server to forward DNS queries
Note: Candidates are not expected to configure master or slave name servers
FTP
Configure anonymous-only download
NFS
Provide network shares to specific clients
Provide network shares suitable for group collaboration
SMB
Provide network shares to specific clients
Provide network shares suitable for group collaboration
SMTP
Configure a mail transfer agent (MTA) to accept inbound email from other systems
Configure an MTA to forward (relay) email through a smart host
SSH
Configure key-based authentication
Configure additional options described in documentation
System Configuration and Management
Route IP traffic and create static routes
Use iptables to implement packet filtering and configure network address translation (NAT)
Use /proc/sys and sysctl to modify and set kernel run-time parameters
Configure system to authenticate using Kerberos
Build a simple RPM that packages a single file
Configure a system as an iSCSI initiator that persistently mounts an iSCSI target
Produce and deliver reports on system utilization (processor, memory, disk, and network)
Use shell scripting to automate system maintenance tasks
Configure a system to log to a remote system
Configure a system to accept logging from a remote system
Network Services
Network services are an important subset of the exam objectives. RHCE candidates should be capable of meeting the following objectives for each of the network services listed below:
Install the packages needed to provide the service
Configure SELinux to support the service
Configure the service to start when the system is booted
Configure the service for basic operation
Configure host-based and user-based security for the service
RHCE candidates should also be capable of meeting the following objectives associated with specific services:
HTTP/HTTPS
Configure a virtual host
Configure private directories
Deploy a basic CGI application
Configure group-managed content
DNS
Configure a caching-only name server
Configure a caching-only name server to forward DNS queries
Note: Candidates are not expected to configure master or slave name servers
FTP
Configure anonymous-only download
NFS
Provide network shares to specific clients
Provide network shares suitable for group collaboration
SMB
Provide network shares to specific clients
Provide network shares suitable for group collaboration
SMTP
Configure a mail transfer agent (MTA) to accept inbound email from other systems
Configure an MTA to forward (relay) email through a smart host
SSH
Configure key-based authentication
Configure additional options described in documentation
RHCSA objectives
I am at first making list of Rhcsa objectives so that you can refer them easily. These are taken directly from Red hat website.
Understand and Use Essential Tools
Access a shell prompt and issue commands with correct syntax
Use input-output redirection (>, >>, |, 2>, etc.)
Use grep and regular expressions to analyze text
Access remote systems using ssh and VNC
Log in and switch users in multi-user runlevels
Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2
Create and edit text files
Create, delete, copy and move files and directories
Create hard and soft links
List, set and change standard ugo/rwx permissions
Locate, read and use system documentation including man, info, and files in /usr/share/doc .
[Note: Red Hat may use applications during the exam that are not included in Red Hat Enterprise Linux for the purpose of evaluating candidate's abilities to meet this objective.]
Operate Running Systems
Boot, reboot, and shut down a system normally
Boot systems into different runlevels manually
Use single-user mode to gain access to a system
Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes
Locate and interpret system log files
Access a virtual machine's console
Start, stop and check the status of network services
Configure Local Storage
List, create, delete and set partition type for primary, extended, and logical partitions
Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes
Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot
Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label
Add new partitions, logical volumes and swap to a system non-destructively
Create and Configure File Systems
Create, mount, unmount and use ext2, ext3 and ext4 file systems
Mount, unmount and use LUKS-encrypted file systems
Mount and unmount CIFS and NFS network file systems
Configure systems to mount ext4, LUKS-encrypted and network file systems automatically
Extend existing unencrypted ext4-formatted logical volumes
Create and configure set-GID directories for collaboration
Create and manage Access Control Lists (ACLs)
Deploy, Configure and Maintain Systems
Configure networking and hostname resolution statically or dynamically
Schedule tasks using cron
Configure systems to boot into a specific runlevel automatically
Install Red Hat Enterprise Linux automatically using Kickstart
Configure a physical machine to host virtual guests
Install Red Hat Enterprise Linux systems as virtual guests
Configure network services to start automatically at boot
Configure a system to run a default configuration HTTP server
Configure a system to run a default configuration FTP server
Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem
Update the kernel package appropriately to ensure a bootable system. Modify the system bootloader
Configure a system to run a default configuration NTP server and synchronize time using other NTP peers
Manage Users and Groups
Create, delete, and modify local user accounts
Change passwords and adjust password aging for local user accounts
Create, delete and modify local groups and group memberships
Configure a system to use an existing LDAP directory service for user and group information
Manage Security
Configure firewall settings using system-config-firewall or iptables
Set enforcing and permissive modes for SELinux
List and identify SELinux file and process context
Restore default file contexts
Use boolean settings to modify system SELinux settings
Diagnose and address routine SELinux policy violations
Understand and Use Essential Tools
Access a shell prompt and issue commands with correct syntax
Use input-output redirection (>, >>, |, 2>, etc.)
Use grep and regular expressions to analyze text
Access remote systems using ssh and VNC
Log in and switch users in multi-user runlevels
Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2
Create and edit text files
Create, delete, copy and move files and directories
Create hard and soft links
List, set and change standard ugo/rwx permissions
Locate, read and use system documentation including man, info, and files in /usr/share/doc .
[Note: Red Hat may use applications during the exam that are not included in Red Hat Enterprise Linux for the purpose of evaluating candidate's abilities to meet this objective.]
Operate Running Systems
Boot, reboot, and shut down a system normally
Boot systems into different runlevels manually
Use single-user mode to gain access to a system
Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes
Locate and interpret system log files
Access a virtual machine's console
Start, stop and check the status of network services
Configure Local Storage
List, create, delete and set partition type for primary, extended, and logical partitions
Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes
Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot
Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label
Add new partitions, logical volumes and swap to a system non-destructively
Create and Configure File Systems
Create, mount, unmount and use ext2, ext3 and ext4 file systems
Mount, unmount and use LUKS-encrypted file systems
Mount and unmount CIFS and NFS network file systems
Configure systems to mount ext4, LUKS-encrypted and network file systems automatically
Extend existing unencrypted ext4-formatted logical volumes
Create and configure set-GID directories for collaboration
Create and manage Access Control Lists (ACLs)
Deploy, Configure and Maintain Systems
Configure networking and hostname resolution statically or dynamically
Schedule tasks using cron
Configure systems to boot into a specific runlevel automatically
Install Red Hat Enterprise Linux automatically using Kickstart
Configure a physical machine to host virtual guests
Install Red Hat Enterprise Linux systems as virtual guests
Configure network services to start automatically at boot
Configure a system to run a default configuration HTTP server
Configure a system to run a default configuration FTP server
Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem
Update the kernel package appropriately to ensure a bootable system. Modify the system bootloader
Configure a system to run a default configuration NTP server and synchronize time using other NTP peers
Manage Users and Groups
Create, delete, and modify local user accounts
Change passwords and adjust password aging for local user accounts
Create, delete and modify local groups and group memberships
Configure a system to use an existing LDAP directory service for user and group information
Manage Security
Configure firewall settings using system-config-firewall or iptables
Set enforcing and permissive modes for SELinux
List and identify SELinux file and process context
Restore default file contexts
Use boolean settings to modify system SELinux settings
Diagnose and address routine SELinux policy violations
RHCSA and RHCE passed (RHEL 6)
Hi everyone, I cleared my Red Hat Certified System Administrator and Red Hat Certified Engineer exam last monday with score 282/300 in RHCSA and 273/300 in RHCE.
There have been around 20% changes in RHEL 6 exams as compared to the earlier RHEL 5 exam. The most important being that the exam is now on virtual machine rather than physical machine. As a result there have been quite a few changes and the exam has become a bit time consuming as compared to previous one as we need to use physical machine for testing purpose. Especially Rhce is really dificult to complete in 2 hrs. Again selinux is one of the most important part without which its impossible to clear rhce.
I studied for this exam for 1 month exactly after i gave my last semester exam of computer engineering. I gave both rhcsa and rhce on the same day and I studied as per the objectives given at red hat site. I will be making note of whatever I studied in the coming post.
RHCSA objectives
RHCE objectives
There have been around 20% changes in RHEL 6 exams as compared to the earlier RHEL 5 exam. The most important being that the exam is now on virtual machine rather than physical machine. As a result there have been quite a few changes and the exam has become a bit time consuming as compared to previous one as we need to use physical machine for testing purpose. Especially Rhce is really dificult to complete in 2 hrs. Again selinux is one of the most important part without which its impossible to clear rhce.
I studied for this exam for 1 month exactly after i gave my last semester exam of computer engineering. I gave both rhcsa and rhce on the same day and I studied as per the objectives given at red hat site. I will be making note of whatever I studied in the coming post.
RHCSA objectives
RHCE objectives
Subscribe to:
Posts (Atom)