Scribd
Upload
50 views9 pages

RHCSA7 LAB134. Solution

The document provides instructions for configuring a desktopX system according to various requirements. These include: authenticating users via LDAP and Kerberos; automatically mounting home directories and the westeros CIFS share; configuring the essos NFS share with Kerberos authentication and encryption; creating logical volumes, partitions, users, groups and directories; installing and configuring packages like httpd and firewall rules; extracting log lines and managing temporary files. The system is to be configured, tested by reboot, and graded.

Uploaded by

robel_arega
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
50 views9 pages

RHCSA7 LAB134. Solution

The document provides instructions for configuring a desktopX system according to various requirements. These include: authenticating users via LDAP and Kerberos; automatically mounting home directories and the westeros CIFS share; configuring the essos NFS share with Kerberos authentication and encryption; creating logical volumes, partitions, users, groups and directories; installing and configuring packages like httpd and firewall rules; extracting log lines and managing temporary files. The system is to be configured, tested by reboot, and graded.

Uploaded by

robel_arega
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

-

Sol ution
-

Solution
-

I n t h i s l a b, you wi l l confi g u re a system u s i n g t h e s k i l l s ta u g h t i n t h i s co u rse.

-
Resou rces:
Files: h t t p : / / s e rve rX . example . com/logfile

-
Machines: serverx a n d d e s k t opX

Outcomes:
Two syst e m s confi g u red accord i n g to t h e specified req u i re m e nts t h a t fo l l ow.
-

Before you begin . . .


Reset yo u r se rverX syste m .
-

• Log i nto a n d set u p yo u r se rve rX syst e m .

-
[ s t u d e n t@s e r v er x - ] $ lab sa2 - r eview s e t u p

-
• Reset your deskt opX syste m .

Yo u have b e e n taske d w i t h confi g u ri n g a n e w system f o r yo u r c o m p a ny: desktopX. T h e syst e m


-
s h o u l d be config u red accord i n g to t h e fo l l ow i n g req u i re m ents.

• The system should a ut h e n t icate u s e rs using LDAP and Ke r b e r o s using t h e fo l l owi n g sett i n g s:

-
Name Va l u e
L D A P s e rver class room . example . com
- S e a rc h Base dc=example , dc=com
Use TLS Yes

- T L S CA Cert h t t p : / / c lass room . example . com/ pub/example - ca . c r t


Ke r b e ros Rea l m EXAM P L E . COM

-
Ke r b e ros K D C class room . example . com
Ke r b e ros Ad m i n class room . example . com
S e rver
-

Fo r test i n g p u rposes, you ca n u s e t h e u s e r ldapuse rx, w i t h t h e pa ssword kerberos.

-
• Home d i recto ries for yo u r LDAP u s e rs s h o u l d be a u to m a t i ca l ly m o u nted on access. These
home d i rectories a re s e rved from t h e N FS s h a re class room . example . com : /home/g u e s t s .

s e rverX expo rts a C I FS s h a re ca l l ed wes t e ros. T h i s s h a re s h o u l d b e mou nted automatica l l y


-

a t boot o n t h e m o u nt point /mn t /we s t e ros. To m o u nt t h i s s h a re, you w i l l n eed t o u s e t h e


u s e r n a m e t y r ion w i t h t h e password slapj off r eyslap. T h i s pa ssword s h o u l d n ot b e stored
-
a n y w h e re a n u n privi l eg e d user ca n read it.

• s e rverX exports an N FSv4 s h a re ca l l e d /es sos. This s h a re needs to be m o u nted read-w rite
at boot o n /mn t /essos u s i n g Ker beros a u t h e nticat i o n , e n crypt i o n , and i nteg rity c h ec k i n g .
-

A keyt a b f o r yo u r system ca n b e d ow n l oa d e d from


h t t p : / / c l a s s r o o m . e x a m p l e . c o m / p u b / k e y t a b s / d e s k t o pX . k e y t a b .
-

-
R H1 3 4- R H E L 7-en-1-2014061 0 307

-
C h a p t e r 1 5 . C o m p re h e n s i ve Review of System A d m i n i s t ra t i o n I I

C o nfi g u re a new 512 M i B l o g i c a l v o l u m e c a l l e d arya i n a n e w 2 G i B v o l u m e g ro u p c a l l e d s t a r k.

T h i s n e w l o g i c a l v o l u m e s h o u l d be f o r m atted w i t h a n X F S f i l e syst e m , a n d m o u nted p e r s i s te n t l y


o n /mn t / unde rfoot.

Yo u r s y s t e m s h o u l d be o u tfitted w i t h a n ew 512 M i B swa p p a r t i t i o n , a ut o m a t i ca l l y a c t i vated a t


b o ot.

C reate a n e w g ro u p c a l l e d kings, and f o u r n e w u s e rs b e l o n g i n g to that g r o u p: s t an n i s ,


j of f r ey, r e n ly, a n d r o b b .

C reate a n ew d i rectory / i r on t h r on e , o w n e d by r oot : root w i t h p e r m i s s i o n s 700.

C o nfig u re t h i s d i rectory s o t h a t users i n t h e kings g r o u p h a ve b o t h r e a d a n d w r i t e p r i v i l e g e s


o n i t , w i t h t h e exce p t i o n of t h e u s e r j o f f rey, w h o s h o u l d o n l y b e g ra n ted re ad p r i v i l eg e s .

T h e s e rest r i c t i o n s s h o u l d a l so a p p l y t o a l l new f i l es a n d d i re c t o r i e s c reated u n d e r t h e


/ i r o n t h rone d i re cto ry.

I n sta l l t h e httpd a n d mod_ssl p a c k a g e s , t h e n e n a b l e a n d start t h e h t t pd . se rvice s e rv i ce.

Open up port 12345 / t c p in t h e d e fa u l t z o n e for t h e fi rewa l l r u n n i n g o n your syst e m .

C reate a n e w d i rectory c a l l e d /doc r o o t . M a ke s u re t h a t t h e S E L i n u x c o n text f o r t h i s d i rectory


i s set to pu blic_con t e n t_t , and t h a t t h i s context wi l l s u rvive a re l a b e l o p e ra t i o n .

h t t p : I I s e r v e rx . e x a m p l e . c o m / l o g f il e conta i n s t h e l o g s for a recent


p roject. D ow n l oad this f i l e, then extract a l l l i n es e n d i n g i n ERROR o r FAI L to t h e f i l e
/home / s t u d e n t /e r ro r s . t x t . A l l l i n e s s h o u l d b e kept i n t h e o r d e r i n w h i c h t h e y a p p e a r i n
t h e l o g f i l e.

Yo u r system s h o u l d have a n ew d i rectory used to store t e m p o ra ry f i l e s n a m e d


/ r u n/ve r yve ryvolatile. W h e n ev e r syst emd - tmpfiles - - clean i s r u n , a n y f i l e o l d e r
t h a n 5 s e c o n d s s h o u l d be d e l eted f r o m t h a t d i recto ry.

T h i s d i re ctory s h o u l d h ave p e r m i s s i o n s 1777, a n d be ow ned by root : r o o t .

A l l c h a n g e s m u st s u rv i ve a reboot. W h e n you a re d o n e conf i g u r i n g y o u r syste m , y o u c a n test


your work b y reboot i n g y o u r d e s k t o pX m a c h i n e and r u n n i n g t h e f o l l o w i n g c o m m a n d :

[ s t u de n t@des k t o pX - ] $ lab sa2 - review grade

1. T h e system s h o u l d a u t h e n t icate u s e rs u s i n g LDAP a n d Ke r be ro s u s i n g t h e fo l l o w i n g


sett i n g s :

Name Va l u e

L D A P server clas s room . example . com

S e a r c h Base d c=example , dc=com

Use T L S Yes

T L S CA Cert h t t p : //class room . example . com/pub/example - ca . c r t

Ke r b e ros Rea l m EXAMP L E . COM

Ke r b e ros K D C c lass room . example . com

308 R H 1 3 4- R H E L7 - e n - 1 -20140610
-

Sol ution
-

Fo r test i n g p u rposes, y o u can u s e t h e u s e r ldap u s e rx, with t h e password k e r b e ros.

- 1. I n sta l l the authconfig-gtk and sssd p a c ka g es.

I [ s t u d e n t @d e s k t opX - ] $ sudo yum i n s t all aut hconfig - g t k sssd


-

2. Run aut hconfig - g t k, and enter the i nformation p rovid e d . Do not forget to u nc h e c k

-
t h e Use DNS to locate K D Cs for rea l m s o p t i o n .

I [ s t ud e n t@d e s k t opX - ] $ s u d o aut hconfig - gt k

2. H o m e d i recto ries for your L D A P users s h o u l d be a utomatica l l y m o u nted o n access. These


home d i rectories a re served from t h e N FS s h a re class room . example . com : /home/
-
guests.

1. I n sta l l t h e autofs package.


-

i [ s t ud e n t @d e s k t opX - ] $ sudo yum i n s t all au t ofs


i
-
2. C reate a new file ca l l e d /etc/au t o . mas t e r . d/gues t s . autofs with the fo l l ow i n g
contents:
-

I / h ome/g u e s t s /etc/au t o . g u e s t s

-
3. C reate a new file ca l l e d /etc/au t o . g u e s t s with t h e fo l l ow i n g contents:

* - rw , s y n c clas s r oom . example . co m : / h ome/ g u e s t s /&


-

4. Sta rt a n d e n a b l e t h e autofs . s e rvice service.


-

I . [ s t u d e n t@d e s k t opX - ] $ sudo systemct l enable autofs . s e rvice


[ s t u d e n t@d e s k t opX - ] $ sudo systemct l s t a r t autofs . se rvice
-

3. serverX exports a C I FS s h a re ca l l e d we s t e ros. This s h a re s h o u l d b e m o u nted


a u t o m atica l l y at boot on t h e m o u nt point /mnt/wes t e ros. To m o u nt this s h a re, you wi l l
-
ne ed t o use t h e u s e r n a m e t y r io n w i t h t h e pa ssword slapj off r eyslap. T h i s pa ssword
s ho u l d not b e stored a nywhere an u n p ri v i l e g e d user can read it.

-
1. I nsta l l the cifs-utils packa g e.

[ s t u d e n t@d e s k t opX - ] $ sudo yum i n s t all cifs - u t ils


-

2. C reate t h e m o u nt point.
-

- R H134- R H E L 7-en-1 -2014061 0 309

-
-

C h a pter 1 5. C o m p r e h e n s ive Review of Syste m A d m i n i st ra t i o n I I

[ s t u d e n t@d e s k t opX - ] $ sudo mkdir - p /mnt/we s t e r o s

3. C reate a cred e n t i a l s f i l e n a m e d / roo t / t y r ion . c reds with t h e fo l l ow i n g content. t h e n


s e t t h e p e r m i s s i o n s o n t h a t f i l e to 0600:

u s e r n ame= t y r i o n
p a s swo r d = s lapj o f f r eyslap
-

[ s t u de n t@d e s k t o pX - ] $ sudo c hmod 0600 / root/tyrion . c reds


-

4. A d d t h e fo l l o w i n g l i n e to / e t c /fst ab:

/ / s e rve rX . example . com/wes t e r o s / m n t /we s t e r o s c i f s c r e d s = / r o o t / t y rion . c r e d s 0 0

-
5. M o u n t a l l fi l e syste ms, and i n s pect the m o u nted fi l e syste m .

[ s t u d e n t@d e s k t o pX - ] $ sudo mount - a


-
[ s t u d e n t @d e s k t opX - ] $ cat /mnt/we s t e ros/README . txt

4. se rve rX exports an N FSv4 s h a re ca l l ed /essos. Th is s h a re needs to b e m o u nted rea d ­ -

w r i t e at b o o t on /mnt /essos u s i n g Kerbe ros a u t h e n ti c a t i on , e n c r y pt i o n , a n d i nteg rity


chec k i n g .
-
A keyt a b for you r system can be d o w n l o a d e d from
h t t p : / / c l a s s r o o m . e x a m p l e . c o m / p u b / k e y t a b s / d e s k t o pX . k e y t a b .

-
1. C reate t h e m o u nt poi nt.

[ s t u d e n t@d e s k t o pX - ] $ sudo mkdir -p /mnt/essos -

2. Dow n l oa d t h e keyt a b for you r syste m .


-

[ s t u d en t@de s k t o pX - ] $ sudo wget - o /etc/krb5 . keytab h t t p : //

-
clas s r oom . example . com/ pub/keyt abs/de s k t o pX . keytab

3. Add the fo l l o w i n g l i n e to / e t c / f s t ab:

s e rve rX . example . com : / e s s o s /mn t / e s s o s n f s sec= k r b 5 p , rw 0 0

-
4. Start a n d e n a b l e t h e nfs - secu r e . se rvice service.

[ s t u d e n t@de s k t o pX - ] $ sudo systemc t l enable nfs - secure . s e rvice


-
[ s t u d e n t @d e s k t o pX - ] $ sudo systemct l start nfs - secure . se rvice

5. M o u nt a l l fi l e syste ms. -

31 0 R H134- R H E L 7 - e n -1 -2014061 0

-
-

Solution
-

[ s t u d e n t @d e s k t o pX - ] $ sudo mount - a
-

5. Config u re a n e w 5 1 2 M i B l o g i c a l vo l u m e ca l l ed arya i n a n e w 2 G i B vo l u m e g ro u p ca l l e d
s t a r k.
-

T h i s new l o g i ca l vo l u m e s h o u l d be formatted with a n X FS f i l e syste m , a n d m o u nted


persiste n t l y o n /mn t / u n d e rfoot.
-

1. C reate a 2 G i B p a r t i t i o n o n y o u r seco n d a ry d i s k.

[ s t u d e n t @d e s k t o p X - ] $ s u do fdisk /dev/vdb
Welcome to f d i s k ( u t il - li n u x 2 . 23 . 2 ) .

- Changes will remain i n memo ry o n l y , u n t il y o u decide t o w r i t e t hem .


Be c a r e f u l b e f o r e u s i n g t h e w r i t e c omman d .

Device d o e s n o t c o n t ai n a r e c o g nized p a r t i t i o n t able


- B u ilding a n ew DOS d i s klabel wit h d i s k i d e n t ifie r 0xcade6cae .

Command ( m f o r help ) : n
Partition type :
-
p p r imary ( 0 p r ima r y , 0 e x t e n d e d , 4 f r e e )
e e x t e n ded
Select ( d efault p ) : p
- P a r t i t i o n n u m b e r ( 1 - 4 , default 1 ) : E nt e r
Fi rst s e c t o r ( 2048 - 2 0 9 7 1519 , default 2048 ) : E nt e r
U s i n g default val u e 2048
Last s ec t o r , + s ec t o r s o r + s i z e { K , M , G } ( 2048 - 2 0 9 71 5 1 9 , default 20971519 ) : +2G
-
Partition 1 of t y p e Linux and of size 2 G i B i s s e t

Command ( m f o r h e lp ) : t
-
Selec t e d p a r t i t i o n 1
Hex c o d e ( t y p e L t o l i s t all c o d e s ) : Se
Changed t y p e of p a r t i t i o n ' Li n u x ' t o ' Li n u x LVM '

- Command ( m f o r h e l p ) : w
The p a r t i t io n table h a s been alt e r e d !

Callin g ioc t l ( ) t o r e - read p a r t i t io n table .


-
Syncing d i s k s .

-
2. Tu r n t h e n e w partit i o n i nto a phys i c a l vo l u m e.

I [ s t u d e n t @d e s k t o p X - ] $ sudo pvc reate /dev/vdbl


-

3. B u i l d a new vo l u me g ro u p u s i n g t h e new phys ica l vo l u m e.

- i
I [ s t u d e n t@de s k t opX - ] $ sudo vgcreate s t a r k /dev/vdbl

- 4. C reate a new 512 M i B l o g i c a l vo l u m e ( LV ) in t h e n e w vol u m e g ro u p.

!

[ s t u d e n t @d e s k t opX - ] $ sudo lvc reate - n arya - L 512M s t a r k
-

5. Fo rmat t h e new LV with an X FS f i l e system .


-

- R H1 3 4- R H E L 7-en-1-2014061 0 311

-
-

C h a pter 1 5. C o m p re h e n s i ve Review of System Ad m i n i st rat i o n I I

[ s t u d e n t@d e s k t o pX -
] $ sudo mkfs - t xfs /dev/ s t a r k/arya

6. C reate the m o u nt poi nt.

[ s t u d e n t@d e s k t opX -
$ sudo mkdir -p /mnt/unde rfoot
)

7. A d d t h e fo l l o w i n g l i n e to / e t c /f s t ab: -

/dev/ s t a r k/arya / m n t / u n d e r f o o t xfs defaul t s 1 2

8. M o u nt a l l fi l e systems.

-
- ] $ sudo mount - a

6. Yo u r system s ho u l d be o u tfitted with a new 512 M i B swa p p a r t i t i o n , automat ica l l y act ivated -

at boot.

1. C reate a new 512 M i B pa r t i t i o n o n yo u r seco n d a ry d i s k a n d set t h e partition type t o 82. -

[ s t u d e n t@de s k t opX - ] $ sudo f d i s k /dev/vdb


Welcome t o fdi s k ( u t il - l i n u x 2 . 2 3 . 2 ) .

C h a n g e s will remain in m e m o r y only , u n t il yo u d e c i d e to w r i t e t h em .


Be c a r e f u l b e f o r e u s i n g t h e w r i t e comman d .
-

Command ( m fo r help ) : n
P a r t i t ion t y p e :
p p r im a r y ( 1 p r imary , 0 e x t e n d e d , 3 f r e e ) -
e extended
S e l e c t ( d efault p ) : p
P a r t i t ion n u m b e r ( 2 - 4 , default 2 ) : E n t e r
F i r s t sec t o r ( 4196352 - 20971519 , d e f a u l t 4196352 ) : E n t e r -

U s i n g default value 4196352


L a s t sect o r , + s e c t o r s or + s i z e { K , M , G} ( 4196352 - 2 0 9 7 1519 , default
2097 1519 ) : +512M
-
P a r t i t ion 2 o f type L i n u x and of size 512 MiB i s s e t

Command ( m f o r help ) : t
P a r t i t ion n u m b e r ( 1 , 2 , default 2 ) : E n t e r -

Hex code ( type L t o l i s t a l l codes ) : 82


C h a n g e d type o f p a r t i t io n ' Li n u x ' t o ' Li n u x swap I Sola r i s '

-
Command ( m f o r h e lp ) : w
T h e p a r t i t i o n t ab l e has been al t e red !

Call i n g i o c t l ( ) t o r e - read p a r t i t i o n table .

I
WARN I N G : Re - r ea d i n g t h e p a r t i t io n table failed wit h e r r o r 16 : Device o r r e s o u r c e
busy .
The k e r nel s t ill u ses t h e old table . The new t a b l e will be u sed at
the next r e b o o t or af t e r you r u n par t p r o be ( B ) or k p a r t x ( B )
Syn c i n g d i s k s .
[ s t u d e n t@d e s k t o pX - ] $ sudo partprobe
-

-
312 R H134- R H E L 7 - e n -1 -2014061 0

-
-

Solution
-

2. Fo r m a t t h e new partition a s swa p.

-
[ s t u d e n t@des k t opX - ] $ sudo mkswap /dev/vdb2

- 3. Retrieve t h e U U I D for yo u r new swap partition.

[ s t u d e n t @d e s k t opX - ] $ s u d o blkid /dev/vdb2


-

4. Add t h e fo l l o w i n g l i n e to / e t c / f s t ab; m a ke s u re to use the U U I D you fo u n d i n the


-
prev i o u s step.

U U I D= " xxxxxxxx - x xxx - x xxx - xxxxxxxxxxxx " swap swap defau l t s 0 0


-

5. Activate a l l swa ps.

-
-
[ s t ud e n t@de s k t opX - ] $ sudo swapon - a

- 7. C reate a new g r o u p ca l l e d kings, a n d fo u r n ew u s e rs b e l o ng i n g to t h a t g ro u p : st annis,


j of f r ey, renly, and robb.

- 1. C reate the kings g ro u p .

[ s t ud e n t@d e s k t opX - ] $ s u d o g roupadd kings


-

2. C reate t h e fou r users, a n d a d d t h e m t o t h e kings g ro u p .

-
[ s t ud e n t@de s k t o pX - ] $ for NEWUSER in stannis j offrey r enly robb ; d o
> s u d o u s e r add - G kings S { N EWUSER}
> done
-

8. C reate a new d i rectory / i r on t h rone, owned by root : root with p e r m i s s i o n s 0700.


-
Confi g u re t h i s d i rectory so that u s e rs i n the kings g ro u p have both read and write
privi l e g e s o n it, w i t h t h e exce ption of the user j off rey, who s h o u l d only b e g ra nted read
-
privi l eges.

These rest r i c t i o n s should a l so apply to a l l n e w fi l es a n d d i rectories c reated under t h e


-
/ i r o n t h rone d i rectory.

1. C reate t h e d i rectory w i t h t h e correct p e r m i s s i o n s .


-

[ s t ud e n t@d e s k t opX - ] $ s u d o m k d i r - m 0 7 0 0 /ironth rone

-
2. Add an ACL o n /iron t h rone g ra n t i n g u s e rs in the kings g ro u p read a n d w rite
p r i v i l eges. D o not forget to add execute p e r m i s s i o n s as we l l , s i n ce t h i s is a d i recto ry.

-
[ s t u d e n t@de s k t o pX - ] $ sudo s e t facl - m g : kings : rwX / i r o n t h rone

-
RH134- R H E L 7-en-1-201 4061 0 313

-
-

C h a pte r 1 5. C o m p re h e ns i ve Review of System Ad m i n istra t i o n I I

3. Add an ACL for the user j of f r ey, w i t h o n l y rea d and execute p e r m issions.

l [ s t ud e n t@d e s k t o pX - ] $ sudo setfacl - m u : j offrey : r - x /iron t h rone

4. Add the two p rev i o u s ACLs a s d e fa u l t A C L s as we l l .

[ s t u de n t @d e s k t o pX - ] $ sudo set facl - m d : g : kings : rwx /iront h rone


[ s t u d e n t@de s k t o p X - ] $ sudo setfacl - m d : u : j offrey : r - x / i r o n t h rone

9. I n sta l l the httpd a n d mod_ss/ packages, t h e n e n a b l e and start the h t t pd . se rvice se rvice.

1. I n sta l l the httpd and mod_ssl packages.

I [ s t u d en t@d e s k t o pX - ] $ sudo yum i n s t all h t t pd mod_ssl

2. Start and e n a b l e t h e h t t pd . se rvice se rvice.

[ s t u d en t@d e s k t o pX -]$ sudo syst emc t l s t a r t h t t pd . se rvice


[ s t u d e n t@de s k t o pX - ] $ sudo systemc t l enable h t t pd . se rvice

1 0. O p e n up port 12345 / t c p in t h e d e fa u l t z o n e for the fi rewa l l r u n n i n g on your syste m .

1. O p e n port 12345 / t c p i n t h e p e r m a n e n t confi g u ra t i o n o f t h e d e fa u l t z o n e f o r yo u r


fi rewa l l .

[ s t ud e n t@de s k t opX - ] $ sudo firewall - cmd - - pe rmanen t - - add - po r t =12345/tcp

2. R e l o a d yo u r f i rewa l l to activate your c h a nges.

-
[ s t u d e n t@de s k t opX - ] $ s u d o fi rewall - cmd - - reload

11. C reate a new d i rectory ca l l ed /doc root. M a ke s u re that t h e S E L i n u x context for t h i s


d i rectory is s e t to p u blic_co n t e n t_t , a n d t h a t t h i s context w i l l s u rvive a re l a b e l
operat i o n .

1. C reate the /doc root d i rectory.

I [ s t u d e n t@de s k t opX - ] $ sudo mkdir /docroot -

2. Add a new defa u lt f i l e context for the /doc root d i rectory and a l l its d esce n d a nts.
-

[ s t u d e n t@de s k t o pX - ] $ sudo semanage fcontext - a - t pu blic_content_t ' /


doc root ( / . * ) ? '

3. Re l a b e l the /doc root d i recto ry.


-

[ s t u d e n t@d e s k t o pX - ] $ sudo restorecon - RvF /doc root

314 R H1 3 4- R H E L 7-en-1 -2014061 0

-
-

S o l ution
-
12. h t t p : / / s e r v e rX . e x am p l e . c o m / l o g f i l e conta i n s t h e logs fo r a rece nt
p roject. Dow n l oa d t h i s f i l e , t h e n extract all l i nes e n d i n g i n ERROR o r FAI L to t h e f i l e
-
/ home/ s t u de n t / e r r o r s . t x t . A l l l i nes s h o u l d b e kept i n the o rd e r i n w h i c h t h ey a p pe a r i n
t h e l o g f i l e.
-
1. Dow n l oa d t h e l o g f i l e.

I
i
[ s t ud e n t@de s k t o pX - ] $ wget h t t p : //serverX . example . com/logfile

2. Extract every line t h a t ends i n e i t h e r ERROR o r FAI L i nto t h e f i l e


/home/ s t u d e n t / e r r o r s . t x t , w h i l e kee p i n g t h e l i n e o rd e r i ntact.

[ s t u d e n t @d e s k t opX - ] $ g r e p -e ' ERROR$ ' -e ' FAIL$ ' logfile > /home/student/
e r rors . t xt

13. Yo u r system s h o u l d have a new d i rectory used to sto re t e m porary f i l e s n a m e d


-
/ r u n/ve ryve ryvolatile. W h e never syst emd - tmpfiles - - clean is r u n , a n y f i l e o l d e r
t h a n 5 seco n d s s h o u l d b e d e l eted f r o m t h a t d i recto ry.

T h i s d i rectory s h o u l d have p e r m i s s i o n s 1 7 7 7 , a n d be owned by root : roo t .

1. C reate a n e w f i l e ca l l e d / e t c / t mpfiles . d/ve ryveryvolat ile . conf w i t h t h e


- fo l l ow i n g content:

--
d / r u n/veryver �:;� at ile 1777 r o o t r o o t 5 s
I

2. Have sys t emd - t mpfiles c reate t h e d i recto ry.

[ s t u d e n t@de s k t opX - ] $ sudo systemd - tmpfiles - - c reate


I
14. Ve rify yo u r work by reboot i n g yo u r d e s k t opX m a c h i n e and r u n n i n g the fo l l ow i n g co m m a n d
on yo u r deskt opX sy � e m :

[ s t u d e n t@de s k t o pX - ] $ lab sa2 - review g rade

If any req u i re m e n t comes up as " FA I L" , rev i s i t that req u i re m e nt, a n d t h e n reboot a n d g ra d e
again.

- RH134- R H E L 7-e n-1-20140610 31 5

You might also like