|__INSTRUCTION__|

* You will be given by 2 VMs

-hostname: servera.lab.example.com (172.24.10.10)
-hostname: serverb.lab.example.com (172.24.10.11)
* Total number of Questions will be arround 22.
* In one system root password is already set (no need to reset) but in second
system password need to be recovered.
* In one system Network configuration is required but in another one networking is
already done
* NTP need to be configured in only one system (not in both)
* YUM Repo need to configured in both systems.
* Firewall and SELinux both will be pre-enabled.
------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------
|__NODE1__|
Q1.Configure network and set the static hostname.
IP ADDRESS = 172.25.250.10
NETMASK = 255.255.255.0
GATEWAY = 172.25.250.254
DNS/Nameserver = 172.25.250.254
Domain name = lab.example.com
HostName = servera.lab.example.com
-------------------------------------------------------------------------------------------

Q2. Configure YUM repos with the given link || (2repos: 1st is BaseOS and 2nd is
AppStream)
baseurl = http://content.example.com/rhel9.0/x86_64/dvd/BaseOS ( for baseos )
baseurl = http://content.example.com/rhel9.0/x86_64/dvd/AppStream ( for appstream )
ANS:-
# vim /etc/yum.repos.d/rhel.repo
[BaseOs]
name=BaseOs
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS/
enabled=true
gpgcheck=false

[AppStream]
name=AppStream
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/AppStream/
enabled=true
gpgcheck=false
:wq!
# yum clean all
# yum repolist all
 # yum install httpd -y (verify)

--------------------------------------------------------------------------------------------

Q3. Debug SELinux.

- A web server running on non standard port 82 is having issues serving
content,Debug and fix the issues.
- The web server on your system can server all the existing HTML files from
/var/www/html
- Web service should automatically start at boot time.
NOTE: Do not make any changes to these files
ANS:-
# yum install httpd -y(if it's not there)
# systemctl status httpd.service
# systemctl enable httpd.service
# systemctl status httpd.service
# vim /etc/httpd/conf/httpd.conf
Listen 82 ("Listen" parameter already there)
:wq!
# firewall-cmd --permanent --add-port=82/tcp
# firewall-cmd --reload
# firewall-cmd --list-all
# semanage port -l | grep "http" (to verify 82 port has added in semanage or not)
# semange port -a -t httpd_port_t -p tcp 82
# semanage port -l | grep "http" (verify it again)
# systemctl restart httpd.service
# curl localhost:82 (verify)

------------------------------------------------------------------------------------------------------------------------

Q4. Create User accounts with supplementry group.

- create the group a named "sysadms"
- create users as named "natasha" and "harry", will be the supplementry group
"sysadms".
- cerate a user as named "sarah", should have non-interactive shell and it should be not
the member of "sysadms"
- password for all users should be "trootent"

ANS:-
# groupadd sysadmin
# useradd -G sysadmin natasha
# useradd -G sysadmin harry
# id natasha (verify)
# id harry (verify)
 # useradd -s /sbin/nologin sarah
# tail /etc/passwd (verify)
# chpasswd (to set the password for multiple user)
natasha:trootent
harry:trootent
sarah:trootent

--------------------------------------------------------------------------------------------------------------

Q5. Configure a cron job that runs every 1 minutes and executes logger "EX200 in
progress" as the user natasha.

ANS:-
# systemctl status crond.service (verify)
# yum install cronie -y (if the package is not there)
# systemctl enable --now crond.service
# crontab -eu natasha
*/1 * * * * logger "EX200 in progress
wq!
# tail -f /var/log/message | grep "EX200" (verify)

------------------------------------------------------------------------------------------------------------------

Q6. Create a collaborative Directory.

- Create the Directory "/home/manager" with the following characteristics.
- Group ownership of "/home/manager" should go to "sysadms" group.
- The directory should have full permission for all members of "sysadms" group but not
to the other users except "root".
- Files created in future under "/home/manager" should get the same group ownership.

ANS:-
# mkdir /home/manager
# chgrp sysadms /home/manager
# ls -ld /home/manager (verify)
# chmod g+rwx,o-rwx /home/manager
# ls -ld /home/manager (verify)
# chmod g+s /home/manager (apply sgid permission)
# touch /home/sysadms/file1.txt (verify)
# ls -l /home/sysadms/file1.txt (verify)

-------------------------------------------------------------------------------------------------------------------------------

Q7. Configure NTP.

- Synchronize time of your system with the server 'classroom.example.com'
ANS:-
# systemctl status chronyd.service
# yum install chrony -y ( if it is not there )
# systemctl enable --now chronyd.service
# systemctl status chronyd.service (verify)
# timedatectl (Make sure your system clock syncronize yes and ntp service should be active )
# timedatectl set-ntp true
# vim /etc/chrony.service
server classroom.example.com iburst
:wq!
# systemctl restart chronyd.service
# chronyc sources (verify)

-------------------------------------------------------------------------------------------------------------------------------

Q8. Configure AutoFS

- All ldapuserX home directory is exported via NFS, which is available on
classroom.example.com(172.25.250.254) and your NFS-exports
directory is /home/guests for ldaouserX.
- ldapuserX's home directory is classroom.example.com:/home/guests/ldapuserX,
Where 'X' is the station number.
- ldapuserX's home directory should be automount autofs service.
- home directories must be writtable by their users.
NOTE: While you are able to loginas any of user ldapuser1 to ldapuser20 the only home
directory that is accessible from your system.

ANS:-
# yum install autofs -y
# systemctl enable --now autofs.service
# systemctl status autofs.service
# vim /etc/auto.master
/home/guests /etc/auto.misc
:wq!
# vim /etc/auto.misc
ldapuserX -fstype=nfs,rw,sync classroom.example.com:/home/guests/&
:wq!
# systemctl restart autofs.service
# ls -ld /home/guests (verify)

------------------------------------------------------------------------------------------------------------------------------

Q9. Create user 'alex' with 3456 uid and set the password 'trootent'
ANS:-
# useradd -u 3456 alex
# passwd --stdin alex
trootent
# id alex (verify)

------------------------------------------------------------------------------------------------------------------------------

Q10. Locate all files owned by user "harry" and copy it under /root/harry-files.

ANS:-
# mkdir /root/harry-files
# find / -user harry -exec cp -rpvf {} /root/harry-files \;
# ls -la /root/harry-files (verify)

------------------------------------------------------------------------------------------------------------------------------

Q12. Find a string 'ich' from "/usr/share/dict/words" and put it into /root/lines file.

ANS:-
# grep 'ich' /usr/share/dict/words > /root/lines
# cat /root/lines (verify)

-------------------------------------------------------------------------------------------------------------------------------

Q13. create an archive '/root/backup.tar.bz2' of /usr/local directory and compress it with

bzip2.

ANS:-
# tar cfj /root/backup.tar.bz2 /usr/local
# ls -l /root/backup.tar.bz2 (verify)

NOTE:- If it's asking you on gzip then # tar cfz /root/backup.tar.gz /usr/local
If it's asking you on xzip then # tar cfJ /root/backup.tar.xz /usr/local

------------------------------------------------------------------------------------------------------------------------------

Q14. Script file

- create a script file with the name 'script.sh' inside the '/bin' and locate all files from
'/usr/local' directory which has more than 30k and lessthan 50k copy under '/root/d1'.
- set the sgid permission for this directory.

ANS:-
# vim /bin/script.sh
 #!/bin/bash

mkdir /root/d1
find /usr/local -size +30k -size -50k -exec cp -rpvf {} /root/d1 \;
chmod g+s /root/d1
:wq
# chmod a+x /bin/script.sh
# sh /bin/script.sh

-------------------------------------------------------------------------------------------------------------------------------

Q15. Create a container image from the provided link.

- create a container image from "http://utility.example.com/container/Containerfile"
name it as 'process_files'.
- Login to 'registry.lab.example.com' through "admin" and "redhat321"
NOTE:- Find the registry from Instruction page. || container should be create by one
regular user 'athena' will get in ques.

ANS:-
# id athena
# ssh athena@localhost
$ podman -u admin
password: redhat
$ wget http://utility.example.com/container/Containerfile (from given url)
$ podman build -t process_files -f <filename> (which you have downloaded from top link)
$ podman images (verify)
localhost/process_files (output will get)
$ exit
-------------------------------------------------------------------------------------------------------------------------------

Q16. Create rootless container and do volume mapping which they asked you in the
question and run container as a service from normal
user account, the service must be enable so it could start automatically after reboot.
- Create a container named as 'ascii2pdf' using the previously created container image
from previous question 'process_files'
- Map the '/opt/files' to container '/opt/incoming'
- Map the '/opt/processed' to container '/opt/outgoing'
- Create systemd service as container-ascii2pdf.service
- Make service active after all server reboots.

ANS:-
# mkdir /opt/files /opt/processed
# chown -R athena:athena /opt/files
 # chown -R athena:athena /opt/processed
# ssh athena@localhost
$ podman run -d --name ascii2pdf -v /opt/files:/opt/incoming:Z -v
/opt/processed:/opt/outgoing:Z localhost/process_files
$ podman ps
$ mkdir /home/athena/.config/systemd/user/
$ cd /home/william/.config/systemd/user/
$ podman generate systemd --name ascii2pdf --files --new
$ ls -lrt
container-ascii2pdf.service (output will get)
$ loginctl enable-linger athena
$ loginctl show-user athena
$ systemctl --user daemon-reload
$ systemctl --user enable container-ascii2pdf.service
$ systemctl --user start container-ascii2pdf.service
$ systemctl --user status container-ascii2pdf.service

-------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------------
INSTRUCTION:-
In this server 3 disks will be given.
* /dev/vda : For root filesystem (don't do anything under this disk).
* /dev/vdb : You need to use swap or lvm.
* /dev/vdc :
-----------------------------------------------------------------------------------------------------------------------

Q17. Reset root user password and make it 'trootent'

ANS:-
STEP_1: Find alt+ctrl+del
STEP_2: Interrupt the boot-loader countdown by pressing any key, except Enter (press
uparrow and downarrow)
STEP_3: Move the cursor to the rescue kernel entry to boot (the one with the word rescue in
its name)
STEP_4: Press e to edit the selected entry
STEP_5: Move the cursor to the kernel command line (the line that starts with linux)
STEP_6: In that line end Append "rd.break console=tty1"
STEP_7: Press Ctrl+x to boot with the changes
STEP_8: Press Enter to perform maintenance when prompted
sh-5.1# mount -o remount,rw /sysroot (Remount /sysroot as read/write)
sh-5.1# chroot /sysroot (Switch into a chroot jail, where /sysroot is treated as the root of the
file-system tree)
sh-5.1# passwd root (Set a new root password)
 sh-5.1# touch /.autorelabel (to relebl all files)
sh-5.1# exit (twice)

---------------------------------------------------------------------------------------------------------------

Q18. Configure YUM repos with the given link || (2repos: 1st is BaseOS and 2nd is
AppStream)
baseurl = http://content.example.com/rhel9.0/x86_64/dvd/BaseOS ( for baseos )
baseurl = http://content.example.com/rhel9.0/x86_64/dvd/AppStream ( for appstream
)
ANS:-
# vim /etc/yum.repos.d/rhel.repo
[BaseOs]
name=BaseOs
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/BaseOS/
enabled=true
gpgcheck=false

[AppStream]
name=AppStream
baseurl=http://content.example.com/rhel8.0/x86_64/dvd/AppStream/
enabled=true
gpgcheck=false
:wq!
# yum clean all
# yum repolist all

----------------------------------------------------------------------------------------------------------------------

Q19. Resize a logical Volume

- Resize the logical volume "mylv" so that after reboot size should be in between
290MB to 330MB.
NOTE:- Already lvm got cretaed in Exam.

ANS:-
# lvs
# lsblk
# lvextend -L 310M /dev/myvg/mylv
# resize2fs /dev/mapper/myvg-mylv
# lsblk (verify)
# df -Th (verify)

----------------------------------------------------------------------------------------------------------
Q20. Add a swap partition of 512MB and mount it permanently.

ANS:- # gdisk /dev/vdb

Command (? for help): n
Partition number (2-128, default 2):
First sector (34-2047, default = 34) or {+-}size{KMGTP}: Press Enter
Last sector (34-2047, default = 2047) or {+-}size{KMGTP}: +512M
Hex code or GUID (L to show codes, Enter = 8300): Press Enter
Command (? for help): t
Partition number (1-2): 2
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 8200
Changed type of partition to 'Linux swap'
Command (? for help): w
# udevadm settle
# lsblk
# mkswap /dev/vdb2
# blkid (copy the path which you have cretaed for swap partition)
# vim /etc/fstab
/dev/vdb2 swap swap defaults 0 0
:wq!
# swapon -a
# lsblk (verify)
# reboot
# lsblk

-----------------------------------------------------------------------------------------------------------------

Q21. Create a logical volume of name "wshare" from a volume group name "wgroup"
physical extents of 16M and logical volume should
have size of 50extents.Formate with vfat filesystem and permanently mounted to
/mnt/wshare.

ANS:-
# gdisk /dev/vdb
Command (? for help): n
Partition number (3-128, default 3): 3
First sector (34-2047, default = 34) or {+-}size{KMGTP}: Press Enter
Last sector (34-2047, default = 2047) or {+-}size{KMGTP}: +1024M
Hex code or GUID (L to show codes, Enter = 8300): Press Enter
Command (? for help): t
Partition number (1-3): 3
Current type is 8300 (Linux filesystem)
Hex code or GUID (L to show codes, Enter = 8300): 8e00
 Changed type of partition to 'Linux lvm'
Command (? for help): w
# udevadm settle
# pvcreate /dev/vdb3
# vgcreate -s 16M wgroup /dev/vdb3
# vgs / vgdisplay (verify)
# lvcreate -n wshare -l +50 wgroup /dev/vdb3
# lvdisplay (verify)
# mkfs vfat /dev/mapper/wgroup-wshare
# blkid
# mkdir /mnt/wshare
# vim /etc/fstab
/dev/mapper/wgroup-wshare /mnt/wshare vfat defaults 0 0
:wq
# mount -a
# lsblk (verify)
# reboot
# lsblk / df -Th (verify)

--------------------------------------------------------------------------------------------------------------------

Q22. Configure System Tuning.

- Choose the recommended 'tuned' profile for your system and set it as the default.

ANS:-
# systemctl status tuned.service
# yum install tuned -y (If it's not installed)
# systemctl enable --now tuned.service
# tuned-adm recommend
virtul-guest (output)
# tuned-adm profile virtul-guest
# tuned-adm active
Current active profile: virtual-guest (output)

-------------------------------------------------------------------------------------------------------------------
BEST OF LUCK
-------------------------------------------------------------------------------------------------------------------