RHLSA-EX200

Question 1

Guide in RedHat environments?

Answer 1

vimtutor

Question 2

Creat diagnostic report

Answer 2

sos report

Question 3

Directory for access to hardware

Answer 3

/dev

Question 4

Directory with system config files

Answer 4

/etc

Question 5

Directory for installed software

Answer 5

/usr

Question 6

Directory for
- System-specific persistant variable data
- Dynamically changing files (databases etc)

Answer 6

/var

Question 7

Directory for non-persistant runtime data

Answer 7

/run

Question 8

Create a Hard Link

Answer 8

ln <original> <link></link></original>

Question 9

Create a Soft Link

Answer 9

ln -s <original> <link></link></original>

Question 10

Create an alias called my_alias to cat /etc/passwd

Answer 10

alias my_alias=”cat /etc/passwd”

Question 11

View user ID and assosiated group IDs

Answer 11

id <Username></Username>

Question 12

View all groups

Answer 12

cat /etc/group

Question 13

Make a user a Sudo’er

Answer 13

usermod -aG wheel <username></username>

Question 14

Create a user

Answer 14

useradd <username></username>

Question 15

Change a user’s password

Answer 15

passwd <username></username>

Question 16

Modify existing user

Answer 16

usermod <options> <username></username></options>

Question 17

Delete user

Answer 17

userdel <username></username>

Question 18

Create a group

Answer 18

groupadd <new></new>

Question 19

Delete a group

Answer 19

groupdel <group></group>

Question 20

Force users to change password at next login

Answer 20

chage -d 0 <username></username>

Question 21

Give group permission to write

Answer 21

chmod g+w <directory></directory>

Question 22

Give permission for all to write

Answer 22

chmod a+w <directory></directory>

Question 23

Give recursive rights for all to write in directory

Answer 23

chmod -R a+w <directory></directory>

Question 24

Give recursive rights for all to write to directories but NOT files

Answer 24

chmod -R g+X <directory></directory>

Question 25

Change owner

Answer 25

chown

Question 26

Change owning group

Answer 26

chgrp

Question 27

Change owner and group together

Answer 27

chown

Question 28

Set GID - allow files created in a directory to match the group owner of the directory

Answer 28

chmod g+s {directory}

Question 29

Set sticky bit - Users with write access can only remove files they own

Answer 29

chmod o+t {directory} or chmor

Question 30

How do you see the current umask setting

Answer 30

umask

Question 31

How do you update the umask setting

Answer 31

umask {number}

Question 32

Command to view SELinux enforce mode

Answer 32

getenforce

Question 33

Command to set SELinux enforce mode (non persistent)

Answer 33

setenforce {number} (1=permissive, 2=Enforcing)

Question 34

How to persistently change SELinux enforcing mode

Answer 34

vim /etc/selinux/config SELINUX={mode}

Question 35

View SELinux context labels

Answer 35

ls -Z

Question 36

Change SELinux context of files in a directory to match the parent directory

Answer 36

restorecon {file/directory}

Question 37

View all SELinux booleans available

Answer 37

getsebool -a (grep to filter)

Question 38

View SELinux boolean info

Answer 38

semanage boolean -l

Question 39

View SELinux boolean policies for specific packages

Answer 39

dnf install selinux-policy-doc man {package}_selinux

Question 40

Change SELinux boolean value

Answer 40

setsebool -P {se bool} on (-P = persistent)

Question 41

Where are SELinux logs stores

Answer 41

/var/log/audit/audit.log

Question 42

Show SELinux errors in log

Answer 42

sealert -a /var/log/audit.log

Question 43

Show all pskill signals

Answer 43

pskill -l

Question 44

Kill a process with kill signal 9

Answer 44

pskill -9 {process ID / %job number}

Question 45

List CPUs and their usage

Answer 45

lscpu (an average of >1 is bad)

Question 46

Display resource load averages

Answer 46

top

Question 47

2 methods to view manuals on creating tmp files

Answer 47

man -k tmpfiles man tmpfiles.k

Question 48

How do you configure a new tmp directory /home/tmp_share. It must be owned by root, universally accessible and deleted everything after 30s

Answer 48

vim /etc/tmpfiles.d/tmp_share.conf d /home/tmp_share 0777 root root 30s systemd-tmpfiles --create /etc/tmpfiles.d/tmp_share.conf

Question 49

How do you search for a package with a keyword

Answer 49

dnf search {keyword}

Question 50

How do you see installed package

Answer 50

dnf list installed

Question 51

What directory are yum repos stored in

Answer 51

/etc/yum.repos.d

Question 52

How you you enable a dnf repo

Answer 52

dnf config-manage --enable {repo name}

Question 53

How do you install a local package repository

Answer 53

dnf/yum install {repo addess/path}

Question 54

How do you list block devices (physical storage)

Answer 54

lsblk

Question 55

How do you create a partition on /dev/vdb

Answer 55

parted /dev/{drive} mklabel > msdod (or other) mkpart > type > file system > start > end print (to check) Set {number} > Flag {lvm} > Status {on} Quit udevadm settle (update kernal)

Question 56

How do you format the logical volume "vol" in volume group "group" to xfs

Answer 56

mkfs -t xfs /dev/group/vol

Question 57

mount a /dev/vdc1 to /share

Answer 57

mount /dev/vdc1 /share

Question 58

How do you check mounted drives

Answer 58

df -h

Question 59

How do you persistantly mount /dev/vdb1 to /home/mount

Answer 59

lsblk -f #for file system type Vim /etc/fstab; /dev/vdb1 /home/mount {files system type} defaults 0 0 OR lsblk -o /dev/vdb1 #for UUID UUID={UUID} /home.mount {file system type} defaults 0 0 mount -a (to check for errors)

Question 60

How do you remove a partition

Answer 60

unmount {mount point} parted > print (to get partition number) > rm > {number}

Question 61

How do you create a 2Gb swap partition on vdb

Answer 61

printed /dev/vdb mkpart > type (primary) > file system type (linux-swap) > start (1Mb) > End (2Gb) print (to check) mkswap /dev/vdb1 swapon -s (to check)

Question 62

How do you deactivate a /dev/vdb2 swap

Answer 62

swapoff /dev/vdb2

Question 63

How do you make the swap drive dev/vdb2 persistant

Answer 63

vim /etc/fstab /dev/vdb2 swap swap defaults 0 0 swapon -a swapon -s (to check)

Question 64

How do you make the swap /dev/vdb3 priority 3

Answer 64

vim /etc/fstab /dev/vdb3 swap swap defaults,pri=3 0 0

Question 65

Create a 2Gb partition, Physical Volume, Volume group and 1Gb logical Volume from /dev/vdb

Answer 65

parted /dev/vdb mklabel > msdos mkpart > type? (primary etc) > file system type (xfs etx} > 1Mb > 2Gb print (to get new PV number) set {number} >flag (lvm) > on quit pvcreate /dev/vdb1 vgcreate my_vb /dev/vdb1 {more if req} lvcreate -n 1Gb -L my_lv my_vg

Question 66

Get the UUID of logical volume my_lg

Answer 66

lsblk -o UUID my_lv

Question 67

extend volume group my_vg to include partition /dev/vdb2

Answer 67

pvcreate /dev/vdb2 (if not already created) vgextend my_vg /dev/vdb2

Question 68

Decrease the used space of /dev/vdb2 in Volume Group my_vg

Answer 68

pvmove /dev/vdb2 pvscan #to check vgreduce my_vg /vdb2

Question 69

List available services

Answer 69

systemctl list-units --type service

Question 70

How do you check the currently active target of machine

Answer 70

systemctl get-default

Question 71

Set a new target on a machine

Answer 71

systemctl set-default multi-user.target #or other .target

Question 72

List avaiailable machine targets

Answer 72

systemctl list-units --type target

Question 73

How do you reset root password if it is not know

Answer 73

# to relable SELinux Interrupt the boot process # remove any "console=" rd.break mount -o remount,rw /sysroot chroot /sysroot passwd root #set new password touch /.autorelabel exit exit

Question 74

How do you list jobs to find stuck jobs

Answer 74

systemctl list-job

Question 75

How do you repair a "failed to mount" boot error

Answer 75

Interrupt the boot process systemd.unit=emergency.target mount -o remount,rw / vim /etc/fstab Remove/fix the problem line systemctl daemon-reload mount -a #to check reboot

Question 76

What log file logs most syslog messages

Answer 76

/var/log/messages

Question 77

What log file logs security and authentication events

Answer 77

/var/log/secure

Question 78

What log file logs scheduled jobs events

Answer 78

/var/log/cron

Question 79

How do you view and then set the timezone

Answer 79

#check timezone timedatectl list-timezones timedatectl set-timezone {timezone}

Question 80

How do you configure chrony to use classroom.example.com as an NTP server

Answer 80

vim /etc/chrony.conf server classroom.example.com iburst timedatectl set-ntp true systemctl restart chronyd #check timedatectl

Question 81

How do you view current time source

Answer 81

chronyc source -v

Question 82

What file sets DNS nameservers

Answer 82

/etc/resolve.conf

Question 83

Check listening ports

Answer 83

netstat -tunlp #or ss -tunlp

Question 84

How can you configure the Network on the command line

Answer 84

nmcli

Question 85

How do you enter the networking GUI from the CLI

Answer 85

nmtui

Question 86

How can you find examples for Network Manager CLI

Answer 86

man nmcli-examples

Question 87

What package can auto mount file systems

Answer 87

autofs

Question 88

What directory stores automatic mounting config files

Answer 88

/etc/auto.master.d/

Question 89

How can you automount remote.server:share to /remote

Answer 89

# Create a master file base mountpoint vim /etc/auto.master.d/custom_name.autofs # /- /etc/auto.custom_name vim /etc/auto.custom_name # /remote -rw remote.server:share/ systemctl restart autofs

Question 90

How do you install the tools required to manage containers?

Answer 90

dnf install container-tools

Question 91

How do you check all available firewall zones?

Answer 91

firewall-cmd list-all-zones

Question 92

How can you check all firewall rules in the current default zone?

Answer 92

firewall-cmd list-all

Question 93

How do you add a persistent firewall service?

Answer 93

firewall-cmd --permanent --add-service={service}

Question 94

How do you refresh the firewall to load new rules

Answer 94

firewall-cmd --reload

Question 95

How do you add a port to the current default firewall zone?

Answer 95

firewall-cmd --add-port={port}{udp/tcp} (2 dashes for add)

Question 96

How do you check what ports are configured with SELinux

Answer 96

semanage port -l

Question 97

How do you view images in a remote repo

Answer 97

podman search remote.repo.com --tls verify=false #if https error

Question 98

How do you pull the latest version of remote_repo from remote.repo.com

Answer 98

podman pull remote.repo.com/remote_repo:latest

Question 99

How do you run the repo remote.repo.com/remote_repo in the background, mapping port 8080 on the local host to port 8080 on the container.

Answer 99

podman run -d -p 8080:8080 remote.repo.com/remote_repo:latest

Question 100

What flag passes environmental variables into containers when creating them

Answer 100

-e

Question 101

How do you view all containers

Answer 101

podman ps -a

Question 102

What file do you configure container repos in

Answer 102

/etc/containers/registries.conf

Question 103

How do you view the environmental variables of container named "http"

Answer 103

podman inspect http

Question 104

Run the container remote.repo.com/http:latest in the background, exposing port 80 local to port 80 on the container. Name it http1

Answer 104

podman run -d -p 80:80 --name http1 remote.repo.com/http:latest

Question 105

How do you add persistence for container "mysql1". The local storage will be /var/dbfiles/

Answer 105

mkdir /var/dbfiles podman unshare chown -R 27:27 /var/dbfiles podman run -d mysql1 -v /var/bdfiles:/var/lib/mysql:Z

Question 106

How do you you make container "http1" start automatically at boot?

Answer 106

mkdir -p ~/.config/systemd/user podman generate systemd --name http1 --files -new #will create .service file mv container-http1.service ~/.config/systemd/user/ podman stop http1 systemctl --user daemon-reload systemctl --user enable --now container-http1 loginctl enable-linger

Question 107

Create a container image from container configuration files in the directory http-dev. Name it http-client:9.0

Answer 107

podman build -t http-client:9.0 http-dev/

Question 108

How do you copy the inventory.sql script into the /tmp directory of db-app1 mysql container?

Answer 108

podman cp inventory.sql db-app01:/tmp/inventory.sql

Question 109

How do you execute the "inventory.sql" script within container db-app01's /tmp directory into mysql, "inventory" db as the root user?

Answer 109

podman exec -it db-app01 sh -c "mysql -u root inventory < /tmp/inventory.sql"

Question 110

How do you inspect container remote.repo.com/remote_repo

Answer 110

skopeo inspect docker://remote.repo.com/remote_repo

Question 111

What flag allows an environmental variable to be passed into a container upon creation?

Answer 111

-e

Question 112

How can you quickly view all dnf repos installed and available to use

Answer 112

dnf repolist

Question 113

Create 2 files (file1.txt and file2.txt) in one command.

Answer 113

# remember, NO SPACES touch {file1,file2}.txt # remember (NO SPACES) OR touch file{1..2}.txt

Question 114

How do you view the current target, list all targets and update to the multi-user target

Answer 114

systemctl get-default systemctl list-units --type=target --all systemctl set-default multi-user.target

Question 115

How do you persistently mount swap space /dev/vdc1? Ensure it is active and then check it.

Answer 115

lsblk -0 UUID /dev/vdc1 (to get UUID) vim /etc/fstab UUID={UUID} swap swap defaults 0 0 swapon -a (to load swap shares from fstab) swapon -s (to check)

Question 116

How do you temporarily mount remote.share.com:/share to /local-share and check the file system type?

Answer 116

mount remote.share.com:/share /local-share df -T /local-share

Question 117

Adjust the firewall settings to block all connection requests that originate from 172.25.250.10

Answer 117

firewall-cmd --add-source=172.25.250.10/32 \ --zone=block --permanent firewall-cmd --reload

Question 118

configure the podmgr user with redhat as the password and set up the appropriate tools for the podmgr user to manage the containers

Answer 118

Become root Dnf install contailer-tools useradd podmgr passwd podmgr Switch to podmgr mkdir -p ~/.config/containers

Question 119

With the user podmgr, configure the registry.lab.example.com as the remote registry. Conf files are located in /tmp/review4/registries.conf

Answer 119

> as podmgr mkdir -p ~/.config/containers chown -R podmgr:podmgr ~/home/.config podman login registry.lab.example.com

Question 120

Configure the /home/podmgr/storage/database subdirectory so that you can use it as persistent storage for a container.

Answer 120

mkdir -p /home/podmgr/storage/database chown 0777 /home/podmgr/storage/database

Question 121

ssh to student@serverb using password authentication, not pka

Answer 121

ssh -o pubkeyauthentication=no -o passwordauthentication=yes student@serverb

Question 122

3 commands to monitor system loads?

Answer 122

uptime top lscpu

Question 123

Enable the package used for system tuning. View all tuning profiles. View the recommended tuning profile. Change the current profile to "virtual guest"

Answer 123

dnf install tuned tuned-adm list tuned-adm recommend tuned-adm enable --now virtual-guest

Question 124

Start a new process with command "cat /dev/zero" with a "nice" value of 10

Answer 124

nice -n 10 cat /dev/zero

Question 125

2 methods to renice process number 1?

Answer 125

top > r > {New Value} > {PID} OR renice -n {New Value} {PID}

Question 126

Create a hard link to /home/user/

Answer 126

ln /home/user

Question 127

Create a soft link to /home/user/

Answer 127

ln -s /home/user/