Thursday, August 18, 2011

RHCE Exam , Precaution & Preparedness


1) Basically in RHCE exam selinux must be in enforcing mode
So use
Root#setenforce 1
Or
Change in
root#system-config-securitylevel
change selinux enforcing
Or
change in
vi /etc/selinux/config
SELINUX=enforcing
So be carefully for selinux error specially in Web server , smb share , ftp server ,
Examples
a) If your share a directory in SMB then for selinux security context
Use
root# ls -ldZ /path
for checking security context
&
Use
Root#chcon -t samba_share_t /path for change to samba share context
Note :-> If in exam you have to share user home directory through selinux then use
Root#setsebool -P samba_enable_home_dirs on
b) In other cases when we have to share or publish file taken from other location like in web pages taken from RHCE server in virtual hosing in web server & ftp server .
So it's quiet confusing to remember security context of all files
So in that case best way for preventing selinux error use
Root#restorecon -R -v /path
other way for for prompting selinux error on GUI please install
setroubleshoot-plugins
setroubleshoot-server
RPM's
2) The next is that in exam it's not mention about firewall
So your 1st work is to disable firewall
Change in
Root#system-config-securitylevel
Change firewall to disable
Otherwise it may create problems for your network services
Then apply IPTABLES rule
a) Majorly iptables rules would be for blocking(other than your network) services like ssh ,ftp ,pop3-pop3s , imap-imaps
So please apply correct iptables rule with correct port no (for port no use /etc/services file) & finally use
Root#Service iptables save
for reboot persistence
3) Next thing is that your all services would be reboot persistent & your root password would be as per your exam question paper.
So 1st check your all services are working after reboot then submit your exam to your exam instructor
4) Majorly I found that resizing LVM through command mode is quite tuff work (because majorly LVM would be user home directory & you have to apply user quota in same directory . so any mistake in LVM & quota would create CTRL + D error )
so I prefer you to resize LVM in graphical mode (& if you found that graphical tool of LVM is not installed in your system then please install system-config-lvm RPM via YUM repository )
5) Apart from that precaution god forbid if you face any unrecoverable error that cannot be recovered by you then you can reinstall your system by instructor but that installation time would consider with your exam time
6) & the most important is "don't loose confidence & be fear free" because only that will help you in exam hall
You know I faced problems while giving IP of my system, dovecot implementation & smb implementation
& only my fear free thought helped me to win in these issues


Last day one of my friend who was appearing in RHCE exam face a problem in troubleshooting section
That he was unable to modify /etc/passwd file

then i suggest him to use
lsattr /etc/passwd 

then he find
----i--------  /etc/passwd

& then he use

chattr -i /etc/passwd
so i am posting syntax & attributes for chattr command

SYNTAX & COMMAND FOR CHATTR
                
chattr - change file attributes on a Linux second extended file system
SYNOPSIS
chattr [ -RV ] [ -v version ] [ mode ] files...
DESCRIPTION
chattr changes the file attributes on a Linux second extended file system.

OPTIONS

-R
Recursively change attributes of directories and their contents. Symbolic links encountered during

recursive directory traversals are ignored.
-V
Be verbose with chattr's output and print the program version.
-v version
Set the file's version/generation number.

Opcodes
+
Add attribute.
-
 Remove attribute.
=
Assign attributes (removing unspecified attributes).


ATTRIBUTES

1) A file with the `i' attribute cannot be modified: it cannot be deleted or renamed, no link can be

created to this file and no data can be written to the file. Only the superuser or a process pessessing

the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

2) A file with the `j' attribute has all of its data written to the ext3 journal before being written to

the file itself, if the filesystem is mounted with the "data=ordered" or "data=writeback" options. When

the filesystem is mounted with the "data=journalled" option all file data is already journalled and this

attribute has no effect. Only the superuser or a process possessing the CAP_SYS_RESOURCE capability can

set or clear this attribute.

3)  When a file with the `s' attribute set is deleted, its blocks are zeroed and written back to the disk.

4) When a file with the `S' attribute set is modified, the changes are written synchronously on the disk;

this is equivalent to the `sync' mount option applied to a subset of the files.

5) When a file with the `u' attribute set is deleted, its contents are saved. This allows the user to ask

for its undeletion.

6) A file with the `a' attribute set can only be open in append mode for writing. Only the superuser or a

process pessessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

7) A file with the `c' attribute set is automatically compressed on the disk by the kernel. A read from

this file returns uncompressed data. A write to this file compresses data before storing them on the

disk.

8) When a directory with the `D' attribute set is modified, the changes are written synchronously on the

disk; this is equivalent to the `dirsync' mount option applied to a subset of the files.

9) A file with the `d' attribute set is not candidate for backup when the "dump" program is run.