Understand and use essential tools

  • Access a shell prompt and issue commands with correct syntax.

Either using: Accessories > System Tools > Terminal or ctrl+alt+f1

  • Use input-output redirection >, », , 2>, etc.

Input text to a file: echo text > file.ok

Append text to a file: echo moretext >> file.ok

Piping: ls -all | less

Error and Output Redirection: 1> filename.txt (put stout into filename.txt)

2> filename.txt (put sterr into filename.txt)

2>&1 > filename.txt (put stout and sterr into filename.txt)

example: ./insertscripthere.sh 2>&1 > /dev/null send all output to /dev/null

3) Use grep and regular expressions to analyze text.

grep -re "text" /home/ikt/*.txt <- search all .txt files for the word “text”

4) Access remote systems using ssh and VNC.

SSH:

ssh user@192.0.0.0
edit /etc/ssh/sshd_config for changing ports etc

VNC:

    1) yum install tigervnc-server
    2) vi /etc/sysconfig/vncserver
    3) copy pasta the example
    4) chkconfig vncserver on
    5) system-config-firewall-tui (open port 5900-5910)
    6) On second computer use Vino/Remina remote desktop to login
  • Log in and switch users in multiuser runlevels.

su - username to login and switch users

runlevel to display what runlevel you are at

init X where X is the runlevel you want to be at

  • Archive, compress, unpack, and uncompress files using tar, star, gzip, and bzip2.

Archive and Compress: tar -cvzf backup.tar.gz files.here

Uncompress tar: tar -xvzf backup.tar.gz .

Bzip:

bzip file.file bzip -d file.file.bz

Gzip:

gzip file.file gzip -d file.file.gz

Star:

star -c -xattr -H=exustar -f=backupfiles.star /home/user/*
star -x backupfiles.star

  • Create and edit text files.

touch text.file vi text.file

  • Create, delete, copy, and move files and directories.

mkdir foldername
rmdir foldername
rm -rf foldername
mv filename /path/to/destination
mv foldername /path/to/destination

  • Create hard and soft links.

Hard Links ln file.one file.two

Soft Links ln -s hard.file soft.link

  • List, set, and change standard ugo/rwx permissions.

ls -all chmod 655

  • Locate, read, and use system documentation including man, info, and files in /usr/share/doc.

man programname

Operate running systems

  • Boot, reboot, and shut down a system normally.

reboot

shutdown -h now

  • Boot systems into different runlevels manually.

vi /etc/initttab look at the notes, it explains

  • Use single-user mode to gain access to a system.

Press 'a' during GRUB screen and append run level 1 to the end of the kernel parameters.

  • Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes.

Use top to find the pid then kill pid to kill it.

Use nice -nXX /path/to/program XX = -20 is highest priority 19 is lowest priority

renice -n -19 -p 2551

  • Locate and interpret system log files.

cd /var/log/
vi /var/log/service.log

  • Access a virtual machine’s console.

Use VNC to access virt-manager and open the virtual machines console.

  • Start and stop virtual machines.

virsh servername start/stop

  • Start, stop, and check the status of network services.

/etc/init.d/network start/stop/status ifconfig ifconfig eth0 down/up

/etc/init.d/vsftpd start
/etc/init.d/vsftpd stop
/etc/init.d/vsftpd status

Can also use service vsftpd status

Configure local storage

  • List, create, delete, and set partition type for primary, extended, and logical partitions.

lvdisplay
fdisk -l

  • Create and remove physical volumes, assign physical volumes to volume groups, and create and delete logical volumes.

pvcreate /dev/sda vgextend volgrp0 /dev/

  • Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot.

  • Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label.

vi /etc/fstab

label | mount point | mount options | dump (auto backup) + fsck priority

/dev/sda1 /media/moarfiles defaults		0	0 
UUID=111-11 /media/moarfiles defaults		0	0
  • Add new partitions and logical volumes, and swap to a system non-destructively.

"The usual way" use swapon to activate swap without rebooting

Create and configure file systems

  • Create, mount, unmount, and use ext2, ext3, and ext4 file systems.

fdisk /dev/sda n for new partition t for partition type w to write partition

mkfs.ext4 /dev/sdb mount -t ext4 /dev/sdb

  • Mount, unmount, and use LUKS-encrypted file systems.

LUKS is an encrypted filesystem mounted on a specific directory. # Install needed packages. yum install cryptsetup-luks # Look for kernel modules for LUKS. Might not be loaded by default. lsmod | grep dm_crypt # If not loaded load them modprobe dm_crypt # Make a partition you want to be encrypted with fdisk or parted. Ex. /dev/sda1 # Prepare (initialize) the partition for LUKS. Type your passphrase when asked. cryptsetup luksFormat /dev/sda1 # Get UUID of device (optional) cryptsetup luksUUID /dev/sda1 # Map the device to /dev/mapper. Use your own name here (ev) or use th UUID. cryptsetup luksOpen /dev/sda1 ev # Now format the device in the /dev/mapper dir mkfs.ext4 /dev/mapper/ev # Find UUID of drive (if you don't have it.) dumpe2fs /dev/mapper/ev | grep UUID # Make dir to mount vol to mkdir /ev # Put a line in /etc/crypttab so it will be activated on boot. # This will automatically load the dm_crypt module. # Replace ev with UUID if you choose to use that ev /dev/sda1 none # Put mount line in /etc/fstab either by UUID or the name you have chosen. /dev/mapper/ev /ev ext4 defaults 1 2 or UUID=uuidNumber /ev ext4 defaults 1 2 # Mount disk mount -a # On boot you will have to type a password to mount this LUKS partition

  • Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically.
  • Mount and unmount CIFS and NFS network file systems.

Use automounter

  • Extend existing unencrypted ext4-formatted logical volumes.

pvcreate /dev/sda
vgextend VolGrp00 INSERT PV VOLUME HERE
lvextend

  • Create and configure set-GID directories for collaboration.

chmod u+s folder
chmod g+s folder

  • Create and manage Access Control Lists (ACLs).

getfacl folder/
setfacl -m g/u/:group/user:rwx folder/

  • Diagnose and correct file permission problems.

chmod/getfacl/etc

Deploy, configure, and maintain systems

  • Configure networking and hostname resolution statically or dynamically.

vi /etc/hostname

  • Schedule tasks using cron.

crontab -e

M H D M DOW(DAY OF WEEK 0 = Sunday | 6 = Saturday)
* * * * * /path/to/script 2&1 > /dev/null

  • Configure systems to boot into a specific runlevel automatically.

vi /etc/inittab

  • Install Red Hat Enterprise Linux automatically using Kickstart.

Use kickstart configurator to setup ks.cfg place ks.cfg in main ftp or http directory insert bootable usb/cd/etc during bootup hit tab insert ks=ftp://192.2.2.2/pub/ks.cfg

  • Configure a physical machine to host virtual guests.
  • Install Red Hat Enterprise Linux systems as virtual guests.
  • Configure systems to launch virtual machines at boot.

Use virtual machine manager for these

  • Configure network services to start automatically at boot.

chkconfig service on

  • Configure a system to run a default configuration HTTP server.

yum install httpd

chkconfig httpd on

make sure port 80 open in firewall

  • Configure a system to run a default configuration FTP server.

yum install vsftp

chkconfig vsftpd on

make sure port 21 open in firewall

  • Install and update software packages from Red Hat Network, a remote repository, or from the local file system.

yum install package

  • Update the kernel package appropriately to ensure a bootable system.

yum update kernel

  • Modify the system bootloader.

vi /boot/grub/grub.conf

Manage users and groups

  • Create, delete, and modify local user accounts.

useradd username

usedel username

  • Change passwords and adjust password aging for local user accounts.

passwd username passwd -n20 username

  • Create, delete, and modify local groups and group memberships.

Use system-config-users

  • Configure a system to use an existing LDAP directory service for user and group information.

Use System > Admin > Authorisation

Manage security

  • Configure firewall settings using system-config-firewall or iptables.

system-config-firewall-tui ftw

  • Set enforcing and permissive modes for SELinux.

setenforce permissive setenforce enforcing

  • List and identify SELinux file and process context.

ls -Z (list file context) ps -auxZ (list process context)

  • Restore default file contexts.

restorecon -v filename

  • Use boolean settings to modify system SELinux settings.

getsebool -a setsebool insert_bool_here on/off

  • Diagnose and address routine SELinux policy violations.

Use semanage + setroubleshooter

More notes here: https://www.pantz.org/software/linux/rhcsa_study_guide.html

Learn all of the above, get this:

Redhat RHCSA certificate