User:Tom/RHCSA EX200: Difference between revisions

From RoggeWiki
Jump to navigation Jump to search
 
(14 intermediate revisions by the same user not shown)
Line 1: Line 1:
====Lab setup====
====Lab setup====
  Physical host        host1
  Physical host        host1
  Virtual machine 1    server1
  Virtual machine 1    server1   192.168.122.110
  Virtual machine 2    server2
  Virtual machine 2    server2   192.168.122.120


====Hoofdstuk 02 Using basic Linux Tools====
====Hoofdstuk 02 Using basic Linux Tools====
Line 31: Line 31:
  ln, ln -s
  ln, ln -s
  chmod chown chgrp
  chmod chown chgrp
  umask files en directories
  umask files en directories. Initial permissions for file 666 and for directories 777.
  Special permissions setuid setgid sticky
 
  Special permissions setuid setgid sticky. setuid s set on owner of executable files, setgid  s set on group of executable files.
Examples are su and wall.
setgid on directory group; new files inherit directory's owning group.


====Hoofdstuk 04 Dealing with the Bash shell, processes and scheduling====
====Hoofdstuk 04 Dealing with the Bash shell, processes and scheduling====
Line 58: Line 61:
  yum-config-manager
  yum-config-manager
  yum check-update clean, group install, group info, group list, group remove,
  yum check-update clean, group install, group info, group list, group remove,
     repolist, repository-packages
     repolist, repolist all, repository-packages
     info, install, list, search, update, history
     info, install, list, search, update, history
  createrepo
  createrepo
man yum.conf for info about repository files


gnome-packagekit
gnome-packagekit
Line 158: Line 163:
  lvresize
  lvresize
  lvreduce
  lvreduce
  lvremove  
  lvremove
 
/etc/lvm/backup  Contains volume group details


====Hoofdstuk 10 Constructing and using filesystems and swap====
====Hoofdstuk 10 Constructing and using filesystems and swap====
Line 175: Line 182:
  mount
  mount
  umount
  umount
NFS filesystems
Package nfs-utils
mount -t nfs 192.168.1.110:/aapje /aap
/etc/fstab: 192.168.1.110:/aapje /aap nfs _netdev 0 0
AutoFS
Package autofs
Daemon automount
/etc/sysconfig/autofs
/etc/auto.master


UUID universally Unique IDentifier
UUID universally Unique IDentifier
Line 180: Line 199:
=====Swap Space=====
=====Swap Space=====
free -h
free -h
lvcreate
mkswap
mkswap
swapon
=====ACL's=====
chacl
getfacl file1
setfacl -m user:aap:rw file1
mount options: defaults,acl


====Hoofdstuk 11 Controlling Access through Firewall and SELinux====
====Hoofdstuk 11 Controlling Access through Firewall and SELinux====
Line 234: Line 262:


  yum install *ldap* packages
  yum install *ldap* packages
  authconfig  
  authconfig
  authconfig-gtk
  authconfig-gtk
authconfig-tui
  system-config-authentication
  system-config-authentication


Line 241: Line 270:


  /etc/hosts
  /etc/hosts
/etc/resolv.conf
  /etc/sysconfig/network-scripts
  /etc/sysconfig/network-scripts


Line 268: Line 298:
  swap create lvm en partitie
  swap create lvm en partitie
  lv in nieuwe vg
  lv in nieuwe vg
update kernel en save vorige kernel

Latest revision as of 20:44, 18 July 2016

Lab setup

Physical host         host1
Virtual machine 1     server1   192.168.122.110
Virtual machine 2     server2   192.168.122.120

Hoofdstuk 02 Using basic Linux Tools

ssh host
ssh -l user host
ssh -X host
ls pwd cd mkdir 
tty who uptime whoami logname
if groups 
last lastb lastlog 
uname 
hostnamectl
timedatectl list-time-zones
clear 
which wc
lspci lscpu
gzip gunzip bzip2 bunzip2 tar star
vi
man apropos mandb whatis info

Hoofdstuk 03 Working with files and file permissions

/boot /var/ /usr /opt /home /dev /proc /sys /tmp
file touch cat less head tail
cp mv rm lsattr chattr
find 
ln, ln -s
chmod chown chgrp
umask files en directories. Initial permissions for file 666 and for directories 777.

Special permissions setuid setgid sticky. setuid s set on owner of executable files, setgid  s set on group of executable files.
Examples are su and wall.
setgid on directory group; new files inherit directory's owning group.

Hoofdstuk 04 Dealing with the Bash shell, processes and scheduling

variables, local and environment
export unset
> >> &>
HISTFILE history
set -o vi
grep * ? \
ps pidof pgrep
nice  renice
kill pkill killall
at crontab

Hoofdstuk 05 Managing software packages

RHSM Red Hat Subscription Management
SAM Subscription Asset Manager
subscription-manager
rpm rpm2cpio
mount /dev/cdrom /mnt
mount -o loop /.../*.iso /mnt

yum-config-manager
yum check-update clean, group install, group info, group list, group remove,
    repolist, repolist all, repository-packages
    info, install, list, search, update, history
createrepo

man yum.conf for info about repository files

gnome-packagekit 

/etc/yum.conf
/etc/yum.repos.d

Hoofdstuk 06 Configuring server virtualization and network installing RHEL7

lscpu
yum -y group install 

virt-install
virsh list pool-list pool-info
virt-manager

brctl

Kickstart anaconda-ks.cfg
ksvalidator
wget

/etc/sysconfig/network-scripts

Hoofdstuk 07 Booting RHEL 7, updating Kernel and logging messages

lsmod
modinfo
modprobe
grub2-mkconfig -o /boot/grub2/grub.cfg
grub2-set-default

rootpw init=/sysroot/bin/sh, chroot /sysroot, mount -o remount,rw /, passwd, touch /.autorelabel, exit, reboot

yum list installed kernel

/boot
/etc/grub.d

systemctl 
systemd-analyze
systemd-cgtop

journalctl
mkdir -p /var/log/journal
systemctl restart systemd-journald

Hoofdstuk 08 Managing users and groups

pwck 
pwconv
grpconv

useradd, usermod, userdel
chage

vigr
vipw 

groupadd, groupmod, groupdel 
gpasswd
/etc/default/useradd
/etc/passwd
/etc/shadow
/etc/login.defs
/etc/skel
/etc/group
/etc/gshadow

/etc/bashrc
/etc/profile
/etc/profile.d
.bashrc
./bash_profile

Hoofdstuk 09 Partitioning and managing disk storage

Master Boot Record (MBR) on BIOS-based systems versus GUID Partition Tabel (GPT) on UEFI-based systems. 

parted, gdisk, fdisk
partprobe
lsblk 

pvs
vgs
lvs
vgdisplay 
lvdisplay 
lvmdiskscan

pvcreate 
vgcreate
vgextend
vgreduce
vgremove

lvextend
lvresize
lvreduce
lvremove

/etc/lvm/backup  Contains volume group details

Hoofdstuk 10 Constructing and using filesystems and swap

Filesystem administration commands. 

e2fsck
fsck.ext3
fsck.ext4
mke2fs
mkfs.xfs
resize2fs
tune2fs

Commands common to all filesystems. 

blkid - Used to dermine UUID of a partition / logical volume / filesystem
mount
umount

NFS filesystems 

Package nfs-utils
mount -t nfs 192.168.1.110:/aapje /aap
/etc/fstab: 192.168.1.110:/aapje /aap nfs _netdev 0 0

AutoFS 

Package autofs
Daemon automount

/etc/sysconfig/autofs
/etc/auto.master

UUID universally Unique IDentifier

Swap Space

free -h lvcreate mkswap swapon

ACL's
chacl
getfacl file1
setfacl -m user:aap:rw file1

mount options: defaults,acl

Hoofdstuk 11 Controlling Access through Firewall and SELinux

SELinux
context for subjects and objects
context contains a type or domain and a security level with subject and object information
-u user, _r role, _t domain

Domain transitioning allows a proces in one domain to enter another domain to execute an application authrized to run in that domain only, a proper rule must exist to support such a transition.

Commands
id -Z                                                      View context set on Linux user
ls -Z                                                      Determine context for files
ps -eZ                                                     Determine context on processes
seinfo -u                                                  List available SELinux users
semanage
sestatus                                                   SELinux status tool
getsebool -a                                               Show all SELinux Boolean variables
setsebool                                                  Set a boolean variable
getenforce                                                 Get the current mode of SELinux
setenforce
cp --preserve=context                                      Preserve specified attributes
sealert                                                    SELinux troubleshooter
Packages
libselinux-utils
policycoreutils
setools-console                                            contains seinfo command
setroubleshoot-server                                         Troub
Files
/etc/sestatus.conf
/etc/selinux/config                                         Controls state of SELinux (enforcing, permissive or disabled
/etc/selinux/targeted/contexts/files/file_contexts.local    custom context
/sys/fs/selinux/booleans

Hoofdstuk 12 Administering Network Interfaces and Network Clients

Hostname
Commands
arp -a
ip neighbor
hostname
hostnamectl
ifdown ifup
nmcli
nm-connection-editor
nmtui
uname 
systemctl restart systemd-hostnamed

yum install *ldap* packages
authconfig
authconfig-gtk
authconfig-tui
system-config-authentication
Files
/etc/hosts
/etc/resolv.conf
/etc/sysconfig/network-scripts

/etc/sssd/sssd.conf

Hoofdstuk 13 Securing access with SSH and TCP wrappers

ssh-keygen
ssh-copy-id

sftp

yum info tcp_wrappers
/etc/sshd/sshd_config
/etc/sshd/ssh_config
/etc/hosts.allow
/etc/hosts.deny
/var/log/secure

Hints 

repo
kernel update
acl
ntp
autofs
ldap
swap create lvm en partitie
lv in nieuwe vg
Retrieved from "https://wiki.roggeman.nl/index.php?title=User:Tom/RHCSA_EX200&oldid=4721"