Exam -7-paper-1 ---------------------Initial setup: --------------password break: -------------------restart system ----> press esc key linux... --- > press e ----> fi ( line not enter) ----> linux16 /boot/mliu! ----> "o to en# of t$e line an# enter belo% t$e t$e comon# r#.break console&tty1 ---->ctrl' s%itc$root:* mount -o remount+r% /sysroot s%itc$root:* c$root /sysroot ---> in exam they give passwd s$-,.* pass%# ne%pass%#: retypepass%#: s$-,.* exit s%itc$root:*exit ---------------------------------------------------------------------------
rootserer6 0* systemctl set-#efault multi-user.tar"et multi-user.tar"et -----> "o to sin"le user mo#e mo#e rootserer6 0* systemctl set-#efault "rap$ical.tar"et
2erminal open3 4lt'f Enter a comman#: "nome-terminal---> enter ------------------------------------------------------------------------rootserer6 0* nmtui ---> E#it a connection ---> system et$5 ----> E#it ------>rofile name:system et$5 ------> ip, confi"uration -->s$o%(click)--Enter ( I a##ress+"ate%ay+#ns+searc$ a##ress+"ate%ay+#ns+searc$ #omain "ie in E4 u can enter belo%) 4##resse#:17.8.5.11/, ----> exam they give ip,dns,gateway +domain 9ate%ay :17.8.8,.8, ;< serer:17.8.8,.8, searc$ omain: example.com -----> ok -----> =uit
rootserer6 0* nmtui ------> 4ctiate connection ------> system et$5 ----> eactiate(s$o%)--Enter--> 4ctiate ---> Enter ------> =uit no% c$eck I a##ress: -------------------rootserer6 0* ip a rootserer6 0* pin" 17.8.8,.8, rootserer6 0* im /etc/sysconfi"/net%ork-scripts/ifcf"-et$5 ??2@?2?&static ?;??2&yes --------------rootserer6 0*$ostnamectl set-$ostname serer6.example.com or rootserer6 0*im /etc/$ostname serer6.example.com --------------rootserer6 0* systemctl stop iptables.serice rootserer6 0* systemctl stop ip6tables.serice rootserer6 0* systemctl stop ebtables.serice
rootserer6 0* systemctl #isable iptables.serice rootserer6 0* systemctl #isable ip6tables.serice rootserer6 0* systemctl #isable ebtables.serice rootserer6 0* systemctl mask iptables.serice ln -s A/#e/nullA A/etc/system#/system/iptables.sericeA rootserer6 0* systemctl mask ip6tables.serice ln -s A/#e/nullA A/etc/system#/system/ip6tables.sericeA rootserer6 0* systemctl mask ebtables ln -s A/#e/nullA A/etc/system#/system/ebtables.sericeA --------------rootserer6 yum.repos.#0* im a#min.repo a#min0 name&a#minrepo baseurl&$ttp://content.example.com/r$el7.5/xB66,/## "p"c$eck&5 enable#&1 rootserer6 yum.repos.#0* yum clean all rootserer6 yum.repos.#0* yum clean #bcac$e rootserer6 yum.repos.#0* yum repolist
rootserer6 0* init 6 ---------------------------------------------------------------Question and answer: ----------------------------1.SELinux Make SELinux as enforcing mode which is permanent Answer: ---------rootserer6 0* im /etc/sysconfi"/selinux
rootserer6 0* "etenforce Enforcin"
rootserer6 0* init 6 ------------------------------------------------------------------------2.To create a new 500 MB phsica! partion To create a new 500 MB phsica! partition mounted on "common with xfs fi!esstem. #ote $ecause partition si%es are se!dom exact! what is specified when ou are created& anthing with range of '(5MB t o 525 MB is accepta$!e . 4ns%er: -----------rootserer6 0* lsblk rootserer6 0* f#isk /#e/#b omman# (m for $elp): p omman# (m for $elp): n artition type: p primary (5 primary+ 5 exten#e#+ , free) e exten#e#
xfs
#efaults
55
rootserer6 0* mount -a rootserer6 0* #f -$ /#e/#b1 ,7 6 ,7 6K /common ----------------------------------------------------------------------------).create the fo!!owing users&groups and group mem$ership.
a group name admin. a user harr who $e!ongs to admin as a secondar group. a user natasha who $e!ongs to admin as a secondar group. a user sarah who does not access to an interacti*e she!! on the sstem and who is not mem$er of admin. a user sand who $e!ongs to admin as a secondar group. harr&natasha&sarah&sand shou!d a!! ha*e password of password. +ns, rootserer6 0* "roupa## a#min rootserer6 0* usera## -9 a#min $arry rootserer6 0* usera## -9 a#min natas$a rootserer6 0* usera## -s /sbin/nolo"in sara$ rootserer6 0* usera## -9 a#min san#y rootserer6 0* pass%# $arry rootserer6 0* pass%# natas$a rootserer6 0* pass%# sara$ rootserer6 0* pass%# san#y rootserer6 0* cat /etc/"s$a#o% a#min:L::$arry+natas$a+san#y rootserer6 0* i# $arry rootserer6 0* su - sara$ --------------------'.create a co!!a$orati*e director "common"admin with the fo!!owing characterstics.
-roup ownership of "common"admin is admin the director shou!d $e reada$!e &writea$!e and accessi$!e to mem$ers of admin $ut not to an other users./t is understood the root as access to a!! fi!es and directories on the sstem. fi!es created in "common"admin automatica!! ha*e group ownership set to the admin group. Ans: ---rootserer6 0* mk#ir -p /common/a#min rootserer6 0* ls -l# /common/a#min #r-xr-x---. 18 root root ,56 ;o 8 56:,1 . rootserer6 0* c$"rp a#min /common/a#min rootserer6 0* c$mo# 775 /common/a#min/ -@
rootserer6 a#min0* c$mo# "'s /common/a#min rootserer6 0* ls -l# /common/a#min/ rootserer6 a#min0* touc$ 1 J -------------------------------------------------------------------------------5.shedu!e a o$.
harr set the own o$ schedu!e on 12,'0 at noon print "$in"echo on he!!o wor!d. natasha shou!d not schedu!e cron o$s. +ns, --- 1) rootserer6 0* yum install cronM -y rootserer6 0* crontab -eu $arry B M M M /bin/ec$o 3$ello% %orl#3 rootserer6 0* systemctl restart cron#.serice rootserer6 0* cat /ar/spool/mail/$arry ) rootserer6 0* im /etc/cron.#eny natas$a rootserer6 0* systemctl restart cron#.serice rootserer6 0* su - natas$a natas$aserer6 0* crontab -e your not allo%e# to use t$is pro"ram
----------------------------3./nsta!! the appropriate kerne! update from http,""c!assroom.examp!e.com"rhe!(.0"x433'"errata" The fo!!owing criteria must a!so $e met .
the updated kerne! is a defau!t when is sstem is re$ooted. the origina! kerne! remains a*ai!a$!e and $oota$!e on the sstem. +ns, rootserer6 0* im /etc/"rub.conf rootserer6 0* uname -r J.15.5-1J.el7.xB66, rootserer6 0* c# /etc/yum.repos.# rootserer6 yum.repos.#0* ls a#min.repo rootserer6 yum.repos.#0* im a#min.repo
a#min0 name&a#minrepo baseurl&$ttp://content.example.com/r$el7.5/xB66,/errata/ "p"c$eck&5 enable#&1 rootserer6 yum.repos.#0* yum clean all rootserer6 yum.repos.#0* yum clean #bcac$e rootserer6 yum.repos.#0* yum repolist rootserer6 yum.repos.#0* yum install kernel -y rootserer6 yum.repos.#0* reboot -f
rootserer6 0* uname -r J.15.5-1J.1..el7.xB66, rootserer6 0* im /etc/"rub.conf ----------------------
(.create a swap memor. . create a swap partition 512MB si%e. +ns, --rootserer6 0* f#isk /#e/#b omman# (m for $elp): p omman# (m for $elp): n
/#e/#b8 s%ap rootserer6 0* s%apon -a rootserer6 0* s%apon -s rootserer6 0* free -m rootserer6 0* lsblk
s%ap
#efaults
55
-----------------------------4. +678/9E.
+rchi*e "etc"hosts to "*ar"tmp"archi*e.tar.$%2. :!ease read carefu!! the ;uestion "*ar" and "tmp are director. So remo*e the "tmp or "*ar and tr it. 4ns: rootserer6 /0* tar -cOf /ar/tmp/arc$ie.tar.b! /etc/$osts
DnPip: -----rootserer8 /0* tar -xOf /ar/tmp/arc$i.tar.b! - /root/esktop/ etc/$osts ----------------------------<.Bind to the L=+: domain examp!e.com pro*ided $ c!assroom.examp!e.com for user.. note the fo!!owing. !dapuser> shou!d $e a$!e to !og into our sstem& where > is our ser*er num$er& $ut wi!! not ha*e a home director unti! ou ha*e comp!eted the autofs re;uirement $e!ow. . a!! !dap user ha*e a password of password #ote,our !dap user TLS certificate path http,""c!assroom.examp!e.com"pu$"E>+M:LE?7+?7E6T
+ns, ???? rootserer6 0* yum install sss#M -y rootserer6 0* yum install aut$M -y rootserer6 0* yum install autofsM -y rootserer6 0* systemctl restart sss# Qob for sss#.serice faile#. rootserer6 0* aut$confi"-"tk one new window open Dser accoun# #atabase: C4 C#ap
select Dse 2C< to encrypte# connection -- lick o%nloa# certicficate --- new window open certificate url: $ttp://classroom.example.com/pub/E4CE-4-E@2 --> ok 4ut$en#ication met$o# : C4 4<
rootserer6 0* systemctl restart sss# ----------------------10.7onfigure autofs to automount the home directories of L=+: users. #ote the fo!!owing, . i c!assroom.examp!e.com 1(2.25.25'.25' #@S ?exports "home"guests to our sstem&. ii !dapuser>As home director is c!assroom.examp!e.com,"home"guests"!dapuser>. where > is our station num$er . & iii !dapuser>As home director shou!d $e automounted !oca!! mapped to "home as "home"guests.. home directories must $e writea$!e $ their users. whi!e ou are a$!e to !og in as an of the users !dapuser1 through !daouser20.the on! home director. that is accessi$!e from our sstem is !dapuserx
Examp!e,station 100 wou!d configure the automounter such that !dapuser100As home director "home"guest gets mounted automatica!! upon !ogin.
4ns: --rootserer8 /0* im /etc/auto.master /misc /etc/auto.misc /$ome/"uests /etc/auto.misc rootserer8 /0* im /etc/auto.misc c# -fstype&iso665+ro+nosui#+no#e :/#e/c#rom l#apuser6 -r%+soft+intr classroom.example.com:/$ome/"uests/l#apuser6 rootserer6 0* systemctl restart autofs rootserer6 0* su - l#apuser6 -----------------------------------------------------------------------------
11.cop the fi!e "etc"fsta$ to *ar"tmp. configure the permission of "*ar"tmp"fsta$. the fi!e "*ar"tmp"fsta$ is owned $ root user. the fi!e "*ar"tmp"fsta$ is $e!ongs to the group root. the fi!e "*ar"tmp"fsta$ is shou!d not $e executa$!e $ an one. the user harr is a$!e to read and write $ "*ar"tmp"fsta$. the user #atasha can neither read nor write "*ar"tmp"fsta$. a!! other usercurrent"futureha*e the a$!it to read "*ar"tmp"fsta$. Ans: ---rootserer8 0* c# /ar/tmp rootserer8 tmp0* ls rootserer8 tmp0* cp -rf /etc/fstab /ar/tmp/
rootserer8 /0* setfacl -m u:$arry:r%- /ar/tmp/fstab rootserer8 /0* setfacl -m u:natas$a:--- /ar/tmp/fstab rootserer8 /0* "etfacl /ar/tmp/fstab -----------------12. configure our sstem so that it is an #T: c!ient of c!assroom.examp!e.com. 4ns: ---rootserer6 0* yum install c$ronyM -y rootserer6 0* im /etc/c$rony.conf serer J.r$el.pool.ntp.or" iburst serer classroom.example.com iburst rootserer6 0* systemctl restart c$rony#.serice rootserer6 0* time#atectl rootserer6 0* c$ronyc trackin" --------------------1).find the owner of the fi!e sand to cop the fi!e to gi*en path of root"find.user. 4ns: ---rootserer6 0* fin# / -iname san#y rootserer6 0* cp -rf /$ome/san#y /root/fin#.user rootserer6 0* cp -rf /ar/spool/mail/san#y /root/fin#.user --------------------
1'.7reate one !ogica! *o!ume named data$ase and it shou!d $e on datastore *o!ume group with si%e 50 extent.. i the datastore *o!ume group extend shou!d $e 13MiB.. mount the !ogica! *o!ume under mount point "mnt"data$ase. +ns, ???? rootserer6 0* f#isk /#e/#b omman# (m for $elp): p omman# (m for $elp): n artition type: p primary (5 primary+ 1 exten#e#+ J free) l lo"ical (numbere# from 8)
/mnt/#atabase
ext,
#efaults
55
rootserer6 0* mount -a rootserer6 0* #f -$ ------------------------------15.to create a new user with /= 1)23 a!ies. Ans: ---rootserer6 0* usera## -u 1J6 alies rootserer6 0* i# alies ui#&1J6(alies) "i#&1J6(alies) "roups&1J6(alies)
----------------------------------13.Ena$!e @T: ser*ice on our sstem and anonmous userAs can down!oad options a*ai!a$!e on our ser*er.
+ns, ??? rootserer6 0* yum install MftpM -y rootserer6 0* yum install sftp#M -y rootserer6 0* systemctl restart sftp#
rootserer6 0* im /etc/sftp#/sftp#.conf anonymousenable&SE< rootserer6 0* ftp 17.8.6.11 ;ame (17.8.6.11:root): anonymous ftp> ls -----------------------------------------------------------------------------------------1(.@ind the string "$in"$ash in "etc"passwd and searching string as $een stored in "root"search.txt. rootserer6 0* "rep /bin/bas$ /etc/pass%# > /root/searc$.txt rootserer6 0* cat /root/serarc$.txt -----------------------------------------------------------------------------------------14.The initia! si%e of that !ogica! *o!ume data$ase is 400MB. Make successfu!! reduce the si%e of !ogica! *o!ume 500MB without !osing an data.. Ans ---rootserer6 0* umount -a rootserer6 0* efsck -f /#e/#atastore/#atabase rootserer6 0* resi!efs /#e/#atastore/#atabase 855 rootserer6 0* lre#uce -C 855 /#e/#atastore/#atabase o you really %ant to re#uce #atabaseT y/n0: y rootserer6 0* resi!efs /#e/#atastore/#atabase rootserer6 0* mount -a /#e/#atastore/#atabase /mnt/#atabase
