October 2012 Student Created RHCSA EX200 Study Notes

A reader of my blog who shall be named C.D. sent me his RHCSA study notes. C.D. will be taking the EX200 exam here in a few days, and thus didn’t officially join the 2012 Red Hat Study Buddy group, however he wanted to share his rapid-fire study guide for others to benefit from.

The study notes are in capsule form and follow C.D.’s understanding of the Ex200 objectives. They can be a good guide for anyone looking to evaluate their own readiness for the official exam.

Please understand that these notes were compiled by an individual in preparation for taking the RHCSA exam. This is simply a study guide that attempts to provide answers and information based on the ‘exam objectives’ provided on Red Hat’s website. This information does not provide specific information about what is or what is not on the RHCSA exam. This is not a “brain dump” or some other form of cheat sheet.

Behold, the notes:

1) Understand and use essential tools

Access a shell prompt and issue commands with correct syntax

  • CTRL-ALT-F1: From system console, switch to GUI.
  • CTRL-ALT-F[2-6]: From system console, switch to a terminal.
  • Applications -> System Tools -> Terminal: From GUI, access a terminal.

Use input-output redirection

  • cmd > file: Redirect stdout of cmd to file.
  • cmd 2> file: Redirect stderr of cmd to file.
  • cmd >> file: Append stdout of cmd to file.
  • cmd 2>> file: Append stderr of cmd to file.
  • cmd &> file: Redirect stdout and stderr to file.
  • cmd < file: Redirect contents of file to stdin of cmd.
  • cmd1 | cmd2: Redirect stdout of cmd1 to stdin of cmd2.
  • cmd1 |& cmd2: Redirect stderr of cmd1 to cmd2.

Use grep and regular expressions to analyze text

  • grep string file: Display lines in file that contain string.
  • grep -v string file: Display lines in file that do not contain string.
  • grep -i string file: Case in sensitivedsearch.
  • egrep: Grep with extended regular expressions.
  • fgrep: Grep without regular expressions.

Some simple RegEx rules. (A complete understanding of Regular Expressions is beyond the scope of this document.)

  • ‘^string’: Search for lines beginning with string.
  • ‘[a-zA-Z]’: Search for any line containing a letter.
  • ‘[^a-zA-Z]’: Search for any line not containing a letter.
  • ‘[0-9]’: Search for any line containing a number.
  • ‘[^0-9]’: Search for any line not containing a number.
  • ‘[0-9][0-9]’: Search for any line containing at least two numbers in a row.

Access remote system using ssh and VNC

  • ssh [email protected]: Login to host as user via SSH.
  • vncviewer host:display: Connect to display on host via VNC.
  • ssh -L port:host:port [email protected]: Connect to display on host via VNC over SSH.

Log in and switch users in multiuser runlevels

  • su -: Switch to root user and load root user’s profile.
  • su – user: Switch to user and load user’s profile.
  • su -c ‘command’: Run command as root user.
  • su -c ‘command’ user: Run command as user.

Archive, compress, unpack, and uncompress files

  • gzip file: Compress file using gzip.
  • bzip2 file: compress file using bzip2.
  • gzip -d file.gz: Decompress file using gzip.
  • bzip2 -d file.bz2: Decompress file using bzip2.
  • tar cvf file.tar /dir: Create archive file.tar of contents of dir.
  • tar cvfz file.tar.gz /dir: Archive with gzip compression.
  • tar cvfj file.tar.bz2 /dir: Archive with bzip2 compression.
  • tar xvf file.tar /dir: Extract archive file.tar into dir.
  • tar xvfz file.tar.gz /dir: Extract gzip compressed archive.
  • tar xvfj file.tar.bz2 /dir: Extract bzip2 compressed archive.
  • star -xattr -H=exustar -c -f=file.star /dir/: Archive with SELinux.
  • star -x -f=file.star: Extract archive with SELinux.
  • star -xz -f=file.star.gz: Extract gzip compressed archive with SELinux.
  • star -xj -f=file.star.bz2: Extract bzip2 compressed archive with SELinux.

Create and edit text files

  • >file: Create file with no content.
  • vi file: Edit content of file.

Create, delete, copy, and move files and directories

  • >file: Create file with no content.
  • rm file: Delete file.
  • cp file1 file2: Copy file1 to file2.
  • mv file1 file2: Move file1 to file2.
  • mkdir /dir: Create directory dir.
  • mkdir -p /dir1/dir2/dir3: Create a series of directories.
  • rmdir /dir: Delete an empty directory.
  • rmdir -p /dir1/dir2/dir3: Delete a series of empty directories.
  • rm -r /dir: Recursively delete a directory and it’s contents.
  • mv /dir1 /dir2: Move directory dir1 to dir2.

Create hard and soft links

  • Hard-links creates a second copy of the file with identical inode.
  • Soft-links creates a redirect to the original file.
  • ln file1 file2: Creates files2 as a hard-link of file1.
  • ln -s file1 file2: Creates file2 as a soft-link of file1.

List, set, and change standard ugo/rwx permissions

  • ls -l: List files and include information about permissions.
  • chown user file: Changes owner of file to user.
  • chown -R user /dir: Recursively changes owner of directory and contents.
  • chown user.group file: Changes owner of file to user and group.
  • chown -R user.group /dir: Recursively changes owner of directory and contents.
  • chgrp group file: Changes group owner of file to group.
  • chgrp -R group /dir: Recursively changes group owner of directory and contents.
  • chmod permissions file: Changes permissions of file.
  • chmod -R permissions /dir: Recursively changes permissions of directory and contents.
  • umask: Displays current umask.
  • umask mask: Sets umask to mask.
  • With chmod or umask, the permissions or mask are a three digit number.
  • The first digit is for owner, the second is for group, the third for all others.
  • Each number is made by adding together the numbers of following permissions: 4 = read, 2 = write, 1 = execute.
  • chmod ### sets thos permissions
  • ex: chmod 640 is read and write for owner, read for group, no access for all others.
  • umask ### are the permissions subtracted from the default permissions (666) of a newly created file.
  • ex: umask 002 means news files are created with the permissions 664.

Locate, read, and use system documentation

  • man topic: Displays manual page for topic.
  • man # topic: Displays manual page for topic within numbered category.
  • whatis topic: Lists manual pages with topic in title.
  • apropos topic: Lists manual pages relating to topic.
  • /etc/cron.daily/makewhatis.cron: Regenerates manual page database.
  • info topic: Display info page about topic.
  • /usr/share/info: Location of all available info pages.
  • /usr/share/doc: Location of more advanced package specific documentation.

2) Operate running systems

Boot, reboot, and shut down a system normally

  • reboot: Reboot the system immediately.
  • shutdown -h now: Shutdown the system immediately.

Boot systems into different runlevels manually

  • runlevel: Displays the current runlevel.
  • init #: Changes to specified runlevel.
  • At GRUB menu, press “e” or “a” to edit/append boot kernel options.
  • Append a runlevel # to end of GRUB options to boot into that runlevel.
  • Runlevel 0: Halt
  • Runlevel 1: Single-user mode
  • Runlevel 2: Multi-user mode, limited services
  • Runlevel 3: Multi-user mode, networking
  • Runlevel 4: Undefined
  • Runlevel 5: Multi-user mode, X11
  • Runlevel 6: Reboot

Use single-user mode to gain access to a system

  • At GRUB menu, press “e” or “a” to edit/append boot kernel options.
  • Append single to end of GRUB options to boot into single user mode.
  • Append init=/bin/sh to end of GRUB options to not load init files.

Identify, adjust priority, and kill processes.

  • ps -u user: List all processes running as user.
  • ps -aux: List all running processes.
  • ps -axl: List all running processes and parent process information.
  • nice -n # command: Run command at specified priority level.
  • renice # PID: Changes priority level of process to specified priority level.
  • renice # -u user: Changes priority level of all of user’s processes to specified priority level.
  • The default process priority level is 0.
  • The highest process priority level is -20.
  • The lowest process priority level is 19.
  • kill PID: Sends a signal to specified process.
  • killall process: Sends a signal to all running processes of that name.
  • The default signal sent to processes is SIGTERM.
  • Other signals can be sent by adding the flag -SIGNAL.
    • 1: SIGHUP
    • 2: SIGINT
    • 3: SIGQUIT
    • 6: SIGABRT
    • 9: SIGKILL
    • 14: SIGALRM
    • 15: SIGTERM (default)
  • top: Lists all running processes in an interactive environment.

Locate and interpret system log files

  • /var/log: Location of system log files.
  • lastlog: Outputs information about most recent login of each user based on information in /var/log/lastlog
  • utmpdump btmp: Outputs information about failed login attempts based on information in /var/log/btmp
  • utmpdump wtmp: Outputs information about logins based on information in /var/log/wtmp

Access a virtual machine’s console

  • virt-manager: GUI program for controlling virtual machines.
  • virsh list –all: Lists all virtual machines.
  • virt-viewer server: Display graphical console forvirtual server.

Start and stop virtual machines

  • virt-manager: GUI program for controlling virtual machines.
  • virsh start name: Starts a virtual machine.
  • virsh destroy name: Shutdown a virtual machine.
  • virsh list –all: Lists all virtual machines.

Start, stop, and check the status of network services

  • service name start: Starts network service.
  • service name stop: Stops network service.
  • service name restart: Restarts network service.
  • service name reload: Reloads the configuration files for network service.
  • service name status: Displays status of network service.

3) Configure local storage

List, create, delete, and set partition type for primary, extended, and logical partitions

  • fdisk: Deprecated utility for manipulating primary, extended, and logical partitions.
  • parted: Current utility for manipulating primary, extended, and logical partitions.
  • The fdisk and parted commands are interactive and have their own built-in help files. Consult man pages for further options.

Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical volumes

  • pvcreate /dev/hd: Create physical volume from device.
  • pvremove /dev/hd: Remove physical volume from an LVM.
  • vgextend volumegroup /dev/hd: Create volume group with physical volume or add physical volume to existing volume group.
  • vgreduce volumegroup /dev/hd: Remove physical volume from volume group.
  • lvcreate -L size volumegroup: Create a new logical volume from volume group.
  • lvdisplay volumegroup: Display information about volume group.
  • lvremove /dev/volumegroup/volume: Remove a logical volume from volume group.

Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted files system at boot

  • dd if=/dev/urandom of=/dev/hd bs=1M: Fill physical volume with random data.
  • cryptsetup luksFormat /dev/hd: LUKS-encrypt physical volume.
  • cryptsetup luksOpen /dev/hd label: Label LUKS-encrypted physical volume.
  • mkfs.ext4 /dev/mapper/label: Format labelled LUKS-encrypted physical volume.
  • /etc/crypttab: Configuration file for LUKS-encrypted volumes.
  • /etc/fstab: Configuration file for volumes mounted by system.
  • mount: Displays all volumes currently mounted on system.
  • mount -a: Mount all volumes defined in /etc/fstab
  • fstab entries are space delimited: device mountpoint fstype options dump fsck
  • fstab example: /dev/sda1 / ext4 defaults,acl 1 1
  • cryptab entries are space delimited: label device
  • cryptab example: cryptvolume /dev/sdb1

Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label

  • blkid: Find the UUID of a device.
  • e2label /dev/mapper/volume label: Label a volume.
  • umount /dev/hd: Unmount a device.
  • /etc/fstab: Configuration files for volumes mounted by system.
  • fstab entries are space delimited: device mountpoint fstype options dump fsck
  • fstab example: /dev/sda1 / ext4 defaults,acl 1 1

Add new partitions and logical volumes, and swap to a system non-destructively

  • The fdisk and parted commands are interactive and have their own built-in help files. Consult man pages for further options.
  • pvcreate /dev/hd physicalvolume: Create a physical volume from device.
  • vgcreate volumegroup /dev/hd: Create a volume group from a physical volume.
  • lvcreate -L size -n logicalvolume logicalvolumegroup: Create a logical volume of size in volume group.
  • swapon -s: Displays swap devices currently on system.
  • swapon -v /dev/hd: Add swap device to system.

4) Create and configure file systems

Create, mount, unmount, and use ext2, ext3, and ext4 file systems

  • mkfs.ext# /dev/hd: Format device as ext# File System.
  • mount -o rw -t ext# /dev/hd /mountpoint: Mount’s device of ext# format in Read/Write mode to mount point.
  • umount /dev/hd: Unmounts device.

Mount, unmount, and use LUKS-encrypted file systems

  • Mounting a LUKS-encrypted file system is identical to mounting a regular file system, except you will be prompted for a passphrase.

Mount and unmount CIFS and NFS network file systems

  • mount -t cifs //servername/dir /mountpoint –verbose -o user=username: Mounts a CIFS filesystem to mount point.
  • mount -o rw -t nfs servername:/dir /mountpoint: Mounts a NFS filesystem to mount point.
  • umount /mountpoint: Unmounts a mountpoint.

Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically

  • blkid: Find the UUID of a device.
  • /etc/crypttab: Configuration file for LUKS-encrypted volumes.
  • /etc/fstab: Configuration file for volumes mounted by system.
  • mount: Displays all volumes currently mounted on system.
  • mount -a: Mount all volumes defined in /etc/fstab
  • fstab entries are space delimited: device mountpoint fstype options dump fsck
  • fstab example: /dev/sda1 / ext4 defaults,acl 1 1
  • cryptab entries are space delimited: label device
  • cryptab example: cryptvolume /dev/sdb1

Extend existing unencrypted ext4-formatted logical volumes

  • lvdisplay: Displays infomration about logical volumes on system.
  • lvextend -L +size /dev/volumegroup/volume: Extends logical volume by size.
  • lvextend -L size /dev/volumegroup/volume: Extends logical volume to size.

Create and configure set-GID directories for collaboration

  • chmod g+s: Changes a directory to be set-GID.

Create and manage Access Control Lists (ACLs)

  • Filesystem must support Access Control Lists.
  • Add ‘acl’ to options in /etc/fstab and remount filesystem if this option is not already set.
  • mount -o remount /mountpoint: Remounts a mountpoint that is in use, applying any new options.
  • /etc/fstab: Configuration file for volumes mounted by system.
  • getfacl file: Displays the Access Control Lists (ACLs) set on a file.
  • setfacl -m A:C:L file: Sets the Access Control Lists (ACLs) set on a file.

Diagnose and correct file permission problems

  • ls -l: Display file permissions.

5) Deploy, configure, and maintain systems

Configure networking and hostname resolution statically or dynamically

  • setup: Command line system for configuring networking related options.
  • /etc/hosts: Local lookup table for statically defined hosts.
  • /etc/resolv.conf: Configuration file for resolving hosts.
  • /ets/sysconfig/network: Configuration file for system networking settings.
  • /etc/sysconfig/network-scripts: Configuration files for interface specific networking settings.

Schedule tasks using cron

  • crontab -l: Displays crontab for current user.
  • crontab -e: Edits crontab for current user.
  • Cron entries require six space delimited options.
  • Each option can either be a *, something within the range, a comma separated list involving the range, or division math involving the range.
  • The command will be triggered whenever all conditions match.
    • 1: Minute (0-59)
    • 2: Hour (0-23)
    • 3: Day of Month (1-31)
    • 4: Month (1-12)
    • 5: Day of Week (0-6, starting at Sunday)
  • 6: Command to be executed.
  • example: 0 3 1 1-12/2 * command, will run command at 3:00am on the first day of every other month.

Configure systems to boot into a specific runlevel automatically

  • /etc/inittab: Edit to make runlevel changes permanent.

Install Red Hat Enterprise Linux automatically using Kickstart

  • system-config-kickstart: GUI for creating kickstart files.
  • /root/anaconda-ks.cfg: Kickstart file for running system at time of creation.
  • For a bare metal kickstart enter GRUB an add the following line:
    • ks=hd:sdba1/ks.cfg: Use a kickstart file on the local disk.
    • ks-cdrom:/ks.cfg: Use a kicksart file on the cdrom.
    • ks=ftp://server/ks.cfg: Use a kickstart file on an FTP server.
    • ks=nfs:server/ks.cfg: Use a kickstart file on an NFS server.
    • ks=http://server/ks.cfg: Use a kickstart file on a web server.
  • For virtual machines add an option to virt-install similar to baremetal kickstart options:
    • ex: -x “ks=KICKSTARTOPTION ksdevice=ETHERNETDEVICE ip=IPADDRESS netmask=NETMASK gateway=GATEWAY”
  • There are numerous kickstart options available. Running ‘system-config-kickstart /root/anaconda-ks.cfg’ is your best bet short of memorizing all options.

Configure a physical machine to support virtual guests

  • yum -y install libvirt libvirt-client python-virtinst qemu-kvm virt-manager virt-top virt-viewer: Install packages needed for hosting KVMs.
  • yum -y install qemu* virt* libvirt* python-virtinst: Installs all packages related to hosting KVMs.
  • modprobe kvm: Adds kernel module for hosting KVMs.

Install Red Hat Enterprise Linux systems as virtual guests

  • virt-manager: GUI program for controlling virtual machines.
  • virsh list –all: Lists all virtual machines.

Configure systems to launch virtual machines at boot

  • virsh autostart name: Configures virtual machine to start at boot.
  • virsh autostart –disable name: Disabled virtual machines from starting at boot.

Configure network services to start automatically at boot

  • chkconfig –list: Lists all installed network services.
  • chkconfig service on: Configures network service to start at boot.
  • chkconfig –level # service on: Configures network service to start in specified runlevels.
  • chkconfig service off: Disables network service from starting at boot.
  • chkconfig –level # service off: Disables network service from starting in specified runlevels.

Configure a system to run a default configuration HTTP server

  • yum -y install httpd && chkconfig httpd on && service httpd start: Install and start httpd, and set to start on boot.
  • /var/www/html: Location of files served by HTTP server.
  • Firewall: Open ports 80 for HTTP and 443 for HTTPS, using iptables.
  • SELinux: Make sure SELinux contexts are correct for all files server, ‘man httpd_selinux’ for more various options.

Configure a system to run a default configuration FTP server

  • yum -y install vsftpd && chkconfig vsftpd on && service vsftpd start: Install and start vsftpd, and set to start on boot.
  • /var/ftp: Location of files served by FTP Server.
  • Firewall: Open ports 20 and 21 for FTPD, using iptables.
  • SELinux: Make sure SELinux contexts are correct for all files server, ‘man ftpd_selinux’ for more various options.

Install and update software packages from Red Hat Network, a remote repository, or from the local file system

  • rhn_register: Register system with Red Hat Network.
  • yum install package: Install package from yum repository.
  • /etc/yum.repos.d: Directory containing information relating to yum repos.
  • rpm -Uvh package.rpm: Upgrades RPM package from local file system.
  • rpm -ivh package.rpm: Installs RPM package from local file system.

Update the kernel package appropriately to ensure a bootable system

  • Never update the kernel package, always install a new kernel.
  • rpm -ivh kernel.rpm: Installs a new kernel from an rpm package.
  • yum install kernel: Installs a new kernel from a yum repository.

Modify the system bootloader

  • /boot/grub/grub.conf: Configuration files for system boot loader.

6) Manage users and groups

Create, delete, and modify local user accounts

  • useradd user: Adds user to system.
  • userdel user: Deletes user from system.
  • usermod options user: Modifty a user.
  • usermod options:
    • -d /dir: Changes the user’s home directory.
    • -e YYYY-MM-DD: Changes the expiration date of user’s account.
    • -f #: Changes the number of days after password expiration that user’s account is disabled, 0 for immediately, -1 for never.
    • -g GID: Changes the user’s main group.
    • -G GID: Comma separated list of additional groups that the user belongs to.
    • -l newuser: Changes the user’s login name to a new name.
    • -L: Locks the user account, preventing logins.
    • -s shell: Changes the user’s login shell.
    • -u UID: Changes the user’s UID.
    • -U: Unlocks the user account, allowing logins.
    • -Z seuser: Changes ther user’s SELInux user type.

Change passwords and adjust password aging for local user accounts

  • passwd: Change your password.
  • passwd user: Change user’s password.
  • chage user: Change user’s password aging.

Create, delete, and modify local group and group membership

  • groups user: List which groups a user belongs to.
  • groupadd group: Create group.
  • groupdel group: Delete group.
  • groupmod -n newgroup oldgroup: Change the name of a group.
  • groupmod -g GID group: Change the GID of a group.
  • groupmems -g group -a user: Add a user to group.

Configure a system to use an existing LDAP directory service for user and group information

  • yum -y install openldap-clients: Install the required OpenLDAP clients.
  • system-config-authentication: GUI for connecting system to existing LDAP directory service.
  • It is possible to configure LDAP connections manually, but using system-config-authentication is your best option for the RHCSA exam.

7) Manage security

Configure firewall settings using system-config-firewall or iptables

  • system-config-firewall: GUI program for modifying firewall settings.
  • IPTables are complex when used from the command line. Using the ‘system-config-firewall’ or ‘setup’ are your best options for the simple firewall configurations required for the RHCSA exam.

Set enforcing and permissive modes for SELinux

  • getenforce: Display SELinux enforcing mode.
  • setenforce #: Toggle SELinux enforcing mode on or off.
  • /etc/selinux/config: Make permanent changes to SELinux enforcing mode.

List and identify SELinux file and process context

  • ls -lZ: List file permissions, with SELinux information.
  • ps -Zu user: List all processes running as user, with SELinux information.
  • ps -Zaux: List all running processes, with SELinux information.
  • ps -Zaxl: List all running processes and parent process information, with SELinux information.

Restore default file contexts

  • semanage fcontext -a -t context “/dir(/.*?)”: Sets the SELinux context of a directory and it’s contents.
  • restorecon -F -R -v /dir: Recursively restores SELinux context of a directory and it’s contents.

Use boolean settings to modify system SELinux settings

  • getsebool -a: Lists all SELinux boolean settings and current status.
  • setsebool -P boolean on: Sets SELinux boolean to on.
  • getsebool -P boolean off: Sets SELinux boolean to off.
  • togglesebool boolean: Toggles SELinux boolean on or off.

Diagnose and address routine SELinux policy violations

  • ausearch -m avc -c command: Search for SELinux policy violations associated with command.
  • sealert -a /var/log/audit/audit.log: Detaild descriptions of SELinux policy violations found in log.
  • /var/log/audit/audit.log: Log file containing information about SELinux policy violations.

The End

Keep in mind that these notes are just one student’s thought process while interpreting the official exam requirements as of October 2012.  Use them as you see fit and at your own liability. Everyone give a round of thanks to C.D. for sharing!

5 Comments

  1. Kenny

    October 11, 2012 at 1:23 am

    Nice of him to share these notes. He was pretty thorough!

    Reply

  2. Ronald McDonald

    October 11, 2012 at 3:27 pm

    Wow, is that it for RCE200 ?

    Any (GNU)/Linux user will know all of that – other than the SELinux stuff I (think I) knew everything there.

    Reply

  3. Ronald McDonald

    October 11, 2012 at 3:28 pm

    or RHCSA EX200, which is the exam

    Reply

    • Wesley David

      October 11, 2012 at 4:33 pm

      These notes are for the current RHCSA exam, EX200

      Reply

  4. Ronald

    November 18, 2012 at 11:26 am

    Ronald,

    Inside RH the this exam (formerly the T) is generally looked on with general disdain as well, and was nothing more then a gentlemens p-req for the E which is still the badboy. Problem is combined with the E as it was-general GNU’s like yourself could not pass it

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Follow TheNubbyAdmin!

follow us in feedly

Raw RSS Feed:

Contact Me!

Want to hire me as a consultant? Have a job you think I might be interested in? Drop me a line:

Contact Me!

Subscribe via Email

Your email address is handled by Google FeedBurner and never spammed!

The Nubby Archives

Circle Me on Google+!

Photos from Flickr

Me on StackExchange

The IT Crowd Strava Group