Scribd
Upload
252 views16 pages

Rhce Prep Rhel6

Rhce Prep Rhel6

Uploaded by

zaxbg
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
252 views16 pages

Rhce Prep Rhel6

Rhce Prep Rhel6

Uploaded by

zaxbg
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

RHCE Preparation (RHEL6)

OpenRHCE
A Creative Commons Courseware for RHCE Preparation

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Course Outline Contents


Course Outline Session One: Introduction Introductions: Your Instructor Introductions: Your Instructor Qualifications: Personal: Introductions: Fellow Students Please Introduce Yourselves Introductions: The Course Expectations Preparation Recommendations The Red Hat Certification Landscape RHCSA Objectives RHCSA Objectives: Understand & Use Essential Tools RHCSA: ...Essential Tools... (cont) RHCSA: Operate Running Systems RHCSA: Configure Local Storage RHCSA: Create and Configure File Systems RHCSA: Deploy, Configure & Maintain RHCSA: Manage Users and Groups RHCSA: Manage Security RHCE Objectives RHCE: System Configuration and Management RHCE: Network Services RHCE: HTTP/HTTPS RHCE: DNS RHCE: FTP RHCE: NFS RHCE: SMB RHCE: SMTP RHCE: SSH RHCE: NTP Operating a System: Boot, Reboot, Shutdown 2 4 4 4 4 4 5 5 5 5 5 5 6 6 6 6 6 7 7 7 8 8 8 8 9 9 9 9 10 10 10 10 11

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Operating a System: Runlevels Operating a System: Single User Mode Operating a System: Log Files Operating a System: Start/Stop Virtual Machines Operating a System: Virtual Machine Consoles Operating a System: Virtual Machine Text Console Operating a System: Start, stop, and check the status of network services Operating a System: Modify the system bootloader Session 2 Storage and filesystems Local Storage: Working with Partitions Local Storage: Working with Logical Volume Management Local Storage: Working with LUKS encrypted storage Local Storage: Using UUIDs and Filesystem Labels Local Storage: Adding New Storage File systems: Working with Common Linux Filesystems File systems: Working with LUKS-encrypted filesystems Filesystem Permissions: Basic Permssions Filesystem Permissions: Extended Attributes Filesystem Permissions: Use case -- Collaborative Directories Filesystems Permissions: File Access Control Lists Network Storage: Working with CIFS network file systems Network Storage: Working with NFS file systems Network Storage: Working with iSCSI devices Session 3 Managing software, processes, kernel attributes, and users and groups Managing Software: RHN Managing Software: RHN Subscription Activation Managing Software: Repositories Managing Software: Repo Configuration Managing Software: Using yum Managing Software: Using rpm Managing Software: Building RPMs Managing Software: Signing and Publishing RPMs Managing Software: Updating the kernel package Manage Processes and Services: Configure network services to start automatically at boot

11 11 11 11 11 11 12 12 12 12 12 12 13 13 13 13 13 13 13 13 13 13 13 13 13 14 14 14 15 15 15 15 15 15

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Manage Processes and Services: Configure systems to boot into a specific runlevel automatically Manage Processes and Services: Monitoring, prioritizing, and controlling processes Manage Processes and Services: Schedule tasks using cron Manage system performance Manage Users and Groups Session 4 Networking and routing Session 5 Firewalls and SELinux Session 6 Virtualization Session 7 Logging and remote access Session 8 Network Time Protocol Session 9 HTTP and FTP Session 10 NFS and Samba Session 11 DNS and SMTP Session 12 Finish uncompleted topics, Review, or Practice Exam

15 15 15 15 15 16 16 16 16 16 16 16 16 16

Session One: Introduction


Introductions: Your Instructor
Scott Purcell scott@texastwister.info http://www.linkedin.com/in/scottpurcell http://twitter.com/texastwister http://www.facebook.com/Scott.L.Purcell

Introductions: Your Instructor


Qualifications:
RHCSA, RHCE #110-008-877 (RHEL6) Also: CTT+, CLA, CLP, CNI, LPIC1, Linux+ Curriculum Developer and Trainer for a major computer manufacturer for going on 11 years Linux Enthusiast since 2000

Personal:
Husband, father, disciple and Fun: Part-time Balloon Entertainer

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Introductions: Fellow Students


Please Introduce Yourselves
Name Where you work or what you do. What Linux experience do you already have? What goals do you have for this class? Something fun about yourself.

Introductions: The Course


Expectations
Should I be able to pass the RHCE on this class alone? A stunning number of seasoned professionals taking Red Hat's own prep courses fail to pass on first attempt. Planning for more than one attempt is prudent. Maximizing your out-of-class preparation time is prudent.

Preparation Recommendations
Practice/Study Environment 2 or 3 systems or VMs, networked together. Virtualized hosting providers may be an alternative. RHEL 6 (eval), CENTOS 6 (when available), or Fedora (Fedora 13 will be closest to RHEL 6) Red Hat docs at: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/index.html RHCE Objectives and other information at: http://www.redhat.com/certification/ Take initiative -- form a study group. Practice, practice, practice!

The Red Hat Certification Landscape


RHCSA RHCSA is new, replacing the RHCT. It is the "core" sysadmin certification from Red Hat. To earn RHCE and other system administration certs will require first earning the RHCSA. RHCE RHCE is a senior system administration certification. It is an eligibility requirement for taking any COE exams and is thus a requirement for the upper-level credentials as well.

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Certificates of Expertise COEs are incremental credentials demonstrating skills and knowledge in specialized areas. They are worthy credentials in their own right, but also the building blocks of the upper level credentials. RHCSS, RHCDS, RHCA These upper level credentials recognize those who have achieved expertise in several related specialized areas. Each one requires multiple COEs.

RHCSA Objectives
RHCSA Objectives: Understand & Use Essential Tools
Access a shell prompt and issue commands with correct syntax Use input-output redirection (>, >>, |, 2>, etc.) Use grep and regular expressions to analyze text Access remote systems using ssh and VNC Log in and switch users in multi-user runlevels Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2

RHCSA: ...Essential Tools... (cont)


Create and edit text files Create, delete, copy and move files and directories Create hard and soft links List, set and change standard ugo/rwx permissions Locate, read and use system documentation including man, info, and files in /usr/share/doc . [Note: Red Hat may use applications during the exam that are not included in Red Hat Enterprise Linux for the purpose of evaluating candidate's abilities to meet this objective.]

RHCSA: Operate Running Systems


Boot, reboot, and shut down a system normally Boot systems into different runlevels manually Use single-user mode to gain access to a system Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes Locate and interpret system log files Access a virtual machine's console Start and stop virtual machines Start, stop and check the status of network services

RHCSA: Configure Local Storage


List, create, delete and set partition type for primary, extended, and logical partitions Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label Add new partitions, logical volumes and swap to a system non-destructively

RHCSA: Create and Configure File Systems


Create, mount, unmount and use ext2, ext3 and ext4 file systems Mount, unmount and use LUKS-encrypted file systems Mount and unmount CIFS and NFS network file systems Configure systems to mount ext4, LUKS-encrypted and network file systems automatically Extend existing unencrypted ext4-formatted logical volumes Create and configure set-GID directories for collaboration Create and manage Access Control Lists (ACLs) Diagnose and correct file permission problems

RHCSA: Deploy, Configure & Maintain


Configure networking and hostname resolution statically or dynamically Schedule tasks using cron Configure systems to boot into a specific runlevel automatically Install Red Hat Enterprise Linux automatically using Kickstart Configure a physical machine to host virtual guests Install Red Hat Enterprise Linux systems as virtual guests Configure systems to launch virtual machines at boot Configure network services to start automatically at boot Configure a system to run a default configuration HTTP server Configure a system to run a default configuration FTP server Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem Update the kernel package appropriately to ensure a bootable system Modify the system bootloader

RHCSA: Manage Users and Groups

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Create, delete, and modify local user accounts Change passwords and adjust password aging for local user accounts Create, delete and modify local groups and group memberships Configure a system to use an existing LDAP directory service for user and group information

RHCSA: Manage Security


Configure firewall settings using system-config-firewall or iptables Set enforcing and permissive modes for SELinux List and identify SELinux file and process context Restore default file contexts Use boolean settings to modify system SELinux settings Diagnose and address routine SELinux policy violations

RHCE Objectives
RHCE: System Configuration and Management
Route IP traffic and create static routes Use iptables to implement packet filtering and configure network address translation (NAT) Use /proc/sys and sysctl to modify and set kernel run-time parameters Configure system to authenticate using Kerberos Build a simple RPM that packages a single file Configure a system as an iSCSI initiator that persistently mounts an iSCSI target Produce and deliver reports on system utilization (processor, memory, disk, and network) Use shell scripting to automate system maintenance tasks Configure a system to log to a remote system Configure a system to accept logging from a remote system

RHCE: Network Services


Network services are an important subset of the exam objectives. RHCE candidates should be capable of meeting the following objectives for each of the network services listed below: Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service RHCE candidates should also be capable of meeting the following objectives associated with specific services:

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

RHCE: HTTP/HTTPS
Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Configure a virtual host Configure private directories Deploy a basic CGI application Configure group-managed content

RHCE: DNS
Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Configure a caching-only name server Configure a caching-only name server to forward DNS queries Note: Candidates are not expected to configure master or slave name servers

RHCE: FTP
Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Configure anonymous-only download

RHCE: NFS

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Provide network shares to specific clients Provide network shares suitable for group collaboration

RHCE: SMB
Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Provide network shares to specific clients Provide network shares suitable for group collaboration

RHCE: SMTP
Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Configure a mail transfer agent (MTA) to accept inbound email from other systems Configure an MTA to forward (relay) email through a smart host

RHCE: SSH
Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Configure key-based authentication Configure additional options described in documentation

RHCE: NTP

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6) Install the packages needed to provide the service Configure SELinux to support the service Configure the service to start when the system is booted Configure the service for basic operation Configure host-based and user-based security for the service Synchronize time using other NTP peers

Operating a System: Boot, Reboot, Shutdown


GRUB Menu Display Manager Screen Gnome or KDE Terminal commands: shutdown, halt, poweroff, reboot, init

Operating a System: Runlevels


Default From GRUB Menu

Operating a System: Single User Mode


Password Recovery Note: SELinux bug prevents password changes while set to "Enforcing".

Operating a System: Log Files


/var/log/* View with cat, less or other tools Search with grep

Operating a System: Start/Stop Virtual Machines


Using virt-manager Using virsh commands

Operating a System: Virtual Machine Consoles


virt-manager virt-viewer

Operating a System: Virtual Machine Text Console


With libguestfs-tools installed and the VM in question shut-down, from the host: # virt-edit {VMname} /boot/grub/menu.lst

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6) There, append to the kernel line: console=tty0 console=ttyS0. After saving, the following commands should allow a console based view of the boot process and a console login: # virsh start {VMname} ; virsh console {VMname}

Operating a System: Start, stop, and check the status of network services Operating a System: Modify the system bootloader

Session 2 Storage and filesystems


Local Storage: Working with Partitions
Overview of process for using Basic Storage Devices: Install the device or otherwise make it available to the system. Partition it with fdisk or parted. Create a filesystem on the partition with mkfs or other tools. Choose or create a directory to serve as a mount point. Mount the partition. Add an entry to /etc/fstab to make it persistent.

Local Storage: Working with Logical Volume Management


Overview of process for using Logical Volume Management: Install the device or otherwise make it available to the system. Create a type 8e partition with fdisk or parted. Initialize the partition as a physical volume with pvcreate. Add the storage of the PV to a volume group with vgcreate. Allocate storage from the volume group to a logical volume with lvcreate. Create a filesystem on the logical volume with mkfs or other tools. Choose or create a directory to serve as a mount point. Mount the partition. Add an entry to /etc/fstab to make it persistent.

Local Storage: Working with LUKS encrypted storage


Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Local Storage: Using UUIDs and Filesystem Labels


Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label

Local Storage: Adding New Storage


Add new partitions, logical volumes, and swap to a system non-destructively

File systems: Working with Common Linux Filesystems


Create, mount, unmount and use ext2, ext3 and ext4 file systems Extend existing unencrypted ext4-formatted logical volumes

File systems: Working with LUKS-encrypted filesystems


Mount, unmount and use LUKS-encrypted file systems

Filesystem Permissions: Basic Permssions Filesystem Permissions: Extended Attributes Filesystem Permissions: Use case -- Collaborative Directories Filesystems Permissions: File Access Control Lists
Create and manage File Access Control Lists

Network Storage: Working with CIFS network file systems


Mount and unmount CIFS network file systems

Network Storage: Working with NFS file systems


Mount and unmount NFS file systems

Network Storage: Working with iSCSI devices


Configure a system as an iSCSI initiator that persistently mounts an iSCSI target

Session 3 Managing software, processes, kernel attributes, and users and groups
Managing Software: RHN
The primary delivery mechanism for installable software, updates, errata and bug fixes and systems management functions for an installation of RHEL 6 is the Red Hat Network or RHN. The "cost" of RHEL 6 is really a subscription to this support network. These commands are using in managing an RHN subscription:

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

# man -k rhn rhn-profile-sync (8) - Update system information on Red Hat Network rhn_check (8) - Check for and execute queued actions on RHN rhn_register (8) - Connect to Red Hat Network rhnplugin (8) - Red Hat Network support for yum(8) rhnplugin.conf [rhnplugin] (5) - Configuration file for the rhnplugin(8) yum(8) plugin rhnreg_ks (8) - A program for non interactively registering systems to Red Hat Network rhnsd (8) - A program for querying the Red Hat Network for updates and information

Managing Software: RHN Subscription Activation


A new user of RHEL6 should receive information similar to this: Red Hat subscription login: Account Number : ******* Contract Number : ******* Item Description : Red Hat Enterprise Linux ***Edition*** RHEL Subscription Number : ******************* Quantity : # Service Dates : 12-JUN-10 through 11-JUN-11 Customer Name : ********************************* Account Number: ************ Log into the new portal here: access.redhat.com Login: ************* Password: ************** Email address: **************************** That information can then be used with rhn_register to activate a new subscription

Managing Software: Repositories


These are other repositories of installable software, updates, or bugfixes. The yum command can be configured to use them in addition to or instead of the RHN. Configuration of repositories other than the RHN is accomplished through text configuration files located in the directory: /etc/yum.repos.d/

Managing Software: Repo Configuration


A configuration file for each repository (or group of related repos) should be created in /etc/yum.repos.d/ The name of each repo config file should end in ".repo". Tip: This allows repos to be easily temporarily disabled simply by renaming the file to something like: myrepo.repo.disabled Mandatory options: [repositoryid] name=Some name for this repository baseurl=url://path/to/repository/ Related man pages:

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

# man -k yum qreposync (1) - synchronize yum repositories to a local directory rhnplugin (8) - Red Hat Network support for yum(8) rhnplugin.conf [rhnplugin] (5) - Configuration file for the rhnplugin(8) yum(8) plugin yum (8) - Yellowdog Updater Modified yum [yum-shell] (8) - Yellowdog Updater Modified shell yum-groups-manager (1) - create and edit yum's group metadata yum-utils (1) - tools for manipulating repositories and extended package management yum.conf [yum] (5) - Configuration file for yum(8)

Managing Software: Using yum


Commond commands: yum help yum list yum search KEYWORD yum info PACKAGENAME

Managing Software: Using rpm Managing Software: Building RPMs Managing Software: Signing and Publishing RPMs Managing Software: Updating the kernel package Manage Processes and Services: Configure network services to start automatically at boot Manage Processes and Services: Configure systems to boot into a specific runlevel automatically Manage Processes and Services: Monitoring, prioritizing, and controlling processes Manage Processes and Services: Schedule tasks using cron Manage system performance
Use /proc/sys and sysctl to modify and set kernel run-time parameters Produce and deliver reports on system utilization (processor, memory, disk, and network) Use shell scripting to automate system maintenance tasks

Manage Users and Groups


Create, delete, and modify local user accounts

Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

RHCE Preparation (RHEL6)

Change passwords and adjust password aging for local user accounts Create, delete and modify local groups and group memberships Configure a system to use an existing LDAP directory service for user and group information Configure system to authenticate using Kerberos

Session 4 Networking and routing


o Networking & Routing + * Configure networking and hostname resolution statically or dynamically + * Route IP traffic and create static routes

Session 5 Firewalls and SELinux


o IPTables + * Configure firewall settings using system-config-firewall or iptables o SELinux + * Set enforcing and permissive modes for SELinux + * List and identify SELinux file and process context + * Restore default file contexts + * Use boolean settings to modify system SELinux settings + * Diagnose and address routine SELinux policy violations

Session 6 Virtualization
o KVM Virtualization + * Configure a physical machine to host virtual guests + * Install Red Hat Enterprise Linux systems as virtual guests + * Configure systems to launch virtual machines at boot + * Install Red Hat Enterprise Linux automatically using Kickstart

Session 7 Logging and remote access


o + - Remote Logging + * Configure a system to log to a remote system + * Configure a system to accept logging from a remote system o + - Remote Access + SSH # * Install the packages needed to provide the service # * Configure SELinux to support the service # * Configure the service to start when the system is booted # * Configure the service for basic operation # * Configure host-based and user-based security for the service # * Configure key-based authentication # * Configure additional SSH options described in documentation + VNC # * Install the packages needed to provide the service # * Configure SELinux to support the service # * Configure the service to start when the system is booted # * Configure the service for basic operation # * Configure host-based and user-based security for the service

Session 8 Network Time Protocol


o NTP + * Install the packages needed to provide the service + * Configure SELinux to support the service + * Configure the service to start when the system is booted + * Configure the service for basic operation + * Configure host-based and user-based security for the service

Session 9 HTTP and FTP Session 10 NFS and Samba Session 11 DNS and SMTP Session 12 Finish uncompleted topics, Review, or Practice Exam
Copyright 2011, Scott Purcell, CC BY-NC-SA 3.0

You might also like