Scribd
Upload
3K views14 pages

RHCSA Containers

This document provides instructions for completing tasks on two virtual machines as part of an RHCSA exam. Key details include: - Tasks involve configuring networking, repositories, NTP, cron jobs, users, permissions, backups and more on the two VMs. - One VM password needs to be recovered, while the other has networking already configured. NTP only needs configured on one VM. - Tasks require working with users, groups, permissions, ACLs, cron jobs, NFS, autofs, LVM, Stratis and more. - The second VM has three disks - one for root FS, one for swap/LVM, and the third for Stratis configuration. Tasks involve reset

Uploaded by

Arpit Awasthi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3K views14 pages

RHCSA Containers

This document provides instructions for completing tasks on two virtual machines as part of an RHCSA exam. Key details include: - Tasks involve configuring networking, repositories, NTP, cron jobs, users, permissions, backups and more on the two VMs. - One VM password needs to be recovered, while the other has networking already configured. NTP only needs configured on one VM. - Tasks require working with users, groups, permissions, ACLs, cron jobs, NFS, autofs, LVM, Stratis and more. - The second VM has three disks - one for root FS, one for swap/LVM, and the third for Stratis configuration. Tasks involve reset

Uploaded by

Arpit Awasthi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 14

RHCSA_v8

========================================================================
================================
Important_Instructions: Please read carefully.

* You will be given by 2 VMs


* Total number of Questions will be around 20
* In one system root password is already set ( no need to reset )
but in the second system password need to be recovered.
* In one system Network configuration is required but in another one networking is already
done
* NTP needs to be configured in only one system ( not in both )
* YUM Repo needs to be configured in both systems.
* There is not any Q to configure LDAP Client ( it is already configured ).
You just need to configure automounting for LDAP user's Home DIR in one system.
( follow same steps as RHEL-7 )
* Firewall and SELinux both will be pre-enabled.
========================================================================
================================

Server-a:
`````````
#Q1. Configure network and set the static hostname.
IP ADDRESS = 172.25.X.11
NETMASK = 255.255.255.0
GATEWAY = 172.25.X.254
DNS = 172.25.254.254
Hostname = serverX.lab.example.com

Answer:

#nmcli connection

#nmtui [add the details]

[optional]
#nmcli connection modify Wired\ connection\ 1 ipv4.addresses 172.25.0.11/24 ipv4.gateway
172.25.0.254 ipv4.dns 172.25.254.254 ipv4.dns-search lab.example.com ipv4.method manual

# nmcli connection up Wired\ connection\ 1

# hostnamectl set-hostname servera.lab.example.com

========================================================================
================================
#Q2. Configure YUM repos with the given link ( 2 repos: 1st is Base and 2nd is AppStream )
base_url= http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
AppSterm_url= http://content.example.com/rhel8.0/x86_64/dvd/AppStream
Answer:

#yum clean all

#yum repolist

#cd /etc/yum.repo.d

#vi RHEL.repo

[baseOS]

Name=baseOS
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
enable=1
gpgcheck=0

[AppStream]

Name=AppSream
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/AppStream
enable=1
gpgcheck=0

--save--

#yum clean all

#yum repolist

========================================================================
================================
#Q3. Debug SELinux:
- A web server running on non standard port 82 is having issues serving content.
Debug and fix the issues.

- The web server on your system can server all the existing HTML files from
/var/www/html
( NOTE: Do not make any changes
to these files )
* Web service should automatically start at boot time.

Answer:

#vim /etc/httpd/conf/httpd.conf
#systemctl restart httpd

#journalctl -xe [copy the command and modify it]

#semanager port -l | grep http [82 port is not added here]

#semanager port -a -t http_port_t -p tcp 82

#systemctl restart http

========================================================================
================================#
Q4. Create User accounts with supplementry group.

- create the group a named "sysadmin".


- create users as named "natasha" and "harry", will be the supplementry group
"sysadmin".
- create a user as named "sarah", should have non-interactive shell and
it should be not the member of "sysadmin".
- password for all users should be "trootent"

Answer:

#groupadd sysadmin

#useradd Natasha -G sysadmin

#useradd harry -G sysadmin

#useradd -s /sbin/nologin Sarah

#passwd username

========================================================================
================================
#Q5. Configure a cron job that runs every 14:23 minutes and executes:

logger "EX200 in progress" as the user natasha.

Answer:

#crontab -eu Natasha

23 14 * * * logger "EX200 in progress"

- save-
#crontab -lu Natasha

#systemctl restart crond

#systemctl enable crond

========================================================================
================================
#Q6. Create a collaborative Directory.

- Create the Directory "/home/manager" with the following characteristics.


- Group ownership of "/home/manager" should go to "sysadmin" group.
- The directory should have full permission for all members of "sysadmin" group
but not to the other users except "root".
- Files created in future under "/home/manager" should get the same group ownership .

Answer:

#mkdir /home/manager

#chgrp sysadmin /home/manager

#chmod 2770 /home/manager

========================================================================
================================
#Q7. Configure NTP
- Synchronize time of your system with the server classroom.example.com.

Answer:

#vi /etc/chrony.conf

#Commit active server and add below line with nap server name

Server classroom.example.com burst

--save--

# systemctl restart chronyd

#systemctl enable chronyd

#chronyc sources -v
========================================================================
================================
#Q8. Configure AutoFS

- All ldapuserX home directory is exported via NFS, which is available on


classroom.example.com
(172.25.254.254) and your NFS-exports directory is /home/guests for ldapuserX,
- ldapuserX's home directory is classroom.example.com:/home/guests/ldapuserX,
where X is your station number
- ldapuserX's home directory should be automounted autofs service.
- home directories must be writable by their users.
- while you are able to log in as any of the user ldapuser1 through ldapuser20,
the only home directory that is accessible from your system is ldapsuserX

Answer:

#yum -y install autofs

#vim /etc/auto.master

/home/guests /etc/auto.misc

#vi /etc/auto.misc
Ldapuser10 -fstype=nfs,rw classroom.lab.example.com:/home/guests/&

#systemctl restart autofs

#systemctl enable autofs

========================================================================
================================
#Q9. ACL.

- Copy the file /etc/fstab to /var/tmp/ and configure the "ACL" as mention following.
- The file /var/tmp/fstab should owned by the "root".
- The file /var/tmp/fstab should belongs to the group "root".
- The file /var/tmp/fstab should not be executable by any one.
- The user "sarah" should able to read and wril
- The user "harry" can neither read nor write to the file.
- Other users (future and current) shuold be able to read /var/tmp/fstab.

Answer:

#cp /etc/fstab /var/tmp/

#setfacl -m u:sarah:rw_,u:harry:0 /var/tmp/fstab


#getfacl /var/tmp/fstab

========================================================================
================================
#Q10. Create user 'bob' with 2112 uid and set the password 'trootent'

Answer:

#useradd -u 2112 bob

#passwd bob

========================================================================
================================
#Q11. Locate all files owned by user "harry" and copy it under /root/harry-files

Answer:

#mkdir /root/harry-files

#find / -user harry -exec cp -apfv {} /root/harry-files \;

#ls -la /root/harry-files

========================================================================
================================
#Q12. Find a string 'ich' from "/usr/share/dict/words" and put it into /root/lines file.

Answer:

#grep "ich" /usr/share/dict/words > /root/lines

========================================================================
================================
#Q13. create an archive '/root/backup.tar.bz2' of /usr/local directory and compress it with
bzip2.

Answer:

#tar cfj /root/backup.tar.bz2 /usr/local

========================================================================
================================
========================================================================
================================
Server-2:
`````````
NOTE: In this Server 3 Disks will be given.
1. /dev/vda : for ROOT filesystem ( don't do anything under this Disk )

2. /dev/vdb : You need to use for Swap and LVM Partition.

3. /dev/vdc : Will be used for Stratis.


========================================================================
================================
#Q14. Reset root user password and make it 'trootent'

Answer

#root the Vm

# e to edit kernel parameter

#linux 'end' line add => rd.break console=tty1

#ctrl+x

#mount -o remount,rw /sysroot

#chroot /sysroot

#passwd

#touch /.autorelabel

#reboot -f

========================================================================
================================
#Q15. Configure YUM Repos
base_url= "http://content.example.com/rhel8.0/x86_64/dvd/BaseOS"
AppStrem_url= "http://content.example.com/rhel8.0/x86_64/dvd/AppStream"

Answer:

#vi RHEL.repo

[baseOS]

Name=baseOS
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS
enable=1
gpgcheck=0

[AppStream]
Name=AppStream
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/AppStream
enable=1
gpgcheck=0

--save--

#yum clean all

#yum repolist

========================================================================
================================
#Q16. Resize a logical Volume

- Resize the logical volume "mylv" so that after reboot size should be in between 200MB
to 300MB.

[note: already mylv is existed with 150Mi]

Answer:

#lvs

#vgs

#lvextend -L +100M /dev/myvg/mylv -r

#df -h

#lvs

========================================================================
================================
#Q17. Add additional swap partition of 512MB and mount it permanently.

[Note: already swap partition is existed with 512Mi, its lvm partation]

Answer:

#lsblk

#fdisk /dev/vdb

#n new partition
#P primary

#start [enter]. #end +512M

#t type [82]

#wq!

#partprobe

#mkswap /dev/vdb1

#swapon /dev/vdb1

#vi /etc/fstab

uuid=xxx swap swap defaults 0 0

#free -h

========================================================================
================================
#Q18. Create a Logical Volume and mount it permanently.

- Create the logical volume with the name "wshare" by using 50PE's from the volume
group "wgroup".
- Consider each PE size of volume group as "8 MB".
- Mount it on /mnt/wshare with file system vfat.

Answer:

#mkdir /mnt/wshare

#fdisk /dev/vdb

# n # p #t [82] #start [enter]. #end +500MB #wq!

#partprobe

#lsblk

#pvcreate /dev/vdb2

#vgcreate -s 8MB wgroup /dev/vdb2

#lvcreate -l 50 wshare -n wshare

#mkfs.vfat /dev/mapper/wgroup/wshare
#vi /etc/fstab

uuid=xxxx /mnt/wshare vfat defaults 0 0

#mount -a

========================================================================
================================
#Q19. Create a new vdo volume according to following requirements:

- Use the unpartitioned disk


- The volume is named 'vdovol' with logicalVolem size 50Gi
- Format with xfs filesystem and mount on /vdodata
- make fstab entry

Answer:

#yum -y install vdo

#systemctl start vdo ; systemctl enable vdo

#mkdir /vdodata

#man vdo

#vdo create --name=vdovol --device=/dev/vdc --vdoLogicalSize=50G

#mkfs.xfs /dev/mapper/vdovol

#vim /etc/fstab

/dev/mapper/vdovol /vdodata xfs defaults,x-systemd.requires=vdo.service 0 0

#mount -a

========================================================================
================================
#Q20. Configure System Tuning:

- Choose the recommended 'tuned' profile for your system and set it as the default.

Answer:

#tuned-adm --help

#tuned-adm active
#tuned-adm recommand

#tuned-adm profile virtual-guest

========================================================================
================================================================

Container Questions:

========================================================================
=

1. Launch a container in the background with the image in the private registry.
NOTE: registry URL , name and password is given in the instructions
NOTE: But you don’t have to launch the container from root account

Answer:
first login with the user from which you have to launch the container

# ssh student@serverb

# yum module install container-tools -y

#ssh <user>@serverb

# podman login <URL>


username:
password:

(NOTE: DON’T LAUNCH THIS CONTAINER HERE , BUT LAUNCH THE CONTAINER IN THE
NEXT QUESTION)

# mkdir -p ~/.config/systemd/user/

# cd ~/.config/systemd/user

# podman generate systemd –name <container name> --files –new

# systemctl --user daemon-reload

# systemctl –user enable –now container-inventorydb.service

# loginctl enable-linger

TO CHECK:
# systemctl –user status container-inventorydb.service
# systemctl –user start container-inventorydb.service
# systemctl –user stop container-inventorydb.service
========================================================================
=

2. Mount the folder /home/student/data into the above container destination path is /var/lib/

Answer:

# mkdir /home/student/data

# chmod 777 /home/student/data

# podman run -dit –name my-name -v /home/student/data:/var/lib registry.lab


.example.com/rhel8/rsyslog-image

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy