Servera or servera Question& Answers

1. Assign static network settings,

IPADDRESS: 172.25.250.10
NETMASK: 255.255.255.0
GATEWAY: 172.25.250.254
DNS: 172.25.250.254 ,
HOSTNAME: servera.lab.example.com

Ans:
#nmtui (Set system host name & Edit a connection then Quit)
#systemctl restart NetworkManager
#systemctl reboot

*If you want do ssh thats fine or else do task in vm console

Above Question need to done in console.
Now we need to do SSH for servera/servera. For that we need to use bellow
command

#vi /etc/ssh/sshd_config (Change from #PermitRootLogin prohibit-password

to PermitRootLogin Yes)
#esc
#:wq (Save and quit)
#systemctl restart sshd
This changes done for RHEL 9, after that we need to open terminal in
physical machine.
We have two users in physical machine
o Student User (student)
o root(redhat)
Open the Terminal
#ssh root@servera (in Exam root@servera)

2. A web server running on non standard port 82 is having issues serving

content. Debug and fix the issues.
=> The web server on your system can server all the existing HTML files
from /var/www/html (NOTE: Do not make
any changes to these files)
=> Web service should automatically start at boot time.
For this, in lab we need to install httpd, in exam no need to do this.
#yum install httpd
#systemctl start httpd (To start httpd, Must we need to start)
For this we need to do bellow steps
o Step1 - Add port in firewall – 82
o Step2 - Give selinux context
o Step3 - Open httpd conf file and check value of listen
o Step4 - Restart the service
o Step5 - Check status of service.

Ans:
o Step1 - Add port in firewall – 82
#systemctl status httpd
#firewall-cmd --permanent --add-port=82/tcp (For adding port value)
#firewall-cmd --reload
#firewall-cmd --list-ports (To check port value)

o Step2 - Give selinux context

#man semanage port |grep http (it gives exact command)
i.e semanage port –a –t http_port_t –p tcp 81
# semanage port -a -t http_port_t -p tcp 82 (Actual command to give the
Selinux context)

o Step3 - Open httpd conf file and check value of listen

# vi /etc/httpd/conf/httpd.conf (check the listen value; if it is 80 then
change to 82 otherwise left it as 82)

o Step4 - Restart the service

# systemctl restart httpd

o Step5 - Check status of service.

# systemctl enable httpd

3.Configure YUM repos with the given link (2 repos: 1st is BaseOS and 2nd
is AppStream)
Link: - http://content.example.com/rhel9.0/x86_64/dvd/AppStream
Link: - http://content.example.com/rhel9.0/x86_64/dvd/BaseOS

Ans :
#cd /etc/yum.repos.d (Default directory which stores all the repo files)
#vi file.repo (Need to create a repo file inside the yum.repos.d)
[BaseOS] (repo ID must be in [ ], Name it anything)
name=BaseOS
gpgcheck=0
enabled=1
baseurl=http://content.example.com/rhel9.0/x86_64/dvd/BaseOS

[AppStream]
name=AppStream
gpgcheck=0
enabled=1
baseurl=http://content.example.com/rhel9.0/x86_64/dvd/AppStream
:wq
# yum clean all
# yum repolist
#yum install autofs (For checking package working or not)
#cd (Come out from the directory)

4.Create the following users, groups and group memberships:

Create a group named sysadmin.
A user saara who belongs to sysadmin as a secondary group.
A user natasha who also belongs to sysadmin as a secondary group.
A user harry who does not have access to an interactive shell on the
system, and who is not a member of sysadmin.
saara, natasha and harry should all have the password of avaster.

Ans:
# groupadd sysadmin
# useradd saara
# useradd natasha
# gpasswd -M saara,natasha sysadmin (For add both the users inside the
group)
# useradd -s /sbin/nologin harry (if we use –s /sbin/nologin the user in
bash)
#echo avaster |passwd --stdin saara (Assigning password for user – (We
can use passwd but we cannot
see password what we type))
#echo avaster |passwd --stdin natasha
#echo avaster |passwd --stdin harry

5. Create a collaborative directory /shared/sysadmin with the following

characteristics:
Group ownership of /shared/sysadmin is sysadmin.
The directory should be readable, writable and accessible to members of
sysadmin, but not to any other user.
(It is understood that root has access to all files and directories on
the system).
Files created in /shared/sysadmin automatically have group ownership set
to the sysadmin group.

Ans:
#mkdir -p /shared/sysadmin

#chgrp sysadmin /shared/sysadmin/ (For changing group owner from root to

sysadmin)
#chmod 2770 /shared/sysadmin (r=4, w=2, x=1, Total = 7 and SGID = 2. So
it came 2770)

6. The user saara must be configure a cron job that runs daily 5:30 PM
local time executes logger "EX200 in progress"
Or
Set the cron job for the user “saara” that should runs daily every 1
minute local time executes “Ex200 is progress”
with echo.

Ans :

#crontab -eu saara (it will open crontab editer tab related to saara)
30 17 * * * /usr/bin/logger "EX200 in progress" (Using “cat /etc/crontab”
command shows order of time & Date)
(For Full path of logger file use “which logger” command)
:wq (For checking use “crontab –lu saara” command)
Or
#crontab -eu saara
*/1 * * * * /usr/bin/echo "EX200 in progress" (For Full path of echo file
use “which echo” command)
:wq

8. Create a user deal with user id 2015 and assign the password Redhat.
Ans

#useradd -u 2015 deal (For adding user and user id we use -u after
useradd command)
(For checking id details use “id deal” command)
#echo Redhat |passwd --stdin deal

9. Configure your system so that it is an NTP client of

classroom.example.com.

Ans
# vi /etc/chrony.conf
#put # in all the server and write
server classroom.example.com iburst
#systemctl enable chronyd
#systemctl restart chronyd.service (For checking use “chronyc sources”
command)

10.a. Search the files with extension .pl and copy the files to directory
/root/pl.found.
b. Search student user files and copy the files to directory
/root/student.found. (Most come this Question)

Ans:
# mkdir /root/pl.found
# find / -type f -name *.pl -exec cp {} /root/pl.found \; (here we are
copy files from root to root)
(or)
# mkdir /root/student.found
# find / -type f -user student -exec cp -rvfp {} /root/student.found \;
(Here we are copy from student to root
user so this case need to use –rvfp)

11.Search the keyword “sa” in /usr/share/dict/words file and store the

lines in /root/sa.found.

Ans:
# grep sa /usr/share/dict/words |sort > /root/sa.found

12.a.Backup /etc directory to /root/etc.tar.gz and compress it by gzip

b.Backup /etc directory to /root/etc.tar.bz2 and compress it by bzip2
(Most come this Question)
c.Backup /etc directory to /root/etc.tar.xz and compress it by xz

Ans.
a. #tar -czvf /root/etc.tar.gz /etc (For gzip we use ‘czvf’)(First
destination and then source)
b. #tar -cjvf /root/etc.tar.bz2 /etc (For bzip2 we use ‘cjvf’)
c. #tar -cJvf /root/etc.tar.xz /etc (For xz we use ‘cJvf’)
13. Configure autofs to automount the home directories of LDAP users.
Note the following:

a.classroom.example.com NFS-exports /home/guests to your system

b.remoteuser1 home directory is,
classroom.example.com:/home/guests/remoteuser1
c.remoteuser1’s home directory should be auto mounted locally beneath
/home as /home/guests/remoteuser1.
d.home directories must be writable by their users.

Ans:
#yum install autofs
# systemctl start autofs
#systemctl enable autofs
#vi /etc/auto.master (‘Shift+g’ will go to end of the line)

/home/guests /etc/auto.misc (They give mount root, put what is having in

before remoteuser1 path)
:wq

#vi /etc/auto.misc
remoteuser1 -rw,sync classroom.example.com:/home/guests/remoteuser1
:wq

# systemctl restart autofs

# systemctl enable autofs (To check in exam “su -remoteuser1” then “df –
Th” then logout.)

14. When we will create any users in servera the password of that
particular user should expire in 20days.

Ans:
#vi /etc/login.defs
PASS_MAX_DAYS 20
:wq (To check add one user and put “chage -l user” )
15. write a script named adhoc.sh under /root which will search less than
2M files from /var and store it in
/root/backup and also set the permission of set user identifier (SUID)

{OR} Make a Simple script - Create myscript file to locate all files of
10MB lower and also set the permission of set
group identifier (SGID) and list of all file will save in /root/script.
Copy script file into /usr/local/bin. Make sure run script any location.

Ans:
#vi adhoc.sh
#!/bin/bash
find /var -type f -size -2M -exec cp -v {} /root/backup \;
:wq!
#chmod +x adhoc.sh
#chmod u+s adhoc.sh
#./adhoc.sh

{OR}
Ans. #mkdir /root/script
#vi myscript
#!/bin/bash
find / -type f -size -10M -exec cp {} /root/script \;
:wq!
#chmod g+s /root/script
#chmod +x myscript
#./myscript
# cp myscript /usr/local/bin
{OR}

(OR)Configure the application EX200 as an Pendora user, When login it

will show the message
"Welcome to Cyberphoton!!!"

Ans: su - Pendora
vi .bash_profile
EX200="Welcome to Cyberphoton!!!"
echo $EX200
wq!
exit
su - Pendora [for checking]

16.Give the sudo permission to group1.

Ans:
vi /etc/sudoers
%group1 ALL=(ALL) NOPASSWD:ALL
:wq!

17.When the existing user joe will create the file the permission should
come as rw------- and when create the
directory it should come as rwx------

Ans:

#su – joe (For practicing need to add joe user)

#vi .bashrc
umask 077 (write it in last line)
:wq!
#umask 077 (execute in terminal)

18.Create a Container for alth user

Use this link http://domain.exam.com/rhel9/Containerfile build image
named monitor
Do not change anything in Containerfie

Ans:
#ssh alth@servera (if alth password won’t give in question try to put
same password as root)
#wget http://domain.exam.com/rhel9/Containerfile
#loginctl enable-linger alth
#podman build -t monitor . (After name we need to put space then dot)
#podman images

19. Create a rootless container :-

1. Create a Container name asciipdf

2. Use monitor image for asciipdf which you previously created
3. Create a systemd services name container-asciipdf for alth user only
4. Service will automatically started accross reboot do no any manual
intervention.
5. Local host Directory /opt/files attach to Container directory
/opt/incoming.
6. Local host Directory /opt/processed attach to container host directory
/opt/outgoing
7. If the service work properly, you place any plain text file in
/opt/file , then file automatically converts in pdf and
also place into /opt/outprocess
Ans:
[root@servera]# loginctl enable-linger alth
[root@servera]# mkdir /opt/files
[root@servera]# mkdir /opt/processed
[root@servera]# chown alth:alth /opt/files
[root@servera]# chown alth:alth /opt/processed
*** we must connect to server through ssh to alth****
[root@servera]# ssh alth@servera
[alth@servera]$ podman run -d --name asciipdf -v
/opt/files:/opt/incoming:Z -v /opt/processed:/opt/outgoing:Z
localhost/monitor (podman images will give the path of the
image)
[alth@servera]$ mkdir –p ~/.config/systemd/user
[alth@servera]$ cd ~/.config/systemd/user
[alth@servera]$ podman generate systemd --name asciipdf –files –new
[alth@servera]$podman stop asciipdf
[alth@servera]$podman rm asciipdf
[alth@servera]$ systemctl --user daemon-reload
[alth@servera]$ systemctl --user enable container-asciipdf
[alth@servera]$ systemctl --user start container-asciipdf
[alth@servera]$ systemctl --user status container-asciipdf
[alth@servera]$ exit
[root@servera]# touch /opt/files/test (check and verify that file is
converted or not)
Verification steps: - [[email protected]]# reboot
[desktop@desktop]$ssh alth@servera
[alth@servera]$ systemctl --user status container-asciipdf

Serverb or node2 Question& Answers

1. In serverb.lab.example.com to assign a new password called "getroot".

Ans:
lab start boot-resetting (in student user workstation machine need to
execute this command while practicing only)
Reboot the system.
Interrupt the boot-loader countdown by pressing any key, except Enter.
Move the cursor to the rescue kernel entry to boot (the one with the word
rescue in its name).
Press e to edit the selected entry.
Move the cursor to the kernel command line (the line that starts with
linux).
Append rd.break. With that option, the system breaks just before the
system hands control from the initramfs to
the actual system.

Press Ctrl+x to boot with the changes.

Press Enter to perform maintenance when prompted.
To reset the root password from this point, use the following procedure:
1. sh-5.1# mount -o remount,rw /sysroot
2. sh-5.1# chroot /sysroot
3. sh-5.1# echo getroot |passwd --stdin root
4. sh-5.1# touch /.autorelabel
5.exit
6.exit

2.Configure YUM repos with the given link (2 repos: 1st is BaseOS and 2nd
is AppStream)
Link: - http://content.example.com/rhel9.0/x86_64/dvd/AppStream
Link: - http://content.example.com/rhel9.0/x86_64/dvd/BaseOS
Ans:
#cd /etc/yum.repos.d (Default directory which stores all the repo files)
#vi file.repo [the extension .repo is must]
[BaseOS] (repo ID must be in [ ], Name it anything)
name=BaseOS
gpgcheck=0
enabled=1
baseurl=http://content.example.com/rhel9.0/x86_64/dvd/BaseOS

[AppStream]
name=AppStream
gpgcheck=0
enabled=1
baseurl=http://content.example.com/rhel9.0/x86_64/dvd/AppStream
:wq

# yum clean all

# yum repolist

3.Create a Logical volume fedora with 30 extents from a volume group

redhat of 8MB extent size. Mount it under
/mnt/fedora with ext4 file system persistently.

Ans:
#fdisk /dev/vdb (n for new partition, then primary, leave it primary
sector and last sector need to
add volume 30x8 = 240MB we need to add 100MB more then it will 340MB)
Last sector: +340M (Next change the partition type from Linux to
linuxlvm. t for partition type. Take
default partition code)
Hex code or alias (type L to list all): L (Type L and check hex code for
lvm and then enter that value)
Hex code or alias (type L to list all): 8E
w
#pvcreate /dev/vdb2
#vgcreate -s 8M redhat /dev/vdb2
#lvcreate -l 30 -n fedora redhat (small l)

#mkdir /mnt/fedora
#mkfs.ext4 /dev/redhat/fedora
#vi /etc/fstab (go to end and write bellow command)
/dev/redhat/fedora /mnt/fedora ext4 defaults 0 0
:wq

#mount –a (df -Th [to check])

4.Resize the logical Volume named myvol to 100MB. (NOTE: Size in between
90MB to 110MB is acceptable)

Ans:
#lvdisplay |grep myvol (to get the lv path we use this command)
#lvresize -r -L 100M /dev/vg/myvol (For checking use “lvdisplay” command)

5.Add SWAP Space with 512 MB.

Ans:
#fdisk /dev/vdb
press n
enter-->enter-->type +512M enter
select t for giving type to swap id is=19
w
#partprobe
#mkswap /dev/vdb3
after completing swap partition update /etc/fstab
# vi /etc/fstab
/dev/vdb3 swap swap defaults 0 0
:wq
#swapon –a (#free -h [To check])

6.Configure tuned and change the tuned profile based on system

performance.

Ans:
# tuned-adm active (it will show active profile)
# tuned-adm recommend (it will show recommend profile)
# tuned-adm profile <give-recommended-profile-name-here> (To Check use
“tuned-adm active” command)