Wednesday, July 7, 2010

IMP RHCE

Suresh Kumar (RedHat Certified Engineer)

You have a system installed Red Hat Enterprise Linux os. The system must be configured with a set of locally-defined administrators and bound to an NIS domain, RHCE for additional user accounts. Your machine will be a member of the DNS domain example.com. All the systems in the example.com DNS domain are in the 172.16.0.0/16 subnet & all systems in that subnet are in example.com.
Your system will be rebooted before it is graded, so make sure that all changes you implement are persistent across reboots. You should also be aware the scoring items will be evaluated by whether they work as specified. Consequently, a correctly configured networking service will earn no points if networking itself is broken.
If your hostname is
station1.example.com then you can log in to this system with the username guest1 & the password is password. You will not be able to log in successfully to any other account on that system.
The requirements for this section include configuration of security restrictions on various network services. You should be aware tht making the services available for permitted hosts & networks is a higher priority than restricting any prohibited networks, because you will not receive credit for successful configuration of services if the implemented restrictions block access to permitted hosts & networks. If you choose to use kernel level firewalling, you must REJECT rather than DROP unwanted packets.
Be aware that you are not permitted to communicate with other examinees during the course of this exam. You are also prohibited from connecting to the hosts of other examinees. The testing system and the network will be monitored, & misuse of either will result in a grade of zero on this section.
Your distribution is avilable via YUM:
http://172.16.0.254/rhel5/Server
SELinux & firewall must be enabled. Default gateway is 172.16.0.254/16.
You will note that some requirements specify that a service should not be avilable from the DNS domain my133t.org. All the systems in that domain are in the
172.17.0.0/16 subnet.


RHCT SECTION


1. Set the root password as rW9ySX. Install the dialog RPM package.

2. Create the following users, groups & group memberships:
a. A group named admin
b. A user andrew who belongs to admin as a secondary group
c. A user brad who also belongs to admin as a secondary group
d. A user smith who does not have access to an interactive shell on the system, & who is not a memer of admin
e. andrew, brad & smith shold all have the password passwd.

3. Create a collaborative directory /shared/sysusers with the

Following characteristics:
a. Group ownership of /shared/sysusers is admin
b. The directory should be readable, writable & accessible to members of admin, but not to any other user.
c. Files created in /shared/sysusers automatically have group ownership set to the sysusers group

4. Install the appropriate kernel update from

ftp://server.example.com/pub/updates.

The following criteria must also be met.

a. The older kernel is the default kernel when the system is

rebooted
b. The original kernel remains available & bootable on the system

5. Enabled IP forwarding on your machine.

6. Set up the default print queue to forward jobs to the IPP print queue stationx on server.example.com, where x is your station number. Configure printer as “Generic – text-only” print queue.

Note: the queue stationx on server dumps print jobs into the file http://server/printers/stationx. This file can be examined to confirm that you have configured the print queue correctly.

7. The user andrew must be configure a cronjob that runs daily at 15:25 local time & executes – /bin/echo hello at terminal 8.

8. Bind to the NIS domain example.com provided by 172.16.0.254 for

user authentication. Note the following:
a. nisuserz should be able to log into your system, where z is your station number, but will not have a homedirectory until

you have completed the autofs requirement below

b. All NIS users have a password of passwd.

c. server.example.com NFS-exports /rhome to your system

d. nisuserz’s home directory is server.example.com:/rhome/nisuserz where z is your station number.

e. nisuserz’s home directory should be automounted locally beneath
/rhome as /rhome/nisuserz.

f. while you are able to log in as any of the users nisuser1

through nisuser10, the only home directory that is accessible from

your system is nisuserz.

9. Configure your system so that is is an NTP client of server.example.com.

10. One logical volume LogVol00 is created under GrpVol00. The initial size of this logical volume is 350MB. successfully extend it to 650MB. (range condierable is 570MB to 630MB).

11. One partition is mounted under /quota. brad user has full access on this directory. When he tried
dd if=/dev/zero of=/quota/somefile bs=1k count=60
he has successfully created the file. Again he tried
dd if=/dev/zero of=/quota/somefile bs=1k count=85
he has successfully created the file upto 80kb.

RHCE SECTION


1. Configure SSH access as follows:
a. andrew has remote SSH access to your machine from within example.com
b. Clients within my133t.org should NOT have access to ssh on your system.

2. Configure FTP access on your system:
a. Clients within the example.com domain should have anonymous FTP access to your machine.
b. Clients outside example.com should NOT have access to your FTP service

3. Share the /shared directory via SMB:
a. Your SMB server must be a member of the SMBGROUP workgroup
b. The share’s name must be shared
c. The shared share must be avilable to example.com domain clients only
d. The shared share must be browseable
e. brad must have read access to the share, authenticating with the same password password, if necessary

4. Implement a web server for the site http://stationx.example.com

Then perform the following steps:

a. Download ftp://server.example.com/pub/rhce/station.html

b. Rename the downloaded file to index.html

c. Copy this index.html to the DocumentRoot of your web server

d. Do not make any modifications to the contents of index.html

e. Download ftp://server.example.com/pub/rhce/www.html & rename the file to index.html at DocumentRoot /var/www/virtual

f. Extend your web server to include a virtual host for site
http://stationxx.example.com which are mapped to one ip.

g. The site http://stationx.example.com is accessibel only in example.com

5. Configure SMTP mail service according to the following

requirements:
Your mail server should accept mail from remote hosts &

localhost

b. Brad must be able to receive mail from remote hosts

c. mail delivered to brad should spool into the default mail spool for brad /var/spool/mail/susan.

d. Configure email alias for your MTA such that mail sent to

acctmgr is received by the local user andrew.

6. Configure POP3 email on your system according to these criteria:
a. brad must be able to retrieve email from your machine using POP3 from within example.com

b. Clients within the my133t.org domain should not have access to your POP3 service.

ADDITIONAL RHCE REQUIREMENTS:

Implement a web proxy server bound to port 8080. Clients within example.com should have access to your proxy server. Clients outside of example.com should not have access to your proxy server.


2. Export /shared directory only within example.com.

BEST OF LUCK


Learn RHCE

Red hat Linux With

Suresh Kumar Pakalapati (RHCE)

The Redhat Certification Program is most mature and respected Training Program on Linux. The World’s Leading Linux Certification. The RHCE certificate is a validation of your competency, undeniable proof of your skills, the standard track consist of RH-033, RH-133 and RH-253. It’s the leading choice of the IT professionals and their employers.

RHCE:RedHat Certified Engineer
RH-033:Red Hat Linux Essentials:
Course Duration
Normal Track – 2 weeks
Fast Track – 3 Days
Designed for Beginners, and covers all skills to become a productive user, including installation and command line essentials more…
RH-133:Red Hat Linux System Administration:
Course Duration
Normal Track – 2 Weeks
Fast Track - 3 Days

In this module, you will start building skills in system administration on Red Hat Enterprise Linux, to a level where you can attach and configure a workstation on an existing network with virtualization. more…

RH-253:Red Hat Linux Networking and Security Administration
Course Duration
Normal Track – 2 Weeks
Fast Track – 4 Days

In this module you will learn how to configure common Red Hat Enterprise Linux network services server-side setup, configuration, and basic administration. (DNS, NTP, NIS, Apache, SMB, DHCP, Send mail, FTP. Other common services: tftp, pppd,proxy more…

RHCSS:Red Hat Certified Security Specialist
RHS 333:Enterprise Network Services Security
Course Duration- 1 Week

RHCSS shares common ground with RHCA—both credentials require skills
and competencies taught in RHS333 and RH423. RHCSS additionally requires the skills covered in the RH429 course more…

RH-423: Enterprise Directory Services and Authentication
Course Duration- 1 Week

The Red Hat Enterprise Directory Services and Authentication Endorsement Exam is a performance-based test of the skills covered in RH423 Red Hat Enterprise Directory Services and Authentication. In order to enroll in this exam, you must have an RHCE on a current release at the time of the exam. Upon passing the exam, you will have earned an additional endorsement to your RHCE certification. This endorsement is one of the five required in order to earn the designation Red Hat Certified Architect. more…

RHS-429:Red Hat Enterprise SELinux Policy Administration
Course Duration- 1 Week

RHS429 introduces advanced system administrators,security administrators, and applications programmers to SELinux policy writing. Participants in this course will learn how SELinux works; how to manage SELinux; and how to write an SELinux policy. This class culiminates in a major project to scope out and then write policies for previously unprotected services. more…

RH 300:RHCE Rapid Track
Course Duration – 1 week

Designed for those who already possess significant systems administration experience and knowledge in a Linux/UNIX environment, and who desire the fastest path to RHCE certification. more…

For more details and new batches:
Call : +919987263243
Mail : suresh.sonu2@gmail.com