The main original text for this doc is here:

http://wenku.baidu.com/view/7dc5773743323968011c923f.html

In this examination you will use two systems, a system that you seat next to a
physical machine, another system is located in the Virtual Machine Manager machine,
the virtual machine is already pre-installed with Redhat Enterprise Linux, firewall
configuration is enabled by default, Unless otherwise specified, all exams can only
operate in a virtual machine, you do not have permission to use root login to
physical machine device, but when necessary, you can use it to test your virtual
machine to do some service.
Note that not allow you to communicate with other candidates during the
examination, also not allowed to connect to other candidates machines. Machines and
networks will be monitored over for misuse and can cause your test scores two
points for the 0.
Before you begin, you should check some general configuration information listed in
the link below:
Additional configuration information:
Complete the following when you receive the results, this part of the results will
be marked
You need to get at least 210 from 300 points in order to obtain certification!

###################################################################################
###################################

RHCSA Exam:

1. A YUM source has been provided in the

http://instructor.example.com/pub/rhel6/dvd, configure your system to use that:

#vi /etc/yum.repos.d/base.repo
[base]
name = base
baseurl = http://instructor.example.com/pub/rhel6/dvd
gpgcheck = 0
#yum list

2. Configure home directory LV to 300 MB. Ensure the integrity of file system.
Partitions are seldom accurate to the same size and requirements, therefore the
range between 320M to 350M are acceptable.

#vgdisplay
#lvextend -L +xM +path
#resize2fs +path
#df -TH

3. Create the following users, groups and group memberships.

Name of group is sharegrp

User natasha use sharegrp as a subsidiary of the group
User harry use sharegrp as a subsidiary of the group
User sarah can not access the system and interact shell and not a member of
sharegrp group
Use password nimsdreg for harry, natasha and sarah

#groupadd sharegrp
#useradd natasha -G sharegrp
#useradd harry -G sharegrp
#useradd sarah -s /sbin/nologin
#echo "user:passwd" | chpasswd

4. Copy the file /etc/fstab to /var/tmp/fstab. Configure /var/tmp/fstab as follows:

File /var/tmp/fstab the owner is root and belong to root group.
File /var/tmp/fstab can not be executed by any user.
User natasha can read and write /var/tmp/fstab but harry neither read nor write.
All other users (present and future) has read /var/tmp/fstab ability.

#cp /etc/fstab /var/tmp/fstab

#ll /var/tmp/fstab
#setfacl -m u:natasha:rw /var/tmp/fstab
#setfacl -m u:harry:0 /var/tmp/fstab

5. User natasha must configure a cron job local daily 14:23 to run: */bin/echo
howdy.

#crontab -u natasha -e
23 14 * * * /bin/echo howdy
#crontab -u natasha -l

6. Create a collaborative directory /home/shared so that it has the following

characteristics:
/home/shared group belongs to sharegrp.
The directory members have read, write and execute right, but not for any other
users.
(root can access to all files and directories on the system).
In /home/shared any file created belongs to the group sharegrp.

#mkdir /home/shared
#ll -d /home/shared
#chgrp sharegrp /home/shared
#chmod g+wrx /home/shared
#chmod o-rx /home/shared
#chmodg +s /home/shared

7. From ftp://instructor.example.com/pub/updates install the appropriate kernel

update. The following requirements must be met:
Set updated kernel as the default kernel at boot.
However, the original kernel must be seen at boot time.

#yum -y install lftp

#lftp instructor
#mget *.rpm
#uname -r
#rpm -ivh *.rpm
#vim /boot/grub/grub.conf

8. System instructor.example.com provides a LDAP authentication service, your

system should be based on the following requirements binding to this service:
DN is dc=example,dc=com
LDAP used to provide account information and authentication information.
Path ftp://instructor.example.com/pub/example-ca.crt should be used to connect to
certificate encryption.
When properly configured then ldapuser11 can log on to your system, but no home
directory until you complete autofs topic.
The password for ldapuser11 is "password".

#system-config-authentication

9. Configure your system so that it use instructor.example.com as NTP server.

#system-config-date

10. Configure autofs to automatically mount LDAP user's home directory as follows:
instructor.example.com(192.168.0.254) use NFS to share /home/guests to your system.
This file system includes a pre-set user ldapuser11 home directory.
ldapuser11's home directory is instructor.example.com/home/guests/ldapuser11.
ldapuser11's home directory should automatically mount to the local /home/guests.
The following /ldapuser11's home directory must have write access by the user.
ldapuser11 password is "password".

#vim /etc/auto.master
/home/guests /etc/auto.ldap
:wq
#cp /etc/auto.misc /etc/auto.ldap
#vim /etc/auto.ldap
ldapuaer11 -fstype=nfs,rw 192.168.0.254:/home/guests/ldapuser11
:wq
#service autofs restart
#su ldapuser11

11. Config server11.example.com that implements ftp service that allows anonymous
file download from /var/ftp/pub.

#yum install vsftpd -y

#service vsftpd restart
#chkconfig vsftpd on

12. For the site http://server11.example.com configure a web services, then

complete the following steps:
Download ftp://instructor.example.com/pub/rhcsa/station.html rename the downloaded
file to index.html copy index.html to web service DocumentRoot directory. Dont
change the contents of index.html.

#yum install httpd -y

#lftp instructor
#get station.html
#cp station.html /var/www/html/index.html
#service httpd restart
#chkconfig httpd on

13. Create a user jean uid 3895 with password nimsdreg.

#useradd -u 3895 jean

#echo "jean:nimsdreg" | chpasswd

14. Add your system an extra size 750M swap partition that should be at system boot
time. Do not remove or change the existing swap partition on your system.

#swapon -s
#fdisk -cu /dev/sda
#n e l t 82
#partx -a /dev/sda
#ll /dev/sda*
#mkswap /dev/sdaX
#swapon /dev/sdaX
#vim /etc/fstab
/dev/sdaX swap swap defaults 0 0
:wq
#mount -a
#swapon -s

15. Identify all files that the owners are natasha and copy them to /root/found
catalog.

#mkdir /root/found
#find / -user natasha -exec cp -rf {} /root/found/ \;

16. In the archives /usr/share/dict/words find all contained within the string
strato column, and then put them out in accordance with the original order, copied
to /root/lines.txt, there are no blank lines in this file, copy over all ranks,
which should follow the original.

#grep strato /usr/share/dict/words > /root/lines.txt

17. Create a logical volume group wgroup, called wshare, the size of the logical
volume 10extent, each extent as 8Mib, and mount /mnt/wshare using vfat for this new
logical volume.

#fdisk -cu /dev/sda

n +100M (8*10) t 8e w
#partx -a /dev/sda
#pvcreate /dev/sdaX
#vgcreate wgroup -s 8M /dev/sdaX
#vgdisplay PE size 8M
#lvcreate -l 10 -n wshare wgroup
#mkfs.vfat /dev/wgroup/wshare
#mkdir /mnt/wshare
#mount /dev/wgroup/wshare /mnt/wshare
#df -TH
#vim /etc/fstab
/dev/wgroup/wshare /mnt/wshare vfat defaults 0 0
:wq
#mount-a

###################################################################################
##############################
RHCE Exam:

1. Configure NFS service as /mnt/storage directory that will be shared with read
and write perms to domain example.com, root can access the share(!). Share this
directory to cracker.org domain users read-only.

#vim /etc/exports
#/mnt/storage *.example.com(rw,sync,no_root_squash)
#/mnt/storage *.cracker.org(ro,sync)

2. Allows only example.com to access to local SSH.

#vim /etc/hosts.allow
sshd: .example.com
#vim /etc/hosts.deny
sshd: ALL

3. Configure samba as follows:

1) Working group called RHCE.
2) Type certification user.
3) Share /mnt/storage directory with share name share.
4) Allow the shared directory for user1 and user2 with write permissions and for
other users are read-only, If you need a password is redhat.
5) Only allows the user to example.com to access to the shared directory domain.

#yum install -y samba

#vim /etc/samba/smb.conf
[global]
workgroup = RHCE
security = user
[share]
path = /mnt/storage
write list = user1 user2
hosts allow = .example.com
#echo redhat | smbpasswd -s -a user1
#echo redhat | smbpasswd -s -a user2
#service smb start; chkconfig smb on

4. Download http://192.168.0.254/pub/tools/server.html file to /var/www/virt1

directory, When the user enters http://serverX.example.com can access the text
contents of the site. It can be accessed only by users of the machine.
Download http://192.168.0.254/pub/tools/www.html file to http default directory,
users input http://wwwX.example.com can access to the file.
This site requires authentication so that the machine users can use user's password
to access.

#mkdir /var/www/virt1/; cd /var/www/virt1/

#wget http://192.168.0.254/pub/tools/server.html
#mv server.html index.html
#cd /var/www/html; wget http://192.168.0.254/pub/tools/www.html
#mv www.html index.html
#yum -y install httpd
#vim /etc/httpd/conf/httpd.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerName server5.example.com
DocumentRoot /var/www/virt1
<Directory "/Var/www/virt1">
order deny,allow
deny from all
allow from localhost
allow from 127.0.0.1
allow from www5.example.com
allow from server5.example.com
allow from station5.example.com
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName www5.example.com
DocumentRoot /var/www/html
<Directory "/var/www/html">
AllowOverride AuthConfig
AuthType basic
AuthName Authentication Required
AuthUserFile /var/www/html/.passwd
Require valid-user
</Directory>
</VirtualHost>
#chcon --reference=/var/www/html /var/www/virt1
#htpasswd -cm /var/www/html/.passwd user1
#htpasswd -cm /var/www/html/.passwd user2
#htpasswd -cm /var/www/html/.passwd user3
#elinks for verification

5. Establish vsftp server, so that only user1 allows access and can not jump out of
the home directory. Upload and download is allowed by example domain users.

#yum -y install vsftpd

#vim /etc/vsftpd/vsftpd.conf
userlist_deny=NO
userlist_file=/etc/vsftpd/vsftpd.user_list
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/vsftpd.chroot_list
anon_upload_enable=YES
anonymous_enable=YES
#mkdir -p /var/ftp/incoming; chmod 777 /var/ftp/incoming
#chcon -t public_content_rw_t /var/ftp/incoming
#setsebool -P allow_ftpd_anon_write 1
#setsebool-P ftp_home_dir 1
#vim /etc/vsftpd/vsftpd.user_list user1
#vim /etc/vsftpd/vsftpd.chroot_list user1
#service vsftpd start; chkconfig vsftpd on
#vim /etc/hosts.deny
vsftpd: ALL EXCEPT .example.com

6. New Mail Server requirements are as follows:

1) Allowed localhost and the remote host can access.
2) Allowed example.com users can relay, refusal "remote test".
3) All messages sent to user3 will be sent to user2.
4) Confirmed /var/spool/mail/user1 exist.
5) Only allows the users of example.com domain to receive email through pop3.
#yum install postfix -y
#alternatives --set mta select postfix
#service sendmail stop; chkconfig sendmail off
#cd /etc/postfix
#vim main.cf
myhostname = stationX.example.com
mynetworks_style = subnet
mydestination = $myhostname
myorigin = $myhostname
relay_domains = example.com, $mydestination
inet_interfaces = all
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/access,
check_sender_access hash:/etc/postfix/access,
check_recipient_access hash:/etc/postfix/access,
permit_auth_destination,
permit_mynetworks,
#vim /etc/postfix/access
remote.test REJECT
#vim /etc/aliases
user3: user2
#postalias /etc/aliases
#postmap hash:/etc/postfix/access
#touch /var/spool/mail/user1 (Usually there will be a default)
#chown user1:mail /var/spool/mail/user1
#chcon --reference=/var/spool/mail/root /var/spool/mail/user1
#chmod 660 /var/spool/mail/user1
for refusal remote.test can iptables be used:
#iptables -A INPUT -p tcp --dport 25 -s remote.test(IP) -j REJECT
#service postfix start; chkconfig postfix on
#yum install dovecot
#vim /etc/dovecot.conf
protocols = pop3
#service dovecot start; chkconfig dovecot on
#iptables -A INPUT -p tcp -dport 110 -s 192.168.0.0/24 -j ACCEPT
#iptables -A INPUT -p tcp -dport 110 -j REJECT
#service iptables save; chkconfig iptables on

###################################################################################
###########################################
Compulsory 1:(T01) the examiner can log into your system as root using th password
"A9b7#Eq.*". The home directory must be /root.

#passwd root

Compulsory 2:(T02) ping 192.168.0.254 is successful, and your system uses static
networking as described in /root/network.txt.

#vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=server12.example.com
#vi /etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
#startx
#/etc/init.d/NetworkManager restart
#chkconfig NetworkManager on
#system-config-network &

Compulsory 3:(T03) dig instructor.example.com successfuly resolves that hostname

using DNS.

#dig instructor.example.com

.Install the dialog RPM package.

#vi /etc/yum.repo.d/intructor.repo
[base]
name=base
baseurl=http://instructor.exmaple.com/pub/rhel6/dvd
gpgcheck=0
#yum list
#yum -y install dialog

.SELinux must be running in the Enforcing mode.

#vi /etc/sysconfig/selinux
SELINUX=enforcing
#reboot

.The firewall needs to be enabled.

#touch /etc/sysconfig/iptables
#service iptables start
#chkconfig iptables on

.Mount the /root/examine.iso to the /mnt/iso folder. automatically enable at system

boot time.

#mkdir /mnt/iso
#vi /etc/fstab
/root/examine.iso /mnt/iso iso9660 loop,defaults 0 0

.Some users home directory is shared from your system, using showmount -e localhost
command, the share directory is not show, make access the share users home
directory.

#service rpcbind start

#chkconfig rpcbind on
#service nfs start
#chkconfig nfs on
#showmount -e localhost

.Find the files which ownership is lucy, and copy files to /tmp/findfiles.

#mkdir /tmp/findfiles
#find / -user lucy -exec cp -ar {} /tmp/findfiles \;
.In your system is a logical volume created named as common under vol0 volume group
and is mount on /common, The initial size of that volume is 124MB, make
successfully that the size of logical volume 190MB without losing any data. The
size logical volume 160MB-200MB will be acceptable.

#df -h /common
#pvdisplay to findout PE size
#lvextend -L 190M /dev/mapper/vgsrv-common
#resize2fs /dev/mapper/vgsrv-common
#df -h to verify

.In your system has another logical volume is create name as shrink under vol0
volume group and is mount /shrink, The initial size of that valume is 320MB shrink
successfully that the size of logical volume 200MB without losing any data, pay
attention the size logical volume 192MB-240MB will be acceptable.

#df -h /shrink
#pvdisplay to verify PE size
#umount /shrink
#e2fsck -f /dev/mapper/vgsrv-shrink
#resize2fs /dev/mapper/vgsrv-shrink 200M
#lvreduce -L 200M /dev/mapper/vgsrv-shrink
#mount /shrink
#df -h to verify

.Make a swap partition have 512MB, make automatically useable at system boot time.

#fdisk -l
#fidsk /dev/vda
p -> n ->t(82)>w
#partx -a /dev/vda
#mkswap /dev/vdaX
#vi /etc/fstab
/dev/vdaX swap swap defaults 0 0
#swapon -a
#swapon -s

.Create the following users, groups, and group memberships:

-- A group named admin.
-- A user mary who belongs to admin as a secondary group.
-- A user alice who also belongs to admin as a secondary group.
-- A user bobby who dose not have access to an interactive shell on the system, and
who is not a member of admin.
-- mary, alice, and bobby should all have the passwd of "password".

#groupadd admin
#usradd -G admin mary
#passwd mary
#useradd -G admin alice
#passwd alice
#useradd -s /sbin/nologin bobby
#passwd bobby

.Create a colloborative directory /common/admin with the following characteristics:

-- Group ownership of /common/admin is admin.
-- The directory should be readable, writable and accessiable to members of admin,
but not to any other users.(It is understood that root has access to all files and
directories on the system).
-- Files created in /common/admin automatically have group ownership set to the
admin group.

#mkdir /common/admin
#chgrp admin /common/admin
#ls -ld /common/admin
#chmod g+rwx /common/admin
#chmod g+s /common/admin

.Install the appropriate kernel update from ftp://instructor/pub/updates. The

following criteria must also be met:
-- The updated kernel is the default kernel when the system is rebooted.
-- The original kernel remains available and bootable on the system.

#cd /tmp
#yum install -y lftp
#lftp instructor.exmaple.com (cd pub/updates ->get kernel-*.rpm)
#rpm -ivh kernel*.rpm
#vi /boot/grub/grub.conf
#reboot

.Enable IP forwarding on your system.

#vi /etc/sysctl.conf
#net.ipv4.ip_forward = 1
#sysctl -p

.Set up default loacl print queue to forward jobs to the IPP(CUPS) print queue
printerX on instructor.example.com, where X is your server number. Configure the
printer as a "Generic--text-only" print queue.

.The user mary must configure a cron job that runs daily at 14:23 local time and
execute -- /bin/echo "Hello World.".

#crotable -e -u mary
23 14 * * * /bin/echo “Hello World.”

.Bind to the ldap domain provided by 192.168.0.254 for user authentication. Note
the following:
-- ldapuserX should be able to log into your system, where X is your server number,
but will not have a home directory until you have completed autofs requirement
below.
-- All LDAP user have a password of "password".

system-config-authentication &

.Configure autofs to automount the home directory of NIS users. Note the following:
-- instructor.example.com(192.168.0.254) NFS-exports /home/guests/ldapuserX to your
system, where X is your server number.
-- ldapuserX home directory is instructor.example.com:/home/guests/ldapuserX.
-- ldapuserX home directory should be automounted locally beneath
/home/guests/ldapuerX.
-- home dierctories must be writable by their users.
-- While you are able to log in as any of users ldapuser1 through ldapuser20, the
only home directory that is accessible from your system is ldapuserX.

#vi /etc/auto.master
/home/guests /etc/auto.ldap
#vi /etc/auto.ldap
ldapuser12 -rw instructor.example.com:/home/guests/ldapuser12
#service autofs stop
#service autofs start
#chkconfig autofs on

.Copy the file /etc/fstab to /var/tmp. Configure the permissions of /var/tmp/fstab

so that:
-- the file /var/tmp/fstab is owned by root user.
-- the file /var/tmp/fstab belongs to group root user.
-- the file /var/tmp/fstab should not to be executable by anyone.
-- the user mary is able to read and write /var/tmp/fstab.
-- the user alice can neither write nor read /var/tmp/fstab.
-- all other users(current of future) have the avilability to read /var/tmp/fstab.

#cp /etc/fstabl /var/tmp

#ls -l /var/tmp/fstab
#chown root:root /var/tmp/fatab
#chmod a-x /var/tmp/fstab
#dumpe2fs /dev/mapper/vgsrv-root | grep options to verify acl option is added on
defaults in /etc/fstab
/dev/mapper/vgsrv-root /
#mount -o remount -a (to enable acl)
#setfacl -m u:mary:rw /var/tmp/fstab
#setfacl -m u:alice:--- /var/tmp/fstab
#setfacl -m o::r-- /var/tmp/fstab or #chmod o=r /var/tmp/fstab

.Configure your system so that is an NTP client of instructor.example.com.

#system-config-date &
#ntpq -p

.Configure SSH access as follows:

-- harry has remote SSH access to your machine from with example.com.
-- Clients within remote.test should NOT have access to ssh your system.

#vi /etc/hosts.allow
sshd: .example.com
#vi /etc/hosts.deny
sshd: .remote.test

.Export your /common directory via NFS to the example.com domain only.

#vi /etc/exports
/common *.example.com(ro,sync)
#service nfs restart
#chkconfig nfs on
#showmount -e 192.168.0.100

.Configure FTP access on your system:

-- Clients within the example.com domain should have anonymous FTP access to your
machine.
-- Clients outside example.com should NOT have access to your FTP service.

#yum install -y vsftpd

#vi /etc/vsftpd/vsftpd.conf
anonymous_enable=YES
#service vsftpd start
#chkconfig vsftpd on
#vi /etc/hosts.allow
vsftpd: .example.com
#vi /etc/hosts.deny
vsftpd: ALL
#yum install -y lftp ftp

.Configure your test system connect to an ISCSI target from instructor.example.com,

you should mount this filesystem to /mnt/iscsi directory and automatically useable
at system boot time.

#mkdir /mnt/iscsi
#iscsiadm -m discovery -t st -p 192.168.0.254
Log in to the target using the name displayed in discovery:
#iscsiadm -m node -T <iqn> -p 192.168.0.254 -l
#fdisk -l
#fdisk /dev/sda1
#mkfs.ext4 /dev/sda1
#blkid to see UUID
#vi /etc/fstab
UUID= /mnt/iscsi ext4 _netdev 0 0

.Share the /common directory via SMB:

-- Your SMB server must be member of the SAMBA workgroup.
-- The share's name must be common.
-- The common share must be available to example.com domain client only.
-- The common share must be browseable.
-- mary must have read access to the share,authenticating with the same password
"password",if necessary.

#yum install -y samba

#chkconfig smb on
#chcon -t samba_share_t /common
#setsebool -P samba_export_all_ro on "open the System directory access control, so
mary log in to see /common"
#vi /etc/samba/smb.conf
[global]
workgroup = SAMBA
host allow = 192.168.0.
security = user
passdb backend = tdbsam
[common]
path = /common
browseable = yes
public = yes
#testparm smb.conf
#smbpasswd -a mary
#service smb start
#chkconfig smb on
#smbclient -L 192.168.0.100 -U mary%password
#smbclient //192.168.0.100 -U mary%password
#mount //192.168.0.100/common /mnt/smb -o username mary%password
#vim /etc/fstab
//192.168.0.100/common /mnt/smb cifs defaulsts,user=mary%password 0 0

.Implement a web server for the site http://serverX.example.com,then perform the

following steps:
-- Download ftp://instructor.example.com/pub/rhce/server.html.
-- Rename the downloaded file to index.html.
-- Copy this index.html to DocumountRoot of your web server.
-- Do NOT make any modifications to the content of index.html.

#yum install -y httpd

#vi /etc/httpd/conf/httpd.conf (change DocumentRoot)
ServerName server12.example.com:80
DocumentRoot "/var/www/html"
#cd /var/www/html
#wget ftp://instructor.example.com/pub/rhce/server.html
#mv server.html index.html
#service httpd start
#chkconfig httpd on

.Extend your web server to include a virtual host for the site
http://wwwX.example.com/, where X is your server number, then perform the following
steps:
-- Set the DocumentRoot to /var/http/virtual.
-- Download ftp://instructor.example.com/pub/rhce/www.html.
-- Rename the downloaded file to index.html.
-- Place this index.html in the DocumentRoot of the virtual host.
-- Do NOT make any modifications to the content of index.html.
-- Ensure that harry is able to create content in /var/http/virtaul.
Note: The original web site http://serverX.example.com must still be accessable,
DNS resolution for the hostname wwwX.example.com is already provided by the name
server on instructor.example.com.
-- Create a directory /var/http/virtual/limited, limit access to only local users,
non-local user prohibited access.

#mkdir -p /var/http/virtaul/limited
#chcon -R -t httpd_sys_content_t /var/http
#cd /var/http/virtaul
#wget ftp://instructor.example.com/pub/rhce/www.html
#mv www.html index.html
#vi /etc/httpd/conf/httpd.conf
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /var/http/virtaul
ServerName www12.example.com
<Directory "/var/http/virtaul/limited">
Options indexes
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from localhost
Allow from www12.example.com
Allow from server12.example.com
</Directory>
</VirtualHost>
#useradd harry
#setfacl -R -m u:harry:rwx /var/http/virtaul

.Configure an email alias to your MTA such that mail sent to harry is received by
the local user mary.

#yum install -y postfix

#vi /etc/postfix/main.cf
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
#vi /etc/aliases
harry: mary
#newaliases
#service postfix restart
#chkconfig postfix on

.Configure SMTP mail service according to the following requiremnets:

-- Your mail server should accept mail from remote hosts and localhost.
-- harry must be able to receive mail from remote hosts.
-- Mail delivered to mary should spool into the default mail spool for mary on
/var/spool/mail/mary.

#vi /etc/postfix/main.cf
myhostname = server12.example.com
mydomain = example.com
myorigin = $myhostname
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
#service postfix restart
#mail -vs “title” harry@server12.example.com

.Create a shell script /root/program:

--when you input "kernel" parmeter to the shell script that will return "user".
--when you input "user" parmeter to the shell script that will return "kernel".
--while script no parmeter or parmeter is wrong, standard error
"usage:/root/program kernel|user".

#chmod +x /root/program
#vi /root/program
#!/bin/bash
if [ “$1” == “kernel”]
then
echo “user”
elif [ “$1” == “user”]
then
echo “kernel”
else
echo “usage:/root/program kernel|user”
fi

RHCE Sample Exam:

You’ll have two hours to complete the following tasks.

1.Configure an SSH server with access limited to the local network. Create local
usersnamed katie and dickens. Limit SSH access on that server only to user katie.
2.Configure a Samba server. Share a directory named /food with user dickens. Share
asecond directory named /book limited to users tim and stephanie.
3.Set up a vsFTP server with access limited to the server1.example.com and the
physicalhost system.
4.Set up a local NTP server, accessible to the local network.
5.Configure an NFS server to share the /home directory only with the physical host
system.
6.Configure Apache with two secure web sites on the same virtual server. Call those
websites shost1.example.com and shost2.example.com. Create and configure an
appropriateSSL key for those web sites.
7.Configure a local caching nameserver, and set up the local system to use that
nameserver.
8.Create a script that backs up all files from the /home directory on a daily
basis.
9.Create an RPM from a single file. Use the README file in
the/usr/share/doc/tcp_wrappers-7.6 directory. Set up the RPM with a package name of
tcpwrapdoc, version 1.0. When installed, it should write the README file to
the/opt/tcpwrap directory.
10.Configure IPv4 and IPv6 forwarding on the local system.
11.Set up system activity reports to run the related accounting tool every five
minutes.
12.Configure the server1.example.com system as a logging server. Configure
thetester1.example.com system (or the physical host system) as a logging client.
13.Configure the server1.example.com system as a Kerberos client on the
example.comdomain, with a KDC and administrative server of the physical host
system.
14.Set up an Apache web server with two regular virtual hosts. Set it up on
URLstest1.example.com and test2.example.com. Create and use the /web subdirectory
for this purpose. Include appropriate index.html files, with contents for each URL.
15.Set up a shared subdirectory named cubs on that Apache web server, accessible to
userselizabeth and fred. Limit access to the local network.
16.Configure the system to work with a CGI application, accessible on
thetest1.example.com system. For that purpose, you may use the following code in
anappropriate CGI script. Call it the good.pl file.
#!/usr/bin/perlprint "Content-type: text/html\n\n";print "Good Job!\n";
17.Set up an FTP server that supports only anonymous access, even from outside your
LAN.Do not allow access from any regular users, even if the ftp_home_dir boolean is
on.
18.Configure a caching-only DNS server that forwards requests to the physical host
system.
19.Set up a local SMTP server that supports access limited to systems on the local
network.
20.Configure an SSH server for user mike on the server1.example.com system.
Configure password-free access, with passphrases, using key-based authentication
from a remotesystem, either tester1.example.com or the physical host. Use the
following passphrase:
Linux rocks, Windows does not.
21.Set up masquerading from the network with server1.example.com to outside
networks,using the IP address of the physical host system.
22.Configure a Samba server to share user home directories.
23.Configure two NTP servers, one as a peer, the second as a regular server.
24.Set up the system to avoid responding to the ping command.