RHCSA Exam Questions and Answer
Node-1
1. Networking
Modify the network connections Ip Address of node1 IP address: 172.25.250.10 netmask 255.255.255.0 Gateway: 172.25.250.254 DNS 172.25.250.220 Hostname: utility.net16.example.com
Modify the network connections Ip Address of node1 IP address: 172.25.250.10 netmask 255.255.255.0 Gateway: 172.25.250.254 DNS 172.25.250.220 Hostname: utility.net16.example.com
nmcli connection add con-name llc ifname eth0 type ethernet \ ipv4.addresses 172.25.250.10/24 \ ipv4.gateway 172.25.250.254 ipv4.dns 172.25.250.220 \ ipv4.method manual nmcli connection up nmcli connection modify System eth0 connection.autoconnect no nmcli connection show reboot ip addr show hostnamectl set-hostname utility.net16.example.com hostnamectl verify
2. Repository Creation
Configure AppStream and BaseOS local repositories.
Configure AppStream and BaseOS local repositories.
cd /etc/yum.repos.d/ vim red.repo # [repoid1] # name = appstream # enabled = 1 # gpgcheck = 0 # baseurl = http://content.example.com/rhel9.3/x86_64/dvd/AppStream # [repoid2] # name = baseOS # enabled = 1 # gpgcheck = 0 # baseurl = http://content.example.com/rhel9.3/x86_64/dvd/BaseOS :wq! dnf clean all dnf repolist all
3. Users and Groups Permission
Create stoogs group, add natasha and curly (stoogs as secondary for curly), larry has no shell/no stoogs. All user passwords: ranguski.
Create stoogs group, add natasha and curly (stoogs as secondary for curly), larry has no shell/no stoogs. All user passwords: ranguski.
groupadd stoogs useradd -G stoogs natasha useradd -G stoogs curly useradd -s /sbin/nologin larry passwd natasha passwd curly passwd larry
4. Directory Creation
Create /home/manager (group stoogs), set permissions (rwx for group), set SGID bit.
Create /home/manager (group stoogs), set permissions (rwx for group), set SGID bit.
mkdir -p /home/manager chgrp stoogs /home/manager/ chmod 770 /home/manager/ chmod g+s /home/manager/
5. Cron Jobs
Natasha: cron job 14:23 daily, echo "redhat rhcsa"; Deny larry cron.
Natasha: cron job 14:23 daily, echo "redhat rhcsa"; Deny larry cron.
dnf install cronie -y systemctl enable crond systemctl start crond su – natasha crontab -e # 23 14 * * * /bin/echo "redhat rhcsa" logout vim /etc/cron.deny # add "larry"
6. NTP
chrony client, sync to utility.net16.example.com
chrony client, sync to utility.net16.example.com
dnf install chrony -y systemctl enable chronyd systemctl start chronyd vim /etc/chrony.conf # server utility.net16.example.com iburst systemctl restart chronyd timedatectl chronyc sources -v
7. Archiving
Compress /etc/ folder using gzip, save under /opt
Compress /etc/ folder using gzip, save under /opt
cd /opt tar -czf etc.tar.gz /etc ls
8. Add User
Create user dax with UID 4112
Create user dax with UID 4112
useradd -u 4112 dax
9. Locate User Files
Find all files by user natasha, copy to /root/found
Find all files by user natasha, copy to /root/found
mkdir /root/found
find / -user natasha -exec cp -rp {} /root/found \;
10. Search for Word
Find lines with "enter" from /usr/share/dict/words, copy to /root/word.found
Find lines with "enter" from /usr/share/dict/words, copy to /root/word.found
grep "enter" /usr/share/dict/words >> /root/word.found cat /root/word.found
11. NFS Automounting
Automount /ruser/remoteuser16 from utility.net16.example.com
Automount /ruser/remoteuser16 from utility.net16.example.com
dnf install autofs systemctl --now enable autofs vim /etc/auto.master.d/demo.autofs # /ruser /etc/auto.nfs vim /etc/auto.nfs # remoteuser16 -fstype=nfs,rw,sync utility.net16.example.com:/ruser/remoteuser16 systemctl restart autofs.service
12. SELinux Port Labelling
Allow http on port 83/tcp and enable service.
Allow http on port 83/tcp and enable service.
dnf install httpd systemctl enable --now httpd vim /etc/httpd/conf/httpd.conf # Listen 83 semanage port -a -t http_port_t -p tcp 83 systemctl restart httpd firewall-cmd –add-port=83/tcp --permanent firewall-cmd --reload curl http://hostname:83/
13. Persistent Storage Container
Create container-asci2pdf.service for wallah, volumes /opt/files and /opt/processed
Create container-asci2pdf.service for wallah, volumes /opt/files and /opt/processed
mkdir /opt/files /opt/processed chmod 777 /opt/files /opt/processed chown wallah:wallah /opt/files /opt/processed su - wallah podman login registry.lab.example.com podman pull registry.lab.example.com/rhel9/moniter podman run –name ascii2pdf -v /opt/files:/opt/incoming:Z -v /opt/processed:/opt/outgoing:Z monitor podman generate systemd --name ascii2pdf --files --new systemctl --user daemon-reload systemctl --user enable --now container-ascii2pdf
14. Umask for Denver
Denver gets read-only permission (umask 333)
Denver gets read-only permission (umask 333)
id denver || useradd denver su - denver vim ~/.bash_profile # Add: umask 333 source ~/.bash_profile umask logout
15. Scripting for Harry
Create script only for user harry, displays "RHCSA EXAM EX200"
Create script only for user harry, displays "RHCSA EXAM EX200"
id harry || useradd harry su – harry mkdir ~/bin cd ~/bin echo 'echo "RHCSA EXAM EX200"' > sample-llc chmod +x ~/bin/sample-llc ./sample-llc
16. Scripting, Only Group Reva
Script /mnt/result.sh, group Reva only, displays result
Script /mnt/result.sh, group Reva only, displays result
vim /mnt/result.sh # echo "I am very happy with EX200 result" chmod g+x /mnt/result.sh chgrp Reva /mnt/result.sh ls -l /mnt/result.sh
17. Sudo Permission
Group elite gets passwordless sudo
Group elite gets passwordless sudo
groupadd elite # If not existing visudo # Add: %elite ALL=(ALL) NOPASSWD: ALL
18. Password Policy
Password expires for new users after 20 days
Password expires for new users after 20 days
vim /etc/login.defs # PASS_MAX_DAYS = 20 chage -l <username>
Node-2
1. Break Root Password
Set root password to ratencot
Set root password to ratencot
reboot # At GRUB boot, select rescue kernel, press 'e' # Find 'linux' line, add: rd.break (remove console=... if present) # Ctrl + x mount -o remount,rw /sysroot chroot /sysroot passwd root # set: ratencot touch /.autorelabel exit exit
2. Repository Creation
(AppStream and BaseOS - same as Node-1, Q2; see above)
(AppStream and BaseOS - same as Node-1, Q2; see above)
(Refer to Node-1, Question 2)
3. Resizing LVM
LVM 'slab' (160M) from 'marvel' (PE 8M), mount /mnt/slab (xfs), then resize to 320M
LVM 'slab' (160M) from 'marvel' (PE 8M), mount /mnt/slab (xfs), then resize to 320M
parted /dev/vdb mklabel gpt parted /dev/vdb mkpart primary 1M 340M set 1 lvm on pvcreate /dev/vdb1 vgcreate -s 8M marvel /dev/vdb1 lvcreate -n slab -L 160M marvel mkfs.xfs /dev/marvel/slab mkdir -p /mnt/slab echo '/dev/marvel/slab /mnt/slab xfs defaults 0 0' >> /etc/fstab mount -a lvextend -r -L 320M /dev/marvel/slab lvdisplay
4. LVM
LVM 'store' using 36PEs (20MB) from 'data', mount /mnt/store, fs ext4
LVM 'store' using 36PEs (20MB) from 'data', mount /mnt/store, fs ext4
parted /dev/vdb mkpart primary 340M 1150M pvcreate /dev/vdb2 vgcreate -s 20M data /dev/vdb2 lvcreate -n store -l 36 data mkfs.ext4 /dev/data/store mkdir /mnt/store echo '/dev/data/store /mnt/store ext4 defaults 0 0' >> /etc/fstab mount -a df -Th
5. Tuning Performance
Set tuning profile to recommended
Set tuning profile to recommended
dnf install tuned systemctl enable --now tuned tuned-adm recommend tuned-adm profile <recommended_profile_name> tuned-adm active
6. Create Swap Partition
Create & persist 512MB swap
Create & persist 512MB swap
parted /dev/vdb mkpart primary 1150M 1690M mkswap /dev/vdb3 echo '/dev/vdb3 swap swap defaults 0 0' >> /etc/fstab swapon -a free -h
7. Scripting by Filter
Find files/dirs <10M, with setgid, copy to /root/backup
Find files/dirs <10M, with setgid, copy to /root/backup
vim script.sh
#!/bin/bash
find / -size -10M -perm -2000 -exec cp -r {} /root/backup \;
chmod +x script.sh
./script.sh
8. Scripting by Size
Find files/dirs >30M and <50M, setgid, copy to /root/backup
Find files/dirs >30M and <50M, setgid, copy to /root/backup
vim script.sh
#!/bin/bash
find / -size +30M -size -50M -perm -2000 -exec cp -rp {} /root/backup \;
chmod +x script.sh
./script.sh
Tags:
Rhcsa
