EX200試験無料問題集「RedHat Red Hat Certified System Administrator - RHCSA 認定」
Who ever creates the files/directories on archive group owner should be automatically should be the same group owner of archive.
正解:
chmod g+s /archive
Verify using: ls -ld /archive Permission should be like:
drwxrws--- 2 root sysuser 4096 Mar 16 18:08 /archive
If SGID bit is set on directory then who every users creates the files on directory group owner automatically the owner of parent directory.
To set the SGID bit: chmod g+s directory
To Remove the SGID bit: chmod g-s directory
Verify using: ls -ld /archive Permission should be like:
drwxrws--- 2 root sysuser 4096 Mar 16 18:08 /archive
If SGID bit is set on directory then who every users creates the files on directory group owner automatically the owner of parent directory.
To set the SGID bit: chmod g+s directory
To Remove the SGID bit: chmod g-s directory
Configure your web services, download from http://instructor.example.com/pub/serverX.html And the services must be still running after system rebooting.
正解:
cd /var/www/html
wget http://instructor.example.com/pub/serverX.html mv serverX.html index.html /etc/init.d/httpd restart chkconfig httpd on
wget http://instructor.example.com/pub/serverX.html mv serverX.html index.html /etc/init.d/httpd restart chkconfig httpd on
Part 1 (on Node1 Server)
Task 6 [Accessing Linux File Systems]
Find all lines in the file /usr/share/mime/packages/freedesktop.org.xml that contain the string ich.
Put a copy of these lines in the original order in the file /root/lines.
/root/lines should contain no empty lines and all lines must be exact copies of the original lines in
/usr/share/mime/packages/freedesktop.org.xml
Task 6 [Accessing Linux File Systems]
Find all lines in the file /usr/share/mime/packages/freedesktop.org.xml that contain the string ich.
Put a copy of these lines in the original order in the file /root/lines.
/root/lines should contain no empty lines and all lines must be exact copies of the original lines in
/usr/share/mime/packages/freedesktop.org.xml
正解:
* [root@node1 ~]# cat /usr/share/mime/packages/freedesktop.org.xml | grep ich > /root/lines
[root@node1 ~]# cat /root/lines
<comment xml:lang="ast">Ficheru codificau en BinHex de Machintosh</comment>
<comment xml:lang="fr">fichier code Macintosh BinHex</comment>
<comment xml:lang="gl">ficheiro de Macintosh codificado con BinHex</comment>
<comment xml:lang="oc">fichier encodat Macintosh BinHex</comment>
<comment xml:lang="pt">ficheiro codificado em BinHex de Macintosh</comment>
<comment xml:lang="fr">fichier boite aux lettres</comment>
[root@node1 ~]# cat /root/lines
<comment xml:lang="ast">Ficheru codificau en BinHex de Machintosh</comment>
<comment xml:lang="fr">fichier code Macintosh BinHex</comment>
<comment xml:lang="gl">ficheiro de Macintosh codificado con BinHex</comment>
<comment xml:lang="oc">fichier encodat Macintosh BinHex</comment>
<comment xml:lang="pt">ficheiro codificado em BinHex de Macintosh</comment>
<comment xml:lang="fr">fichier boite aux lettres</comment>
Debugging SELinux
A web server running on non-standard port 82 encounters issues while serving content. Debug and resolve the problem to meet the following conditions:
- The web server on the system can serve HTML files hosted in /var/www/html (Note: Do not delete or modify existing file contents)
- The web server can serve content on port 82
- The web server can start automatically at system boot
A web server running on non-standard port 82 encounters issues while serving content. Debug and resolve the problem to meet the following conditions:
- The web server on the system can serve HTML files hosted in /var/www/html (Note: Do not delete or modify existing file contents)
- The web server can serve content on port 82
- The web server can start automatically at system boot
正解:
# Check which package provides the semanage command
[root@node1 ~]# yum provides "*/semanage"
# Install the semanage command
[root@node1 ~]# yum -y install policycoreutils-python-utils
[root@node1 ~]# semanage port -l |grep http
[root@node1 ~]# semanage port -a -t http_port_t -p tcp 82
# Alternatively, you can use man semanage port, then search for EXAMPLE.
[root@node1 ~]# systemctl restart httpd
[root@node1 ~]# systemctl enable httpd
# Verification, seeing the source code indicates correctness (mandatory operation)
[root@node1 ~]# curl http://node1.domain250.example.com:82
[root@node1 ~]# yum provides "*/semanage"
# Install the semanage command
[root@node1 ~]# yum -y install policycoreutils-python-utils
[root@node1 ~]# semanage port -l |grep http
[root@node1 ~]# semanage port -a -t http_port_t -p tcp 82
# Alternatively, you can use man semanage port, then search for EXAMPLE.
[root@node1 ~]# systemctl restart httpd
[root@node1 ~]# systemctl enable httpd
# Verification, seeing the source code indicates correctness (mandatory operation)
[root@node1 ~]# curl http://node1.domain250.example.com:82
The user authentication has been provided by ldap domain in 192.168.0.254. According the following requirements to get ldapuser.
-LdapuserX must be able to login your system, X is your hostname number. But the ldapuser's home directory cannot be mounted, until you realize automatically mount by autofs server.
- All ldap user's password is "password".
-LdapuserX must be able to login your system, X is your hostname number. But the ldapuser's home directory cannot be mounted, until you realize automatically mount by autofs server.
- All ldap user's password is "password".
正解:
system-config-authentication &
Set Root Password
Set the root password of node2 to "redhat." You need to gain system access to perform this operation.
Set the root password of node2 to "redhat." You need to gain system access to perform this operation.
正解:
***Restart the node2 machine and wait for the screen shown in Image 1.
Press "e" to enter the screen shown in Image 2. The original configuration is as shown in the image. Modify the original configuration to the part highlighted in red box, as shown in Image 2. Then press "Ctrl+X" to execute the following commands:
# chroot /sysroot
# echo redhat |passwd --stdin root
# touch /.autorelabel
# sync
# exit
# reboot
Press "e" to enter the screen shown in Image 2. The original configuration is as shown in the image. Modify the original configuration to the part highlighted in red box, as shown in Image 2. Then press "Ctrl+X" to execute the following commands:
# chroot /sysroot
# echo redhat |passwd --stdin root
# touch /.autorelabel
# sync
# exit
# reboot
Configure Container as a Service
As the user "wallah," configure a systemd service for the container:
- Container name: ascii2pdf
- Use the image named pdf created earlier.
- Service name: container-ascii2pdf
- Automatically start the service on system reboot without manual intervention.
- Configure the service to automatically mount /opt/file to /dir1 and /opt/progress to /dir2 in the container upon startup.
As the user "wallah," configure a systemd service for the container:
- Container name: ascii2pdf
- Use the image named pdf created earlier.
- Service name: container-ascii2pdf
- Automatically start the service on system reboot without manual intervention.
- Configure the service to automatically mount /opt/file to /dir1 and /opt/progress to /dir2 in the container upon startup.
正解:
# Note: Perform the following operations by SSHing into localhost as the user "wallah"
[root@node1 ~]# ssh wallah@localhost
# Prepare the relevant mapping directories
[wallah@node1 ~]$ sudo mkdir /opt/{file,progress}
[wallah@node1 ~]$ sudo chown wallah:wallah /opt/{file,progress}
# Start the container and map directories
# :Z changes the SELinux security context of the directory to allow container access.
[wallah@node1 ~]$ podman run -d --name ascii2pdf -v /opt/file:/dir1:Z -v /opt/progress:/dir2:Z pdf
[wallah@node1 ~]$ podman ps -a
# Create systemd service file
[wallah@node1 ~]$ mkdir -p ~/.config/systemd/user
[wallah@node1 ~]$ cd ~/.config/systemd/user/
[wallah@node1 ~]$ podman generate systemd -n ascii2pdf -f --new
[wallah@node1 user]$ ll
total 4
-rw-r--r--. 1 wallah wallah 770 Dec 13 01:07 container-ascii2pdf.service
# Stop and remove the existing ascii2pdf container
[wallah@node1 ~]$ podman stop ascii2pdf
[wallah@node1 ~]$ podman rm ascii2pdf
[wallah@node1 ~]$ podman ps -a
# Enable and start the container-ascii2pdf service
[wallah@node1 ~]$ systemctl --user daemon-reload
[wallah@node1 ~]$ systemctl --user enable --now container-ascii2pdf
# Check container status
[wallah@node1 ~]$ systemctl --user status container-ascii2pdf
[wallah@node1 ~]$ podman ps
# On node1, switch to the root user to perform the following operations
# Ensure that the services for the wallah user start automatically at system boot
[root@node1 ~]# loginctl enable-linger
[root@node1 ~]# loginctl show-user wallah
# Check to ensure the container starts on boot (mandatory operation)
[root@node1 ~]# reboot
[root@node1 ~]# ssh wallah@node1
[wallah@node1 ~]# podman ps
[root@node1 ~]# ssh wallah@localhost
# Prepare the relevant mapping directories
[wallah@node1 ~]$ sudo mkdir /opt/{file,progress}
[wallah@node1 ~]$ sudo chown wallah:wallah /opt/{file,progress}
# Start the container and map directories
# :Z changes the SELinux security context of the directory to allow container access.
[wallah@node1 ~]$ podman run -d --name ascii2pdf -v /opt/file:/dir1:Z -v /opt/progress:/dir2:Z pdf
[wallah@node1 ~]$ podman ps -a
# Create systemd service file
[wallah@node1 ~]$ mkdir -p ~/.config/systemd/user
[wallah@node1 ~]$ cd ~/.config/systemd/user/
[wallah@node1 ~]$ podman generate systemd -n ascii2pdf -f --new
[wallah@node1 user]$ ll
total 4
-rw-r--r--. 1 wallah wallah 770 Dec 13 01:07 container-ascii2pdf.service
# Stop and remove the existing ascii2pdf container
[wallah@node1 ~]$ podman stop ascii2pdf
[wallah@node1 ~]$ podman rm ascii2pdf
[wallah@node1 ~]$ podman ps -a
# Enable and start the container-ascii2pdf service
[wallah@node1 ~]$ systemctl --user daemon-reload
[wallah@node1 ~]$ systemctl --user enable --now container-ascii2pdf
# Check container status
[wallah@node1 ~]$ systemctl --user status container-ascii2pdf
[wallah@node1 ~]$ podman ps
# On node1, switch to the root user to perform the following operations
# Ensure that the services for the wallah user start automatically at system boot
[root@node1 ~]# loginctl enable-linger
[root@node1 ~]# loginctl show-user wallah
# Check to ensure the container starts on boot (mandatory operation)
[root@node1 ~]# reboot
[root@node1 ~]# ssh wallah@node1
[wallah@node1 ~]# podman ps
Create a 512M partition, make it as ext4 file system, mounted automatically under /mnt/data and which take effect automatically at boot-start.
正解:
# fdisk /dev/vda
n
+512M
w
# partprobe /dev/vda
# mkfs -t ext4 /dev/vda5
# mkdir -p /data
# vim /etc/fstab
/dev/vda5 /data ext4 defaults 0 0
# mount -a
n
+512M
w
# partprobe /dev/vda
# mkfs -t ext4 /dev/vda5
# mkdir -p /data
# vim /etc/fstab
/dev/vda5 /data ext4 defaults 0 0
# mount -a
A YUM repository has been provided at http://server.domain11.example.com/pub/x86_64/Server.
Configure your system to use this location as a default repository.
Configure your system to use this location as a default repository.
正解:
vim/etc/yum.repos/base.repo
[base]
name=base
baseurl= http://server.domain11.example.com/pub/x86_64/Server
gpgcheck=0
enable=1
Save and Exit
Use yum list for validation, the configuration is correct if list the package information. If the Yum configuration is not correct then maybe cannot answer the following questions.
[base]
name=base
baseurl= http://server.domain11.example.com/pub/x86_64/Server
gpgcheck=0
enable=1
Save and Exit
Use yum list for validation, the configuration is correct if list the package information. If the Yum configuration is not correct then maybe cannot answer the following questions.
There is a local logical volumes in your system, named with shrink and belong to VGSRV volume group, mount to the /shrink directory. The definition of size is 320 MB.
Requirement:
Reduce the logical volume to 220 MB without any loss of dat
a. The size is allowed between 200-260 MB after reducing.
Requirement:
Reduce the logical volume to 220 MB without any loss of dat
a. The size is allowed between 200-260 MB after reducing.
正解:
cd;umount /shrink
e2fsck -f /dev/mapper/vgsrv-shrink
resize2fs /dev/mapper/vgsrv-shrink 220M
lvreduce -L 220M /dev/mapper/vgsrv-shrink
mount -a
e2fsck -f /dev/mapper/vgsrv-shrink
resize2fs /dev/mapper/vgsrv-shrink 220M
lvreduce -L 220M /dev/mapper/vgsrv-shrink
mount -a