Sample Question RHCSA Ex200 Exam Redhat Rhel 9

145 View
Sample Question RHCSA Ex200 Exam Redhat Rhel 9
Sample Question RHCSA Ex200 Exam Redhat Rhel 9
Q1. Configure network and set the static hostname.

IP ADDRESS = 172.25.250.10 NETMASK = 255.255.255.0 GATEWAY = 172.25.250.254 DNS = 172.25.250.254 Domain name = lab.example.com hostname = servera.lab.example.com

# vi /etc/sysconfig/network-scripts/ifcfg-eth0
      DEVICE="eth0"
      BOOTPROTO="static"
      DNS="172.25.250.254"
      GATEWAY="172.25.250.254"
      HOSTNAME="servera.lab.example.com"
      HWADDR="00:19:99:A4:46:AB"
      IPADDR="172.25.250.10"
      NETMASK="255.255.255.0"
      NM_CONTROLLED="yes"
      ONBOOT="yes"
      TYPE="Ethernet"
      UUID="8105c095-799b-4f5a-a445-c6d7c3681f07"
    

modify the IP address then save and quit ( :wq)

#hostnamectl set-hostname servera.lab.example.com
# nmcli con up System \eth0
# systemctl restart NetworkManager
    

Q2. Configure YUM repos with the given link ( 2 repos: 1st is Base and 2nd is AppStream )

Base_url= http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
AppSterm_url= http://content.example.com/rhel8.0/x86_64/dvd/AppStream

# vim /etc/yum.repos.d/local.repo
      [BaseOS]
      name=yum repository local
      baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
      gpgcheck=0
      enabled=1
      [AppStream]
      name=yum repository local
      baseurl=http://content.example.com/rhel8.0/x86_64/dvd/AppStream
      gpgcheck=0
      enabled=1
    

Save the file and exit (:wq)

# yum repolist
# yum update
    

Q3. Debug SELinux:

A web server running on nonstandard port 82 is having issues serving content. Debug and fix the issues.

The web server on your system can server all the existing HTML files from /var/www/html (NOTE: Do not make any changes to these files )

Web service should automatically start at boot time.

# semanage fcontext -a -t httpd_sys_content_t "/var/www/html(/.*)?"
# restorecon -Rv /var/www/html
# semanage port -l | grep http
# semanage port -a -t http_port_t -p tcp 82
# firewall-cmd --permanent --add-port=82/tcp
# firewall-cmd --reload
    

Q4. Create User accounts with supplementary group.

Create the group a named “sysadms”.

# groupadd sysadms

Create users as named “natasha” and “harry”, will be the supplementary group “sysadms”.

# useradd  -G sysadms harry
# useradd -G sysadms natasha

Verify the created user and its supplementary group

# id harry
# id nathasa

Create a user as named “sarah”, should have non-interactive shell and it should be not the member of “sysadms”.

# useradd -s /sbin/nologin sarah

Verify the created user and its non-interactive shell

# id sarah

Password for all users should be “trootent”

# passwd sarah
# passwd harry
# passwd natasha

Check all user accounts in the system

# cat /etc/passwd

Q5. Configure a task: plan to run echo “file” command at 14:23 every day.
# su - natasha
      $ crontab -e
      23 14 * * * /bin/echo "file"
      $ crontab -l
    
Q6. Create a Collaborative Directory

● Create the Directory “/home/manager” with the following characteristics.

● Group ownership of “/home/manager” should go to “sysadms” group.

● The directory should have full permission for all members of “sysadms” group but not to the other users except “root”.

● Files created in future under “/home/manager” should get the same group ownership .

    
- Create the Directory "/home/manager" 
# mkdir /home/manager
- Change the group ownership of "/home/manager" to "sysadms" group
# chgrp sysadms /home/manager
- Set full permission for all members of "sysadms" group and not to other users except "root"
# chmod 2770 /home/manager
- Verify the permissions on the "/home/manager" directory
# ls -ld /home/manager
    
Q7. Configure NTP:

● Synchronize time of your system with the server classroom.example.com.

# yum install -y chrony
# vi /etc/chrony.conf : server classroom.example.com iburst
# timedatectl set-ntp true
# systemctl restart chronyd
# chronyc sources -v

Q8. Configure AutoFS

All Ldapuser2 home directory is exported via NFS, which is available on classroom.example.com (172.25.254.254) and your NFS-exports directory is /home/guests for Ldapuser2, Ldapuser2’s home directory is classroom.example.com:/home/guests/ldapuse2, Ldapuser2’s home directory should be automount autofs service, Home directories must be writable by their users, while you are able to log in as any of the user ldapuser1 through ldapuser20, the only home directory that is accessible from your system is ldapsuser2.

# yum install -y autofs
# vi /etc/auto.master.d
        (/home/guests   /etc/auto.home)
# vi /etc/auto.home
        (* -rw,sync,fstype=nfs4 classroom.example.com:/home/guests/&)
# systemctl enable autofs.service
# systemctl start autofs.service
# ssh ldapuser5@localhost
# cd
# pwd
    

It should be /home/guests/ldapuser2


Q9. Configure ACL for the file /var/tmp/fstab

Copy the /etc/fstab file to /var/tmp/

# cp -rv /etc/fstab /var/tmp/
    

Check the ownership and permission of the file /var/tmp/fstab

# cd /var/tmp/
# ls -al /var/tmp/fstab
    

Set ACL for the file /var/tmp/fstab

# setfacl -m u:sarah:rw- /var/tmp/fstab
# setfacl -m u:harry:--- /var/tmp/fstab
# setfacl -m o:r-- /var/tmp/fstab
    

Check the ACL status of the file /var/tmp/fstab

# getfacl /var/tmp/fstab
    
Q10. Create user ‘bob’ with 2112 uid and set the password ‘trootent’
 
# useradd -u 2112 bob
# passwd bob (trootent)
# id bob
Q11. Locate all files owned by user “harry” and copy it under /root/harry-files
 
# find / -user harry -exec cp -rvpf {} /root/harry-files \; 2>/dev/null
Q12. Find a string ‘ich’ from “/usr/share/dict/words” and put it into /root/lines file
# grep “ich” /usr/share/dict/words > /root/lines
# cat /root/line_file
Q13. create an archivie ‘/root/backup.tar.bz2’ of /usr/local directory and compress it with gzip.
 
# tar -cvzf /root/backup.tar.bz2 /usr/local
Q14. Reset root user password and make it ‘trootent’

To reset the root user password, follow these steps:

1. Press 'e' for starting system
2. Put in the last line of linux16: 'rd.break'
3. Press 'ctrl + x'
# mount -o remount,rw /sysroot
# chroot /sysroot
# passwd root
    

Enter the new password, for example, ‘trootent’

# touch /.autorelabel
# exit
# exit
    

Q15. Configure YUM Repos

Base_url = “http://content.example.com/rhel8.0/x86_64/dvd/BaseOS”
AppStrem_url = “http://content.example.com/rhel8.0/x86_64/dvd/AppStream”

# scp -r /etc/yum.repos.d/local.repo [email protected]:/etc/yum.repos.d/
# cat /etc/yum.repos.d/local.repo
[local_repo]
name=Local Repository
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
gpgcheck=0
enabled=1
[local_appstream_repo]
name=Local AppStream Repository
baseurl=http://content.example.com/r
	

Q16. Resize a Logical Volume : – Resize the logical volume “mylv” so that after reboot the size should be in between 200MB to 300MB
# df -h
# vgdisplay
# lvextend -L 300M /dev/mapper/myvg-mylv
# lvdisplay /dev/mapper/myvg-mylv
# resize2fs /dev/mapper/myvg-mylv
    

Q17. Add a swap partition of 956MB and mount it permanently.
# fdisk /dev/vdb
n (create new partition)
p (check Partition table)
Enter 
+965M
t 
82 
w
# mkswap /dev/vdb2

		Then copy UUID

# vim /etc/fstab
UUID=XXXXX swap swap defaults 0 0
# systemctl daemon-reload
# swapon -a
# swapon -s
    

Q18. Create a logical Volume and mount it permanently

To create a logical volume and mount it permanently, follow these steps:

# fdisk /dev/vdb
n (create new partition:)
p (check Partition table)
3
Enter
+640M
w
# partprobe
# pvcreate /dev/vdb3
# vgcreate -s 32M wgroup /dev/vdb3
# lvcreate -n wshare -l 20 wgroup
# mkfs.ext3 /dev/wgroup/wshare
# mkdir /mnt/wshare
    

Then, add the following line to the /etc/fstab file:

# vi /etc/fstab
		/dev/wgroup/wshare  /mnt/wshare  ext3 defaults 0 0
# mount -a

Q19. Create a new VDO partition

To create a new VDO partition with the following requirements:

  • Use the unpartitioned disk
  • VDO name “Vdo1” and logical size should be 50GB
  • Mount it on /vdomount permanently with file system xfs.
#yum -y install vdo kmod-kvdo
#systemctl enable vdo.service
#systemctl start vdo.service
#lsblk
#vdo create –name=Vdo1 --device=/dev/vdd --vdoLogicalSize=50G
#mkfs.xfs -K /dev/mapper/Vdo1
#lsblk --output=UUID /dev/mapper/Vdo1
#mkdir /vdomount
#vi /etc/fstab (UUID=………………… /vdomount xfs defaults, x-systemd.requires=vdo.service 0 0)
#systemctl daemon-reload
    

Q20. Configure System Tuning:
  • Choose the recommended ‘tuned’ profile for your system and set it as the default.
#tuned-adm active
#tuned-adm recommend (virtual-guest)
#tuned-adm profile virtual-guest

Q21. Container
  • Create a container logserver from an image rsyslog in node1 From registry.lab.example.com
  • Configure the container with systemd services by an existing user “Walhalla”,
  • Service name should be container-logserver, and configure it to start automatically across reboot.
# useradd user1 
# passwd user1 
# yum module install container* -y 
# ll /var/log/ 
# vim /etc/systemd/journald.conf  
[Journal] Storage=persistent
:wq! 
#mkdir /var/log/journal
#mkdir /home/wallah/container-logserver
#systemctl restart systemd-journald
# cp /var/log/journal/*/* /home/wallah/container-logserver
# chown -R wallah:wallah /home/wallah/container-logserver
# systemctl restart systemd-journald
# ll /run/log 
# ll /var/log/
# su - wallah
# mkdir /var/log/journal
# mkdir /home/wallah/container-logserver
#systemctl restart systemd-journald
# reboot
# ssh [email protected]

22 System journal with containers
  • Configure your host journal to store all journal across reboot
  • Copy all *.journal from /var/log/journal and all subdirectories to /home/Walhalla/container_logserver
  • Configure automount /var/log/journal from logserver (container) to /home/walhalla/container_logserver when container starts
# podman login regisrty.redhat.io 
# username:  
# password:  
# podman search rsyslog  
# podman pull registry.redhat.io/rhel8/rsyslog  
# podman image list  
# podman run -d --name logserver -v /home/user1/container-logserver:/var/log/journal:Z registry.redhat.io/rhel8/rsyslog 
# podman container list  
# podman ps 
# mkdir -p ~/.config/systemd/wallah 
# cd .config/systemd/wallah/  
# loginctl enable-linger 
# loginctl show-user user1  
# podman generate systemd --name logserver -f -n  
# systemctl --user daemon-reload 
# systemctl --user enable --now container-logserver.service  
# systemctl --user start --now container-logserver.service  
# systemctl --user status --now container-logserver.service  
# podman exec -it logserver /bin/bash  
# ls /var/log/  
# exit


Extra Bonus
Q1.a. Search the files with extension .pl and copy the files to directory /root/pl.found.

b. Search student user files and copy the files to directory /root/student.found.

Ans: a.

# mkdir /root/pl.found
# find / -type f -name *.pl -exec cp -rvfp {} /root/pl.found \;
# ll /root/pl.found

Ans: b.

# mkdir /root/student.found
# find / -type f -user student -exec cp -rvfp {} /root/student.found \;
# ll /root/student.found
2. Search the keyword “sar” in /usr/share/dict/words file and store the lines in /root/sar.found.
# grep sa /usr/share/dict/words |sort > /root/sar.found
3. When we will create any users in node1 the password of that particular user should expire in 20days.
# vi /etc/login.defs
PASS_MAX_DAYS 20

:wq!

Check: – add one user and put chage -l (user name)

4. Write a script named adhoc.sh under /root which will search less than 2M files from /var and store it in /root/backup and also set the permission of set user identifier (SGID)
# vi adhoc.sh

#!/bin/bash
find /usr -type f -size -2M -exec cp {} /root/backup \;

:wq! (save and exit from file)

#chmod 2775 adhoc.sh
#./adhoc.sh 
5. Give the sudo permission to group1.
# vi /etc/sudoers

%group1 ALL=(ALL) NOPASSWD:ALL

:wq! (save and exit)
6. When the existing user joe will create the file the permission should come as rw——- and when create the directory it should come as rwx——
# su - joe
$ vi .bashrc
umask 077 (write it in last line)

:wq!  (save and Exit file)

umask 077 (execute in terminal)




Sample Question RHCSA Ex200 Exam Redhat Rhel 9

Ikuti dan Dapatkan Informasi Menarik lainnya Melalui Google News

Leave a Reply

Your email address will not be published. Required fields are marked *