Contents

Password Crack Re.break Solution (RHEL 7+) . . . . . . . 1

Graphical Interface Installation . . . . . . . . . . . . . . . . 4

IP Address Setup . . . . . . . . . . . . . . . . . . . . . . . . . 5

Configure SELINUX to make it work in enforcing mode . 6

Configure a default software repository for your system 7

Adjust the size of the Logical Volume . . . . . . . . . . . . 8

Soulution One: Addition . . . . . . . . . . . . . . . . . . . 8
Solution Two: Subtraction . . . . . . . . . . . . . . . . . . 8
Notes: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Example scenario . . . . . . . . . . . . . . . . . . . . . . . 11

Create User Account . . . . . . . . . . . . . . . . . . . . . . . 12

Configure /var/tmp/fstab Permission . . . . . . . . . . . . . 13

Configure a cron Task . . . . . . . . . . . . . . . . . . . . . . 14

Create a Shared Directory . . . . . . . . . . . . . . . . . . . 15

Install the Kernel Upgrade . . . . . . . . . . . . . . . . . . . 16

Binding to an external validation server . . . . . . . . . . 18

CONTENTS

Configure NTP . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Configure autofs . . . . . . . . . . . . . . . . . . . . . . . . . 20

Configure a user account . . . . . . . . . . . . . . . . . . . . 22

Add a swap partition . . . . . . . . . . . . . . . . . . . . . . 23

Search files . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Search a String . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Create a backup . . . . . . . . . . . . . . . . . . . . . . . . . 26

Create a logical volume . . . . . . . . . . . . . . . . . . . . . 27

 Password Crack Re.break
Solution (RHEL 7+)
At the beginning of the boot process, at the GRUB 2 menu, type
the e key to edit. Then, go to the kernel line (the line starting with
linux16) and add the following statements at the end:

1 rd.break enforcing=0

Caution: The keys to press are those of a US keyboard (querty).

Note: rd.break asks for a break at an early stage of the boot process.
enforcing=0 puts the system into SELinux Permissive mode. Don’t
confuse with selinux=0 that completely disables SELinux.
Press Ctrl x to resume the boot process.
Then, mount the /sysroot partition as read/write:

1 switch_root:/# mount –o remount,rw /sysroot

Execute the chroot command on the /sysroot partition:

1 switch_root:/# chroot /sysroot

Change the root password:

 Password Crack Re.break Solution (RHEL 7+) 2

1 sh-4.2# passwd root

2 Changing password for user root.
3 New passwd: mypassword
4 Retype new password: mypassword
5 passwd: all authentication token updated successfully.
6 sh-4.2# exit
7 exit
8 switch_root:/# exit
9 logout

Connect to your server at the console (don’t reboot now!) with the
root user and the new password:

1 [ OK ] Started Network Manager Script Dispatcher Servic\

2 e.
3 [ OK ] Started Crash recovery kernel arming.
4 [ OK ] Reached target Multi-User System.
5
6 CentOS Linux 7 (Core)
7 Kernel 3.10.0-229.14.1.el7.x86_64 on an x86_64
8
9 vm login: root
10 Password: mypassword

Then type:

1 restorecon /etc/shadow
2 reboot

If you strictly follow this procedure, you don’t need to force a

SELinux relabel (# touch /.autorelabel or # fixfiles onboot) or load
the SELinux policy (# /usr/sbin/load_policy -i).
You don’t even need to reboot at the end! In this case, type
 Password Crack Re.break Solution (RHEL 7+) 3

1 setenforce enforcing

For the RHCSA exam, you need to intensely practice this procedure.
Note: When dealing with boot problems, the following options
can be added to the kernel command line, bringing additional
information:

1 rd.debug rd.udev.debug systems.log_level=debug

 Graphical Interface
Installation
If you can not start the graphics in startx, can install:

1 yum -y install xorg*

2 yum -y install gnome*
3 yum -y install glx*
4 startx or init 5
 IP Address Setup
The host name of the server1 Virtual Machine should be set with
the following:

1 IP: 192.168.4.13
2 Netmask: 255.255.255.0
3 Gateway: 192.168.4.2
4 DNS: 192.168.4.12

Solutions
Login to the server1 and modify the host name:

1 hostnamectl set-hostname station.domain11.example.com

Update networks:

1 nmcli connection show

2 nmcli connection modify eno16777736 ipv4.addresses 192.16\
3 8.4.13/24 ipv4.gateway 192.168.4.2 ipv4.dns 192.168.4.12 \
4 ipv4.method manual connection.autoconnect yes
5 nmcli connection down eno16777736
6 nmcli connection up
7 ip a
8
9 host server.domain11.example.com
10 route -n

IP Address also can be modified by using graphical Interface nm-

connection-editor Start Exam after completing modification of the
above information.
 Configure SELINUX to
make it work in
enforcing mode
Solutions:

1 getenforce // view mode

2 setenforce 1 // set to enforcing mode
3 vim /etc/selinux/config // permanent modification
4 selinux=enforcing
5 �wq

Restart the server/ VM. Then use the sestatus to view

 Configure a default
software repository for
your system
One YUM repo has been alreday provided to configure your system
on labipa.example.com and can be used normally. Solutions:
Execute yum-config-mannager --add-repo=ftp://labipa.example.com/repo
to generate the repo file, then vim /etc/yum.repos.d/labipa.example.com_-
repo.repo, Add a line gpgcheck=0

1 yum clean all

2 yum repolist
 Adjust the size of the
Logical Volume
Adjust the size of the vo Logical Volume, its file system size should
be 290M. Make sure that the content of this system is complete. Note:
the partition size is rarely accurate to the same size as required, so
in the range 270M to 320M is acceptable.

Soulution One: Addition

1 df -hT
2 lvextend -L +100M /dev/vg0/vo
3 Lvscan
4 xfs_growfs /home/ //home is the mounted directory of the \
5 LVM, this step just need to do in the practice environmen\
6 t, and test EXT4 does not need this step.
7 resize2fs /dev/vg0/vo // use this command to update in ex\
8 amination.
9 df -hT

Solution Two: Subtraction

 Adjust the size of the Logical Volume 9

1 e2fsck -f /dev/vg0/vo
2 umount /home
3 resize2fs /dev/vg0/vo // the final required partition cap\
4 acity is 100M
5 lvreduce -l 100M /dev/vg0/vo
6 mount /dev/vg0/vo /home
7 df -hT

Notes:
This diagram gives a overview of the main elements in an LVM
system:

1 +-- Volume Group --------------------------------+

2 | |
3 | +----------------------------------------+ |
4 | PV | PE | PE | PE | PE | PE | PE | PE | PE | |
5 | +----------------------------------------+ |
6 | . . . .
7 | . . . . |
8 | +----------------------------------------+ |
9 | LV | LE | LE | LE | LE | LE | LE | LE | LE | |
10 | +----------------------------------------+ |
11 | . . . . |
12 | . . . . |
13 | +----------------------------------------+ |
14 | PV | PE | PE | PE | PE | PE | PE | PE | PE | |
15 | +----------------------------------------+ |
16 | |
17 +------------------------------------------------+

Another way to look at is this (courtesy of Erik Bågfors on the linux-

lvm mailing list):
 Adjust the size of the Logical Volume 10

1 hda1 hdc1 (PV:s on partitions or whole disks) \

2
3 \ / \
4
5 \ / \
6
7 diskvg (VG) \
8
9 / | \ \
10
11 / | \ \
12
13 usrlv rootlv varlv (LV:s)
14 | | | \
15
16 ext2 reiserfs xfs (filesystems) \
17

• volume group (VG): The Volume Group is the highest level

abstraction used within the LVM. It gathers together a col-
lection of Logical Volumes and Physical Volumes into one
administrative unit.
• physical volume (PV): A physical volume is typically a hard
disk, though it may well just be a device that ‘looks’ like a
hard disk (eg. a software raid device). Each physical volume
is divided chunks of data, known as physical extents (PE),
these extents have the same size as the logical extents for the
volume group.
• logical volume (LV): The equivalent of a disk partition in
a non-LVM system. The LV is visible as a standard block
device; as such the LV can contain a file system (eg. /home).
Each logical volume is split into chunks of data, known as
logical extents (LE). The extent size is the same for all logical
volumes in the volume group.
Adjust the size of the Logical Volume 11

Example scenario
Lets suppose we have a volume group called VG1, this volume
group has a physical extent size of 4MB. Into this volume group
we introduce 2 hard disk partitions, /dev/hda1 and /dev/hdb1.
These partitions will become physical volumes PV1 and PV2 (more
meaningful names can be given at the administrators discretion).
The PV’s are divided up into 4MB chunks, since this is the extent
size for the volume group. The disks are different sizes and we get 99
extents in PV1 and 248 extents in PV2. We now can create ourselves
a logical volume, this can be any size between 1 and 347 (248 + 99)
extents.
 Create User Account
Create the following user, group and group membership: Admi-
nuser group User natasha, using adminuser as a sub group User
Harry, also using adminuser as a sub group User sarah, can not
access the SHELL which is interactive in the system, and is not a
member of adminuser, natasha�harry�sarah password is redhat.
Solutions:

1 groupadd adminuser
2 useradd natasha -G adminuser
3 useradd haryy -G adminuser
4 useradd sarah -s /sbin/nologin
5
6 Passwd user name // to modify password or echo redhat | p\
7 asswd --stdin user name id natasha //
8 to view user group.
 Configure /var/tmp/fstab
Permission
Copy the file /etc/fstab to /var/tmp/fstab. Configure var/tmp/fstab
permissions as the following: Owner of the file /var/tmp/fstab is
Root, belongs to group root File /var/tmp/fstab cannot be executed
by any user User natasha can read and write /var/tmp/fstab User
harry cannot read and write /var/tmp/fstab All other users (present
and future) can read var/tmp/fstab.
Solutions:

1 cp /etc/fstab /var/tmp/
2 ll /var/tmp/fstab view the owner
3 setfacl -m u:natasha:rw- /var/tmp/fstab
4 setfacl -m u:haryy:--- /var/tmp/fstab

Use getfacl /var/tmp/fstab to view permissions

 Configure a cron Task
User natasha must configure a cron job, local time 14:23 runs and
executes: */bin/echo hiya every day.
Solution:

1 crontab -e -u natasha
2 23 14 * * * /bin/echo hiya
3 crontab -l -u natasha // View
4 Systemctl enable crond
5 Systemcdl restart crond
 Create a Shared
Directory
Create a shared directory /home/admins, make it has the following
characteristics: /home/admins belongs to group adminuser This
directory can be read and written by members of group adminuser
Any files created in /home/ admin, group automatically set as
adminuser.
Solutions:

1 mkdir /home/admins
2 chgrp -R adminuser /home/admins
3 chmod g+w /home/admins
4 chmod g+s /home/admins
 Install the Kernel
Upgrade
Istall suitable kernel updation from: http://server.domain11.example.com/pub/update
Following requirements must be met: Updated kernel used as the
default kernel of system start-up. The original kernel is still valid
and can be guided when system starts up.
Soultion:
Using the browser open the URL in the question, download kernel
file to root or home directory.

1 uname -r // check the current kernel version

2 rpm -ivh kernel-*.rpm
3 vi /boot/grub/grub.conf // check

Some questions are: Install and upgrade the kernel as required.

To ensure that grub2 is the default item for startup. Yum repo :
http://content.example.com/rhel7.0/x86-64/errata²
Solution:

¹http://server.domain11.example.com/pub/updates.
²http://content.example.com/rhel7.0/x86-64/errata
 Install the Kernel Upgrade 17

1 Uname -r // check kernel

2 Yum-config-manager --add-repo=”http://content.example.com\
3 /rhel7.0/x86-
4 64/errata”
5 Yum clean all
6 Yum list kernel // install directly
7 Yum -y insrall kernel // stuck with it, do not pipe! Plea\
8 se do not pipe!

Default enable new kernel

grub2-editenv list // check

Modify
grub2-set-default “kernel full name”

grub2-mkconfig -o /boot/grub2/grub.cfg // Refresh

 Binding to an external
validation server
System server.domain11.example.com provides a LDAP validation
service, your system should bind to this service as required: Base
DN of validation service is dc=example,dc=com LDAP is used for
prviding account information and validation information Connet-
ing and using the certification of http://server.domain11.example.com/pub/EXAMPL
CA-CERT³ to encrypt After the correct configuration, ldapuser1
can log into your system, it does not have HOME directory until
you finish autofs questions, ldapuser1 password is password.
Solutions:

1 yum -y install sssd authconfig-gtk krb5-workstation

2 authconfig-gtk // open the graphical interface

Modify user account database to ldap, fill up DN and LDAP

SERVER as questions required, use TLS to encrypt connections
making tick, write http://server.domain11.example.com/pub/EXAMPLE-
CA-CERT⁴ to download ca, authentication metod choose ldap
password. You can test if the ldapuser is added by the following
command:
id ldapuser Note: user password doen not need to set
³http://server.domain11.example.com/pub/EXAMPLE-CA-CERT
⁴http://server.domain11.example.com/pub/EXAMPLE-CA-CERT
 Configure NTP
Configure NTP service, Synchroniz the server time, NTP server :
classroom.example.com
Solutions: Configure the client:

1 yum -y install chrony

2 vim /etc/chrony.conf

Add:
server classroom.example.com iburst

Start:
systemctl enable chronyd systemctl restart chronyd

Validate:
timedatectl status
 Configure autofs
Configure the autofs automatically mount to the home directory of
LDAP, as required: server.domain11.example.com use NFS to share
the home to your system. This file system contains a pre configured
home directory of user ldapuserX. Home directory of ldapuserX is:
server.domain11.example.com /home/guests/ldapuser Home di-
rectory of ldapuserX should automatically mount to the ldapuserX
of the local /home/guests Home directory’s write permissions must
be availabe for users ldapuser1’s password is password
Solutions:

1 yum install -y autofs

2 mkdir /home/rehome
3 vi /etc/auto.master
4 /home/rehome /etc/auto.ldap

Keep then exit

1 cp /etc/auto.misc /etc/auto.ldap
2 vi /etc/auto.ldap
3 ldapuserX -fstype=nfs,rw
4 server.domain11.example.com:/home/guests/

Keep then exit

1 systemctl start autofs

2 systemctl enable autofs
3 su - ldapuserX // test

If the above sloutions cannot creat files or the command prompt is -

bash-4.2$, it maybe exist multi-level directory, this needs to change
Configure autofs 21

the server.domain11.example.com:/home/guests/ to server.domain11.example.com:/h

What is multi-level directory? It means there is a dirtectory of
ldapuserX under the /home/guests/ldapuserX in the questions. This
directory is the real directory.
 Configure a user account
Create a user iar�uid is 3400. Password is redhat
Solutions:

1 useradd -u 3400 iar

2 passwd iar
 Add a swap partition
Adding a extra 500M swap partition to your system, this swap
partition should mount automatically when the system starts up.
Dont remove and modify the existing swap partitions on your
system.
Solution:

1 fdisk -cu /dev/vda // in the way of expanding the partiti\

2 on, don’t make main partition
3 partx –a /dev/vda
4 mk swap /dev/vdax
5 swapon /dev/vdax
6 swapon –s
7 vi /etc/fstab
8 /dev/vdax swap swap defaults 0 0
9 mount -a
 Search files
Find out files owned by jack, and copy them to directory /root/find-
results
Solution:

1 mkdir /root/findfiles
2 find / - user jack -exec cp -a {} /root/findfiles/ \;
3 ls /root/findresults
 Search a String
Find out all the columns that contains the string seismic within
/usr/share/dict/words, then copy all these columns to /root/lines.tx
in original order, there is no blank line, all columns must be the
accurtae copy of the original columns.
Solutions:

1 grep seismic /usr/share/dict/words > /root/lines.txt

 Create a backup
Create a backup file named /root/backup.tar.bz2, contains the con-
tent of /usr/local, tar must use bzip2 to compress.
Solutions:

1 cd /usr/local
2 tar -jcvf /root/backup.tar.bz2 *
3 mkdir /test
4 tar -jxvf /root/backup.tar.bz2 -C /test/ // Decompression\
5 to check the content is
6 the same as the /usr/loca after

If the questions require to use gzip to compress, change -j to -z

 Create a logical volume
Create a new logical volume as required: Name the logical volume
as database, belongs to datastore of the vloume group, size is 50 PE.
Expansion size of each vloumes in volum group datastore is 16MB.
Use ext3 to format this new logical volume, this logical vloume
should automatically mount to /mnt/database
Solutions:

1 fdisk -cu /dev/vda // Create a 1G partition, modified whe\

2 n needed
3 partx –a /dev/vda
4 pvcreate /dev/vdax
5 vgcreate datastore /dev/vdax –s 16M
6 lvcreate – l 50 – n database datastore
7 mkfs.ext3 /dev/datastore/database
8 mkdir /mnt/database
9 mount /dev/datastore/database /mnt/database/
10 df –Th
11 vi /etc/fstab
12 /dev/datastore /database /mnt/database/ ext3 defaults 0 0
13 mount –a

Restart and check all the questions requirements.