RHCSA Exam- Ex 200 Question

Redhat certified System Administrator (EX200) 

Servera (Node 1)

Manage Networking

Configure network and set the static parameters. Consider machine configured as DHCP, need to config it with static parameters.

Or

Configure network and set the static parameters. (configure network in console)

IP-ADDRESS      = 172.25.250.10
NETMASK         = 255.255.255.0
GATEWAY           = 172.25.250.254
Nameserver        = 172.25.250.254
Hostname            = node1.example.com

Answer:

Set Up IP Address

[root@node1 ~] # nmcli connection show
[root@node1 ~] # nmcli connection modify "Wired connection 1" ipv4.addresses 172.25.250.10/24 ipv4.gateway 172.25.250.254 ipv4.dns 172.25.254.254 ipv4.method manual connection.autoconnect yes

[root@node1 ~] # nmcli connection up "Wired connection 1"
[root@node1 ~] # systemctl restart NetworkManager
[root@node1 ~] # nmcli connection reload

• Wired connection 1 means your interface name.
• In exam- interface name have Wired Connection 1.
• Normally it has en160 on VM or Physical machine.

Set Up Hostname

[root@node1 ~] # hostnamectl set-hostname servera.lab.example.com
[root@node1 ~] # hostnamectl status
                              Or
                              vi /etc/hostname

Extra- Enable SSH

By default, ssh service (openssh) in installed and enabled. Or you can check it manually—

[root@node1 ~] # rpm -q openssh                                      (check if package installed or not)
[root@node1 ~] # dnf install -y openssh.server                  (if not install ssh)
[root@node1 ~] # nmcli connection show
[root@node1 ~] # systemctl start sshd
[root@node1 ~] # systemctl enable sshd
[root@node1 ~] # firewall-cmd --permanent --add-service=ssh
[root@node1 ~] # firewall-cmd --permanent --add-port=22/tcp
[root@node1 ~] # firewall-cmd –reload

Permit Root Login from Remote--

[root@node1 ~] # vi /etc/ssh/sshd_config

        PermitRootLogin yes                                                  (Edit or Enable those line)

        PasswordAuthentication yes

[root@node2 ~] # ssh root@172.25.250.10                       (Remote login from Node 2)

--------------------------------------------------------------------------------------------------------------------------

--------------------------------------------------------------------------------------------------------------------------

Installing and Updating Software Packages

Configure your system to use this location as a default repository (public/local repo):

http://content.example.com/rhel9.0/x86_64/rhcsa-practice/rht
http://content.example.com/rhel9.0/x86_64/rhcsa-practice/errata

                                                      Answer:

                                                   For Exam

[root@node1 ~] # vim /etc/yum.repos.d/exam.repo

[BaseOS] name=BaseOS

baseurl= http://content.example.com/rhel9.0/x86_64/rhcsa-practice/rht

enabled=1

gpgcheck=0

 

[AppStream]

name=AppStream

baseurl= http://content.example.com/rhel9.0/x86_64/rhcsa-practice/errata

enabled=1

gpgcheck=0

[root@node1~] # dnf repolist all

[root@node1~] # dnf clean all

Repo Server-Local

[root@node1~]# lsblk                                                (Show ISO/DVD name. Like- sr0)
                            or
[root@node1~]# df -h
[root@node1~]# mkdir -p /mnt/cdrom 
[root@node1~]# mount /dev/sr0 /mnt/cdrom
[root@node1~]# mkdir /rhel9
[root@node1~]# cd /rhel9
[root@node1~]# cp -rf /mnt/cdrom/* .

Ø  cp: Copy files and directories

Ø  -r: Recursively copy all files and subdirectories

Ø  -f: Force overwrite any existing files in the destination

Ø  /mnt/cdrom/*: All files and directories in /mnt/cdrom/.

Ø  . Current directory (destination)

[root@node1~]# umoun /mnt/cdrom
[root@node1~]# lsblk                                                (Show /mnt directory)
                            or
[root@node1~]# df -H 
                            or 

                            df -Th 
                            or 

                            df -h
[root@node1~]# cd /etc/yum.repos.d/

[root@node1~]# vim rhel9.repo

[BaseOS]

name=RHEL9 Base OS

baseurl=file:///rhel9/BaseOS

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

 

[AppStream]

name=RHEL9 ApStream

baseurl=file:///rhel9/AppStream

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

    [root@node1~]# createrepo -v /rhel9

Disable subscription manager

[root@node1~]# vi /etc/dnf/plugins/subscription-manager.conf
                                from enabled=1
                                        to
                                enabled=0
[root@node1~]# yum repolist
[root@node1~]# dnf clean all (clean cache)
[root@node1~]# dnf install -y httpd

If see any error in install package then delete rhel9 file where copy ISO file from rhel9 directory and again copy it

Repo Server With HTTP

[root@node1~]# dnf install -y httpd
[root@node1~]# systemctl enable --now httpd

-- move the repo content to Apache document root directory
[root@node1~]# mv /rhel9 /var/www/html

-- change the selinux context of apache documentroot directory    (This command deletes after restart)

[root@node1~]# chcon -Rvt httpd_sys_content_t /var/www/html
Or

-- change the selinux context of apache document root directory   (To make it permanent, use)

[root@node1~]# semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"
[root@node1~]# restorecon -Rv /var/www/html
 
-- Configure the firewall for service http and port 80
[root@node1~]# firewall-cmd --permanent --add-service=http
[root@node1~]# firewall-cmd --permanent --add-port=80/tcp
[root@node1~]# firewall-cmd --reload
[root@node1~]# firewall-cmd --list-all

Client add With HTTP

-- use following command to add the repository
sudo dnf config-manager --add-repo=http://10.10.10.91/rhel9/BaseOS
sudo dnf config-manager --add-repo=http://10.10.10.91/rhel9/AppStream
 
-- Above command will create two repo files under /etc/yum.repos.d directory
-- Now modify those two files to include gpgcheck and gpgkey parameters as below
-- add following line in these files one by one
 
# sudo vi /etc/yum.repos.d/node1.example.com_rhel9_BaseOS.repo
                gpgcheck=1
                gpgkey=http://10.10.10.91/rhel9/BaseOS
 
# sudo vi /etc/yum.repos.d/node1.example.com_rhel9_AppStream.repo
               gpgcheck=1
               gpgkey=http://10.10.10.91/rhel9/AppStream

----------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------

Managing Local Users and Groups

Create the following users, groups and group memberships:

·        A group named sharegrp
·        A user harry who belongs to sharegrp as a secondary group
·        A user natasha who also belongs to sharegrp as a secondary group
·        A user copper who does not have access to an interactive shell on the system and who is not a member of sharegrp.
·        harry, natasha and copper should have the password redhat

Answer:

[root@node1~] # groupadd sharegrp
[root@node1~] # useradd -G sharegrp harry
[root@node1~] # useradd -G sharegrp natasha
[root@node1~] # useradd -s /sbin/nologin copper
[root@node1~] # passwd harry
[root@node1~] # passwd natasha
[root@node1~] # passwd copper

Optional:

[root@node1~] # echo “student:Pa$$w0rd” | chpasswd                           (Change User Password)
[root@node1~] # useradd user1 && echo "user1:12345" | chpasswd      (New User add and set password)

 

For verification:

[root@node1~] # tail -5 /etc/passwd
[root@node1~] # tail -5 /etc/group
[root@node1~] # tail -5 /etc/shadow

----------------------------------------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------------------------------------

Controlling Access to Files

·   Create collaborative directory /var/shares with the following characteristics:

·   Group ownership of /var/shares should be sharegrp.

·   The directory should be readable, writable and accessible to member of sharegrp but not to any other user. (It is understood that root has access to all files and directories on the system)

·   Files created in /var/shares automatically have group ownership set to the sharegrp group.

Answer:

[root@node1~] # mkdir -p /var/shares

[root@node1~] # ls -ld /var/shares

[root@node1~] # chgrp sharegrp /var/shares/

Or

[root@node1~] # chown :sharegrp /var/shares/

[root@node1~] # ls -ld /var/shares

[root@node1~] # chmod 770 /var/shares

[root@node1~] # chmod 2770 /var/share

--------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------

Accessing Linux File Systems

Find all lines in the file-

/usr/share/mime/packages/freedesktop.org.xml that contain the string ich. Put a copy of these lines in the original order in the file /root/lines. 

/root/lines should contain no empty lines and all lines must be exact copies of the original lines in/usr/share/mime/packages/freedesktop.org.xml

Answer:

[root@node1~] # grep ich /usr/share/mime/packages/freedesktop.org.xml > /root/lines

[root@node1~] # cat /root/lines

<comment xml:lang="ast">Ficheru codificáu en BinHex de Machintosh</comment>

<comment xml:lang="fr">fichier codé Macintosh BinHex</comment>

<comment xml:lang="gl">ficheiro de Macintosh codificado con BinHex</comment>

<comment xml:lang="oc">fichièr encodat Macintosh BinHex</comment>

<comment xml:lang="pt">ficheiro codificado em BinHex de Macintosh</comment>

<comment xml:lang="fr">fichier boîte aux lettres</comment>

<comment xml:lang="gl">ficheiro de caixa de correo</comment>

.......…………………. output omitted……………………………….

---------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------