Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. CORRECT TEXT
Install the Cron Schedule for jeff user to display "Hello" on daily 5:30.
Answer and Explanation:
Login as a root usercat >schedule.txt
30 05 * * * /bin/echo "Hello"
3. crontab -u jeff schedule.txt
4. service crond restart
The cron system is essentially a smart alarm clock. When the alarm sounds, Linux runs the commands of your choice automatically. You can set the alarm clock to run at all sorts of regular time intervals. Alternatively, the at system allows you to run the command of your choice once, at a specified time in the future.
Red Hat configured the cron daemon, crond. By default, it checks a series of directories for jobs to run, every minute of every hour of every day. The crond checks the /var/spool/cron directory for jobs by user. It also checks for scheduled jobs for the computer under /etc/crontab and in the /etc/cron.d directory.
Here is the format of a line in crontab. Each of these columns is explained in more detail:
#minute, hour, day of month, month, day of week, command
* * * * * command
Answer:
Q2. CORRECT TEXT
Now a days you are observing that your system being very slow. You observe the processes that one user named user1 running more than 50 processes. Configure to limit the number of processes that user1 couldn't run more than 7 process.
Answer and Explanation:
1. vi /etc/security/limits.conf
user1 hard nproc 7
2. vi /etc/pam.d/system-auth
session required /lib/security/pam_limits.so
To limit the number of process or number of logins, we should configure on /etc/security/limits.conf. First Columns contains the username separated by comma or @group name. Second column either hard or soft limits. Third columns called the item, maxloigns or nproc etc.
To identify the session of users we should call the pam_limits module in /etc/pam.d/system-auth.
Answer:
Q3. CORRECT TEXT
There is one partition /dev/hda14 mounted on /data. The owner of /data is root user and root group. And Permission is full to owner user, read and execute to group member and no permission to others. Now you should give the full permission to user user1 without changing pervious permission.
Answer and Explanation:
We know that every files/directories are owned by certain user and group. And Permissions are defines to owner user, owner group and other.
-rwxr-x--- àFull permission to owner user, read and write to owner group and no permission to others.
According to question: We should give the full permission to user user1 without changing the previous permission.
ACL (Access Control List), in ext3 file system we can give permission to certain user and certain group without changing previous permission. But that partition should mount using acl option.
Follow the stepsvi /etc/fstab
/dev/hda14 /data ext3 defaults,acl 0 1Either Reboot or use: mount -o remount /datasetfacl –m u:user1:rwx /dataVerify using: getfacl /data
Answer:
Q4. CORRECT TEXT
You are a System administrator. Using Log files very easy to monitor the system. Now there are 50 servers running as Mail, Web, Proxy, DNS services etc. You want to centralize the logs from all servers into on LOG Server. How will you configure the LOG Server to accept logs from remote host ?
Answer and Explanation:
By Default system accept the logs only generated from local host. To accept the Log from other host configure:
3. vi /etc/sysconfig/syslog
SYSLOGD_OPTIONS="-m 0 -r"
Where
-m 0 disables 'MARK' messages.
-r enables logging from remote machines
-x disables DNS lookups on messages recieved with -r
4. service syslog restart
Answer:
Q5. CORRECT TEXT
Quota is implemented on /data but not working properly. Find out the Problem and implement the quota to user1 to have a soft limit 60 inodes (files) and hard limit of 70 inodes (files).
Answer and Explanation:
Quotas are used to limit a user's or a group of users' ability to consume disk space. This prevents a small group of users from monopolizing disk capacity and potentially interfering with other users or the entire system. Disk quotas are commonly used by ISPs, by Web hosting companies, on FTP sites, and on corporate file servers to ensure continued availability of their systems.
Without quotas, one or more users can upload files on an FTP server to the point of filling a filesystem. Once the affected partition is full, other users are effectively denied upload access to the disk. This is also a reason to mount different filesystem directories on different partitions. For example, if you only had partitions for your root (/) directory and swap space, someone uploading to your computer could fill up all of the space in your root directory (/). Without at least a little free space in the root directory (/), your system could become unstable or even crash.
You have two ways to set quotas for users. You can limit users by inodes or by kilobyte-sized disk blocks. Every Linux file requires an inode. Therefore, you can limit users by the number of files or by absolute space. You can set up different quotas for different filesystems. For example, you can set different quotas for users on the /home and /tmp directories if they are mounted on their own partitions.
Limits on disk blocks restrict the amount of disk space available to a user on your system. Older versions of Red Hat Linux included LinuxConf, which included a graphical tool to configure quotas.
As of this writing, Red Hat no longer has a graphical quota configuration tool. Today, you can configure quotas on RHEL only through the command line interface.
1. vi /etc/fstab
/dev/hda11 /data ext3 defaults,usrquota 1 2
2. Either Reboot the System or remount the partition.
Mount -o remount /dev/hda11 /data
3. touch /data/aquota.user
4. quotacheck -ufm /data
5. quotaon -u /data
6. edquota -u user1 /data
and Specified the Soft limit and hard limit on opened file.
To verify either quota is working or not:
Soft limit specify the limit to generate warnings to users and hard limit can't cross by the user. Use the quota command or repquota command to monitor the quota information.
Answer:
Q6. CORRECT TEXT
Your Local Domain is example.com. Configure the send mail server for you local LAN. As well as enable the pop and pop secured protocol.
Answer and Explanation:
1. vi /etc/mail/local-host-names
example.com
2. vi /etc/mail/sendmail.mc
dnl # DEAMON_OPTIONS(`Port=smtp,Addr=127.0.0.1,Name=MTA`)dnl
3. m4 /etc/mail/sendmail.mc >/etc/mail/sendmail.cf
4. vi /etc/mail/access
192.168.0 RELAY
example.com RELAY
5. service sendmail start | restart
6. chkconfig dovecot on
7. vi /etc/dovecot.conf
protocols = pop3 pop3s
8. service dovecot start | restart
9. chkconfig dovecot on
/etc/mail/local-host-names file contains the aliases to hostname. Mail server program reads the
/etc/mail/sendmail.cf. To change the configuration on mail server, we should edit the
/etc/mail/sendmail.mc file and should generate the sendmail.cf using m4 command.
By default sendmail server allows to connect to local host only. So we should edit the
/etc/mail/sendmail.mc file to allow connect to other hosts.
By default sendmail server will not forward mail. we should specify on /etc/mail/access to relay or to block mail coming from domain or network or individual email address.
By default dovecot service start only the imap protocol. To start pop protocol with dovecot, we should write in /etc/dovecot.conf file.
Answer:
Q7. CORRECT TEXT
Port 8080
Configure the squid server to allow the Local Domain and deny to cracker.org domain.
Answer and Explanation:
At exam Lab example.com domain resides on 192.168.0.0/24 Network and cracker.org resides on 192.168.1.0/24 Network.
1. vi /etc/squid/squid.conf
#detault:
http_port 8080
#Recommended minimum configuration:
# Near the src acl src section
acl allownet src 192.168.0.0/255.255.255.0
acl denynet src 192.168.1.0/255.255.255.0
#Default:
# http_access deny all
#Under Here
http_access allow allownet
http_access deny denynet
2. service squid start
3. chkconfig squid on
squid is a proxy caching server, using squid we can share the internet, block the internet, to certain network. First we should define the port for squid, the standard port for squid is 3128. We can run squid on different port by specifying http_port portnumber.
Answer:
Q8. CORRECT TEXT
You are new System Administrator and from now you are going to handle the system and your main task is Network monitoring, Backup and Restore. But you don't know the root password. Change the root password to redhat and login in default Runlevel.
Answer and Explanation:
When you Boot the System, it starts on default Runlevel specified in /etc/inittab:
Id:?:initdefault:
When System Successfully boot, it will ask for username and password. But you don't know the root's password. To change the root password you need to boot the system into single user mode.
You can pass the kernel arguments from the boot loader.
7. Restart the System.
8. You will get the boot loader GRUB screen.
9. Press a and type 1 or s for single mode
ro root=LABEL=/ rhgb queit s
10. System will boot on Single User mode.
11. Use passwd command to change.
12. Press ctrl+d
Answer:
Q9. CORRECT TEXT
You are administrator of Certkiller network. First time you are going to take the full backup of all user's home directory. Take the full backup of /home on /tmp/back file.
Answer and Explanation:
1. dump -0u -f /tmp/back /dev/hda4
dump is the standard backup utility. According to the questions, fullback should take. -0 means fullback, -u means update the /etc/dumpdates which maintains the backup record and -f means filename. If you are directly taking backup into other device, you can specify the device name.
i.e dump -0u -f /dev/st0 /dev/hda4. Where hda4 is a separate partition mounted on /home.
Answer:
Q10. CORRECT TEXT
ssh service is enabled in your Server. Configure to
- Deny the ssh from cracker.org domain.
- Allow the ssh service only from example.com domain.
Answer and Explanation:
1. vi /etc/hosts.deny
sshd:ALL EXCEPT .example.com
or
1. vi /etc/hosts.deny
sshd:ALL
2. vi /etc/hosts.allow
sshd:.example.com
We can secure the services using tcp_wrappers. There are main two files, /etc/hosts.allow and /etc/hosts.deny.
There will be three stage access checking
- Is access explicitly permitted? Means permitted from /etc/hosts.allow?
- Otherwise, Is access explicitly denied? Means denied from /etc/hosts.deny?
- Otherwise, by default permit access if neither condition matched.
To deny the services we can configure /etc/hosts.deny file using ALL and EXCEPT operation.
Pattern of /etc/hosts.allow and /etc/hosts.deny file is:
Demon_list:client_list:options
In Client list can be either domain name or IP address.
Answer:
Q11. CORRECT TEXT
Make user1, user2 and user3 belongs to training group.
Answer and Explanation:
7. usermod -G training user1
8. usermod -G training user2
9. usermod -G training user3
10. Verify from : cat /etc/group
There are two types of group, I) primary group II) Secondary or supplementary group.
I) Primary Group: Primary group defines the files/directories and process owner group there can be only one primary group of one user.
II) Secondary Group is used for permission. Where permission are defined for group members, user can access by belonging to that group.
Here user1, user2 and user3 belong as supplementary to training group. So these users get the permission of group member.
Answer:
Q12. CORRECT TEXT
You are administrator of Certkiller network. First time you are going to take the full backup of all user's home directory. Take the full backup of /home on /tmp/back file.
Answer and Explanation:
1. dump -0u -f /tmp/back /dev/hda4
dump is the standard backup utility. According to the questions, fullback should take. -0 means fullback, -u means update the /etc/dumpdates which maintains the backup record and -f means filename. If you are directly taking backup into other device, you can specify the device name.
i.e dump -0u -f /dev/st0 /dev/hda4. Where hda4 is a separate partition mounted on /home.
Answer:
Q13. CORRECT TEXT
Add a new logical partition having size 100MB and create the /data which will be the mount point for the new partition.
Answer and Explanation:
Use fdisk /dev/hda àTo create new partition.Type n àFor New partitionsIt will ask for Logical or Primary Partitions. Press l for logical.It will ask for the Starting Cylinder: Use the Default by pressing Enter Key.Type the Size: +100M àYou can Specify either Last cylinder of Size here.Press P to verify the partitions lists and remember the partitions name.Press w to write on partitions table.Either Reboot or use partprobe command.Use mkfs -t ext3 /dev/hda?Ormke2fs -j /dev/hda? àTo create ext3 filesystem.vi /etc/fstabWrite:/dev/hda? /data ext3 defaults 0 0Verify by mounting on current Sessions also:mount /dev/hda? /data
Answer:
Q14. CORRECT TEXT
Add a user named user4 and make primarily belongs to training group. As well account should expire on 30 days from today.
Answer and Explanation:
useradd usernamepasswd usernameusermod -e "date"
example: usermod -e "12 Feb 2006" user4
Verify: chage -l user4
Answer:
Q15. CORRECT TEXT
/data Directory is shared from the server1.example.com server. Mount the shared directory that:
d. when user try to access, automatically should mount
e. when user doesn't use mounted directory should unmount automatically after 50 seconds.
f. Shared directory should mount on /mnt/data on your machine.
Answer and Explanation:
6. vi /etc/auto.master
/mnt /etc/auto.misc --timeout=50
7. vi /etc/auto.misc
8. data -rw,soft,intr server1.example.com:/data
9. service autofs restart
10. chkconfig autofs on
When you mount the other filesystem, you should unmount the mounted filesystem, Automount feature of linux helps to mount at access time and after certain seconds, when user unaccess the mounted directory, automatically unmount the filesystem.
/etc/auto.master is the master configuration file for autofs service. When you start the service, it reads the mount point as defined in /etc/auto.master.
Answer: