Linux Admin - File / Folder Management

 To introduce permissions as they apply to both directories and files in CentOS Linux, let's look at the following command output.

[centos@centosLocal etc]$ ls -ld /etc/yum* 
drwxr-xr-x. 6 root root 100 Dec  5 06:59 /etc/yum 
-rw-r--r--. 1 root root 970 Nov 15 08:30 /etc/yum.conf 
drwxr-xr-x. 2 root root 187 Nov 15 08:30 /etc/yum.repos.d

Note − The three primary object types you will see are

• "-" − a dash for plain file

• "d" − for a directory

• "l" − for a symbolic link

We will focus on the three blocks of output for each directory and file −

• drwxr-xr-x : root : root
• -rw-r--r-- : root : root
• drwxr-xr-x : root : root

Now let's break this down, to better understand these lines −

d	Means the object type is a directory
rwx	Indicates directory permissions applied to the owner
r-x	Indicates directory permissions applied to the group
r-x	Indicates directory permissions applied to the world
root	The first instance, indicates the owner of the directory
root	The second instance, indicates the group to which group permissions are applied

Understanding the difference between owner, group and world is important. Not understanding this can have big consequences on servers that host services to the Internet.

Before we give a real-world example, let's first understand the permissions as they apply to directories and files.

Please take a look at the following table, then continue with the instruction.

Octal	Symbolic	Perm.	Directory
1	x	Execute	Enter the directory and access files
4	r	Read	List the files within the directory
2	w	Write	Delete or modify the files in a directory

Note − When files should be accessible for reading in a directory, it is common to apply read and execute permissions. Otherwise, the users will have difficulty working with the files. Leaving write disabled will assure files cannot be: renamed, deleted, copied over, or have permissions modified.

Applying Permissions to Directories and Files

When applying permissions, there are two concepts to understand −

• Symbolic Permissions
• Octal Permissions

In essence, each are the same but a different way to referring to, and assigning file permissions. For a quick guide, please study and refer to the following table −

	Read	Write	Execute
Octal	4	2	1
Symbolic	r	w	x

When assigning permissions using the octal method, use a 3 byte number such as: 760. The number 760 translates into: Owner: rwx; Group: rw; Other (or world) no permissions.

Another scenario: 733 would translate to: Owner: rwx; Group: wx; Other: wx.

There is one drawback to permissions using the Octal method. Existing permission sets cannot be modified. It is only possible to reassign the entire permission set of an object.

Now you might wonder, what is wrong with always re-assigning permissions? Imagine a large directory structure, for example /var/www/ on a production web-server. We want to recursively take away the w or write bit on all directories for Other. Thus, forcing it to be pro-actively added only when needed for security measures. If we re-assign the entire permission set, we take away all other custom permissions assigned to every sub-directory.

Hence, it will cause a problem for both the administrator and the user of the system. At some point, a person (or persons) would need to re-assign all the custom permissions that were wiped out by re-assigning the entire permission-set for every directory and object.

In this case, we would want to use the Symbolic method to modify permissions −

chmod -R o-w /var/www/

The above command would not "overwrite permissions" but modify the current permission sets. So get accustomed to using the best practice

• Octal only to assign permissions
• Symbolic to modify permission sets

It is important that a CentOS Administrator be proficient with both Octal and Symbolic permissions as permissions are important for the integrity of data and the entire operating system. If permissions are incorrect, the end result will be both sensitive data and the entire operating system will be compromised.

With that covered, let's look at a few commands for modifying permissions and object owner/members −

• chmod
• chown
• chgrp
• umask

chmod : Change File Mode Permission Bits

Command	Action
-c	Like verbose, but will only report the changes made
-v	Verbose, outputsthe diagnostics for every request made
-R	Recursively applies the operation on files and directories

chmod will allow us to change permissions of directories and files using octal or symbolic permission sets. We will use this to modify our assignment and uploads directories.

chown : Change File Owner and Group

Command	Action
-c	Like verbose, but will only report the changes made
-v	Verbose, outputsthe diagnostics for every request made
-R	Recursively applies the operation on files and directories

chown can modify both owning the user and group of objects. However, unless needing to modify both at the same time, using chgrp is usually used for groups.

chgrp : Change Group Ownership of File or Directory

Command	Action
-c	Like verbose, but will only report the changes
-v	Verbose, outputs the diagnostics for every request made
-R	Recursively, applies the operations on file and directories

chgrp will change the group owner to that supplied.

Real-world practice

Let's change all the subdirectory assignments in /var/www/students/ so the owning group is the students group. Then assign the root of students to the professors group. Later, make Dr. Terry Thomas the owner of the students directory, since he is tasked as being in-charge of all Computer Science academia at the school.

As we can see, when created, the directory is left pretty raw.

[root@centosLocal ~]# ls -ld /var/www/students/ 
drwxr-xr-x. 4 root root 40 Jan  9 22:03 /var/www/students/

[root@centosLocal ~]# ls -l /var/www/students/ 
total 0 
drwxr-xr-x. 2 root root 6 Jan  9 22:03 assignments 
drwxr-xr-x. 2 root root 6 Jan  9 22:03 uploads 

[root@centosLocal ~]#

As Administrators we never want to give our root credentials out to anyone. But at the same time, we need to allow users the ability to do their job. So let's allow Dr. Terry Thomas to take more control of the file structure and limit what students can do.

[root@centosLocal ~]# chown -R drterryt:professors /var/www/students/ 
[root@centosLocal ~]# ls -ld /var/www/students/ 
drwxr-xr-x. 4 drterryt professors 40 Jan  9 22:03 /var/www/students/

[root@centosLocal ~]# ls -ls /var/www/students/ 
total 0 
0 drwxr-xr-x. 2 drterryt professors 6 Jan  9 22:03 assignments 
0 drwxr-xr-x. 2 drterryt professors 6 Jan  9 22:03 uploads

[root@centosLocal ~]#

Now, each directory and subdirectory has an owner of drterryt and the owning group is professors. Since the assignments directory is for students to turn assigned work in, let's take away the ability to list and modify files from the students group.

[root@centosLocal ~]# chgrp students /var/www/students/assignments/ && chmod 
736 /var/www/students/assignments/

[root@centosLocal assignments]# ls -ld /var/www/students/assignments/ 
drwx-wxrw-. 2 drterryt students 44 Jan  9 23:14 /var/www/students/assignments/

[root@centosLocal assignments]#

Students can copy assignments to the assignments directory. But they cannot list contents of the directory, copy over current files, or modify files in the assignments directory. Thus, it just allows the students to submit completed assignments. The CentOS filesystem will provide a date-stamp of when assignments turned in.

As the assignments directory owner −

[drterryt@centosLocal assignments]$ whoami 
drterryt

[drterryt@centosLocal assignments]$ ls -ld /var/www/students/assignment 
drwx-wxrw-. 2 drterryt students 44 Jan  9 23:14 /var/www/students/assignments/

[drterryt@centosLocal assignments]$ ls -l /var/www/students/assignments/ 
total 4 
-rw-r--r--. 1 adama  students  0 Jan  9 23:14 myassign.txt 
-rw-r--r--. 1 tammyr students 16 Jan  9 23:18 terryt.txt

[drterryt@centosLocal assignments]$

We can see, the directory owner can list files as well as modify and remove files.

umask Command: Supplies the Default Modes for File and Directory Permissions As They are Created

umask is an important command that supplies the default modes for File and Directory Permissions as they are created.

umask permissions use unary, negated logic.

Permission	Operation
0	Read, write, execute
1	Read and write
2	Read and execute
3	Read only
4	Read and execute
5	Write only
6	Execute only
7	No permissions

[adama@centosLocal umask_tests]$ ls -l ./ 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myDir 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myFile.txt

[adama@centosLocal umask_tests]$ whoami 
adama

[adama@centosLocal umask_tests]$ umask 
0022

[adama@centosLocal umask_tests]$

Now, let’s change the umask for our current user, and make a new file and directory.

[adama@centosLocal umask_tests]$ umask 077

[adama@centosLocal umask_tests]$ touch mynewfile.txt

[adama@centosLocal umask_tests]$ mkdir myNewDir

[adama@centosLocal umask_tests]$ ls -l 
total 0 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myDir 
-rw-r--r--. 1 adama students 0 Jan 10 00:27 myFile.txt 
drwx------. 2 adama students 6 Jan 10 00:35 myNewDir 
-rw-------. 1 adama students 0 Jan 10 00:35 mynewfile.txt

As we can see, newly created files are a little more restrictive than before.

umask for users must should be changed in either −

• /etc/profile
• ~/bashrc

[root@centosLocal centos]# su adama 
[adama@centosLocal centos]$ umask 
0022 
[adama@centosLocal centos]$

Generally, the default umask in CentOS will be okay. When we run into trouble with a default of 0022, is usually when different departments belonging to different groups need to collaborate on projects.

This is where the role of a system administrator comes in, to balance the operations and design of the CentOS operating system.

Linux Admin - Basic CentOS Linux Commands

 Before learning the tools of a CentOS Linux Administrator, it is important to note the philosophy behind the Linux administration command line.

Linux was designed based on the Unix philosophy of “small, precise tools chained together simplifying larger tasks”. Linux, at its root, does not have large single-purpose applications for one specific use a lot of the time. Instead, there are hundreds of basic utilities that when combined offer great power to accomplish big tasks with efficiency.

Examples of the Linux Philosophy

For example, if an administrator wants a listing of all the current users on a system, the following chained commands can be used to get a list of all system users. On execution of the command, the users are on the system are listed in an alphabetical order.

[root@centosLocal centos]# cut /etc/passwd -d":" -f1 | sort 
abrt 
adm 
avahi 
bin 
centos 
chrony 
colord 
daemon 
dbus

It is easy to export this list into a text file using the following command.

[root@localhost /]# cut /etc/passwd -d ":" -f1 > system_users.txt        
[root@localhost /]# cat ./system_users.txt | sort | wc –l 
40       
[root@localhost /]#

It is also possible to compare the user list with an export at a later date.

[root@centosLocal centos]#  cut /etc/passwd -d ":" -f1 > system_users002.txt && 
   cat system_users002.txt | sort | wc -l 
41 
[root@centosLocal centos]# diff ./system_users.txt ./system_users002.txt  
evilBackdoor [root@centosLocal centos]#

A new user, “evilBackdoor", has been added to the system.

With this approach of small tools chained to accomplish bigger tasks, it is simpler to make a script performing these commands, than automatically email results at regular time intervals.

Basic Commands every Linux Administrator should be proficient in are −

• vim
• grep
• more and less
• tail
• head
• wc
• sort
• uniq
• tee
• cat
• cut
• sed
• tr
• paste

In the Linux world, Administrators use filtering commands every day to parse logs, filter command output, and perform actions with interactive shell scripts. As mentioned, the power of these commands come in their ability to modify one another through a process called piping.

The following command shows how many words begin with the letter a from the CentOS main user dictionary.

[root@centosLocal ~]# egrep '^a.*$' /usr/share/dict/words | wc -l 
25192 
[root@centosLocal ~]#

Linux Admin - CentOS Overview

 Unique among business class Linux distributions, CentOS stays true to the open-source nature that Linux was founded on. The first Linux kernel was developed by a college student at the University of Helsinki (Linus Torvalds) and combined with the GNU utilities founded and promoted by Richard Stallman. CentOS has a proven, open-source licensing that can power today’s business world.

CentOS has quickly become one of the most prolific server platforms in the world. Any Linux Administrator, when seeking employment, is bound to come across the words: “CentOS Linux Experience Preferred”. From startups to Fortune 10 tech titans, CentOS has placed itself amongst the higher echelons of server operating systems worldwide.

What makes CentOS stand out from other Linux distributions is a great combination of −

• Open source licensing

• Dedicated user-base of Linux professionals

• Good hardware support

• Rock-solid stability and reliability

• Focus on security and updates

• Strict adherence to software packaging standards needed in a corporate environment

Before starting the lessons, we assume that the readers have a basic knowledge of Linux and Administration fundamentals such as −

• What is the root user?

• The power of the root user

• Basic concept of security groups and users

• Experience using a Linux terminal emulator

• Fundamental networking concepts

• Fundamental understanding of interpreted programming languages (Perl, Python, Ruby)

• Networking protocols such as HTTP, LDAP, FTP, IMAP, SMTP

• Cores that compose a computer operating system: file system, drivers, and the kerne

 

Advantages of Linux

Linux is an open-source operating system like Windows and MacOS. It is not just limited to the operating system, but nowadays, it is also used as a platform to run desktops, servers, and embedded systems. It provides various distributions and variations as it is open source and has a modular design. The kernel is a core part of the Linux system.

Linux system is used to manage various services such as process scheduling, application scheduling, basic peripheral devices, file system, and more. Linux provides various advantages over other operating systems such as Windows and macOS. So, it is used in almost every field, from cars to home appliances and smartphones to servers (supercomputers).

In this section, we will see some major advantages of the Linux system. Further, we will see the advantages of Linux over other operating systems and will determine why it is better than other operating systems.

Why is Linux better than other operating systems?

There are many features of the Linux operating system that demonstrate that it is better than other operating systems. However, in some prospective other operating systems can be more useful than Linux. Let's see the top 20 advantages of Linux OS.

Top 20 Advantages of Linux

Following are top 20 advantages of the Linux operating system:

1. pen Source

As it is open-source, its source code is easily available. Anyone having programming knowledge can customize the operating system. One can contribute, modify, distribute, and enhance the code for any purpose.

2. Security

The Linux security feature is the main reason that it is the most favorable option for developers. It is not completely safe, but it is less vulnerable than others. Each application needs to authorize by the admin user. The virus is not executed until the administrator provides the access password. Linux systems do not require any antivirus program.

3. Free

Certainly, the biggest advantage of the Linux system is that it is free to use. We can easily download it, and there is no need to buy the license for it. It is distributed under GNU GPL (General Public License). Comparatively, we have to pay a huge amount for the license of the other operating systems.

4. Lightweight

Linux is lightweight. The requirements for running Linux are much less than other operating systems. In Linux, the memory footprint and disk space are also lower. Generally, most of the Linux distributions required as little as 128MB of RAM around the same amount for disk space.

5. Stability

Linux is more stable than other operating systems. Linux does not require to reboot the system to maintain performance levels. It rarely hangs up or slow down. It has big up-times.

6. Performance

Linux system provides high performance over different networks. It is capable of handling a large number of users simultaneously.

7. Flexibility

Linux operating system is very flexible. It can be used for desktop applications, embedded systems, and server applications too. It also provides various restriction options for specific computers. We can install only necessary components for a system.

8. Software Updates

In Linux, the software updates are in user control. We can select the required updates. There a large number of system updates are available. These updates are much faster than other operating systems. So, the system updates can be installed easily without facing any issue.

9. Distributions/ Distros

There are many Linux distributions available in the market. It provides various options and flavors of Linux to the users. We can choose any distros according to our needs. Some popular distros are Ubuntu, Fedora, Debian, Linux Mint, Arch Linux, and many more.

For the beginners, Ubuntu and Linux Mint would be useful and, Debian and Fedora would be good choices for proficient programmers.

10. Live CD/USB

Almost all Linux distributions have a Live CD/USB option. It allows us to try or run the Linux operating system without installing it.

11. Graphical User Interface

Linux is a command-line based OS but, it provides an interactive user interface like Windows.

12. Suitable for programmers

It supports almost all of the most used programming languages such as C/C++, Java, Python, Ruby, and more. Further, it offers a vast range of useful applications for development.

The programmers prefer the Linux terminal over the Windows command line. The package manager on Linux system helps programmers to understand how things are done. Bash scripting is also a functional feature for the programmers. It also provides support for SSH, which helps in managing the servers quickly.

13. Community Support

Linux provides large community support. We can find support from various sources. There are many forums available on the web to assist users. Further, developers from the various opensource communities are ready to help us.

14. Privacy

Linux always takes care of user privacy as it never takes much private data from the user. Comparatively, other operating systems ask for the user's private data.

15. Networking

Linux facilitates with powerful support for networking. The client-server systems can be easily set to a Linux system. It provides various command-line tools such as ssh, ip, mail, telnet, and more for connectivity with the other systems and servers. Tasks such as network backup are much faster than others.

16. Compatibility

Linux is compatible with a large number of file formats as it supports almost all file formats.

17. Installation

Linux installation process takes less time than other operating systems such as Windows. Further, its installation process is much easy as it requires less user input. It does not require much more system configuration even it can be easily installed on old machines having less configuration.

18. Multiple Desktop Support

Linux system provides multiple desktop environment support for its enhanced use. The desktop environment option can be selected during installation. We can select any desktop environment such as GNOME (GNU Network Object Model Environment) or KDE (K Desktop Environment) as both have their specific environment.

19. Multitasking

It is a multitasking operating system as it can run multiple tasks simultaneously without affecting the system speed.

20. Heavily Documented for beginners

There are many command-line options that provide documentation on commands, libraries, standards such as manual pages and info pages. Also, there are plenty of documents available on the internet in different formats, such as Linux tutorials, Linux documentation project, Serverfault, and more. To help the beginners, several communities are available such as Ask Ubuntu, Reddit, and StackOverflow.

What is Linux ? Why Linux?

 

What Is Linux

Linux is an open-source operating system like other operating systems such as Microsoft Windows, Apple Mac OS, iOS, Google android, etc. An operating system is a software that enables the communication between computer hardware and software. It conveys input to get processed by the processor and brings output to the hardware to display it. This is the basic function of an operating system. Although it performs many other important tasks, let's not talk about that.

Linux is around us since the mid-90s. It can be used from wristwatches to supercomputers. It is everywhere in our phones, laptops, PCs, cars and even in refrigerators. It is very much famous among developers and normal computer users.

Evolution of Linux OS

The Linux OS was developed by Linus Torvalds in 1991, which sprouted as an idea to improve the UNIX OS. He suggested improvements but was rejected by UNIX designers. Therefore, he thought of launching an OS, designed in a way that could be modified by its users.

Nowadays, Linux is the fastest-growing OS. It is used from phones to supercomputers by almost all major hardware devices.

Structure Of Linux Operating System

An operating system is a collection of software, each designed for a specific function.

Linux OS has following components:

1) Kernel

Linux kernel is the core part of the operating system. It establishes communication between devices and software. Moreover, it manages system resources. It has four responsibilities:

• device management: A system has many devices connected to it like CPU, a memory device, sound cards, graphic cards, etc. A kernel stores all the data related to all the devices in the device driver (without this kernel won't be able to control the devices). Thus kernel knows what a device can do and how to manipulate it to bring out the best performance. It also manages communication between all the devices. The kernel has certain rules that have to be followed by all the devices.
• Memory management: Another function that kernel has to manage is the memory management. The kernel keeps track of used and unused memory and makes sure that processes shouldn't manipulate data of each other using virtual memory addresses.
• Process management: In the process, management kernel assigns enough time and gives priorities to processes before handling CPU to other processes. It also deals with security and ownership information.
• Handling system calls: Handling system calls means a programmer can write a query or ask the kernel to perform a task.

2) System Libraries

System libraries are special programs that help in accessing the kernel's features. A kernel has to be triggered to perform a task, and this triggering is done by the applications. But applications must know how to place a system call because each kernel has a different set of system calls. Programmers have developed a standard library of procedures to communicate with the kernel. Each operating system supports these standards, and then these are transferred to system calls for that operating system.

The most well-known system library for Linux is Glibc (GNU C library).

3) System Tools

Linux OS has a set of utility tools, which are usually simple commands. It is a software which GNU project has written and publish under their open source license so that software is freely available to everyone.

With the help of commands, you can access your files, edit and manipulate data in your directories or files, change the location of files, or anything.

4) Development Tools

With the above three components, your OS is running and working. But to update your system, you have additional tools and libraries. These additional tools and libraries are written by the programmers and are called toolchain. A toolchain is a vital development tool used by the developers to produce a working application.

5) End User Tools

These end tools make a system unique for a user. End tools are not required for the operating system but are necessary for a user.

Some examples of end tools are graphic design tools, office suites, browsers, multimedia players, etc.

Why use Linux?

This is one of the most asked questions about Linux systems. Why do we use a different and bit complex operating system, if we have a simple operating system like Windows? So there are various features of Linux systems that make it completely different and one of the most used operating systems. Linux may be a perfect operating system if you want to get rid of viruses, malware, slowdowns, crashes, costly repairs, and many more. Further, it provides various advantages over other operating systems, and we don't have to pay for it. Let's have a look at some of its special features that will attract you to switch your operating system.

Free & Open Source Operating System

Most OS come in a compiled format means the main source code has run through a program called a compiler that translates the source code into a language that is known to the computer.

Modifying this compiled code is a tough job.

On the other hand, open-source is completely different. The source code is included with the compiled version and allows modification by anyone having some knowledge. It gives us the freedom to run the program, freedom to change the code according to our use, freedom to redistribute its copies, and freedom to distribute copies, which are modified by us.

In short, Linux is an operating system that is "for the people, by the people."

And we can dive in Linux without paying any cost. We can install it on Multiple machines without paying any cost.

It is secure

Linux supports various security options that will save you from viruses, malware, slowdowns, crashes. Further, it will keep your data protected. Its security feature is the main reason that it is the most favorable option for developers. It is not completely safe, but it is less vulnerable than others. Each application needs to authorize by the admin user. The virus cannot be executed until the administrator provides the access password. Linux systems do not require any antivirus program.

Favorable choice of Developers

Linux is suitable for the developers, as it supports almost all of the most used programming languages such as C/C++, Java, Python, Ruby, and more. Further, it facilitates with a vast range of useful applications for development.

Developers find that the Linux terminal is much better than the Windows command line, So, they prefer terminal over the Windows command line. The package manager on Linux system helps programmers to understand how things are done. Bash scripting is also a functional feature for the programmers. Also, the SSH support helps to manage the servers quickly.

A flexible operating system

Linux is a flexible OS, as, it can be used for desktop applications, embedded systems, and server applications. It can be used from wristwatches to supercomputers. It is everywhere in our phones, laptops, PCs, cars and even in refrigerators. Further, it supports various customization options.

Linux Distributions

Many agencies modified the Linux operating system and makes their Linux distributions. There are many Linux distributions available in the market. It provides a different flavor of the Linux operating system to the users. We can choose any distribution according to our needs. Some popular distros are Ubuntu, Fedora, Debian, Linux Mint, Arch Linux, and many more.

For the beginners, Ubuntu and Linux Mint are considered useful and, for the proficient developer, Debian and Fedora would be a good choice. To Get a list of distributions, visit Linux Distributions.

How does Linux work?

Linux is a UNIX-like operating system, but it supports a range of hardware devices from phones to supercomputers. Every Linux-based operating system has the Linux kernel and set of software packages to manage hardware resources.

Also, Linux OS includes some core GNU tools to provide a way to manage the kernel resources, install software, configure the security setting and performance, and many more. All these tools are packaged together to make a functional operating system.

How to use Linux?

We can use Linux through an interactive user interface as well as from the terminal (Command Line Interface). Different distributions have a slightly different user interface but almost all the commands will have the same behavior for all the distributions. To run Linux from the terminal, press the "CTRL+ALT+T" keys. And, to explore its functionality, press the application button given on the left down corner of your desktop.

RHCSA exam preparation

Exam A

QUESTION 1

SIMULATION

Configure your Host Name, IP Address, Gateway and DNS.

Host name: station.domain40.example.com

/etc/sysconfig/network

hostname=abc.com

hostname abc.com

IP Address:172.24.40.40/24

Gateway172.24.40.1

DNS:172.24.40.1

Explanation: # cd /etc/syscofig/network‐scripts/

# ls

# vim ifcfg‐eth0 (Configure IP Address, Gateway and DNS) IPADDR=172.24.40.40

GATEWAY=172.24.40.1

DNS1=172.24.40.1

# vim /etc/sysconfig/network

(Configure Host Name)

HOSTNAME= station.domain40.example.com

OR

Graphical Interfaces:

System‐>Preference‐>Network Connections (Configure IP Address, Gateway and DNS) Vim /etc/sysconfig/

network

(Configure Host Name)

QUESTION 2

SIMULATION

Add 3 users: harry, natasha, tom.

The requirements: The Additional group of the two users: harry, Natasha is the admin group. The user: tom's

login shell should be non‐interactive.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # useradd ‐G admin harry

# useradd ‐G admin natasha

# useradd ‐s /sbin/nologin tom

# id harry;id Natasha (Show additional group)

# cat /etc/passwd

(Show the login shell)

OR

# system‐config‐users

 

QUESTION 3

SIMULATION

Create a catalog under /home named admins. Its respective group is requested to be the admin group. The

group users could read and write, while other users are not allowed to access it. The files created by users

from the same group should also be the admin group.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # cd /home/

# mkdir admins /

# chown .admin admins/

# chmod 770 admins/

# chmod g+s admins/

QUESTION 4

SIMULATION

Configure a task: plan to run echo hello command at 14:23 every day.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # which echo

# crontab ‐e

23 14 * * * /bin/echo hello

# crontab ‐l (Verify)

QUESTION 5

SIMULATION

Find the files owned by harry, and copy it to catalog: /opt/dir

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # cd /opt/

# mkdir dir

# find / ‐user harry ‐exec cp ‐rfp {} /opt/dir/ \;

QUESTION 6

SIMULATION

Find the rows that contain abcde from file /etc/testfile, and write it to the file/tmp/testfile, and the sequence is

requested as the same as /etc/testfile.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # cat /etc/testfile | while read line;

do

echo $line | grep abcde | tee ‐a /tmp/testfile

done

OR

grep `abcde' /etc/testfile > /tmp/testfile

QUESTION 7

SIMULATION

Create a 2G swap partition which take effect automatically at boot‐start, and it should not affect the original

swap partition.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # fdisk /dev/sda

p

(check Partition table)

n

(create new partition: press e to create extended partition, press p to create the main partition, and the

extended partition is further divided into logical partitions) Enter

+2G

t

l

W

partx ‐a /dev/sda

partprobe

mkswap /dev/sda8

Copy UUID

swapon ‐a

vim /etc/fstab

UUID=XXXXX swap swap defaults 0 0

(swapon ‐s)

QUESTION 8

SIMULATION

Create a user named alex, and the user id should be 1234, and the password should be alex111.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # useradd ‐u 1234 alex

# passwd alex

alex111

alex111

OR

echo alex111|passwd ‐stdin alex

 

QUESTION 9

SIMULATION

Install a FTP server, and request to anonymous download from /var/ftp/pub catalog. (it needs you to configure

yum direct to the already existing file server.)

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # cd /etc/yum.repos.d

# vim local.repo

[local]

name=local.repo

baseurl=file:///mnt

enabled=1

gpgcheck=0

# yum makecache

# yum install ‐y vsftpd

# service vsftpd restart

# chkconfig vsftpd on

# chkconfig ‐‐list vsftpd

# vim /etc/vsftpd/vsftpd.conf

anonymous_enable=YES

QUESTION 10

SIMULATION

Configure a HTTP server, which can be accessed through http://station.domain40.example.com.

Please download the released page from http://ip/dir/example.html.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # yum install ‐y httpd

# chkconfig httpd on

# cd /var/www/html

# wget http://ip/dir/example.html

# cp example.com index.html

# vim /etc/httpd/conf/httpd.conf

NameVirtualHost 192.168.0.254:80

<VirtualHost 192.168.0.254:80>

DocumentRoot /var/www/html/

ServerName station.domain40.example.com

</VirtualHost>

QUESTION 11

SIMULATION

Configure the verification mode of your host account and the password as LDAP. And it can login successfully

through ldapuser40. The password is set as "password". And the certificate can be downloaded from http://ip/

dir/ldap.crt. After the user logs on the user has no host directory unless you configure the autofs in the

following questions.

 

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: system‐config‐authentication

LDAP Server: ldap//instructor.example.com (In domain form, not write IP)

OR

# yum groupinstall directory‐client (1.krb5‐workstation 2.pam‐krb5 3.sssd)

# system‐config‐authentication

1.User Account Database: LDAP

2.LDAP Search Base DN: dc=example,dc=com

3.LDAP Server: ldap://instructor.example.com (In domain form, not write IP) 4.Download CA Certificate

5.Authentication Method: LDAP password

6.Apply

getent passwd ldapuser40

QUESTION 12

SIMULATION

Configure autofs to make sure after login successfully, it has the home directory autofs, which is shared as /

rhome/ldapuser40 at the ip: 172.24.40.10. and it also requires that, other ldap users can use the home

directory normally.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # chkconfig autofs on

# cd /etc/

# vim /etc/auto.master

/rhome /etc/auto.ldap

# cp auto.misc auto.ldap

# vim auto.ladp

ldapuser40 ‐rw,soft,intr 172.24.40.10:/rhome/ldapuser40

* ‐rw,soft,intr 172.16.40.10:/rhome/&

# service autofs stop

# server autofs start

# showmount ‐e 172.24.40.10

# su ‐ ladpuser40

QUESTION 13

SIMULATION

Configure the system synchronous as 172.24.40.10.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: Graphical Interfaces:

System‐‐>Administration‐‐>Date & Time

# system‐config‐date

QUESTION 14

SIMULATION

Change the logical volume capacity named vo from 190M to 300M. and the size of the floating range should

set between 280 and 320. (This logical volume has been mounted in advance.)

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # vgdisplay

(Check the capacity of vg, if the capacity is not enough, need to create pv , vgextend , lvextend)

# lvdisplay (Check lv)

# lvextend ‐L +110M /dev/vg2/lv2

# resize2fs /dev/vg2/lv2

mount ‐a

(Verify)

‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐‐ 

(Decrease lvm)

# umount /media

# fsck ‐f /dev/vg2/lv2

# resize2fs ‐f /dev/vg2/lv2 100M

# lvreduce ‐L 100M /dev/vg2/lv2

# mount ‐a

# lvdisplay (Verify)

OR

# e2fsck ‐f /dev/vg1/lvm02

# resize2fs ‐f /dev/vg1/lvm02

# mount /dev/vg1/lvm01 /mnt

# lvreduce ‐L 1G ‐n /dev/vg1/lvm02

# lvdisplay (Verify)

QUESTION 15

SIMULATION

Create a volume group, and set 16M as a extends. And divided a volume group containing 50 extends on

volume group lv, make it as ext4 file system, and mounted automatically under /mnt/data.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # pvcreate /dev/sda7 /dev/sda8

# vgcreate ‐s 16M vg1 /dev/sda7 /dev/sda8

# lvcreate ‐l 50 ‐n lvm02

# mkfs.ext4 /dev/vg1/lvm02

# blkid /dev/vg1/lv1

# vim /etc/fstab

# mkdir ‐p /mnt/data

UUID=xxxxxxxx /mnt/data ext4 defaults 0 0

# vim /etc/fstab

# mount ‐a

# mount

(Verify)

QUESTION 16

SIMULATION

Upgrading the kernel as 2.6.36.7.1, and configure the system to Start the default kernel, keep the old kernel

available.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # cat /etc/grub.conf

# cd /boot

# lftp it

# get dr/dom/kernel‐xxxx.rpm

# rpm ‐ivh kernel‐xxxx.rpm

# vim /etc/grub.conf

default=0

QUESTION 17

SIMULATION

Create a 512M partition, make it as ext4 file system, mounted automatically under /mnt/data and which take

effect automatically at boot‐start.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # fdisk /dev/vda

n

+512M

w

# partprobe /dev/vda

# mkfs ‐t ext4 /dev/vda5

# mkdir ‐p /data

# vim /etc/fstab

/dev/vda5 /data ext4 defaults 0 0

# mount ‐a

QUESTION 18

SIMULATION

Create a volume group, and set 8M as a extends. Divided a volume group containing 50 extends on volume

group lv (lvshare), make it as ext4 file system, and mounted automatically under /mnt/data. And the size of the

floating range should set between 380M and 400M.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # fdisk

# partprobe

# pvcreate /dev/vda6

# vgcreate ‐s 8M vg1 /dev/vda6 ‐s

# lvcreate ‐n lvshare ‐l 50 vg1 ‐l

# mkfs.ext4 /dev/vg1/lvshare

# mkdir ‐p /mnt/data

# vim /etc/fstab

/dev/vg1/lvshare /mnt/data ext4 defaults 0 0

# mount ‐a

# df ‐h

QUESTION 19

SIMULATION

Download ftp://192.168.0.254/pub/boot.iso to /root, and mounted automatically under /media/cdrom and which

take effect automatically at boot‐start.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # cd /root; wget ftp://192.168.0.254/pub/boot.iso

# mkdir ‐p /media/cdrom

# vim /etc/fstab

/root/boot.iso /media/cdrom iso9660 defaults,loop 0 0

# mount ‐a

mount [‐t vfstype] [‐o options] device dir

QUESTION 20

SIMULATION

Add admin group and set gid=600

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # groupadd ‐g 600 admin

QUESTION 21

SIMULATION

Add user: user1, set uid=601

Password: redhat

The user's login shell should be non‐interactive.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # useradd ‐u 601 ‐s /sbin/nologin user1

# passwd user1

redhat

QUESTION 22

SIMULATION

Add users: user2, user3.

The Additional group of the two users: user2, user3 is the admin group Password: redhat

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # useradd ‐G admin user2

# useradd ‐G admin user3

# passwd user2

redhat

# passwd user3

redhat

QUESTION 23

SIMULATION

Copy /etc/fstab to /var/tmp name admin, the user1 could read, write and modify it, while user2 without any

permission.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: # cp /etc/fstab /var/tmp/

# chgrp admin /var/tmp/fstab

# setfacl ‐m u:user1:rwx /var/tmp/fstab

# setfacl ‐m u:user2:‐‐‐ /var/tmp/fstab

# ls ‐l

‐rw‐rw‐r‐‐+ 1 root admin 685 Nov 10 15:29 /var/tmp/fstab

QUESTION 24

SIMULATION

Configure a task: plan to run echo "file" command at 14:23 every day.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: (a) Created as administrator

# crontab ‐u natasha ‐e

23 14 * * * /bin/echo "file"

(b)Created as natasha

# su ‐ natasha

$ crontab ‐e

23 14 * * * /bin/echo "file"

QUESTION 25

SIMULATION

Configure a default software repository for your system.

One YUM has already provided to configure your system on http://server.domain11.example.com/pub/ x86_64/

Server, and can be used normally.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: Yum‐config‐manager ‐‐add‐repo=http://content.example.com/rhel7.0/x86‐64/dvd” is to generate a

file vim content.example.com_rhel7.0_x86_64_dvd.repo, Add a line gpgcheck=0

Yumcleanall

Yumrepolist

Almost 4305 packages are right, Wrong Yum Configuration will lead to some following questions cannot be

worked out.

QUESTION 26

SIMULATION

Adjust the size of the Logical Volume.

Adjust the size of the vo Logical Volume, its file system size should be 290M. Make sure that the content of

this system is complete.

Note: the partition size is rarely accurate to the same size as required, so in the range 270M to 320M is

acceptable.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: Addition

df ‐hT

lvextend ‐L +100M /dev/vg0/vo

Lvscan

xfs_growfs /home/ //home is the mounted directory of the LVM, this step just need to do in the practice

environment, and test EXT4 does not need this step.

resize2fs /dev/vg0/vo// use this command to update in examination.

df ‐hT

OR

Subtraction

e2fsck ‐f/dev/vg0/vo

umount /home

resize2fs /dev/vg0/vo // the final required partition capacity is 100M lvreduce ‐l 100M /dev/vg0/vo

mount /dev/vg0/vo/home

df ‐hT

QUESTION 27

SIMULATION

Create User Account.

Create the following user, group and group membership:

Adminuser group

User natasha, using adminuser as a sub group

User Harry, also using adminuser as a sub group

User sarah, can not access the SHELL which is interactive in the system, and is not a member of adminuser,

natashaharrysarah password is redhat.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: groupadd adminuser

useradd natasha ‐G adminuser

useradd haryy ‐G adminuser

useradd sarah ‐s /sbin/nologin

Passwd user name // to modify password or echo redhat | passwd ‐‐stdin user name id natasha // to view user

group.

QUESTION 28

SIMULATION

Configure /var/tmp/fstab Permission.

Copy the file /etc/fstab to /var/tmp/fstab. Configure var/tmp/fstab permissions as the following:

Owner of the file /var/tmp/fstab is Root, belongs to group root

File /var/tmp/fstab cannot be executed by any user

User natasha can read and write /var/tmp/fstab

User harry cannot read and write /var/tmp/fstab

All other users (present and future) can read var/tmp/fstab.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: cp /etc/fstab /var/tmp/

/var/tmp/fstab view the owner setfacl ‐m u:natasha:rw‐ /var/tmp/fstab setfacl ‐m u:haryy:‐‐‐ /var/tmp/fstab

Use getfacl /var/tmp/fstab to view permissions

QUESTION 29

SIMULATION

Configure a cron Task.

User natasha must configure a cron job, local time 14:23 runs and executes: */bin/echo hiya every day.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: crontab –e –u natasha

23 14/bin/echo hiya

crontab ‐l ‐u natasha // view

systemctlenable crond

systemcdlrestart crond

QUESTION 30

SIMULATION

Create a Shared Directory.

Create a shared directory /home/admins, make it has the following characteristics:

/home/admins belongs to group adminuser

This directory can be read and written by members of group adminuser Any files created in /home/ admin,

group automatically set as adminuser.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: mkdir /home/admins

chgrp ‐R adminuser /home/admins

chmodg+w /home/admins

chmodg+s /home/admins

QUESTION 31

SIMULATION

Install the Kernel Upgrade.

Install suitable kernel update from:

http://server.domain11.example.com/pub/updates.

Following requirements must be met:

Updated kernel used as the default kernel of system start‐up.

The original kernel is still valid and can be guided when system starts up.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: Using the browser open the URL in the question, download kernel file to root or home directory.

uname –r// check the current kernel version

rpm –ivh kernel‐*.rpm

vi /boot/grub.conf// check

Some questions are: Install and upgrade the kernel as required. To ensure that grub2 is the default item for

startup.

Yum repo : http://content.example.com/rhel7.0/x86‐64/errata

OR

uname ‐r  // check kernel

Yum‐config‐manager ‐‐add‐repo=“http://content.example.com/rhel7.0/x86‐64/ errata”

Yum clean all

Yum list kernel// install directly

Yum ‐y install kernel// stuck with it, do not pipe! Please do not pipe!

Default enable new kernel grub2‐editenv list// check

Modify grub2‐set‐default “kernel full name”

Grub2‐mkconfig –o/boot/grub2/grub.cfg// Refresh

QUESTION 32

SIMULATION

Binding to an external validation server.

System server.domain11.example.com provides a LDAP validation service, your system should bind to this

service as required:

Base DN of validation service is dc=example,dc=com

LDAP is used for providing account information and validation information Connecting and using the

certification of http://server.domain11.example.com/pub/EXAMPLE‐CA‐CERT to encrypt

After the correct configuration, ldapuser1 can log into your system, it does not have HOME directory until you

finish autofs questions, ldapuser1 password is password.

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: yum ‐y install sssd authconfig‐gtk krb5‐workstation authconfig‐gtk // open the graphical interface

Modify user account database to ldap, fill up DN and LDAP SERVER as questions required, use TLS to

encrypt connections making tick, write http://server.domain11.example.com/pub/EXAMPLE‐CA‐CERT to

download ca, authentication method choose ldap password.

You can test if the ldapuser is added by the following command:

Id ldapuser1

Note: user password doesn’t not need to set

QUESTION 33

SIMULATION

Configure NTP.

Configure NTP service, Synchronize the server time, NTP server: classroom.example.com

Answer: See explanation below.

Explanation

Explanation/Reference:

Explanation: Configure the client:

Yum ‐y install chrony

Vim /etc/chrony.conf

Add: server classroom.example.com iburst

Start: systemctl enable chronyd

systemctl restart chronyd

Validate: timedatectl status

QUESTION 34

SIMULATION

Configure autofs.

Configure the autofs automatically mount to the home directory of LDAP, as required:

server.domain11.example.com use NFS to share the home to your system. This file system contains a pre

configured home directory of user ldapuserX.

Home directory of ldapuserX is:

server.domain11.example.com /home/guests/ldapuser