• No results found

Exam 1

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Exam 1"

Copied!
11
0
0

Loading.... (view fulltext now)

Download now ( 11 Page )

Full text

(1)

Exam -7-paper-1

[root@server6 ~]# systemctl set-default multi-user.target ---> go to single user mode

[root@server6 ~]# systemctl set-default graphical.target

Terminal open" Alt+f2

Enter a command: gnome-terminal---> enter Initial setup:

---password break: restart system ----> press esc key linux...

--- > press e

----> fi ( line not enter)

----> linux16 /boot/vmliuz ----> go to end of the line and enter below the comond

rd.break console=tty1 ---->ctrl+X

switch_root:# mount -o remount,rw /sysroot switch_root:# chroot /sysroot

sh-4.2# passwd newpasswd: retypepasswd: sh-4.2#touch /.autorelabel sh-4.2# exit switch_root:#exit ---[root@server6 ~]# nmtui ---> Edit a connection ---> system eth0 ----> Edit

--->Profile name:system eth0

---> ipv4 configuration -->show(click)--Enter

( IP address,gateway,dns,search domain give in EXAM u can enter below)

Addressed:172.25.20.11 Gateway :172.25.254.254 DNS server:172.25.254.254 search Domain: example.com ---> ok

(2)

[root@server6 ~]# nmtui

---> Activate connection

---> system eth0 ----> Deactivate(show)--Enter--> Activate ---> Enter

---> quit

now check IP address: ---[root@server6 ~]# ip a

[root@server6 ~]# ping 172.25.254.254

[root@server6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 BOOTPROTO=static

ONBOOT=yes

---[root@server6 ~]#hostnamectl set-hostname server6.example.com or

[root@server6 ~]#vim /etc/hostname server6.example.com

---[root@server6 ~]# systemctl mask iptables [root@server6 ~]# systemctl mask ip6tables [root@server6 ~]# systemctl mask ebtables

[root@server6 ~]# hostnamectl set-hostname server6.example.com [root@server6 ~]# hostname

---[root@server6 yum.repos.d]# vim admin.repo [admin]

name=adminrepo

baseurl=http://content.example.com/rhel7.0/x86_64/dvd gpgcheck=0

enabled=1

[root@server6 yum.repos.d]# yum clean all [root@server6 yum.repos.d]# yum clean dbcache [root@server6 yum.repos.d]# yum repolist all

[root@server6 ~]# init 6

---question and answer:

---1.configure your systems that should be running Enforcing Ans:

[root@server11 ~]# vim /etc/sysconfig/selinux SELINUX=enforcing

(3)

SELINUXTYPE=targeted

---2.create a new 100MB Physical partition mounted under /Gluster

Note because partition sizes are seldom exactly what is specified when you are created, anything with range of 70MB to 120 MB is acceptable . Ans:

[root@server11 ~]# mkdir /gluster [root@server11 ~]# lsblk

[root@server11 ~]# fdisk /dev/vdb Command (m for help): p

Command (m for help): n Select (default p): e

Partition number (1-4, default 1): enter

First sector (2048-20971519, default 2048): enter Using default value 2048

Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): enter

Using default value 20971519

Partition 1 of type Extended and of size 10 GiB is set Command (m for help): n

Select (default p): l Adding logical partition 5

First sector (4096-20971519, default 4096): enter Using default value 4096

Last sector, +sectors or +size{K,M,G} (4096-20971519, default 20971519): +100MB

Partition 5 of type Linux and of size 95 MiB is set Command (m for help): w

[root@server11 ~]# partprobe /dev/vdb [root@server11 ~]# partx /dev/vdb [root@server11 ~]# vim /etc/fstab

/dev/vdb5 /gluster xfs defaults 0 0 [root@server11 ~]# mkfs.xfs /dev/vdb5 [root@server11 ~]# mount -a [root@server11 ~]# df -h

---3.create a new 150MB swap partition f/s.

(Note because partition sizes are seldom exactly what is specified when they are created, any thing within the range of 130MB to 170MB is acceptable)

Ans:

(4)

----[root@server11 ~]# fdisk /dev/vdb Command (m for help): n

Select (default p): l Adding logical partition 6

First sector (200704-20971519, default 200704): --> enter Using default value 200704

Last sector, +sectors or +size{K,M,G} (200704-20971519, default 20971519): +150M

Partition 6 of type Linux and of size 150 MiB is set Command (m for help): t

Partition number (1,5,6, default 6): 6 Hex code (type L to list all codes): 82

Changed type of partition 'Linux' to 'Linux swap / Solaris' Command (m for help): w

[root@server11 ~]# partprobe /dev/vdb [root@server11 ~]# mkswap /dev/vdb6 [root@server11 ~]# vim /etc/fstab

/dev/vdb6 swap swap defaults 0 0

[root@server11 ~]# swapon -a [root@server11 ~]# swapon -s [root@server11 ~]# free -m ---4.create a repositary for

http://content.example.com/rhel7.0/x86_64/dvd Ans:

[root@server11 ~]# cd /etc/yum.repos.d/ [root@server11 yum.repos.d]# vim admin.repo [admin]

name=yum.repo

baseurl = http://content.example.com/rhel7.0/x86_64/dvd gpgcheck=0

enabled=1

[root@server11 ~]# yum clean all [root@server11 ~]# yum clean dbcache [root@server11 ~]# yum repolist all

---5.create the following user, groups, and group memberships:.

A group name sysgrp

A user andrew who belongs to sysgrp as a secondary group A user susan also belongs to sysgrp as a secondary group

(5)

A user sarah who does not have access to an interactive shell on system and who not a member of sysgrp

susan,sarah, andrew password = "Postroll" Ans:

[root@server11 ~]# groupadd sysgrp

[root@server11 ~]# useradd -G sysgrp andrew [root@server11 ~]# useradd -G sysgrp susan

[root@server11 ~]# useradd -s /sbin/nologin sarah

[root@server11 ~]# echo 'postroll' | passwd --stdin andrew [root@server11 ~]# echo 'postroll' | passwd --stdin susan [root@server11 ~]# echo 'postroll' | passwd --stdin sarah

---6.create a collaborative directory /redhat/sysgrp with the following characteristics:

--> Group owneship of /redhat/sysgrpis sysgrp --> The directory should be readbale,writable, and accessable to members of sysgrp, but not to any other user. (It is understood that root has access to all files and directories on the system. --> Files created in

/redhat/sysgrp automatically have group ownership set to the sysgrp group

Ans:

[root@server11 ~]# mkdir -p /redhat/sysgrp [root@server11 ~]# ls -ld /redhat/sysgrp

drwxr-xr-x. 2 root root 6 Jan 4 06:09 /redhat/sysgrp [root@server11 ~]# chgrp sysgrp /redhat/sysgrp

[root@server11 ~]# ls -ld /redhat/sysgrp

[root@server11 ~]# chmod 2770 /redhat/sysgrp -R [root@server11 ~]# ls -ld /redhat/sysgrp

drwxrwx---. 2 root sysgrp 6 Jan 4 06:09 /redhat/sysgrp [root@server11 /]# ls -ldZ /redhat/sysgrp/

---7. Install the appropriate kernel update from

http://content.example.com/rhel7.0/x86_64/errata .rship set to the sysgrp group

~

. The following criteria must also be met: -->The updated kernel is the default kerneal when the system rebooted. -->The original kernel remains available and bootable on the system .

Ans:

----[root@server11 /]# cd /etc/yum.repos.d/ [root@server11 yum.repos.d]# ls

(6)

[root@server11 yum.repos.d]# vim kernel.repo [kernel] name=kernelrepo baseurl = http://content.example.com/rhel7.0/x86_64/errata gpgcheck=0 enabled=1

[root@server11 ~]# yum clean all [root@server11 ~]# yum clean dbcache [root@server11 ~]# yum repolist all

[root@server11 ~]# yum install kernel* -y [root@server11 ~]# uname -r

[root@server11 ~]# init 6 [root@server11 ~]# uname -r

---8.Enable IP forwarding on your machine Ans:

[root@server11 ~]# vim /etc/sysctl.conf [root@server11 ~]# sysctl -p

net.ipv4.ip_forward = 1

---9. The user andrew must configure a cron job that runs daily at 14:23 local time and executes - /bin/echo hiya .

Ans:

[root@server11 ~]# yum install cron* -y

[root@server11 ~]# systemctl restart crond.service [root@server11 ~]# crontab -eu andrew

23 14 * * * /bin/echo "hai "

[root@server11 ~]# systemctl restart crond.service [root@server11 ~]# cat /var/spool/mail/andrew

---10.Bind with LDAP used provided by classroom.example.com for userr authentication..

The LDAP search base DN is dc=example,dc=com The LDAP certificate file is

http://classroom.example.com/pub/EXAMPLE-CA-CERT

ldapuserX should be able to log into your system, whereX is your ServerX (hint:where X is your domain number),but will not have a home directory, until you have completed the autofs requirement,below all LDAP users have password of "password"

(7)

Ans:

----[root@server11 ~]# yum install sssd* -y [root@server11 ~]# yum install autofs* -y [root@server11 ~]# yum install auth* -y [root@server11 ~]# yum install nfs* -y

[root@server11 ~]# yum install authconfig-tui (this is single user mode code)

[*] Use Ldap [*] Use MD5 Password

[*] Use LDAP athuentication

[*] Local Authorization is sufficient ----> next [*] use TLS server : ldaps:classroom.example.com Base DN: dc=example,dc=com ---> Next (or)

[root@server11 ~]# authconfig-gtk ( graphical ) one new window open

User accound database: LDAP

Ldap Search base DN : dc=example,dc=com

Ldap server :ldaps://classroom.example.com select Use TLS to encrypted connection

-- Click Download certicficate --- new window open

certificate url: http://classroom.example.com/pub/EXAMPLE-CA-CERT --> ok

Authendication method : LDAP PASSWD

[root@server11 ~]# systemctl restart sssd

---11.configure autofs to automount the home directories of LDAP users, Note the following:

-->classroom.example.com (172.25.254.254), NFS-exports /home/guests to your system, whereX is your server Number.

-->LDAP userX's home directory is

(8)

-->LdapuserX's home directory should be automounted locally beneath /home as /home/guests/ldapuserX

-->home directories must be writable by their users

-->while you are able to login as any of the users ldapuser1 through ldapuser20 the only home directory that is accessible from your system is ldapuserX.

Example:- classroom.example.com would configure the automaster such that ldapuser100's home directory /home/guests/ldapuserX gets mounted automatically upon login.

The NFS share would be classroom.example.com:/home/guests/ldapuser100 Ans:

---[root@server11 ~]# vim /etc/exports /home/guests *(rw,sync)

[root@server11 ~]# vim /etc/auto.misc

cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom ldapuser11 -rw,soft,intr

classroom.example.com:/home/guests/ldapuser11 [root@server11 ~]# vim /etc/auto.master

/misc /etc/auto.misc

/home/guests /etc/auto.misc

[root@server11 ~]# systemctl restart autofs [root@server11 ~]# su - ldapuser11

---12. Configure your system so that it is an NTP client of classroom.example.com.

[root@server11 ~]# yum install chrony* -y [root@server11 ~]# vim /etc/chrony.conf server 3.rhel.pool.ntp.org iburst

server classroom.example.com iburst

[root@server11 ~]# systemctl restart chronyd.service [root@server11 ~]# timedatectl

[root@server11 ~]# chronyc tracking

(9)

--->copy the file /etc/fstab to /var/tmp configure the permission of /var/tmp/fstab so that the file /var/tmp/fstab is owned by the root user, belongs to the group root should not be executable by anyone. --->The user andrew is able to read & write /var/tmp/fstab The user susan can neighter write nor read /var/tmp/fstab All other users (current or future) have the ability to read /var/tmp/fstab. Ans:

----[root@server5 ~]# cp -rvf /etc/fstab /var/tmp/ [root@server11 ~]# cd /var/tmp

[root@server11 tmp]# ls

[root@server11 tmp]# ls -ldZ fstab

-rw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 fstab [root@server11 tmp]# setfacl -m u:andrew:rw /var/tmp/fstab [root@server11 tmp]# setfacl -m u:susan:--- /var/tmp/fstab [root@server11 tmp]# setfacl -m u:andrew:rw- /var/tmp/fstab [root@server11 tmp]# getfacl /var/tmp/fstab

---14.create a new physical volume, create a new volume group in the name of datacontainer, vg extent is 16.00MB .

create a new logical volume in the name of datacopy with the size of 50 extents and file system must vfat then mount it under /datasource Ans:

----[root@server11 ~]# fdisk /dev/vdb Command (m for help): p

Command (m for help): n

l logical (numbered from 5) Select (default p): l

Adding logical partition 7

First sector (509952-20971519, default 509952): Using default value 509952

Last sector, +sectors or +size{K,M,G} (509952-20971519, default 20971519): +1G

Partition 7 of type Linux and of size 1 GiB is set Command (m for help): p

Command (m for help): t

Partition number (1,5-7, default 7): 7 Hex code (type L to list all codes): 8e

(10)

Command (m for help): w

[root@server11 ~]# partprobe /dev/vdb [root@server11 ~]# mkdir /datasource [root@server11 ~]# pvcreate /dev/vdb7

[root@server11 ~]# vgcreate -s 16 datacontainer /dev/vdb7

[root@server11 ~]# lvcreate -l 50 -n /dev/datacontainer/datacopy [root@server11 ~]# lvdisplay

[root@server11 ~]# mkfs.ext4 /dev/datacontainer/datacopy [root@server11 ~]# vim /etc/fstab

/dev/datacontainer/datacopy /datasource ext4 defaults 0 0 [root@server11 ~]# mount -a [root@server11 ~]# df -h [root@server11 ~]# lsblk

---15.Add the user talusan with userid 2985. --->Add the user talusan with userid 2985

--->find the file which owned by user julice and copy the file into /root/find.user directory.

Ans:

----[root@server11 ~]# useradd -u 2985 talusan [root@server11 ~]# id talusan

[root@server11 ~]# useradd julies [root@server11 ~]# find / -name julies /var/spool/mail/julies

/home/julies

[root@server11 ~# cp -rvf /home/julies/ /root/find.user

[root@server11 ~]# cp -rvf /var/spool/mail/julies /root/find.user ‘/var/spool/mail/julies’ -> ‘/root/findresult’

---16. Resize the logical volume, datacontainer-datacopy and it filesystem to 400MB.

Make sure that the filesystem contents remain intact. (Note:

partitions are seldom exactly the size requested,so any thing within the range of 370MB to 430MB is acceptable)

Ans:

(11)

[root@server11 ~]# e2fsck -f /dev/datacontainer/datacopy [root@server11 ~]# resize2fs /dev/datacontainer/datacopy 400M [root@server11 ~]# lvreduce -L 400M /dev/datacontainer/datacopy [root@server11 ~]# resize2fs /dev/datacontainer/datacopy

[root@server11 ~]# mount /dev/datacontainer/datacopy [root@server11 ~]# df -h

[root@server11 ~]# lsblk

---17.create an archive file /root/local.tgz for /usr/local. it should be compressed by gzip..

[root@localhost ~]# tar -czf /root/local.tgz /usr/local

---18.search the string sarah in the /etc/passwd file and save the output in /root/lines

Ans:

[root@server11 ~]# grep sarah /etc/passwd > /root/lines [root@server11 ~]# cat /root/lines

References

Download now ( PDF - 11 Page - 45.57 KB )

Related documents

On the construction of a semantically secure modification of the McEliece cryptosystem

In [7] a modification of McEliece cryptosystem is constructed that has the property of indistinguishability under chosen plaintext attack (IND-CPA) without using the random

Opportunities in the German Software Market

According to the Experton Group, the growth potential of the smart social business plat- forms (also social business for communication & col- laboration – “SB4CC”) market is one

Simulation of Quantum Search Algorithm

8VLQJ 4&/ D *URYHU¶V TXDQWXP VHDUFK simulation has been made. It is performed without using a quantum computer, but using a classic computer. The number of qubits

The OXIRM day: Retail and Supply Chain Emerging Trends in Retailing Panel

Keywords : Brand communities, collaboration, marketing strategy, social entrepreneurship, sustainable fashion. “Understanding luxury: the underpinning strategies leading to high

Effective Cyber Security Strategies for Small Businesses

My objective in this qualitative research study was to explore successful strategic elements of cyber security and the prevention methodologies employed by SME owners to protect

Sox2 Protein Expression is an Independent Poor Prognostic Indicator in Stage I Lung Adenocarcinoma

Expression of Sox2 protein has not been extensively studied in lung cancer; however, we have recently demonstrated that Sox2 is strongly and diffusely expressed in ~90% of pulmonary

Interesting Sunday Projects

By Asha Dornfest May 07, 2007 | 6:20:29 PMCategories: Astronomy, Books, Chemistry, Engineering, How-To, Outdoor Activities, Projects, Science Experiments I just finished

Party Discipline and Pork-Barrel Politics

The promised level of per district spending is very high when party discipline is low, but falls as discipline rises as long as the anticipated spending in a minority district