Exam 1

November 10, 2017 | Author: Saminadane Thiyagarajan | Category: Computer Data, Unix, Data, Computer Networking, Information Retrieval
Share Embed Donate


Short Description

Download Exam 1...

Description

Exam -7-paper-1 [root@server6 ~]# systemctl set-default multi-user.target to single user mode [root@server6 ~]# systemctl set-default graphical.target

-----> go

Terminal open" Alt+f2 Enter a command: gnome-terminal---> enter Initial setup: --------------password break: restart system ----> press esc key linux... --- > press e ----> fi ( line not enter) ----> linux16 /boot/vmliuz ----> go to end of the line and enter below the comond rd.break console=tty1 ---->ctrl+X switch_root:# mount -o remount,rw /sysroot switch_root:# chroot /sysroot sh-4.2# passwd newpasswd: retypepasswd: sh-4.2#touch /.autorelabel sh-4.2# exit switch_root:#exit -------------[root@server6 ~]# nmtui ---> Edit a connection ---> system eth0 ----> Edit ------>Profile name:system eth0 ------> ipv4 configuration -->show(click)--Enter ( IP address,gateway,dns,search domain give in EXAM u can enter below) Addressed:172.25.20.11 Gateway :172.25.254.254 DNS server:172.25.254.254 search Domain: example.com -----> ok -----> quit

[root@server6 ~]# nmtui ------> Activate connection ------> system eth0 ----> Deactivate(show)--Enter--> Activate ---> Enter ------> quit now check IP address: -------------------[root@server6 ~]# ip a [root@server6 ~]# ping 172.25.254.254 [root@server6 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 BOOTPROTO=static ONBOOT=yes --------------[root@server6 ~]#hostnamectl set-hostname server6.example.com or [root@server6 ~]#vim /etc/hostname server6.example.com --------------[root@server6 ~]# systemctl mask iptables [root@server6 ~]# systemctl mask ip6tables [root@server6 ~]# systemctl mask ebtables [root@server6 ~]# hostnamectl set-hostname server6.example.com [root@server6 ~]# hostname --------------[root@server6 yum.repos.d]# vim admin.repo [admin] name=adminrepo baseurl=http://content.example.com/rhel7.0/x86_64/dvd gpgcheck=0 enabled=1 [root@server6 yum.repos.d]# yum clean all [root@server6 yum.repos.d]# yum clean dbcache [root@server6 yum.repos.d]# yum repolist all [root@server6 ~]# init 6 ---------------------------------------------------------------question and answer: --------------------------------------1.configure your systems that should be running Enforcing Ans: [root@server11 ~]# vim /etc/sysconfig/selinux SELINUX=enforcing

SELINUXTYPE=targeted ------------------2.create a new 100MB Physical partition mounted under /Gluster Note because partition sizes are seldom exactly what is specified when you are created, anything with range of 70MB to 120 MB is acceptable . Ans: [root@server11 ~]# mkdir /gluster [root@server11 ~]# lsblk [root@server11 ~]# fdisk /dev/vdb Command (m for help): p Command (m for help): n Select (default p): e Partition number (1-4, default 1): enter First sector (2048-20971519, default 2048): enter Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): enter Using default value 20971519 Partition 1 of type Extended and of size 10 GiB is set Command (m for help): n Select (default p): l Adding logical partition 5 First sector (4096-20971519, default 4096): enter Using default value 4096 Last sector, +sectors or +size{K,M,G} (4096-20971519, default 20971519): +100MB Partition 5 of type Linux and of size 95 MiB is set Command (m for help): w [root@server11 ~]# [root@server11 ~]# [root@server11 ~]# /dev/vdb5 defaults 0 0 [root@server11 ~]# [root@server11 ~]# [root@server11 ~]# ------------------

partprobe /dev/vdb partx /dev/vdb vim /etc/fstab /gluster

xfs

mkfs.xfs /dev/vdb5 mount -a df -h

3.create a new 150MB swap partition f/s. (Note because partition sizes are seldom exactly what is specified when they are created, any thing within the range of 130MB to 170MB is acceptable) Ans: ----

[root@server11 ~]# fdisk /dev/vdb Command (m for help): n Select (default p): l Adding logical partition 6 First sector (200704-20971519, default 200704): --> enter Using default value 200704 Last sector, +sectors or +size{K,M,G} (200704-20971519, default 20971519): +150M Partition 6 of type Linux and of size 150 MiB is set Command (m for help): t Partition number (1,5,6, default 6): 6 Hex code (type L to list all codes): 82 Changed type of partition 'Linux' to 'Linux swap / Solaris' Command (m for help): w [root@server11 ~]# partprobe /dev/vdb [root@server11 ~]# mkswap /dev/vdb6 [root@server11 ~]# vim /etc/fstab /dev/vdb6 defaults 0 0

swap

[root@server11 ~]# swapon -a [root@server11 ~]# swapon -s [root@server11 ~]# free -m --------------------4.create a repositary for http://content.example.com/rhel7.0/x86_64/dvd Ans: [root@server11 ~]# cd /etc/yum.repos.d/ [root@server11 yum.repos.d]# vim admin.repo [admin] name=yum.repo baseurl = http://content.example.com/rhel7.0/x86_64/dvd gpgcheck=0 enabled=1 [root@server11 ~]# yum clean all [root@server11 ~]# yum clean dbcache [root@server11 ~]# yum repolist all ------------------5.create the following user, groups, and group memberships:. A group name sysgrp A user andrew who belongs to sysgrp as a secondary group A user susan also belongs to sysgrp as a secondary group

swap

A user sarah who does not have access to an interactive shell on system and who not a member of sysgrp susan,sarah, andrew password = "Postroll" Ans: [root@server11 [root@server11 [root@server11 [root@server11

~]# ~]# ~]# ~]#

groupadd sysgrp useradd -G sysgrp andrew useradd -G sysgrp susan useradd -s /sbin/nologin sarah

[root@server11 ~]# echo 'postroll' | passwd --stdin andrew [root@server11 ~]# echo 'postroll' | passwd --stdin susan [root@server11 ~]# echo 'postroll' | passwd --stdin sarah --------------------6.create a collaborative directory /redhat/sysgrp with the following characteristics: --> Group owneship of /redhat/sysgrpis sysgrp --> The directory should be readbale,writable, and accessable to members of sysgrp, but not to any other user. (It is understood that root has access to all files and directories on the system. --> Files created in /redhat/sysgrp automatically have group ownership set to the sysgrp group Ans: [root@server11 ~]# mkdir -p /redhat/sysgrp [root@server11 ~]# ls -ld /redhat/sysgrp drwxr-xr-x. 2 root root 6 Jan 4 06:09 /redhat/sysgrp [root@server11 ~]# chgrp sysgrp /redhat/sysgrp [root@server11 ~]# ls -ld /redhat/sysgrp [root@server11 ~]# chmod 2770 /redhat/sysgrp -R [root@server11 ~]# ls -ld /redhat/sysgrp drwxrwx---. 2 root sysgrp 6 Jan 4 06:09 /redhat/sysgrp [root@server11 /]# ls -ldZ /redhat/sysgrp/ ---------------------7. Install the appropriate kernel update from http://content.example.com/rhel7.0/x86_64/errata .rship set to the sysgrp group ~ . The following criteria must also be met: -->The updated kernel is the default kerneal when the system rebooted. -->The original kernel remains available and bootable on the system . Ans: ---[root@server11 /]# cd /etc/yum.repos.d/ [root@server11 yum.repos.d]# ls

[root@server11 yum.repos.d]# vim kernel.repo [kernel] name=kernelrepo baseurl = http://content.example.com/rhel7.0/x86_64/errata gpgcheck=0 enabled=1 [root@server11 ~]# yum clean all [root@server11 ~]# yum clean dbcache [root@server11 ~]# yum repolist all [root@server11 ~]# [root@server11 ~]# [root@server11 ~]# [root@server11 ~]# -----------------

yum install kernel* -y uname -r init 6 uname -r

8.Enable IP forwarding on your machine Ans: [root@server11 ~]# vim /etc/sysctl.conf [root@server11 ~]# sysctl -p net.ipv4.ip_forward = 1 ---------------9. The user andrew must configure a cron job that runs daily at 14:23 local time and executes - /bin/echo hiya . Ans: [root@server11 ~]# yum install cron* -y [root@server11 ~]# systemctl restart crond.service [root@server11 ~]# crontab -eu andrew 23 14 * * * /bin/echo "hai " [root@server11 ~]# systemctl restart crond.service [root@server11 ~]# cat /var/spool/mail/andrew ------------------------10.Bind with LDAP used provided by classroom.example.com for userr authentication.. The LDAP search base DN is dc=example,dc=com The LDAP certificate file is http://classroom.example.com/pub/EXAMPLE-CA-CERT ldapuserX should be able to log into your system, whereX is your ServerX (hint:where X is your domain number),but will not have a home directory, until you have completed the autofs requirement,below all LDAP users have password of "password"

Ans: ---[root@server11 [root@server11 [root@server11 [root@server11

~]# ~]# ~]# ~]#

yum yum yum yum

install install install install

sssd* -y autofs* -y auth* -y nfs* -y

[root@server11 ~]# yum install authconfig-tui (this is single user mode code) [*] Use Ldap

[*] Use MD5 Password [*] Use LDAP athuentication [*] Local Authorization is sufficient

----> next [*] use TLS server : ldaps:classroom.example.com Base DN: dc=example,dc=com -----> Next

(or) [root@server11 ~]# authconfig-gtk one new window open

( graphical )

User accound database: LDAP Ldap Search base DN : dc=example,dc=com Ldap server :ldaps://classroom.example.com select Use TLS to encrypted connection -- Click Download certicficate --- new window open certificate url: http://classroom.example.com/pub/EXAMPLE-CA-CERT --> ok Authendication method : LDAP PASSWD [root@server11 ~]# systemctl restart sssd ----------11.configure autofs to automount the home directories of LDAP users, Note the following: -->classroom.example.com (172.25.254.254), NFS-exports /home/guests to your system, whereX is your server Number. -->LDAP userX's home directory is classroom.example.com:/home/guests/ldapuserX

-->LdapuserX's home directory should be automounted locally beneath /home as /home/guests/ldapuserX -->home directories must be writable by their users -->while you are able to login as any of the users ldapuser1 through ldapuser20 the only home directory that is accessible from your system is ldapuserX. Example:- classroom.example.com would configure the automaster such that ldapuser100's home directory /home/guests/ldapuserX gets mounted automatically upon login. The NFS share would be classroom.example.com:/home/guests/ldapuser100 Ans: ----[root@server11 ~]# vim /etc/exports /home/guests *(rw,sync) [root@server11 ~]# vim /etc/auto.misc cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom ldapuser11 -rw,soft,intr classroom.example.com:/home/guests/ldapuser11 [root@server11 ~]# vim /etc/auto.master /misc /etc/auto.misc /home/guests /etc/auto.misc [root@server11 ~]# systemctl restart autofs [root@server11 ~]# su - ldapuser11 -------------12. Configure your system so that it is an NTP client of classroom.example.com. [root@server11 ~]# yum install chrony* -y [root@server11 ~]# vim /etc/chrony.conf server 3.rhel.pool.ntp.org iburst server classroom.example.com iburst [root@server11 ~]# systemctl restart chronyd.service [root@server11 ~]# timedatectl [root@server11 ~]# chronyc tracking --------------13. copy the file and configure

--->copy the file /etc/fstab to /var/tmp configure the permission of /var/tmp/fstab so that the file /var/tmp/fstab is owned by the root user, belongs to the group root should not be executable by anyone. --->The user andrew is able to read & write /var/tmp/fstab The user susan can neighter write nor read /var/tmp/fstab All other users (current or future) have the ability to read /var/tmp/fstab. Ans: ---[root@server5 ~]# cp -rvf /etc/fstab /var/tmp/ [root@server11 ~]# cd /var/tmp [root@server11 tmp]# ls [root@server11 tmp]# ls -ldZ fstab -rw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 fstab [root@server11 tmp]# setfacl -m u:andrew:rw /var/tmp/fstab [root@server11 tmp]# setfacl -m u:susan:--- /var/tmp/fstab [root@server11 tmp]# setfacl -m u:andrew:rw- /var/tmp/fstab [root@server11 tmp]# getfacl /var/tmp/fstab

--------------------14.create a new physical volume, create a new volume group in the name of datacontainer, vg extent is 16.00MB . create a new logical volume in the name of datacopy with the size of 50 extents and file system must vfat then mount it under /datasource Ans: ---[root@server11 ~]# fdisk /dev/vdb Command (m for help): p Command (m for help): n l logical (numbered from 5) Select (default p): l Adding logical partition 7 First sector (509952-20971519, default 509952): Using default value 509952 Last sector, +sectors or +size{K,M,G} (509952-20971519, default 20971519): +1G Partition 7 of type Linux and of size 1 GiB is set Command (m for help): p Command (m for help): t Partition number (1,5-7, default 7): 7 Hex code (type L to list all codes): 8e Changed type of partition 'Linux' to 'Linux LVM'

Command (m for help): w [root@server11 ~]# partprobe /dev/vdb [root@server11 [root@server11 [root@server11 [root@server11 [root@server11

~]# ~]# ~]# ~]# ~]#

mkdir /datasource pvcreate /dev/vdb7 vgcreate -s 16 datacontainer /dev/vdb7 lvcreate -l 50 -n /dev/datacontainer/datacopy lvdisplay

[root@server11 ~]# mkfs.ext4 /dev/datacontainer/datacopy [root@server11 ~]# vim /etc/fstab /dev/datacontainer/datacopy /datasource ext4 defaults 0 0 [root@server11 ~]# mount -a [root@server11 ~]# df -h [root@server11 ~]# lsblk ---------------15.Add the user talusan with userid 2985. --->Add the user talusan with userid 2985 --->find the file which owned by user julice and copy the file into /root/find.user directory. Ans: ---[root@server11 ~]# useradd -u 2985 talusan [root@server11 ~]# id talusan [root@server11 ~]# useradd julies [root@server11 ~]# find / -name julies /var/spool/mail/julies /home/julies [root@server11 ~# cp -rvf /home/julies/ /root/find.user [root@server11 ~]# cp -rvf /var/spool/mail/julies /root/find.user ‘/var/spool/mail/julies’ -> ‘/root/findresult’ -------------------------16. Resize the logical volume, datacontainer-datacopy and it filesystem to 400MB. Make sure that the filesystem contents remain intact. (Note: partitions are seldom exactly the size requested,so any thing within the range of 370MB to 430MB is acceptable) Ans: ---[root@server11 ~]# umount /dev/datacontainer/datacopy

[root@server11 ~]# e2fsck -f /dev/datacontainer/datacopy [root@server11 ~]# resize2fs /dev/datacontainer/datacopy 400M [root@server11 ~]# lvreduce -L 400M /dev/datacontainer/datacopy [root@server11 ~]# resize2fs /dev/datacontainer/datacopy [root@server11 ~]# mount /dev/datacontainer/datacopy [root@server11 ~]# df -h [root@server11 ~]# lsblk ---------------------17.create an archive file /root/local.tgz for /usr/local. it should be compressed by gzip.. [root@localhost ~]# tar -czf /root/local.tgz /usr/local --------------------18.search the string sarah in the /etc/passwd file and save the output in /root/lines Ans: [root@server11 ~]# grep sarah /etc/passwd [root@server11 ~]# cat /root/lines

> /root/lines

View more...

Comments

Copyright ©2017 KUPDF Inc.
SUPPORT KUPDF