RHCE QUESTION AND ANSWERS

Check:-
1. IP address ----> Ping each other
2.Hostname ----> Ping each other
2.Domain Name Ping -> Domain Name

1. Configure selinux in enforcing mode. (for both

machines)
==============================================================================
===================
2. SSH configuration: (for both
machines)
A]Clients within domain district.example.com should be able to access each other using ssh.
B] Clients within my.133t.org should not have access to ssh on your systems.
--------------------------------------------------------------------------------------------------------------------------------
------
# echo "sshd: *.district.example.com" >> /etc/hosts.allow
# echo "sshd: *.my.133t.org" >> /etc/hosts.deny
==============================================================================
===================

3. Configure port forwarding: (only for

system1)
configure system1 to forward traffic incomming on port 5243/tcp from source network
172.24.2.0/255.255.255.0 to port on 80/tcp
--------------------------------------------------------------------------------------------------------------------------------
------

#firewall-cmd --permanent --add-rich-rule "rule family=ipv4 source address=172.24.2.0/24

forward-port port=5243 protocol=tcp to-port=80"
# firewall-cmd --reload
# firewall-cmd --list-rich-rules
==============================================================================
===================

4. Configure user environment: (for both

machines)
Create a command called qstat on both system1 and system2
It should able to execute the following commands:
ps -Ao pid,user,fname,tty,rsz
the commands should be executable by all users.
--------------------------------------------------------------------------------------------------------------------------------
------
#echo 'alias qstat="ps -Ao pid,user,fname,tty,rsz"' >>/etc/bashrc
#source /etc/bashrc
#qstat
==============================================================================
===================
5. Configure IPv6 Network: (for both
machines)
a]Configure eth0 on system1 with a static ipv6 adresses as: 2001:adaf:acaf:1221::1/64
B]Configure eth0 on system2 with a static ipv6 adresses as: 2001:adaf:acaf:1221::2/64
c]Both machines are able to communicate within the network
d]The changes should be permanenet even after the reboot.
--------------------------------------------------------------------------------------------------------------------------------
------
for server
#nmcli connection modify eth1 ipv6.addresses "2001:adaf:acaf:1221::1/64" ipv6.method manual
connection.autoconnect yes
#nmcli connection up eth1

for client
#nmcli connection modify eth1 ipv6.addresses "2001:adaf:acaf:1221::2/64" ipv6.method manual
connection.autoconnect yes
#nmcli connection up eth1

from both
ping each other with #ping6 <ipv6>
==============================================================================
===================
6. Link aggregation (Teaming / Ethernet Bonding) (for both machines)

a] Configure system1 and system2 which watches for link changes and selects an active port for
data transfers.
b] system1 should have the address as 172.24.2.125/255.255.255.0
c] system2 should have the address as 172.24.2.135/255.255.255.0
d]After reboot both IP should be able to communicate. Both systems should be accesible with
IPv4 as well.
--------------------------------------------------------------------------------------------------------------------------------
------
# man teamd.conf | grep activebackup
Note:-...........type...........con-name.............ifname
# nmcli connection add type team con-name team0 ifname team0 config '{"runner": {"name":
"activebackup"}}'
# nmcli connection modify team0 ipv4.addresses "<IPv4>/24" ipv4.method manual
connection.autoconnect yes
# nmcli connection add type team-slave con-name eth2 ifname eno33554992 master team0
# nmcli connection add type team-slave con-name eth3 ifname eno50332216 master team0
# nmcli connection
# teamdctl team0 state
# teamnl team0 ports
# nmcli connection up team0
# ifconfig
# nmcli device status
# ping <IP>
==============================================================================
===================

7. SMTP configuration: (for both

machines)
Configure the SMTP mail service on system1 and system2 which relay the mail only from
local system through station.district.example.com, all outgoing mail have their sender
domain as district.example.com. Verify the mail server is working by sending mail to claark user.
Check the mailon both system1 and system2 with the URL: http://district.example.com/mails.txt
----------------------------------------------------------------------------------------------------------------------
#yum install postfix-* -y
#systemctl enable postfix
# systemctl start postfix.service
#firewall-cmd --permanent --add-service=smtp
#firewall-cmd --reload
# postconf -e "relayhost=[station.district.example.com]"
#postconf -e "myorigin=district.example.com"
#postconf -e "mydestination="""
#postconf -e "inet_interfaces=loopback-only"
#postconf -e "mynetwork=172.24.0.0/24, 127.0.0.0/8"
#systemctl reload postfix.service
#mail -s "system1" clark@district.example.com
Type message here and end with .
#postqueue -p
#curl http://district.example.com/mails.txt ..to check mails in cmd line
browser
==============================================================================
===================

8. script 1: (for System1)

Create a script on server1 /root/script.sh with executable by all such a manner with
input "kernel" output should be "user", with input "user" output should be "kernel", with
input any value output should be "user|kernel" and with no input, output should be "Invalid
Argument".
----------------------------------------------------------------------------------------------
#which bash
# vim /root/script.sh

#!/usr/bin/bash
if [ $# == 0 ];then
echo "Invalid Argument"
elif [ $1 == kernel ]; then
echo user
elif [ $1 == user ]; then
echo kernel
else
echo "user|kernel"
exit
fi
==============================================================================
===================

9. script 2: (for System1)

Create a script on server1 called /root/createusers. when script is called, should add all users
from file
Download from http://district.example.com/hostgrid/userlist.txt. when userlist as first argument
provided, it will be created all the users as per user's name specified in userlist file and all users
should be appear /bin/false login shell. Password not required. If other argument provided it
will display "Input file not found" output. If no any argument provided, it will display
"Usage: /root/createusers"
------------------------------------------------------------------------------------------------------------
#!/usr/bin/bash
if [ $# == 0 ]; then
echo "Usage: /root/createusers"
exit
elif [ $1 == userlist ]; then
for i in $(cat /root/userlist.txt)
do
useradd -s /bin/false $i
done
exit
else
echo "Input file not found"
exit
fi

==============================================================================
===================
10. Configure a MariaDB:- (for System1)
==============================================================================
===================
11. Run a Query.
==============================================================================
===================

12. ISCSI: Configuring Storage/ Target (for System1)

Create a new 3GB target on your system1.district.example.com. The block device name
should be data_block
the server should export an iscsi disk called iqn.2017-04.com.example.district:system1.
The target should be allowed to system2.
----------------------------------------------------------------------------------------------------------------------------
for System1:
#fdisk /dev/sdb ...........create a partition /dev/sdb1 =4GB
#vgcreate iscsi_vg /dev/sdb1
# lvcreate -L 3G -n iscsi_lv iscsi_vg .......create LVM iscsi_lv =3GB
#yum install targetcli* -y
#systemctl enable target.service
# systemctl start target.service
#firewall-cmd --permanent --add-port=3260/tcp
# firewall-cmd --reload
firewall-cmd --list-ports
#targetcli
/>ls
/> backstores/block create data_block /dev/iscsi_vg/iscsi_lv
/> /iscsi create iqn.2017-04.com.example.district:system1
/>ls
/> /iscsi/iqn.2017-04.com.example.district:system1/tpg1/acls create iqn.2017-
04.com.example.district:system2
/> /iscsi/iqn.2017-04.com.example.district:system1/tpg1/luns create
/backstores/block/data_block
/> /iscsi/iqn.2017-04.com.example.district:system1/tpg1/portals create 172.24.2.110
/> saveconfig
/> exit
#systemctl restart target.service
# fdisk -l

==============================================================================
===================

13. Configure ISCSI initiator: (for System2)

The system1.district.example.com provides an iscsi port (3260). Connect the disk with
system2.district.example.com and configure file system with the following requirements:-
create 2000MB partition on ISCSI block device and assign the file system as ext4. Mount the
volume under /mnt/data at the system boot time.
--------------------------------------------------------------------------------------------------------------------------------
-------------
#yum install iscsi-initiator-utils.* -y
#systemctl enable iscsid.service
#systemctl start iscsid.service
#vim /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.2017-04.com.example.district:system2
#systemctl restart iscsid.service
#iscsiadm -m discovery -t st -p 172.24.2.110 -l ...login
#fdisk -l
#fdisk /dev/sdb
create /dev/sdb=200M
#mkdir /mnt/data
#mkfs.ext4 /dev/sdb1
#echo " /dev/sdb1 /mnt/data ext4 defaults,_netdev 0 0" >> /etc/fstab
#mount -a
#df -Th
# iscsiadm --mode node --logoutall=all .......logout
# iscsiadm -m session ...check active session
==============================================================================
===================
14. Apache:-
--------------------------------------------------------------------------------------------------------------------------------
-------------
==============================================================================
===================
15. Secured webserver:-

--------------------------------------------------------------------------------------------------------------------------------
-------------

==============================================================================
===================
16. Webpage content modification:-
--------------------------------------------------------------------------------------------------------------------------------
-------------

==============================================================================
===================
17. Virtual Hosting:-
--------------------------------------------------------------------------------------------------------------------------------
-------------

==============================================================================
===================
18. SAMBA:-
--------------------------------------------------------------------------------------------------------------------------------
-------------

==============================================================================
===================
19. SAMBA secured multiuser:-
--------------------------------------------------------------------------------------------------------------------------------
-------------

==============================================================================
===================
20. Configure NFS on system1:-
--------------------------------------------------------------------------------------------------------------------------------
-------------

==============================================================================
===================
21. Configure NFS on system2:-
--------------------------------------------------------------------------------------------------------------------------------
-------------
==============================================================================
===================