RHCSA 9 (EX200) Exam Practical Commands and Study Notes

1. System Configuration and Management

 Set hostname:
 hostnamectl set-hostname new-hostname
 Enable Network Interface:
 nmcli connection up "<connection_name>"
 Static IP Configuration:
 nmcli con mod "<connection_name>" ipv4.addresses 192.168.1.100/24
ipv4.gateway 192.168.1.1 ipv4.dns "8.8.8.8" ipv4.method manual
 nmcli con up "<connection_name>"
2. User and Group Management
 Create user and assign group:
 useradd -g developers alice
 Add secondary group:
 usermod -aG developers bob
 Password management:
 passwd alice
 chage -d 0 alice
 Restrict login for a user:
 useradd -M -s /sbin/nologin eve
3. File Systems and Storage
 Create partitions:
 fdisk /dev/sdb
 Format a partition:
 mkfs.ext4 /dev/sdb1
 Mount a filesystem:
 mount /dev/sdb1 /mnt/data
 echo '/dev/sdb1 /mnt/data ext4 defaults 0 0' >> /etc/fstab
 Create and manage LVM:
 pvcreate /dev/sdb1
  vgcreate appdata /dev/sdb1
 lvcreate -L 500M -n lv_app1 appdata
 mkfs.ext4 /dev/appdata/lv_app1
 mount /dev/appdata/lv_app1 /opt/app1
4. SELinux Management
 Set SELinux to permissive mode:
 setenforce 0
 sed -i 's/^SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config
 Manage contexts:
 semanage fcontext -a -t httpd_sys_content_t '/opt/myapp(/.*)?'
 restorecon -Rv /opt/myapp
5. Networking and Security
 Configure firewalld:
 firewall-cmd --permanent --add-port=8081/tcp
 firewall-cmd --reload
 Secure SSH:
 vim /etc/ssh/sshd_config
 # Change Port 22 to Port 2222
 systemctl restart sshd
6. Shell Scripting and Automation
 Schedule Cron Job:
 crontab -e
 # Add: 30 2 * * 1,3,5 /usr/local/bin/daily_backup.sh
 Create a backup script:
 #!/bin/bash
 tar -czf /var/backups/home_alice_$(date +%F).tar.gz /home/alice 2>>
/var/log/daily_backup.log
7. System Logging and Monitoring
 View logs with journalctl:
 journalctl -u sshd -n 50
  Configure logrotate:
 vim /etc/logrotate.d/monitor_system
 # Add:
 /var/log/monitor_system.log {
 weekly
 rotate 4
 compress
 postrotate
 echo "Log rotated" | mail -s "Log Rotation" [email protected]
 endscript
 }
8. Advanced Partitioning and LVM
 Resize logical volume:
 lvextend -L +20G /dev/thin_vg/thin_lv1
 resize2fs /dev/thin_vg/thin_lv1
9. Password Policy Configuration
 Password aging policy:
 vim /etc/login.defs
 # Set:
 PASS_MAX_DAYS 60
 PASS_MIN_DAYS 1
 PASS_WARN_AGE 14
 Lock inactive accounts:
 usermod -L --inactive 90 alice
10. Container Management
 Run a container:
 podman run -d --name myapp --user appuser --network myapp_network --ip
192.168.1.10 -v myapp_data:/data myapp-image
 Configure systemd for container:
 vim /etc/systemd/system/myapp.service
  # Add:
 [Unit]
 Description=MyApp Container


 [Service]
 Restart=on-failure
 ExecStart=/usr/bin/podman start -a myapp
 ExecStop=/usr/bin/podman stop -t 10 myapp


 [Install]
 WantedBy=multi-user.target


 systemctl enable myapp

11. Advanced SSH Hardening
 Disable root login and enforce key-based authentication:
 vim /etc/ssh/sshd_config
 # Set:
 PermitRootLogin no
 PasswordAuthentication no
 Restrict SSH access by IP:
 echo 'AllowUsers [email protected].*' >> /etc/ssh/sshd_config
 systemctl restart sshd
12. Troubleshooting and Verification
 Check SELinux denials:
 ausearch -m avc -ts recent
 Verify NTP sync:
 ntpq -p
 Monitor system resources:
 top
 df -h
  free -m
This guide covers essential RHCSA tasks for exam preparation. Practice thoroughly
in a virtualized lab environment and review Red Hat's official documentation for
deeper insights.