Вы находитесь на странице: 1из 5

Configure SSH access as follows:

--any user has remote SSH access to your machine from within example.com
--Clients within my22ilt.org should NOT have access to ssh on your systems.

- Configure your system1 which watches for link changes and selects an active port
for data transfers.
- system1 should have the address as 192.168.0.100/255.255.255.0.

Configure FTP access on your system:


--Clients within the example.com domain should have anonymous FTP access to your
machine.

--Clients outside example.com should NOT have access to your FTP service .

- Configure eth0 with a static ipv6 addresses as follows.


- Configure a Static IPv6 address in system1 asfddb:fe2a:ab1e::c0a8:64/64.
- Configure a Static IPv6 address in system2 as fddb:fe2a:ab1e::c0a8:02/64.
- Ping the local IPv6 gateway fddb:fe2a:ab1e::c0a8:fe. .

Configure NFS server.

- Configure serverX with the following requirements. - Share the /common directory
with the example.com domain clients only, share must be writable.
- Share the /restricted/protected, enable krb5p security to secure access to the
NFS share from URL
http://classroom.example.com/pub/keytabs/serverX.keytab

- The exported directory should have read/write access from all sudomains of the
example.com domain.
Ensure the directory /restricted/protected should be owned by the user arora with
read/write permission.

Configure nfs mount.


- Mount /common directory on desktopX under /public directory persistently at
system boot time.
- Mount /restricted/protected with krb5p secured share on desktopX beneath /secure
provided with keytab
http://classroom.example.com/pub/keytabs/desktopX.keytab
Samba Server:

- Share the /common1 directory via SMB:


- Your SMB server must be a member of the SMBGROUP workgroup
- The shares name must be common1
- The common share must be available to example.com domain clients only
-The common share must be browseable
- susan must have read access to the share, authenticating with the same password
'password', if necessary

- Configure the serverX to share /cloudshare with SMB share name must be OPENGROUP.
- The user frankenstein has read/write access to the /cloudshare SMB share.
- The user martin has read access to the /cloudshare SMB share.
- Both users should have the SMB passwd "redhat".

Samba Client:

- Mount the samba share /cloudshare permanently beneath /cloudcifs on desktopX as a


multiuser mount.
- the samba share should be mounted with the credentials of frankenstein.

- Configure the SMTP mail service on system1 and system2 which only relay mail from
local system through smtpX.example.com, all outgoing mail have their sender domain
as example.com. Ensure that mail should not store locally.
- Verify the mail server is working by sending mail to a student user.
- Check the mail on both system1 and system2with the below URL
http://imapX.example.com/system1
http://smtpX.example.com/system2

You have been asked to create a new 1GB iscsi target on your server machine. This
target should be called iqn.2014-06.com.example:server. This target should only be
available to client with an initiatorname of iqn.2014-06.cpm.example:desktop.

Your desktop machine should persistently log in to this target and persistently
mount a new xfs file system created on that target on /iscsidisk

implement a web server for the site http://serverX.example.com, then perform the
following steps:
Download http://classroom.example.com/pub/rhce/station.html

Rename the downloaded file to index.html

Copy this index.html to the DocumentRoot of your web server

Do NOT make any modifications to the content of index.html.

configure the firewall on serverx to forward


port 443/tcp to 22/tcp,
but only for your desktopX machine. The IP address of your desktopX machine is
172.25.X.10.

- Create a command called qstat on both serverX and desktopX.


- It should able to execute the following command
(ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm)
- The command shoud be executable by all users.

Extend your web server to include a virtual host for the site

http://wwwX.example.com/ where x is your station number, and then perform the


following steps:

Set the DocumentRoot to /var/www/virtual

Download

ftp://instructor.example.com/pub/rhce/www.html

Rename the downloaded file to index.html

Place this index.html in the DocumentRoot of the virtual host

Do NOT make any modifications to the content of index.html

Ensure that andrew is able to create content in /var/www/virtual

Note: The original web site

http://serverX.example.com must still be accessible.

DNS resolution for the hostname wwwX.example.com is already provided by the name
server on class.example.com.
- Configure your systems that should be running in Enforcing.

- Configure website http://webappX.example.com:8961 on serverX.


- Site should executes webapp.wsgi.
- Page is already provided on http://classroom.example.com/pub/webapp.wsgi
- Content of the script should not be modified.
-The web application should be copied to a suitable location outside to any
DocumentRoot.

-Once you are done with your work, you can check from your desktopX machine.

Create a directory named restricted to your web server document root so that it is
accessed from your system and not accessed from other system. Download

http://classroom.example.com/pub/rhce/secure.html

Rename the downloaded file to index.html Copy this index.html to the DocumentRoot
of your web server Do NOT make any modifications to the content of index.html

Firewall Configuration

01:

-When user root types /root/script bar, the output should be foo

-When he types /root/script foo, it produce bar when run without argument or any
other argument, it set to stderror /root/script bar|foo.

02:

write a script to create user, the script name is /root/mkuser, add a parameter
when the script, if there are no parameters, you will be prompted:
Usage:/root/mkuser if the parameter is a file that does not exist, you are prompted
to:
Input file not found if one exists, create users, users do not need to set a
password, the user's shell to /bin/flase
You have been asked to install a Mariadb server on your serverX machine. You need
to secure the mariadb service and must configure it to accept connections only from
local clients.

You have been asked to create two Mariadb users on your serverX machine,according
to the following requirement:
User Accepts connection from host Password Privileges
John Localhost John_password Insert, update,delete on all tables from
inventory database
Steve Any host Steve_password Select on all tables from inventory
database

- configure website https://serverX.example.com on serverX .


- Document directory should be /var/www/html/tls.
- Download http://classroom.example.com/pub/rhce/tls.html
- Rename the downloaded file to index.html.
- Copy this index.html to the DocumentRoot of your web server.
- Do NOT make any modifications to the content of index.html.

TLS certificate
http://classroom/pub/tls/certs/webappx.crt
TLS private key http://classroom/pub/tls/private/webappx.key
TLS CA certificate http://classroom/pub/example-ca.crt

Once you are done with your work, you can check from your desktopX machine to
validate your work.