Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. CORRECT TEXT
Create the user named jane and john.
Answer and Explanation:
1. useradd jane
2. useradd john
useradd command is used to create the user. All user's information stores in /etc/passwd and user;s shadow password stores in /etc/shadow.
Answer:
Q2. CORRECT TEXT
You have a domain in your LAN named example.com and my133t.org. Allow the
- Allow the FTP connection only from local domain.
- Deny the FTP connection from my133t.org
Answer and Explanation:
1. vi /etc/hosts.deny
vsftpd:ALL EXCEPT .example.com
or
1. vi /etc/hosts.deny
vsftpd:ALL
2. vi /etc/hosts.allow
vsftpd:.example.com
We can secure the services using tcp_wrappers. There are main two files, /etc/hosts.allow and /etc/hosts.deny.
There will be three stage access checking
- Is access explicitly permitted? Means permitted from /etc/hosts.allow?
- Otherwise, Is access explicitly denied? Means denied from /etc/hosts.deny?
- Otherwise, by default permit access if neither condition matched.
To deny the services we can configure /etc/hosts.deny file using ALL and EXCEPT operation.
Pattern of /etc/hosts.allow and /etc/hosts.deny file is:
Demon_list:client_list:options
In Client list can be either domain name or IP address.
Answer:
Q3. CORRECT TEXT
Create the group named sysadmin.
Answer and Explanation:
1. groupadd sysadmin
groupadd command is used to create the group and all group information is stored in /etc/group file.
Answer:
Q4. CORRECT TEXT
Share the Internet using squid for your Local LAN. Proxy server should be run on 8080 port.
Answer and Explanation:
1. vi /etc/squid/squid.conf
#detault:
http_port 8080
#Recommended minimum configuration:
# Near the src acl src section
acl mynet src 192.168.0.0/255.255.255.0
#Default:
# http_access deny all
#Under Here
http_access allow mynet
2. service squid start
3. chkconfig squid on
squid is a proxy caching server, using squid we can share the internet, block the internet, to certain network. First we should define the port for squid, the standard port for squid is 3128. We can run squid on different port by specifying http_port portnumber.
To block or allow the Internet access to hosts, we should create the acl (Access Control List). In this file we can specify only the IP address.
Example: acl aclname src IP/Netmask
After creating acl we can block or allow the internet to specified acl.
http_access allow | deny alcname
Answer:
Q5. CORRECT TEXT
Give Full Permission to owner user and owner group member but no permission to others on /data.
Answer and Explanation:
We can change the permission of file/directory either character symbol method or numeric
method.
Permission:
r-Read
w-Write
x-Execute
Permission Category
u- Owner User
g- Owner Group
o- Others
Operators
+ àAdd the Permissions
- àRemove the Permissions
= àAssigns the Permissions
Numeric Method:
4àRead
2àWrite
1àExecute
Total: 7, total for owner user, owner group member and for others : 777chmod u+rwx /datachmod
g+rwx /datachmod o-rwx /data
or
chmod 770 /dataVerify the /data : ls -ld /dataYou will get drwxrwx---
Answer:
Q6. CORRECT TEXT
/data Directory is shared from the server1.example.com server. Mount the shared directory that:
a. when user try to access, automatically should mount
b. when user doesn't use mounted directory should unmount automatically after 50 seconds.
c. Shared directory should mount on /mnt/data on your machine.
Answer and Explanation:
1. vi /etc/auto.master
/mnt /etc/auto.misc --timeout=50
2. vi /etc/auto.misc
3. data -rw,soft,intr server1.example.com:/data
4. service autofs restart
5. chkconfig autofs on
When you mount the other filesystem, you should unmount the mounted filesystem, Automount feature of linux helps to mount at access time and after certain seconds, when user unaccess the mounted directory, automatically unmount the filesystem.
/etc/auto.master is the master configuration file for autofs service. When you start the service, it reads the mount point as defined in /etc/auto.master.
Answer:
Q7. CORRECT TEXT
Create one partitions having size 100MB and mount it on /data.
Answer and Explanation:
Use fdisk /dev/hda àTo create new partition.Type n àFor New partitionsIt will ask for Logical or Primary Partitions. Press l for logical.It will ask for the Starting Cylinder: Use the Default by pressing Enter Key.Type the Size: +100M àYou can Specify either Last cylinder of Size here.Press P to verify the partitions lists and remember the partitions name.Press w to write on partitions table.Either Reboot or use partprobe command.Use mkfs -t ext3 /dev/hda?
Or
mke2fs -j /dev/hda? àTo create ext3 filesystem.vi /etc/fstab
Write:
/dev/hda? /data ext3 defaults 0 0
11. Verify by mounting on current Sessions also:
mount /dev/hda? /data
Answer:
Q8. CORRECT TEXT
There are Mail servers, Web Servers, DNS Servers and Log Server. Log Server is already configured. You should configure the mail server, web server and dns server to send the logs to log server.
Answer and Explanation:
According to question, log server is already configured. We have to configure the mail, web and dns server for log redirection.
In mail, web and dns server:
1. vi /etc/syslog.conf
mail.* @logserveraddress
2. service syslog restart
mail is the facility and * means the priority. It sends logs of mail services into log server.
Answer:
Q9. CORRECT TEXT
You are giving RHCE exam. You should boot the system in Run level 3. When you start the system after while it is going on runlevel 6 : like
INIT: Entering Run level 6
Sending TERM Single
Fix the problem and boot the system.
Answer and Explanation:
It is due to either default runlevel or runlevel specific scripts.
3. id:?:initdefault: àWhere default runlevel is specified. It shouldn't be 6.
4. l3:3:wait:/etc/rc.d/rc 6 àIt reads the scripts of runlevel 6 while booting system on rulevel 3.
It should be like:
si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3 Should be like this
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
Answer:
Q10. CORRECT TEXT
Create the user named jackie, curtin, david
Answer and Explanation:
1. useradd jackie
2. useradd curtin
3. useradd david
useradd command is used to create the user. All user's information stores in /etc/passwd and user;s shadow password stores in /etc/shadow.
Answer:
Q11. CORRECT TEXT
Any mail coming for accountmanager should get by jeff user.
Answer and Explanation:
1. vi /etc/mail/virtusertable
accountmanager@ jeff
2. service sendmail restart
Answer:
Q12. CORRECT TEXT
Configure the web server for www.abc.com associated IP address is 192.100.0.1 by allowing access to user5 and user6 httpusers.
Answer and Explanation:
1. vi /etc/httpd/conf/httpd.conf
<VirtualHost 192.100.0.1>
ServerName www.abc.com
DocumentRoot /var/www/abc/
<Directory /var/www/abc>
AllowOverride authconfig
</Directory>
DirectoryIndex index.html
ServerAdmin webmaster@abc.com
ErrorLog logs/error_abc.logs
CustomLog logs/custom_abc.logs common
</VirtualHost>
2. Create the directory and index page on specified path. (Index page can download from
ftp://server1.example.com at exam time)
Check the SELinux context of index.html file, should be like this:
-rw-r--r-- root root system_u:object_r:httpd_sys_content_t /var/www/html/index.html
If SELinux Context is mismatched, use the restorecon -R /var command
3. vi /var/www/abc/.htaccess
AuthName "Only to Authorized Users"
AuthType basic
AuthUserFile /etc/httpd/conf/mypasswd
require valid-user
Check the SELinux Context, should like this:
-rw-r--r-- root root root:object_r:httpd_sys_content_t .htaccess
htpasswd -c /etc/httpd/conf/mypasswd user5htpasswd -m /etc/httpd/conf/mypasswd user6chgrp
apache /etc/httpd/conf/mypasswdchmod g+r /etc/httpd/conf/mypasswd
Check the SELinux Context, should like this:
-rw-r--r-- root root system_u:object_r:httpd_config_t /etc/httpd/conf/mypasswd
Use restorecon command to restore the mismatched SELinux Context of the file.service httpd
restartchkconfig httpd on
AllowOverride Authconfig is used to specify which and how much configuration can be overridden by directory specific .htaccess files.
One of the most common tasks performed in users' .htaccess files is adding authorization.
Typically, a user will setup authorization for directories that hold sensitive information with a configuration.
Answer:
Q13. CORRECT TEXT
Create the directory /archive and group owner should be the sysuser group.
Answer and Explanation:
1. chgrp sysuser /archive
2. Verify using ls -ld /archive command. You should get like
drwxr-x--- 2 root sysadmin 4096 Mar 16 17:59 /archive
chgrp command is used to change the group ownership of particular files or directory.
Another way you can use the chown command.
chown root:sysuser /archive
Answer:
Q14. CORRECT TEXT
Configure the DNS for example.com domain, where 192.100.0.20 is associated IP for www and NS is 192.100.0.X where X is your IP.
Answer and Explanation:
1. rename the file named.caching-nameserver.conf into named.conf file located into
/var/named/chroot/etc
#mv /var/named/chroot/etc/named.caching-nameserver.conf /var/named/chroot/etc/named.conf
2. Check the permission and ownership as well as SELinux Context should be like as:
-rw-r----- root named system_u:object_r:named_conf_t /var/named/chroot/etc/named.conf
If selinux context is mismatch use the restorecon -R /var command
3. vi /var/named/chroot/etc/named.conf
zone "example.com" IN {
type master;
file "example.com.zone";
};
/var/named/chroot/etc/named.conf file is used to register the zone as well as specify the global option for DNS server. There are two types of zone, i. Master, which contains the original data. ii.
Slave, backup of master. Here is the example of master zone configuration.
4. vi /var/named/chroot/var/named/example.com.zone
$TTL 345345
@ IN SOA @ webmaster.example.com.(
101; Serial Number
1H; Refresh Time
1M; Retry Time
1W; Expire Time
1D; Minimum Time to Live
)
@ IN NS 192.100.0.X
www IN A 192.100.0.20
5. Check the permission as well as SELinux Context should like this:
-rw-r--r-- root named root:object_r:named_zone_t
/var/named/chroot/var/named/example.com.zone
If selinux context is mismatch use the restorecon -R /var command
6. service named start
7. rndc reload
8. chkconfig named on
Zone file should create on /var/named/chroot/var/named. Default Directory Path is specified on
/var/named/chroot/etc/named.conf file.
$TTLàTime To Live, How much seconds cache server stores the information about DNS. And Five Parameters specified Serial Number used by slave to synchronize with master server. Refresh and Retry Time used by slave server. NS is the Name (DNS) server where lookup the domain. A (Associated IP) for particular host.
Answer:
Q15. CORRECT TEXT
Who ever creates the files/directories on /storage group owner should be automatically should be the same group owner of /storage.
Answer and Explanation:
1. chmod g+s /storage
2. Verify using: ls -ld /storage
Permission should be like:
drwxrws--- 2 root sysusers 4096 Mar 16 18:08 /storage
If SGID bit is set on directory then who every users creates the files on directory group owner
automatically the owner of parent directory.
To set the SGID bit: chmod g+s directory
To Remove the SGID bit: chmod g-s directory
Answer: