Академический Документы
Профессиональный Документы
Культура Документы
console of system2:
nmcli connection modify eth0 ipv4.addresses '172.25.10.12/24 172.25.10.254'
nmcli connection modify eth0 ipv4.dns 172.25.10.254 ipv4.dns-search
group10.example.com
nmcli connection modify eth0 ipv4.method manual
nmcli connection modify eth0 connection.autoconnection yes
nmcli connection reload
0.yum setup
vim /etc/yum.repos.d/exam.repo
[exam]
name=rhel7
baseurl=http://... from exam notes
gpgcheck=0
1.selinux
vim /etc/selinux/config
SELINUX=enforcing
wq!
sestatus
setenforce 1
getenforce
2.alias
vim /etc/profile.d/custom.sh
alias custom='ps -aux as per question'
wq!
chmod +x /etc/profile.d/custom
source /etc/profile.d/custom
custom
3.ssh
yum install openssh* -y
systemctl start sshd
systemctl enable sshd
vim /etc/hosts.deny
sshd: .my133t.org
wq!
systemctl restart sshd
4.ipv6 both
system1:
nmcli connection modify eth0 ipv6.addresses 'xxx:yyy:zzz/64'
nmcli connection modify eth0 ipv6.method manual
nmcli connection reload
systemctl reboot ##(ssh connection will be lost, ssh again after few minutes
from base-machine)
system2:
nmcli connection modify eth0 ipv6.addresses 'xxx:yyy:zzz:/64'
nmcli connection modify eth0 ipv6.method manual
nmcli connection reload
systemctl reboot ##(ssh connection will be lost, ssh again after few minutes
from base-machine)
5.teaming
system1:
nmcli connection add con-name team0 ifname team0 type team config '{"runner":
{"name": "activebackup"}}'
nmcli connection modify team0 ipv4.addresses '192.168.0.100/24'
nmcli connection modify team0 ipv4.method manual
nmcli connection modify team0 connection.autoconnection yes
nmcli connection add con-name team0-port1 ifname eno1 type team-slave master
team0
nmcli connection add con-name team0-port2 ifname eno2 type team-slave master
team0
nmcli connection reload
nmcli connection up team0
##take two tabs for system1 and system2 and check the ping/ connection status
as below
system1:
tab1: ping -I team0 192.168.0.100
tab2: teamdctl team0 state
nmcli connection down team0-port1
###and check tab1 for continuous pinging
teamdctl team0 state
nmcli connection up team0-port1
system2:
nmcli connection add con-name team0 ifname team0 type team config '{"runner":
{"name": "activebackup"}}'
nmcli connection modify team0 ipv4.addresses '192.168.0.100/24'
nmcli connection modify team0 ipv4.method manual
nmcli connection modify team0 connection.autoconnection yes
nmcli connection add con-name team0-port1 ifname eno1 type team-slave master
team0
nmcli connection add con-name team0-port2 ifname eno2 type team-slave master
team0
nmcli connection reload
nmcli connection up team0
system2:
tab1: ping -I team0 192.168.0.100
tab2: teamdctl team0 state
nmcli connection down team0-port1
###and check tab1 for continuous pinging
teamdctl team0 state
nmcli connection up team0-port1
6.port forwarding
firewall-cmd --permanent --add-rich-rule 'rule family=ipv4 source
address=172.25.10.11/24 forward-port port=from-question protocol=tcp to-port=from-
question'
firewall-cmd --reload
7. postfix
system1
yum install postfix* -y
systemctl start postfix
systemctl enable postfix
firewall-cmd --permanent --add-service=smtp
firewall-cmd --reload
vim /etc/postfix/main.cf
myhostname = system1.group10.example.com
myorigin = group10.example.com
mydestination =
mynetworks = 127.0.0.0/8, [::1]/128
inet_interfaces = loopback-only
relayhost = [as per question]
local-transport = error:local delivery disabled
systemctl restart postfix
send one or two mails and check mail received in url provided in
question
echo "test1"|mail -s "testing1" user@system1.group10.example.com
###user name as given in question
echo "test1.1"|mail -s "testing1.1" user@localhost
system2
yum install postfix* -y
systemctl start postfix
systemctl enable postfix
firewall-cmd --permanent --add-service=smtp
firewall-cmd --reload
vim /etc/postfix/main.cf
myhostname = system1.group10.example.com
myorigin = group10.example.com
mydestination =
mynetworks = 127.0.0.0/8, [::1]/128
inet_interfaces = loopback-only
relayhost = [as per question]
local-transport = error:local delivery disabled
send one or two mails and check mail received in url provided in
question
echo "test2"|mail -s "testing2" user@system2.group10.example.com
echo "test2.2"|mail -s "testing2.2" user@localhost
8.nfs, mount
system1:
yum install nfs* -y
mkdir /nfsshare
system2:
yum install nfs-utils -y
showmount -e 172.25.10.11
mkdir /mnt/share1
vim /etc/fstab
system1.group10.example.com/nfsshare /mnt/share1 nfs
defaults 0 0
wq!
mount -a
mkdir /nfssecure/subdir
system2:
showmount -e 172.25.10.11
wget -O /etc/krb5.keytab http://...question
systemctl start nfs-secure
systemctl enable nfs-secure
mkdir /nfssec
vim /etc/fstab
system1.group10.example.com/nfssecure /nfssec nfs
defaults,v4.2,sec=krb5p 0 0
wq!
systemctl restart nfs-secure
mount -a
su - nahur
cd /nfssec
cd subdir
touch t1.txt
10.samba
yum install samba* -y
systemctl start smb nmb
systemctl enable smb nmb
firewall-cmd --permanent --add-service=samba
firewall-cmd --reload
mkdir /common
chcon -t samba_share_t /public
vim /etc/samba/smb.conf
workgroup=STAFF
[common]
comment=xyz
path=/common
public=no
writable=no
browseable=yes
hosts allow = 172.25.10.
valid users = rob
wq!
11.samba, multiuser mount (write permission for user robby; mount with user rob
credentials)
system1:
mkdir /multi
chcon -t samba_share_t /multi
touch /multi/test1
vim /etc/samba/smb.conf
[multi]
comment=xyz
path=/multi
public=no
writable=no
browseable=yes
writelist = robby
hosts allow = 172.25.10.
valid users = rob, robby
wq!
smbpasswd -a rob
passwd: test123
smbpasswd -a robby
passwd: red123
system2:
yum install cifs-utils -y
mkdir /mountpt
vim /root/file.txt
username=rob
password=test123
wq!
vim /etc/fstab
//system1.group10.example.com/multi /mountpt cifs
credentials=/root/file.txt,multiuser,sec=ntlmssp 0 0
wq!
mount -a
df -h
12-14:apache1-3
system1:
yum install httpd -y
systemctl start httpd
systemctl enable httpd
cd /var/www/html
wget http://... -O index.html
mkdir /var/www/html/private
setfacl -m u:user:rwx /var/www/html/private
cd /var/www/html/private
wget http://... -O index.html
mkdir /var/www/virtual
cd /var/www/virtual
wget http://... -O index.html
vim /etc/httpd/conf.d/web1.conf
### Used single file for all 5 apache configurations.
<VirtualHost 172.25.10.11:80>
ServerAdmin root@system1.group11.example.com
DocumentRoot /var/www/html
ServerName system1.group11.example.com
</VirtualHost>
<Directory "/var/www">
AllowOverride none
Require all granted
</Directory>
<Directory "/var/www/html">
Order deny,allow
Deny from all
Allow from 172.25.10.
### Allow from domain
</Directory>
#####################################
<VirtualHost 172.25.10.11:80>
ServerAdmin root@system1.group11.example.com
DocumentRoot /var/www/html/private
ServerName system1.group11.example.com
</VirtualHost>
<Directory "/var/www/html/private">
Order deny,allow
Deny from all
Allow from 172.25.10.11
### Allow only from local host
</Directory>
#####################################
<VirtualHost 172.25.10.11:80>
ServerAdmin root@system1.group11.example.com
DocumentRoot /var/www/virtual
ServerName www1.group11.example.com
</VirtualHost>
NameVirtualHost 172.25.10.11:80
<Directory "/var/www/virtual">
AllowOverride none
Require all granted
</Directory>
<Directory "/var/www/virtual">
Order deny,allow
Deny from all
Allow from 172.25.10.
### Allow from domain
</Directory>
#####################################
wq!
system2:
curl -k system1.group11.example.com
curl -k system1.group11.example.com/private
curl -k www1.group11.example.com
15:apache-4
yum install mod_ssl -y
firewall-cmd --permanent --add-service=https
firewall-cmd --reload
cd /etc/pki/tls/certs
wget http://... example-ca.crt
wget http://... www10.crt
cd /etc/pki/tls/private
wget http://... www10.key
chmod 600 www10.key
vim /etc/httpd/conf.d/web1.conf
<VirtualHost 172.25.10.11:443>
DocumentRoot /var/www/html
ServerName system1.group11.example.com
###SSL 8 lines
SSLEngine on
SSL Protocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLHonorCipherOrder on
SSLCertificateFile /etc/pki/tls/certs/www10.crt
SSLCertificateKeyFile /etc/pki/tls/private/www10.key
SSLCertificateChainFile /etc/pki/tls/certs/example-ca.crt
</VirtualHost>
#####################################
wq!
16:apache-5
yum install mod_wsgi -y
cd /var/www/html
wget http://... -O webapp.wsgi
semanage port -l |grep http
semanage port -a -t httpd_sys_t protocol tcp 8990 ### port-no.
as in question
semanage port -l |grep http
vim /etc/httpd/conf/httpd.conf
Listen 8990
firewall-cmd --permanent --add-port=8990/tcp
firewall-cmd --reload
vim /etc/httpd.conf/web1.conf
<VirtualHost 172.25.10.11:80>
DocumentRoot /var/www/html
ServerName webapp.group11.example.com
WSGIScriptAlias / /var/www/html/webapp.wsgi
</VirtualHost>
systemctl restart httpd
browser -- check
elinks --dump webapp.group10.example.com
targetcli
/backstores/block create block1 /dev/iscsi_vg/iscsi_lv
iqn server:
/iscsi create iqn.2014-11.com.example.group11:system1
iqn client:
/iscsi/iqn.2014-11.com.example.group11:system1/tpg1/acls create iqn.2014-
11.com.example.group11:system2
lun:
/iscsi/iqn.2014-11.com.example.group11:system1/tpg1/luns create
/backstores/block/block1
portal/IP:
/iscsi/iqn.2014-11.com.example.group11:system1/tpg1/portals create
172.25.10.11 ### IP of system1
saveconfig
exit
system2:
rpm -qa|grep iscsi-initiator-tools
systemctl start iscsi iscsid
systemctl enable iscsi iscsid
check with lsblk (check 3G size) and fdisk the desired one
fdisk /dev/sda
n - p - 1
+2G
###size as per question
w
partprobe
mkfs.ext4 /dev/sda1
blkid /dev/sda1 ### notedown
the UUID
mkdir /mnt/iscsi
vim /etc/fstab
UUID=xxxx /mnt/iscsi ext4 _netdev 0 0
wq!
systemctl restart iscsi
mount -a
touch /mnt/iscsi/test1{1..3}
iscsiadm -m node -T iqn.....system1 -p 172.25.10.11:3260 -u
systemctl reboot
check /mnt/iscsi
19-20:mariadb-installation, queries
yum groupinstall mariadb mariadb-client -y
vim /etc/my.cnf
###under mysql section
skip-networking=1
wq!
systemctl start mariadb
systemctl enable mariadb
firewall-cmd --permanent --add-service=mysql
firewall-cmd --reload
mysql_secure_installation ###(press y
for all defaults, user root password as given in question)
mysql -u root -p
create database Contains;
exit
cd /root
wget http://xxx.dump
mysql -u root -p Contains < /root/xxx.dump
mysql -u root -p
create user xyz@localhost identified by 'abcd'
grant select on Contains.* to xyz@localhost
exit
mysql -u xyz -p
use Contains;
show tables;
desc tab1;
desc tab2;
desc tab3;
query1: What is the first name of the user with password "ABCD"?
select * from tabx where password="ABCD";
###The table where passwords are stored will not have the first name of
the users.
###hence note the common key-value -- example "id_no" and check
corresponding first-name in another table.
select * from taby where id_no="previous";
With this we can get the first name of the person whose password is "ABCD"
query2: Howmany MARK users are there with the location "XYZ"?
it is 0
select * from tabx where location="XYZ";
###The table where location is stored will not have the names of the
users.
###hence note the common key-value -- example "id_no" and check
corresponding name in another table.
select * from taby where id_no="previous";
With this we can get the name of the person whose location is "XYZ"
21,22:script-1, 2
script1:
#!/bin/bash
if [ "$1" == "perl" ]
then echo "python"
elif [ "$1" == "python" ]
then echo "perl"
else
echo "err:perl/python"
fi
script2:
#!/bin/bash
if [ $# -eq 0 ]; then
echo "Usage:/root/script"
exit 1
elif [ -f $1 ]; then
for i in `cat $1`
do useradd -s /bin/false $i
done
exit 0
else
echo "File Not Found"
exit 2
fi