-

C h a pter 1 6. C o m p re h e n s ive Review

-

Sol ution
-
I n t h i s l a b , you w i l l practice a n d d e m o n st rate your k n o w l e d g e a n d s k i l ls.

Outcomes:
-
C o m p l ete t h e fo l l ow i n g tasks and s u ccessf u l l y g ra d e the serverX system wi th lab sal - r eview
g r ad e as user root on serverX.
-
Before you begin ...
Reset t h e serverX m a c h i ne.

-
Run t h e lab sal - r eview s e t u p a s u s e r root o n s e rverX.

1. U s e B a s h c o m m a n d s to c o m p l ete t h e fol l o w i n g t a s ks o n the se rve rX m a c h i n e :

-

• D i s p l ay t h e first 1 2 l i nes of t h e / u s r/bin/c lean - binary - files f i l e a n d s e n d t h e

o u t p u t to t h e /home / s t u d e n t / head t ail . t x t f i l e.
-
• D i s p l a y t h e l a st n i n e l i n e s of t h e / u s r / bin/clean - binary - files f i l e a n d a d d t h e
output to t h e / home/ s t ud e n t / headt ail . t x t f i l e.
-
1 .1 . D i s p l a y t h e f i rst 1 2 l i nes o f t h e / u s r/bin/c lean - binary - files f i l e a n d s e n d t h e
co m m a n d o u t p u t to t h e / home/s t u d e n t /headt ail . t x t f i l e.

[student@serverX
-
! - ] $ head - n 12 / u s r / bin/clean - binary - files >/home/ s t u d e n t /
! headt ail . txt

1.2. D i s p l ay t h e l a st n i n e l i nes of the / u s r /bin/clean - binary - files file and add the

I [student@serverX
co m m a n d output to the /home / s t u d e n t /head t ail . t x t f i l e .
-

- ] $ t ail - n 9 /us r/bin/clean - binary - files >>/home/ s t u d e n t /

i headt ail . txt
-

2. Te n new L i n u x syst e m s req u i re c h a n g e doc u m e nt a t i o n fi l es. C a r ry out t h e fo l l ow i n g t a s ks o n

serverX to c reate t h e m :
-

• C reate the em pty f i l e s with the f i l e name sys t em_c h an g e s - mac h in eY - mon t h_Z . txt
i n the / home / s t u d e n t d i rectory o n the se rve r X m a c h i n e a s user st u d e n t . R e p l a c e Y w i t h
t h e m a c h i n e n u m be r a n d re p l ace z with t h e m o n t h s jan, feb, a n d mar.

• C reate t h e /home/ s t u d e n t /syschanges d i rectory w i t h t h e s u b d i rectories j an, feb,

and mar.

• Sort all newly created fi l es by m o n t h i nto t h e corres p o n d i n g s u b d i recto ry.

-

• Remove a l l newly c reated f i l es related to m a c h i n e 9 a n d 1 0, because t h e h a rd wa re h a s

been re p l aced p e r m a n e nt l y.
-
2 .1 . C reate a tota l of 30 f i l es w i t h n a mes syst em_chan g e s - machine Y- mon t h_Z . t x t .
Re p l a ce Y w i t h t h e m a c h i n e n u m be r a n d re p l a ce Z w i t h t h e m o n t h s jan, feb, a n d mar.

[student@serverx
-

- ] $ t o u c h -student/system_changes - machine { 1 . . 10} ­

mont h_{ j an , feb , ma r } . tx t
-

412 R H1 24- R H E L7-en-1-20140606 -

-

Solution
-

2.2. C reate t h e /home/ s t u d e n t /syschanges d i rectory with t h e s u b d i rectories j an, feb,

and mar.
-

j [student@serverx -]$ m k d i r - p /home/student/syschange s / { j an , feb , mar}

2.3. S o rt a l l n e w l y c reated f i l es by m o n t h i nto t h e corres p o n d i n g s u b d i recto ry.

-
[ student@serverx -]$ mv an . /home/ s t udent/

[student@serverX -]$
syschanges/j an/

j'
mv -student/system_changes - machin e * feb . txt /home/ st ud e nt /
-
[student@serverX -]$ l
syschanges/feb/
mv - s t u d e n t / system_change s - mac hine *mar . txt /home/student/
syschanges/mar/
1
-

2.4. R e m ove a l l n e w l y created f i l es re l ated to m a c h i n e 9 a n d 1 0.

- [student@serverx -]$ rm - f /home / s t udent/syschanges/ * /sys t em_change s ­

machine{ 9 , 10} * . txt

-
3. Use the man pages to research how to t u r n off t h e use of c o l o rs in the output. Put the
re l eva nt opt i o n of the ls co m m a n d i nto the text f i l e / home/ s t u d e n t /lscolo r . t x t on
serverX.
-

3.1 . Look u p t h e re l eva nt o pt i o n i n the ls(1) m a n page to dete r m i n e how to p reve nt I s from
p rovi d i n g co l o rfu l output. W h a t i s the correct option?
-

[student@serverX -]$ man ls

-
ls uses - - colo r =neve r to t u r n off co l o rs i n t h e c o m m a n d o u t p ut.

3.2. C reate t h e text file /home / s t u d e n t /lscolo r . txt with the ls option to turn off
c o l o rfu l output.

- [ student@serverX -]$ e c h o " - - color=neve r " >/home/st u d e n t /lscolo r . txt

4. Copy the f i l e /home / s t u d e n t /vimfile . txt to /home/ s t u d e n t /longlis t ing . t x t

o n serverX. U s e t h e vim e d i t o r to c h a n g e t h e /home/ s t u d e n t / lon glis t i n g . txt f i l e
accord i n g to t h e fo l l ow i n g req u i re m e nts:

- • R e m ove the file owner co l u m n . Do n ot re m ove a ny spaces.

• R e m ove the Docume n t s and P ic t u r e s rows.

-
• Save the f i l e w h e n done with e d it i n g .

4.1 . C o p y t h e f i l e / home / s t u d e n t /vimfile . t x t t o

-
/ home/ s t u d e n t /longli s t in g . t x t .

-
[ student@serverx -]$ cp /home/student/vimfile . txt /home / s t udent /longlistin g . t x t

- R H 1 24- R H E L 7 - e n -1 -20140606 41 3
 -

C h a pter 1 6. Co m p re h e n s ive Review

-

4.2. Edit the f i l e u s i n g V i m , to take a d va n t a g e of visual mode.

I [ student@serverx - ] $ vim / home/s t u d e n t /longlisting . t xt -

4.3. R e m ove t h e owner c o l u m n from t h e f i l e. -

U s e t h e a r row keys to pos i t i o n t h e c u rs o r at t h e fi rst c h a ra cter of t h e g ro u p owner

co l u m n . Enter visual mode w i t h C t r l - v. U s e t h e a r row keys to p o s i t i o n t h e c u rsor at -

t h e l a st c h a racter a n d row of t h e g ro u p o w n e r co l u m n . D e l ete t h e s e l ec t i o n with x.

4.4. R e m ove t h e Docume n t s and Pic t u r e s rows. Th i s t i m e, enter v i s u a l m o d e with an -

u p p e rcase v, which a utomatica l ly s e l ects f u l l l i nes.

U s e the a r row keys to pos i t i o n the c u rsor at a ny c h a racter on the Docume n t s row.
E n t e r v i s u a l m o d e with a n u p p e rcase v. T h e fu l l l i n e is s e l ected, a s s h o w n i n t h e screen
s h ot. D e l ete t h e s e l ection w i t h x. Repeat for t h e Pic t u re s row.
-
4.5. S a ve t h e f i l e a n d exit the editor.

Press t h e "esc" key a n d enter ":wq " to w rite t h e f i l e a n d exit vim.

-

5. C h a n g e confi g u ra t i o n a n d add new u s e rs a n d a new g ro u p accord i n g to t h e fo l l o w i n g

req u i re m e n t s :
-

• C h a n g e t h e defa u lt system sett i n g s for n ew l y c reated users to e n s u re t h e i r passwords a re

c h a n g e d at l e a st every 60 d a ys.
-

• Create a new g ro u p n a med ins t r u c t o r s with a G I D of 30000.

Create t h ree new users : go rwell, r br a d b u ry, a n d dadams, with a pa sswo rd of f i r s t pw.
-
•

• Add t h e new u s e rs to t h e s u p p l e m entary g r o u p inst r u c t o r s . T h e p r i m a ry g r o u p shou l d

re m a i n a s t h e u s e r private g ro u p.
-

• Set t h e t h ree n e w l y c reated accou nts to ex p i re 60 days from today.

• C h a n g e t h e pa ssword p o l icy for t h e go rwell a ccount to req u i re a n e w password every 1 0 -

days.

• Fo rce a l l t h ree newly c reated u sers to c h a n g e their pa ssword o n fi rst l o g i n . -

5.1. C h a n g e t h e d e fa u lt syste m sett i n g s fo r n e w l y c reated users t o e n s u re t h e i r pa sswords

a re c h a n g e d a t l east every 60 d ays. -

[student@serverx - ] $
[ student@serverx - ] $
sudo vim /etc/login . defs

. . . Output omitted . . .
cat /etc/login . defs -

PASS_MAX_DAYS 60
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
-

. . . Output omitted . . .
-

5.2. C reate a new g ro u p n a m e d i ns t r u ctors w i t h a G I D of 30000.

414 R H 1 24- R H E L 7-en-1-20140606 -

-
-

S o l ut i o n
-

[student@serverX -]$
[student@serverX -]$
sudo g roupadd - g 30000 i n s t r uc t o r s

stapdev : x : 158 :
t ail - 5 /etc/group

pesign : x : 989 :
-

tcpdump : x : 72 :
slocate : x : 21 :
instructors : x : 30000 :
-

5 . 3 . C reate t h re e n e w u se rs: go rwell, r b radbu ry, a n d dadams, wi th a password of

f i r s t pw a n d a d d t h e m to t h e s u p p l e m e ntary g ro u p inst r u c t o r s. T h e p ri m a ry g ro u p
s h o u l d re m a i n a s t h e u s e r private g ro u p.
-

[student@serverx -]$ sudo user add - G ins t r u c t o r s go rwell

[ student@serverX -]$ sudo useradd - G i n s t r u c t o r s rbradbury
[student@serverX -]$ sudo user add - G i n s t r u c t o r s dadams
[ student@serverX -]$ t ail -5 /etc/group
-

slocate : x : 21 :
instructors : x : 30000 : gorwell, rbradbury, dadams
gorwell : x : 1001 :
rbradbury : x : 1002 :
-

dadams : x : 1003 :
[student@serverX -]$ sudo pas swd go rwell
Changing password for user gorwell .
-

New password : fi r s t pw
BAD PASSWORD : The password is shorter than 8 characters
Retype new password : firstpw
passwd : all authentication tokens updated successfully .
-

[student@serverx -]$ sudo pas swd r b radbu ry

-
[student@serverX -]$ sudo pas swd dadams
5.4. Dete r m i n e t h e date 60 d a ys i n t h e fut u re a n d set e a c h of t h e t h ree new u s e r acco u nts
- to expire o n that date.

[student@serverX -]$ d a t e - d "+60 day s "

Mon April 5 11 : 49 : 24 EDT 2014
[student@serverx -]$ sudo chage - E 2014 - 04 - 05
[student@serverX -]$ sudo chage - E 2014 - 04 - 05
go rwell

[ student@serverX -]$ sudo chage - E 2014 - 04 - 05

r b radbury
-
dad ams

5.5. C h a n g e t h e pa ssword p o l icy for t h e go rwell acco u nt to req u i re a new password every
- 1 0 days.

[student@serverX -]$ sudo chage -M 10 go rwell

[student@serverX -]$ c hage go rwell
Last password change Feb 04, 2014
-
-

Password expires Feb 14, 2014

Password inactive never
j Minimum number of days between password change
-
Account expires April 05, 2014
0
I Maximum number of days between password change 10
·

-
J Number of days of warning before password expires 7

I [ student@serverX -]$
5.6. Fo rce a l l t h re e n e w l y c reated users to c h a n g e t h e i r pa ssword on f i rst l o g i n .
-

sudo c hage - d 0 go rwell

- R H 1 24- R H E L7-en-1-20140606 41 5
 -

C h a pter 16. C o m p re h e n s ive Review

[student@serverX
·

[student@serverX
- ] $ sudo c h a g e - d a r b radb u r y
- ] $ sudo chage - d a dadams

6. C reate t h e s h a red d i rectory / h ome/inst r u c t o r s on serverX accord i n g to t h e fo l l o w i n g

req u i re m e nts:
-

• The d i rectory i s owned by u s e r root a n d g ro u p i n st r u ctors.

• Set permissions o n the /home/in s t r u c t o r s d i rectory so it h a s the G I D bit set o n the

d i recto ry, the owner and g r o u p have f u l l rea d/w rite/execute p e r m is s i o n s , and ot h e r us ers
have read p e r m i s s i o n to t h e d i recto ry.
-

6.1. O p e n a term i n a l w i n dow a n d become root on serverX.

-]$ su - -

[ root@serverx
redhat
-]#
-

6.2. C reate t h e / home/ins t r uc t o r s d i recto ry.

[ root@serverX - ] # mkdir /home/in s t r u c t o r s

-

6.3. C h a n g e g ro u p p e r m i s s i o n s o n the /home/in s t r u c t o r s d i rectory so it b e l o n g s to t h e

g ro u p i n st r u ctors.

I [ root@serverX - ] # c hown : in s t r u c t o r s /home/in s t r u c t o r s -

6.4. Set p e r m i s s i o n s o n the / home/in s t r u c t o r s d i rectory so it is a set G I D bit d i rectory

-
(2), t h e owner (7 ) and g ro u p (7) h ave fu l l read/write/execute p e r m i s s i o n s , and o t h e r

�
users h a v e r e a d p e r m i s s i o n ( 4 ) to t h e d i recto ry.

[ root@serverX - ] # chmod 2774 / h me/in s t r u c t o r s

6.5. Check t h a t the p e r m i s s i o n s were set p ro p e r l y. -

[ root@serverX - ] # ls - ld /home/ins t r u c t o r s
drwxrwsr- - . 2 root instructors 1024 Dec 9 1 : 38 /home/instructors
7. Dete r m i n e t h e process u s i n g t h e m ost C P U resou rces o n s e rverX a n d t e r m i nate it.

7.1 . I n a ter m i n a l w i n d ow, r u n t h e to p u t i l ity. S i z e t h e w i n d ow as ta l l as poss i b l e. To p s o rts a l l

p rocesses b y C P U u t i l izat i o n . The c p u h o g p rocess i s t h e o n e w i t h t h e h i g hest C P U u s a g e.
-

[ root@serverX - ] # top
top 12 : 47 : 46 up 2 : 02, 3 users, load average : 1 . 67, 1 . 25, 0 . 73
Tasks : 361 total, 6 running, 355 sleeping, 0 stopped, 0 zombie
-

%Cpu ( s ) : 98 . 5 us, 1 . 4 sy, 0 . 0 ni, 0 . 0 id , 0 . 0 wa, 0 . 0 hi, 0 . 1 si, 0 . 0 st

KiB Mem : 2043424 total, 897112 used, 1146312 free, 1740 buffers
KiB Swap : 4079612 total, 0 used , 4079612 free . 296276 cached Me -

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND

4019 root 20 0 4156 76 0 R 57 . 5 0 . 0 2 : 54 . 15 cpuhog

41 6 R H 1 24- R H E L7 - e n -1-20140606 -

-
-

Solution

2492 student 20 0 1359500 168420 37492 s 16 . 8 8 . 2 3 : 55 . 58 gnome-shell

-

1938 root 20 0 189648 35972 7568 R 1 . 9 1 . 8 0 : 29 . 66 Xorg

- 2761 student 20 0 620192 19688 12296 s 0 . 4 1 . 0 0 : 04 . 48 gnome-termi+
o u tpu t t runca ted

- 7.2 . Exit the top d i s p l ay.

Press q to q u it.
-
7.3. Te r m i n ate t h e c p u hog process u s i n g the com m a n d l i ne. Confirm t h at t h e p rocesses no

I [ root@serverx -]#
l o n g e r d i s p l ay i n top.
-

pkill cpuhog

-
8. Stop the c u r re n t l y r u n n i n g cups p r i n t i n g s e rvice o n serverX. The s e rvice s h o u l d not get
a utomatica l l y sta rted on syste m boot.

- 8.1 . Stop the cups service.

[ student@serverX -]$
[student@serverx -]$
sudo systemc t l stop cups
- sudo syst emc t l s t a t u s c u p s

-
8.2. Confi g u re t h e c u p s service so that it does n ot sta rt a t system boot.

I [student@serverX -]$
[student@serverx -]$
sudo syst emc t l disable c u p s
-
sudo s y s t e m c t l s t a t u s cups

9. Confi g u re the s s h s e rvice o n serverX accord i n g to the fo l l o w i n g req u i re m e nts:

-

• User student o n s e rve r X ca n l o g i n with a S S H p u b l i c key to the s t u d e nt acco u n t o n

desktopX.
-
• D i sa b l e s s h login for t h e root user and pa sswo rd-based SSH a ut h e nt ic a ti o n o n se rve rX.

9.1 . G e n e rate a S S H p u b l ic key o n serverX a s user stude nt.

-

[student@serverx -]$ s s h - keygen

9.2. I n sta l l the SSH p u b l i c key g e n e rated p reviou s l y o n se rverX to the s t u d e n t acco u n t on
d e s ktopX.
-

[student@serverx -]$ s s h - copy - id desktopX

/usr/bin/ssh -copy-id : INFO : attempting to log in with the new key( s ) , to filter
out any that are already installed
/usr/bin/ssh-copy-id : INFO : 1 key( s ) remain to be installed - - if you are
-

prompted now it is to install the new keys

student@desktopX ' s password : s t udent
Number of key ( s ) added : 1
-

Now try logging into the machine, with : "ssh ' student@desktopX ' "
-
and check to make sure that only the key ( s ) you wanted were added .
-

- RH124- R H E L 7-en-1-20140606 417

-
 -

C h a pter 1 6. C o m p re h e n s i ve Review
-

9.3. Log in, then c h a n g e to the root a ccou nt, o n the s e rverX v i rt u a l m a c h i n e.

[student@desktopX -]$
-

su -

-
9.4. C u s t o m i z e t h e s s h service o n s e rverX by d i s a b l i n g S S H c o n n e c t i o n s for t h e u s e r root
a n d o n l y a l low key-based l o g i n .

S e t t h e n ecessa ry confi g u ra t i o n f i l e p a ra m eters i n / e t c / s s h / s s hd_config: -

PermitRootLogin no
PasswordAuthentication no -

9.5. Restart t h e sshd service o n serverX.

[ root@serverx -] # sys t emc t l r e s t a r t s s h d

9.6. O n a d iffe re nt term i n a l w i n dow o n desktopX, va l i date t h a t user root c a n n ot connect to

serverX with t h e ssh co m m a n d . I t s h o u l d fa i l beca use we d i s a b l e d root logins w i t h t h e
s s h servi ce. -

[ student@desktopX -]$ ssh root@serverX

Password : redhat
Permission denied, please try again .
-

Password : redhat
Permission denied, please try again .
Password : redhat
Permission denied ( publickey, gssapi- keyex, gssapi-with -mic, password ) .
-

-
1 0. Yo u r serverX m a c h i n e h a s been rel ocated to t h e B a h a mas. T h e fo l l o w i n g c h a n g e s h ave to be
m a d e o n the serverX m a c h i n e :
-
• C h a n g e t h e t i m e zone on t h e serverX m a c h i n e to B a h a m a s a n d ve r i fy t h e t i m e z o n e has
been c h a n g e d prope r l y.
-
1 0.1 . I d e ntify t h e correct t i m e z o n e for B a h a m a s on serverX.

[ root@serverx -]# t zselect

Please identify a location so that time zone rules can be set correctly .
Please select a continent or ocean .
-

1} Africa
2 } Americas
3} Antarctica
-

4) Arctic Ocean
5 ) Asia
6 } Atlantic ocean
7 ) Australia
-

8 } Europe
9 ) Indian Ocean
10} Pacific Ocean
11} none - I want to specify the time zone using the Posix TZ format .
-

Please select a country .

#? 2

1} Anguilla 28} Haiti

-

2 } Antigua & Barbuda 29 } Honduras

-

-
41 8 R H 1 24- R H E L7-en-1-20140606

-
-

Sol ution

3 ) Argentina 30 ) Jamaica
-

4 ) Aruba 31 ) Martinique
5 ) Bahamas 32 ) Mexico
-
6 ) Barbados 33 ) Montserrat
7 ) Belize 34 ) Nicaragua
8 ) Bolivia 35 ) Panama
9 ) Brazil 36 ) Paraguay
10 ) Canada 37 ) Peru
-

11 ) Caribbean Netherlands 38 ) Puerto Rico

12 ) Cayman Islands 39 ) St Barthelemy
13 ) Chile 40 ) St Kitts & Nevis
14 ) Colombia 41 ) St Lucia
-

15 ) Costa Rica 42 ) St Maarten ( Dutch part )

16 ) Cuba 43 ) St Martin ( French part )
-
17 ) Curacao 44 ) St Pierre & Miquelon
18 ) Dominica 45 ) St Vincent
19 ) Dominican Republic 46 ) Suriname
20 ) Ecuador 47 ) Trinidad & Tobago
21 ) El Salvador 48 ) Turks & Caicos Is
-

22 ) French Guiana 49 ) United States

23 ) Greenland 50 ) Uruguay
24 ) Grenada 51 ) Venezuela
25 ) Guadeloupe 52 ) Virgin Islands (UK)
-

26 ) Guatemala 53 ) Virgin Islands (US)

27 ) Guyana
-
#? 5
The following information has been given :
Bahamas
-

Therefore TZ= ' America/Nassau ' will be used .

Local time is now : Fri Mar 7 09 : 38 : 50 EST 2014 .
Universal Time is now : Fri Mar 7 14 : 38 : 50 UTC 2014 .
-

Is the above information OK?

1 ) Yes
2 ) No
-

#? 1
You can make this change permanent for yourself by appending the line
TZ= ' America/Nassau ' ; export TZ
-

to the file ' . profile ' in your home directory; then log out and log in again .
Here is that TZ value again, this time on standard output so that you
can use the /usr/bin/tzselect command in shell scripts :
-

America/Nassau
-

1 0.2 . C h a n g e t h e time z o n e to A m e rica/ N a s s a u o n serverX.

[ root@serverX -]#
-
t imedatec t l set - timezone America/Nassau

- 1 0.3. Ve rify the t i m e zo n e has been properly set on serverX.

[ root@serverX -]#
Local time : Wed 2014-04-09 18 : 21 : 06 GEST
t imedatec t l

Universal time : Wed 2014-04-09 16 : 21 : 06 UTC

-

RTC time : Wed 2014-04-09 16 : 21 : 06

Timezone : America/Nassau ( GEST, +0200 )
NTP enabled : yes
NTP synchronized : no
-

RTC in local TZ : no
-

- R H 1 24- R H E L7-en-1-201 40606 419

-
 -

C h a pte r 1 6. C o m p re he n s ive Review

-

DST active : yes

I.
I
Last DST change : DST began at
Sun 2014-03-30 01 : 59 : 59 CET
Sun 2014-03-30 03 : 00 : 00 CEST
-

Next DST change : DST ends ( the clock j umps one hour backwards ) at
Sun 2014-10-26 02 : 59 : 59 CEST
I Sun 2014-10-26 02 : 00 : 00 CET -

11. Record t h e com m a n d to d i s p l a y a l l syst emd j o u r n a l e n t ries record e d between 9 : 0 5 : 0 0 a n d -

9:15:00 i n t h e /home / s t u d e n t / systemd review . t x t f i l e.

[ root@serverX -]#
I
echo " j ou rnalctl - - since 9 : 05 : 00 - - u n t il 9 : 15 : 00 " >/home / s t udent/ -

systemdreview . txt

12. Confi g u re r syslogd by a d d i n g a r u l e t o t h e n e w l y created config u ra t i o n f i l e

/ e t c / r syslog . d /au t h - e r ro r s . c o n f to l o g a l l secu rity a n d a u t h e ntication m e s s a g es
t h a t get recorded i n t h e a ut h p r i v fac i l ity w i t h t h e p r i o rity a l ert a n d h i g h e r to t h e
-
/var /log/au t h - e r ro r s fi l e a s we l l . Test t h e n e w l y a d d e d log d i rective with t h e logge r
command.

1 2.1. Add t h e d i rective to log au t h p r iv . ale r t sys log m e s s a g e s to t h e

/var/log/au t h - e r ro r s f i l e i n t h e / e t c / r syslog . d/au t h - e r ro r s . c o n f
confi g u ration f i l e.
-

I [ root@serverx -] # echo " au t h p r iv . ale r t /var/log/au t h - e r ro r s " >/etc/r syslog . d/

I au t h - e r r o r s . conf -

1 2 .2. Restart t h e r syslog service o n se rve rX.

j [ root@serverx -]#
-

syst emc t l r e s t a r t r syslog

-
1 2 .3. M o n itor t h e n e w l y created l o g f i l e /va r/log/au t h - e r r o r s on serverX for c h a n g es i n
a d iffe re nt t e r m i n a l w i n dow.

[ root@serverX -]#
-
t ail -f /var/log/au t h - e r r o r s

1 2.4. U s e logger to create a new l o g e ntry to /va r/log/au t h - e r ro r s o n serve r X . -

I [ root@serverx -]# logger - p authp riv . ale r t " Logging t e s t au t hp riv . ale r t "
-

12.5. Ve rify t h e message sent to sys l o g with t h e logge r c o m m a nd a p pe a rs i n t h e

/va r/log/au t h - e r ro r s fi l e o n serverX i n t h e t e r m i n a l r u n n i n g t ail - f /va r / -

I [ root@serverX -]#
log/au t h - e r r o r s .

Feb 13 11 : 21 : 53 serverl root : Logging test authpriv . alert

t ail - f /var/log/au t h - e r r o r s
i

-
13. C reate a new stat i c n etwork c o n n ection using t h e sett i n g s i n the fo l l owi n g table. B e s u re to
re p l a c e t h e X w i t h the c o r rect n u m be r for yo u r systems.

-
420 RH 124- R H E L 7-en-1-20140606

-
-

Solution
-

• Confi g u re t h e new con n e ct i o n to b e a utomatica l l y sta rted.

-
• other c o n n e ct i o n s s h o u l d not start a utomat ica l l y.

• M o d ify t h e new connect i o n so t h a t it a l s o uses t h e a d d ress 1 0.0.X.1 /24.

-

• Config u re t h e h o s t s f i l e so t h a t 1 0.0.X.1 c a n be refe re n ced as " my h ost " .

-
• S e t t h e host n a m e t o s e rverX.exa m p l e.com.

Pa ra m eter Sett i n g
- Connection name review
IP a d d ress 172 .25.X.11 /24

- Gateway a d d ress 172.25.X.254

D N S a d d ress 172.25.254.254

1 3 .1 . C reate a new static network c o n n e c t i o n u s i n g the sett i n g s in the ta b l e. Be s u re to

�
re p l a ce the X w i t h the correct n u m be r for yo u r syste ms.
· ·-1
'r �·root@serverX
-

�
.

L
- ] # nmcli con a d d con - n me e t h EI pe ethernet ip4

[ root@serverx
. 172 . 25 . X . 11/24 gw4 172 . 2 5 . X . 254
- 1 - ] # nmcli con mod 11 review11 ipv4 . d n s 172 . 25 . 254 . 254
-- --- - ��-

13.2. Confi g u re t h e new c o n n e c t i o n to be a utosta rted. o t h e r c o n n e c t i o n s s h o u l d not start

-
a utomatica l l y.

[ root@se rve rx
- � - - -�-
--

[ root@serverX
:
1
- ] # nmcli con mod " review" conne c t ion . a u t oconnect yes
-
I - ]# nmcli con mod " System e t h EI " conne c t ion . autoconnect no
i
L_

i [ root@serverx
- 13.3. M o d ify t h e new connect i o n so that it a l so uses t h e a d d ress 1 0.0.X.1 /24.

- ] # nmcli con mod " r eview" +ipv4 . ad d r es s e s 19 . 9 . X . 1/24

- L.

Or a l ternate l y :

-
[ root@serverX - ] # e c h o " I PADDR1=10 . El . X . 1 " >> /etc/sysconfig/netwo r k - sc ripts/

[ root@serverx
ifcfg - review
- ] # echo " PREFIX1=24" » /etc/sysconfig/netwo r k - sc ripts/ifcf g ­
- review

1 3.4. Config u re t h e hos t s f i l e so t h a t 1 0.0.X.1 can be refe re nced as " myhost " .
-

i [ root@serverX - ] # echo " 10 . El . X . 1 myhos t " > > /etc/ho s t s

!
-

13.5. Set t h e host n a m e to serverX.exa m p l e.com.

-
j [ root@serverx - ] # host namec t l set - hostname serverX . example . com
-

- R H 1 24- R H E L7-en-1 -20140606 421

-
 -

C h a pter 1 6. C o m p re h e n s ive Review

-

14. S y n c h r o n i z e the /etc d i rectory t re e o n serverX to the /configbac k u p d i rectory on

serverX.
-

14.1 . To be a b l e to c reate t h e ta rget d i rectory /configbac kup, switch to t h e root user

acco u nt w i t h t h e s u com m a n d .
-

[student@serverX -]$
Password : redhat
su

[ root@desktopX -]#
14.2 . C reate t h e ta rget d i rectory f o r t h e confi g u ra t i o n f i l es o n serverX. -

[ root@serverX -]#
I
mkdir /configbac kup
-

14.3. U s e the r sync c o m m a n d to sy n c h ro n i z e the /etc d i rectory t re e o n s e rverX to the

/configsync d i rectory o n s e rverX. Be a wa re that o n l y t h e root user ca n rea d a l l the
content in the /etc d i rectory o n se rve rX.

[ root@serverX -]# rsync - av /etc /configbackup

-

15. C reate a n a rc h ive n a m e d / r oo t /config u r at ion - backu p - s e r ve r . t a r . gz w i t h t h e -

/config bac k u p d i rectory a s content.

1 5.1 . Store t h e /configbac k u p d i rectory i n the -

/ r oo t /config u r a t ion - bac k u p - se rve r . t a r . gz a rc h ive.

-]# tar czf /configbac kup -

16. To p repa re t h e a rc h ived d i rectory t ree for c o m pa rison with t h e c u r r e n t l y

-
a ctive l y used confi g u ration f i l es o n s e rverX, extract t h e contents of t h e
/ root/config u r at ion - bac k u p - s e rve r . t a r . gz a rc h ive to t h e
/tmp/configcompare/ d i rectory o n serverX.
-

1 6.1 . C o n n e ct to t h e serverX m a c h i n e as user root by using ssh.

[ root@desktopX - ] #
Password : redhat
-
s s h root@serverX

[ root@serverx -]#
-

1 6.2 . C reate t h e ta rget d i rectory / t mp/configcompa re/ w h e re t h e contents o f t h e

/ r oot /config u r a t ion - bac k u p - se rve r . t a r . gz arch ive w i l l g e t extracted.

[ root@serverx -]# mkdir /t mp/configcompare

1 6. 3. C h a n g e to the ta rget d i rectory / t mp/configcompare/ o n s e rverX.

[ root@serverX -]# cd / t mp/configcompare

[ root@serverX configcompare]#

422 R H1 24- R H E L7-en-1-20140606 -

-
-

S o l ut i o n
-

1 6.4. Extract t h e contents of t h e / r oot/config u rat ion - bac ku p - serve r . t a r . gz

a rc h ive to the / t mp/configcompa r e / d i rectory o n serverX.
-

I
!
[ root@serverX configcompare]# t a r xzf /root /config - bac k u p - serve r . t a r . gz

17. Perform t h e fo l l ow i n g tasks on t h e serverX m a c h i n e :

-
• U s e s s h to execute t h e host name com m a n d o n d e s ktopX a s u ser st u de nt. S e n d t h e
o u t p u t o f t h e h o s t name c o m m a n d to t h e / t m p / s c pfile . t x t f i l e on d e s ktopX.

U s e s c p to copy t h e / t mp/sc pfile . t x t f i l e from d e s ktopX to

-
•

/home / s t u d e n t / sc pfile . tx t .

17.1 . Use s s h to ex e c u t e t h e h o s t name c o m m a n d o n d e s ktopX a s u s e r st u d e nt. S e n d t h e

-
o u t p u t o f t h e h o s t name c o m m a n d to t h e / t mp / s c pfile . t x t f i l e o n d e s ktopX.

-
I [ root@serverx - ] # s s h s t udent@desktopX ' ho s t name >/tmp/scpfile . txt '

17.2. Use sc p to copy t h e / t mp/scpfile . t x t f i l e from deskto p X to

- / home/ s t u d e n t / s c pfile . txt o n the serverX m a c h i ne.

[ root@serverX
I
- ] # scp root@desktopX : /tmp/sc pfile . t xt /home/student/
-

18. C reate t h e file / e t c /yum . repos . d/local u pdat es . repo to e n a b l e t h e " U pdates"
- re pository fo u n d o n t h e content m a c h i ne. I t s h o u l d a ccess content fo u n d a t the fo l l ow i n g
U R L: http://conte nt.exa m p l e.com/rhel7.0/x 86_64/e r rata. Do not c h e c k GPG s i g n a t u res.

-
C reate the f i l e / e t c /yum . repos . d/localupdat es . repo with the fo l l ow i n g content:

I-. name=Red Hat Updates

baseurl=http : //content . example . com/rhel7 . 0/x86_64/errata
enabled=l
-

gpgcheck=0
-

1 9. Confi g u re s e rverX to a d h e re to specific softwa re req u i re m ents:

-
• The kernel package s h o u l d b e updated to t h e l atest vers i o n .

• The xsane - gimp package s h o u l d b e i n sta l l ed .

-

• The r h t - sys t em package s h o u l d be i n sta l l ed.

-
• Fo r secu rity rea sons, s e rverX should not h a ve t h e wvd ial package i n sta l l e d .

F I X M E: n e e d to w a i t f o r f i n a l bits i n c l u d i n g rea l a va i l a b l e e rrata packa g es.

-
1 9.1 . U pdate t h e kernel package.

yum update kernel

-

19.2. l nsta l l t h e xsane - gimp p a c kage.

- R H1 24- R H E L 7-en-1-20140606 423

-
 -

C h a pter 1 6. C o m p r e h e n s ive Review

-

yum i n s t all xsane - gimp

-
1 9.3. I n sta l l the r h t - sys t em pa ck ag e.

yum i n s t all r h t - sys t e m

-

1 9.4. Fo r secu rity rea s o n s , s e r v e r X s h o u l d n ot h a ve t h e wvd ial p a c k a g e i n sta l l e d .

y u m r emove wvd ial -

20. G e n e rate a d i s k u s a g e report with t h e du com m a n d of t h e / u s r/share/fon t s d i rectory o n

serverX a n d s a v e t h e res u l t i n t h e /home/ s t u d e n t / d u r e po r t . t x t f i l e.
-

[ root@serverx - ] # du / u s r / s hare/fo n t s >/home/student/durepo r t . txt

-

21. I dentify a n d m o u n t a n ew l y a d d e d file syste m by U U I D o n t h e /mn t / d a t adump d i rectory o n

se rve rX.
-

21.1 . I d e ntify t h e n ew l y added file system with the blkid co m m a n d o n serverX.

[ root@serverx - ] # blkid
/dev/vdal : UUID="46f543fd-78c9-4526- a857- 244811be2d88" TYPE="xfs"
-

/dev/vdbl : UUID="a84f6842 -ecld-4f6d- b767- b9570f9fcdc0" TYPE="xfs"

-

21.2 . C reate t h e m o u n t p o i n t /mnt/datad um p o n serverX.

[ root@serverX - ] # m k d i r /mnt/datadump
-

21.3. M o u n t the f i l e syste m by U U I D on the /mn t / d a t ad u m p d i rectory of the s e rv er X -

m a c h i n e.

[ root@serverX - ] # moun t UUID= " a84f6842 - ec ld - 4f6d - b767 - b9570f9fcdc0 " /mnt / -

datadump

-
22. C reate the soft l i n k / root /mydat aspace, w h i c h p o i n t s to the /mn t /datadump d i rectory
o n serverX.

, [ root@serverx
-
- ] # ln -s /mn t/datadump / root /mydatas pace

23. Record the com m a n d to f i n d a l l soft l i n ks o n s e rverX t h a t have data as part of t h e i r n a m e i n -

t h e /home/ s t u d e n t /find . t x t f i l e.

[root@serverx - ] # echo " find I - type 1 - name ' * d a t a * ' " >/home/ student/find . tx t
-

-
424 RH124- R H E L7 - e n -1-20140606