RHCE

RHCSA: root redhat grub 1, setenforce 0 selinux passwd root IP 192.168.0.X 192.168.0.254 dns 192.168.0.254 system-config-network service network restart /home 100M df -TH umount /home/ e2fsch -f /dev/mapper/vgsrv-home resize2fs /dev/mapper/vgsrv-home 100M lvreduce -L 100M /dev/mapper/vgsrv-home mount -a df -TH manager harrynatashasarah 1.harry natasha manager; 2.sarah shell /sbin/nologin; 3. password; groupadd manager useradd -G manager harry useradd -G manager natasha

useradd -s /sbin/nologin sarah passwd harry passwd natasha passwd sarah /command manager mkdir /command ll -d /command chgrp manager /command chmod g+w /command chmod o-rx /command chmod o+t /command chmod g+s /command ll -d /command vim /etc/sysctl.conf net.ipv4.ip_forward = 1 sysctl -p ftp//192.168.0.254/pub/rhcsa/ kernel-2.6.32-71.7.1.el6.x86_64 kernel-firmware-2.6.32-71.7.1 lftp 192.168.0.254 cd pub cd rhcsa mget kernel-2.6.32-71.7.1.el6.x86_64.rpm kernel-firmware-2.6.32-71.7.1.el6.noarch.rpm bye rpm -ivh kernel-*.rpm

vim /boot/grub/grub.conf default=0 default=1 yum ftp://192.168.0.254/pub/rhel6/dvd vim /etc/yum.repos.d/server.repo [server] name=this is test server url=ftp://192.168.0.254/pub/rhel6/dvd enabled=1 gpgcheck = 0 natasha 8 45 /bin/echo howdy crontab -e -u natasha 45 20 * * * /bin/echo howdy :wq crontab -u satasha -l 192.168.0.254 ldapuser1,LDAP DN: dc=example,dc=com http://192.168.0.254/pub/EXAMPLE-CA-CERT, TLS ,LDAP :LDAP password system-config-authentication User Account Database -->LDAP LDAP Search Base DN: dc=example,dc=com LDAP Server: ldap ://192.168.0.254/ Use TLS to encrypt connections Certificate URL: http://192.168.0.254/pub/EXAMPLE-CA-CERT Authentication Method: LDAP password getent passwd ldapuserX id ldapuser

su ldapuserX ldapuser1 autofs vim /etc/auto.master /home/guests auto.ldap :wq cp /etc/auto.misc /etc/auto.ldap vim /etc/auto.ldap ldapuserX :wq service autofs stop service autofs start su ldapuserX /etc/fstab /var/tmp/natasha rwharry cp /etc/fstab /var/tmp/ ll /var/tmp/fstab chgrp manager /var/tmp/fstab setfacl -m u:natasha:rw /var/tmp/fstab setfacl -m u:harry:-- /var/tmp/fstab getfacl /var/tmp/fstab natasha /root/found/ mkdir /root/found/ find / -user natasha -exec cp -rf {} /root/found/ \; jean uid 4332 useradd -u 4332 jean id jean restart -fstype=nfs,rw 192.168.0.254:/home/guests/ldapuserX

 swap 512M swapon -s fdisk -cu /dev/vda 512M /dev/vda5 t 5 l 82 w partx -a /dev/vda mkswap /dev/vda5 swapon /dev/vda5 swapon /dev/vda5 -s vim /etc/fstab /dev/vda5 :wq mount -a FTP yum install vsftpd* service vsftpd restart chkconfig vsftpd on cp /etc/fstab /var/ftp/pub lftp localhost cd pub get fstab bye swap swap defaults 00

 web ftp station.html, yum install httpd -y lftp 192.168.0.254 cd pub get station.html cp station.html /var/www/html/index.html service httpd restart chkconifg httpd restart links http://127.0.0.1 /usr/share/dict/words strato /root/lines.txt cd /usr/share/dict cat words | grep strato > /root/lines.txt LVM/mnt/wshare LVM wgroup 100, PE 8M 80M wshare fdisk -cu /dev/vda 100M /dev/vda6 t 6 8e w partx -a /dev/vda pvcreate /dev/vda6 vgcreate wgroup -s 8M /dev/vda6 vgdisplay lvcreate -l 10 -n wshare wgroup mkfs.ext4 /dev/wgroup/wshare

mkdir /mnt/wshare vim /etc/fstab /dev/wgroup/wshare mount -a RHCE: SElinux vim /etc/sysconfig/selinux selinux = enforcing setenforce 1 getenforce vim /etc/sysctl.conf net.ipv4.ip_forward=1 example.com 172.16.0.0/16crake.com 172.25.0.0/16 example.com crake.com iptables -F iptables -A INPUT -s 172.25.0.0/16 -j REJECT service iptables save service iptables restart ftp 172.25.0.0/26 yum install vsftpd -y service vsftpd restart chkconfig vsftpd on vim /etc/vsftpd/vsftpd.conf /mnt/wshare ext4 default 0 0

anon_upload_enabled = yes anon_mkdir_write_enabled = yes service vsftpd restart chmod o+w /var/ftp/pub getsebool -a | grep ftp setsebool -P allow_ftpd_full_access on SMTP example.com admin natasha yum install postfix vim /etc/postfix/mian.cf myhostname = server X.example.com mydomain = example.com myorigin = $mydomain #inet_interface = localhost inet_interface = all chkconfig postfix on vim /etc/aliases admin: natasha newaliases setvice postfix restart samba /client natasha yum install samba* -y chkconifg smb on vim /etc/samba/smb.conf [client] path = /client writable = yes service smb restart smbpasswd -a natasha

chcon -t samba_share_t /client /client 172.16.0.0/24 NFS vim /etc/exports /client 172.16.0.0/255.255.255.0 (ro,sync) service nfs restart chkconifg nfs on crake.com ssh ipta bles -A INPUT -s 172.25.0.0/16 -p tcp --dport 22 -j REJECT WEB wwwX tom yum install httpd vim /etc/httpd/conf/httpd.conf <virtualhost *:80> ... <directory /var/www/html/www13> authname server-13-password authtype basic authuserfile /etc/httpd/conf/.htpasswd require valid-user </directory> </virtualhost> htpasswd -mc /etc/httpd/conf/.htpasswd tom cut -d: -f1-2 /etc/shadow > /etc/httpd/conf/.htpasswd elinks wwwX.example.com boot iso /mnt/cdrom mkdir /mnt/cdrom

vim /etc/fstab /root/cdrom.iso /mnt/cdrom iso9660 default,loop 0 0 /proc/cmdline sysctl = 1 vim /boot/grub/grub.conf sysctl = 1 cat /proc/cmdline shell shell a bexampleshell test.sh./test.sh a b,/test.sh b a cd /root/ vim secripts.sh #!/bin/bash case $1 in a) echo b ;; b) echo a ;; *) echo "/root/scripts a|b" ;; esac 192.168.0.254 iscsi /mnt/iscsi iscsiadm -m discovery -t st -p 192.168.0.254 iscsiadm -m node -T iqn.XXX -p 192.168.0.254 -l fdisk /dev/sdX mkfs.ext4 /dev/sdXx

blkid /dev/sdX vim /etc/fstab UUID=XXXX /mnt/iscsi ext4 _netdev 0 0 mount -a cronnatasha vim /etc/cron.deny natasha /etc/init.d/crond restart DNS 192.168.0.254 DNS yum install bind vim /etc/named/conf listen-on port 53 { any; }; listen-on-v6 port 53 { any; }; dnssec-validation no; allow-query { any; }; forwarders { 192.168.0.254; }; service named restart