User:Tom/RHCSA EX200

Lab setup

Physical host         host1
Virtual machine 1     server1
Virtual machine 2     server2

Hoofdstuk 02 Using basic Linux Tools

ssh host
ssh -l user host
ssh -X host
ls pwd cd mkdir 
tty who uptime whoami logname
if groups 
last lastb lastlog 
uname 
hostnamectl
timedatectl list-time-zones
clear 
which wc
lspci lscpu
gzip gunzip bzip2 bunzip2 tar star
vi
man apropos mandb whatis info

Hoofdstuk 03 Working with files and file permissions

/boot /var/ /usr /opt /home /dev /proc /sys /tmp
file touch cat less head tail
cp mv rm lsattr chattr
find 
ln, ln -s
chmod chown chgrp
umask files en directories
Special permissions setuid setgid sticky

Hoofdstuk 04 Dealing with the Bash shell, processes and scheduling

variables, local and environment
export unset
> >> &>
HISTFILE history
set -o vi
grep * ? \
ps pidof pgrep
nice  renice
kill pkill killall
at crontab 

Hoofdstuk 05 Managing software packages

RHSM Red Hat Subscription Management
SAM Subscription Asset Manager
subscription-manager
rpm rpm2cpio
mount /dev/cdrom /mnt
mount -o loop /.../*.iso /mnt

yum-config-manager
yum check-update clean, group install, group info, group list, group remove,
    repolist, repository-packages
    info, install, list, search, update, history
createrepo

gnome-packagekit

/etc/yum.conf
/etc/yum.repos.d

Hoofdstuk 06 Configuring server virtualization and network installing RHEL7

lscpu
yum -y group install 

virt-install
virsh list pool-list pool-info
virt-manager

brctl

Kickstart anaconda-ks.cfg
ksvalidator
wget

/etc/sysconfig/network-scripts

Hoofdstuk 07 Booting RHEL 7, updating Kernel and logging messages

lsmod
modinfo
modprobe
grub2-mkconfig -o /boot/grub2/grub.cfg
grub2-set-default

rootpw init=/sysroot/bin/sh, chroot /sysroot, mount -o remount,rw /, passwd, touch /.autorelabel, exit, reboot

yum list installed kernel

/boot
/etc/grub.d

systemctl 
systemd-analyze
systemd-cgtop

journalctl
mkdir -p /var/log/journal
systemctl restart systemd-journald

Hoofdstuk 08 Managing users and groups

pwck 
pwconv
grpconv

useradd, usermod, userdel
chage

vigr
vipw 

groupadd, groupmod, groupdel 
gpasswd
/etc/default/useradd
/etc/passwd
/etc/shadow
/etc/login.defs
/etc/skel
/etc/group
/etc/gshadow

/etc/bashrc
/etc/profile
/etc/profile.d
.bashrc
./bash_profile

Hoofdstuk 09 Partitioning and managing disk storage

Master Boot Record (MBR) on BIOS-based systems versus GUID Partition Tabel (GPT) on UEFI-based systems.

parted, gdisk, fdisk
partprobe
lsblk 

pvs
vgs
lvs
vgdisplay 
lvdisplay 
lvmdiskscan

pvcreate 
vgcreate
vgextend
vgreduce
vgremove

lvextend
lvresize
lvreduce
lvremove 

Hoofdstuk 10 Constructing and using filesystems and swap

Filesystem administration commands.

e2fsck
fsck.ext3
fsck.ext4
mke2fs
mkfs.xfs
resize2fs
tune2fs

Commands common to all filesystems.

blkid - Used to dermine UUID of a partition / logical volume / filesystem
mount
umount

NFS filesystems

Package nfs-utils
mount -t nfs 192.168.1.110:/aapje /aap
/etc/fstab: 192.168.1.110:/aapje /aap nfs _netdev 0 0 

AutoFS

Package autofs
Daemon automount

/etc/sysconfig/autofs
/etc/auto.master

UUID universally Unique IDentifier

Swap Space

free -h lvcreate mkswap swapon

ACL's

chacl
getfacl file1
setfacl -m user:aap:rw file1

mount options: defaults,acl

Hoofdstuk 11 Controlling Access through Firewall and SELinux

SELinux

context for subjects and objects
context contains a type or domain and a security level with subject and object information
-u user, _r role, _t domain

Domain transitioning allows a proces in one domain to enter another domain to execute an application authrized to run in that domain only, a proper rule must exist to support such a transition.

Commands

id -Z                                                      View context set on Linux user
ls -Z                                                      Determine context for files
ps -eZ                                                     Determine context on processes
seinfo -u                                                  List available SELinux users
semanage
sestatus                                                   SELinux status tool
getsebool -a                                               Show all SELinux Boolean variables
setsebool                                                  Set a boolean variable
getenforce                                                 Get the current mode of SELinux
setenforce
cp --preserve=context                                      Preserve specified attributes
sealert                                                    SELinux troubleshooter

Packages

libselinux-utils
policycoreutils
setools-console                                            contains seinfo command
setroubleshoot-server                                         Troub

Files

/etc/sestatus.conf
/etc/selinux/config                                         Controls state of SELinux (enforcing, permissive or disabled
/etc/selinux/targeted/contexts/files/file_contexts.local    custom context
/sys/fs/selinux/booleans

Hoofdstuk 12 Administering Network Interfaces and Network Clients

Hostname

Commands

arp -a
ip neighbor
hostname
hostnamectl
ifdown ifup
nmcli
nm-connection-editor
nmtui
uname 
systemctl restart systemd-hostnamed

yum install *ldap* packages
authconfig 
authconfig-gtk
system-config-authentication

Files

/etc/hosts
/etc/sysconfig/network-scripts

/etc/sssd/sssd.conf

Hoofdstuk 13 Securing access with SSH and TCP wrappers

ssh-keygen
ssh-copy-id

sftp

yum info tcp_wrappers
/etc/sshd/sshd_config
/etc/sshd/ssh_config
/etc/hosts.allow
/etc/hosts.deny
/var/log/secure

Hints

repo
kernel update
acl
ntp
autofs
ldap
swap create lvm en partitie
lv in nieuwe vg
update kernel en save vorige kernel