RHCSA exam objectives

RHCSA exam candidates should be able to accomplish the tasks below without assistance. These have been grouped into
several categories.

Understand and use essential tools

• Access a shell prompt and issue commands with correct syntax

• Use input-output redirection (>, >>, |, 2>, etc.)
• Use grep and regular expressions to analyze text
• Access remote systems using SSH
• Log in and switch users in multiuser targets
• Archive, compress, unpack, and uncompress files using tar, gzip, and bzip2
• Create and edit text files
• Create, delete, copy, and move files and directories
• Create hard and soft links
• List, set, and change standard ugo/rwx permissions
• Locate, read, and use system documentation including man, info, and files in /usr/share/doc

Create simple shell scripts

• Conditionally execute code (use of: if, test, [], etc.)

• Use Looping constructs (for, etc.) to process file, command line input
• Process script inputs ($1, $2, etc.)
• Processing output of shell commands within a script

Operate running systems

• Boot, reboot, and shut down a system normally

• Boot systems into different targets manually
• Interrupt the boot process in order to gain access to a system

RHCSA exam objectives 1

 • Identify CPU/memory intensive processes and kill processes
• Adjust process scheduling
• Manage tuning profiles
• Locate and interpret system log files and journals
• Preserve system journals
• Start, stop, and check the status of network services
• Securely transfer files between systemsConfigure local storage
• List, create, delete partitions on MBR and GPT disks
• Create and remove physical volumes
• Assign physical volumes to volume groups
• Create and delete logical volumes
• Configure systems to mount file systems at boot by universally unique ID (UUID) or label
• Add new partitions and logical volumes, and swap to a system non-destructively

Create and Configure file systems

• Create, mount, unmount, and use vfat, ext4, and xfs file systems
• Mount and unmount network file systems using NFS
• Configure autofs
• Extend existing logical volumes
• Create and configure set-GID directories for collaboration
• Diagnose and correct file permission problems

Deploy, configure, and maintain systems

• Schedule tasks using at and cron

• Start and stop services and configure services to start automatically at boot
• Configure systems to boot into a specific target automatically
• Configure time service clients
• Install and update software packages from Red Hat Network, a remote repository, or from the local file system
• Modify the system bootloader

Manage basic networking

• Configure IPv4 and IPv6 addresses

• Configure hostname resolution
• Configure network services to start automatically at boot
• Restrict network access using firewall-cmd/firewall

Manage users and groups

• Create, delete, and modify local user accounts

• Change passwords and adjust password aging for local user accounts
• Create, delete, and modify local groups and group memberships
• Configure superuser access

Manage security

• Configure firewall settings using firewall-cmd/firewalld

• Manage default file permissions

RHCSA exam objectives 2

 • Configure key-based authentication for SSH
• Set enforcing and permissive modes for SELinux
• List and identify SELinux file and process context
• Restore default file contexts
• Manage SELinux port labels
• Use boolean settings to modify system SELinux settings
• Diagnose and address routine SELinux policy violations

Manage containers

• Find and retrieve container images from a remote registry

• Inspect container images
• Perform container management using commands such as podman and skopeo
• Perform basic container management such as running, starting, stopping, and listing running containers
• Run a service inside a container
• Configure a container to start automatically as a systemd service
• Attach persistent storage to a container

Manage virtual machines

Explain the high-level architecture of QEMU, KVM and Libvirt

Set up and install virtual machines from ISO images or using other methods

Perform virtual machine management using virsh

Perform basic virtual machine operations such as running, starting, stopping, listing, deleting and monitoring virtual
machines

A deeper look at the most important virtual machine configuration settings

Running containers and virtual machines inside a virtual machine

Configure a virtual machine to start at boot

Virtual machine storage management and performance monitoring

High-level look at virtual machine networking and available tools

Troubleshooting and disaster recovery

Monitoring and identifying issues and warnings using various log files and commands

Typical workflow,procedure and best practices for troubleshooting Linux hardware issues

Typical workflow,procedure and best practices for troubleshooting Linux software issues

Troubleshooting GPU issues - workflow, best practices and available commands and files

Troubleshooting storage issues - workflow, best practices and available commands and files

Troubleshooting sound and video issues - workflow, best practices and available commands and files

Troubleshooting network issues - workflow, best practices and availalbe commands and files

Troubleshooting boot issues - workflow, best practices and available commands and files

Disaster recovery procedure and best practices on Linux systems

As with all Red Hat performance-based exams, configurations must persist after reboot without intervention.

RHCSA exam objectives 3

 Understand and use essential tools

1. Access a Shell Prompt and Issue Commands with Correct Syntax

1. Open a Terminal:

On most Linux distributions, press Ctrl + Alt + T to open a terminal.

2. Basic Command Structure:

A command consists of a command name followed by options and arguments:

command [options] [arguments]

3. Example:

List files in the current directory:

ls -l /home/user

Here, ls is the command, l is the option (long format), and /home/user is the argument (the directory).

2. Use Input-Output Redirection (>, >>, |, 2>, etc.)

1. Standard Output Redirection:

Use > to redirect output to a file (overwrites the file):

echo "Hello, World!" > output.txt

This will create or overwrite output.txt with the text "Hello, World!"

2. Append Output:

Use >> to append output to a file:

echo "Appending text" >> output.txt

3. Pipe Output:

Use | to pass the output of one command as input to another:

ls | grep "filename"

This will list all files and filter those containing "filename".

4. Redirect Errors:

Use 2> to redirect errors to a file:

RHCSA exam objectives 4

 command 2> error.log

3. Use grep and Regular Expressions to Analyze Text

1. Basic grep Usage:

grep searches for patterns in text files or outputs:

grep "pattern" file.txt

2. Use Regular Expressions:

Find Lines Matching a Word:

grep "word" file.txt

Match Lines Starting with a Word:

grep "^word" file.txt

Match Lines Ending with a Word:

grep "word$" file.txt

3. Search in Multiple Files:

Search recursively in a directory:

grep -r "pattern" /path/to/directory

4. Access Remote Systems Using SSH

1. Install OpenSSH Client:

Ensure SSH client is installed:

sudo apt install openssh-client

2. Connect to a Remote System:

Use SSH to log into a remote server:

ssh username@remote_host

3. Use SSH Keys:

Generate SSH Key:

ssh-keygen -t rsa

Copy Public Key to Remote System:

ssh-copy-id username@remote_host

RHCSA exam objectives 5

 4. Verify Connection:

Log in again without a password:

ssh username@remote_host

5. Log in and Switch Users in Multiuser Targets

1. Switch to Another User:

Use su to switch to another user:

su - username

2. Switch to the Root User:

Use sudo su to switch to root:

sudo su

3. Log Out of a User:

Use exit to return to the original user or log out:

exit

4. Switch to a Different Runlevel (Target):

Use systemctl isolate to switch to a different target:

sudo systemctl isolate multi-user.target

6. Archive, Compress, Unpack, and Uncompress Files Using tar, gzip, and bzip2

1. Create a tar Archive:

Use tar to create an archive:

tar -cvf archive.tar /path/to/files

2. Extract a tar Archive:

Extract a tar archive:

tar -xvf archive.tar

3. Compress a File Using gzip:

Compress a file:

gzip file.txt

4. Compress a File Using bzip2:

Compress a file:

RHCSA exam objectives 6

 bzip2 file.txt

5. Uncompress gzip or bzip2:

Uncompress:

gunzip file.txt.gz
bunzip2 file.txt.bz2

7. Create and Edit Text Files

1. Create or Edit Files with nano :

Open a file in nano :

nano file.txt

Save and Exit: Press Ctrl + O to save, Ctrl + X to exit.

2. Create or Edit Files with vim :

Open a file in vim :

vim file.txt

Enter Insert Mode: Press i .

Save and Exit: Press Esc , type :wq , and press Enter .

8. Create, Delete, Copy, and Move Files and Directories

1. Create a File:

touch newfile.txt

2. Delete a File:

rm file.txt

3. Create a Directory:

mkdir newdir

4. Delete a Directory:

rmdir newdir

5. Copy a File:

cp file.txt /path/to/destination

6. Move a File:

RHCSA exam objectives 7

 mv file.txt /path/to/destination

9. Create Hard and Soft Links

1. Create a Hard Link:

Hard links point to the same inode (file data):

ln file.txt hardlink.txt

2. Create a Soft (Symbolic) Link:

Soft links point to another file's path:

ln -s file.txt softlink.txt

10. List, Set, and Change Standard ugo/rwx Permissions

1. View File Permissions:

Use ls -l to view file permissions:

ls -l file.txt

Example output:

-rwxr-xr-- 1 user group 1024 Sep 5 12:34 file.txt

2. Change Permissions:

Use chmod to change permissions:

chmod 755 file.txt

u , g , o stand for user, group, others; r , w , x stand for read, write, execute.

3. Change Ownership:

Use chown to change file ownership:

sudo chown user:group file.txt

11. Locate, Read, and Use System Documentation Including man, info, and Files in /usr/share/doc

1. Using man to Read Manual Pages:

Use man to get the manual of a command:

man ls

2. Using info :

info provides more detailed documentation for some commands:

RHCSA exam objectives 8

 info ls

3. View Documentation in /usr/share/doc :

Navigate to the documentation directory:

cd /usr/share/doc

View README or other files for a specific package:

less /usr/share/doc/<package>/README

This detailed guide walks through basic yet essential Linux system operations, offering practical commands and tools. These
steps cover both common everyday tasks and deeper system management.

Create simple shell scripts

1. Conditionally Execute Code (use of: if, test, [], etc.)

1. Start by Creating a Shell Script:

Open a terminal and create a file using nano or vim .

Example:

nano myscript.sh

2. Use if , then , else , and fi for Conditional Execution:

The basic syntax for conditional execution in a shell script is:

if [ condition ]; then
# code to execute if condition is true
else
# code to execute if condition is false
fi

Example Script:

#!/bin/bash

echo "Enter a number:"

read num

if [ $num -gt 10 ]; then

echo "The number is greater than 10"
else
echo "The number is 10 or less"
fi

RHCSA exam objectives 9

 3. Explanation:

if : Starts the conditional block.

[ condition ] : Tests a condition. Here, gt checks if a number is greater than another.

then : Defines the block of code to execute if the condition is true.

else : (Optional) Executes code if the condition is false.

fi : Ends the if block.

4. Using test :

test is another way to test conditions, but it’s functionally equivalent to using [] .

Example: if test $num -gt 10; then works just like if [ $num -gt 10 ]; then .

5. Run the Script:

Save the file ( Ctrl+X , Y , Enter in nano ).

Make the script executable:

chmod +x myscript.sh

Run the script:

./myscript.sh

2. Use Looping Constructs (for, etc.) to Process File, Command Line Input

1. Using a for Loop:

Loops are used to execute a block of code repeatedly.

Example of a for loop:

#!/bin/bash

for i in 1 2 3 4 5; do
echo "Number: $i"
done

2. Explanation:

for i in 1 2 3 4 5 : Loops through the list 1 2 3 4 5 , assigning each value to i .

do ... done : Defines the block of code to be repeated.

$i : Prints the current value of i .

3. Processing Files in a Directory:

You can use a loop to process files in a directory:

#!/bin/bash

for file in /path/to/directory/*; do

echo "Processing $file"
done

4. Processing Command Line Input:

You can loop over command-line arguments:

RHCSA exam objectives 10

 #!/bin/bash

for arg in "$@"; do

echo "Argument: $arg"
done

Run the script with arguments:

bashCopy code
./myscript.sh arg1 arg2 arg3

5. Using while Loop:

A while loop runs as long as the condition is true:

#!/bin/bash

count=1
while [ $count -le 5 ]; do
echo "Count: $count"
count=$((count + 1))
done

3. Process Script Inputs ( $1 , $2 , etc.)

1. Access Command-Line Arguments:

$1 , $2 , $3 , etc. represent the first, second, third, and so on, arguments passed to the script.

Example:

#!/bin/bash

echo "First argument: $1"

echo "Second argument: $2"

2. Run the Script with Arguments:

Save the script and run it by passing arguments:

./myscript.sh hello world

Output:

First argument: hello

Second argument: world

3. Explanation:

$0 : The name of the script itself.

$# : The number of arguments passed.

$@ : All the arguments as a list.

$1 , $2 , etc.: Individual arguments.

4. Using Input in Conditional Execution:

RHCSA exam objectives 11

 You can use arguments to control logic:

#!/bin/bash

if [ $1 -gt 100 ]; then

echo "The number is greater than 100"
else
echo "The number is 100 or less"
fi

4. Processing Output of Shell Commands Within a Script

1. Use Command Substitution:

To capture the output of a shell command, use backticks ` ` or $() :

#!/bin/bash

current_date=$(date)
echo "Today's date is: $current_date"

2. Explanation:

$(command) captures the output of command and stores it in a variable.

date : This command outputs the current date and time.

3. Using Command Output in a Script:

Example of using the output of ls to list files:

#!/bin/bash

files=$(ls /path/to/directory)
echo "Files in the directory:"
echo "$files"

4. Processing Command Output with a Loop:

You can loop through the output of a command:

#!/bin/bash

for file in $(ls /path/to/directory); do

echo "File: $file"
done

5. Example with grep :

You can use the output of grep inside a script:

#!/bin/bash

matches=$(grep "pattern" file.txt)

echo "Found matches:"
echo "$matches"

RHCSA exam objectives 12

 5. Example Script Using All Concepts Together:
Here’s a script that ties all these concepts into a more advanced example.

#!/bin/bash

# Script to process files and check conditions

echo "Processing files in directory: $1"

directory=$1

# Loop through files in the directory

for file in "$directory"/*; do
if [ -f "$file" ]; then
echo "File: $file"

# Get the file size using the 'stat' command

filesize=$(stat -c%s "$file")
echo "Size of $file is $filesize bytes"

# Check if file size is greater than 1MB (1048576 bytes)

if [ $filesize -gt 1048576 ]; then
echo "$file is larger than 1MB"
else
echo "$file is less than 1MB"
fi
else
echo "$file is not a regular file"
fi
done

How It Works:

1. The script takes a directory as input ( $1 ).

2. It loops through all the files in the directory.

3. For each file, it checks if the file size is greater than 1MB.

4. It outputs the file size and whether the file is larger or smaller than 1MB.

./myscript.sh /path/to/directory

Operate running systems

1. Boot, Reboot, and Shut Down a System Normally

1. Booting the System:

The system automatically boots when powered on. You can manually boot via a virtual machine, cloud server, or
physical system.

During the boot process, the system loads the kernel and then switches to a runlevel (target) based on configuration.

RHCSA exam objectives 13

 2. Reboot the System:

To reboot:

sudo reboot

This safely reboots the system by signaling all processes to stop, unmounting file systems, and restarting the system.

3. Shut Down the System:

To shut down:

sudo shutdown -h now

This halts the system. The h option tells the system to halt, and now specifies an immediate shutdown.

2. Boot Systems into Different Targets Manually

1. Identify Available Targets:

Use systemctl list-units --type target to list all available targets (equivalent to runlevels):

sudo systemctl list-units --type target

2. Change to a Different Target:

To switch to a specific target, such as multi-user mode or graphical mode:

sudo systemctl isolate multi-user.target

Targets:

graphical.target : Full graphical environment.

multi-user.target : Multi-user mode with no GUI.

rescue.target : Single-user mode for rescue purposes.

3. Interrupt the Boot Process to Gain Access to a System

1. Interrupting GRUB:

When the system boots, press Esc (or Shift ) at the GRUB menu to interrupt the boot process.

2. Edit Boot Parameters:

Select the boot entry, press e , and add init=/bin/bash or rw init=/sysroot/bin/sh at the end of the kernel line.

3. Boot into Single-User Mode:

After editing, press Ctrl + X to boot into single-user mode where you can repair or reset system settings.

4. Identify CPU/Memory Intensive Processes and Kill Processes

1. Identify CPU-Intensive Processes:

Use the top or htop command to identify processes consuming high CPU or memory:

top

RHCSA exam objectives 14

 2. Kill a Process:

Find the PID of the process and use the kill command to terminate it:

sudo kill PID

Example:

sudo kill 1234

3. Force Kill a Stuck Process:

If the process doesn’t respond, use kill -9 to forcefully terminate it:

sudo kill -9 PID

5. Adjust Process Scheduling

1. Check Process Priority (Nice Value):

The nice value determines a process's priority, ranging from 20 (highest priority) to 19 (lowest priority).

To check a process’s priority, use top or ps :

ps -o pid,ni,comm

2. Change Process Priority:

To start a process with a modified nice value:

sudo nice -n 10 command

3. Renice a Running Process:

Adjust the nice value of an existing process:

sudo renice -n 5 -p PID

6. Manage Tuning Profiles

1. Install tuned if Not Installed:

Install the tuning service if it's not already present:

sudo apt install tuned

2. List Available Profiles:

View the available profiles:

sudo tuned-adm list

3. Apply a Tuning Profile:

Apply a profile (e.g., virtual-guest , balanced ):

RHCSA exam objectives 15

 sudo tuned-adm profile balanced

4. Check Active Profile:

To see the active profile:

sudo tuned-adm active

7. Locate and Interpret System Log Files and Journals

1. Check System Logs in /var/log :

Logs are stored in /var/log/ for traditional logging systems. Some important logs:

/var/log/syslog : General system logs.

/var/log/auth.log : Authentication logs.

/var/log/kern.log : Kernel logs.

2. Use journalctl for Systemd Logs:

To view logs for the entire system:

sudo journalctl

3. View Logs for a Specific Service:

Example: Viewing logs for sshd :

sudo journalctl -u sshd

4. Filter Logs by Time:

Example: Logs from the last hour:

sudo journalctl --since "1 hour ago"

8. Preserve System Journals

1. Enable Persistent Journals:

By default, systemd journal logs are volatile (stored in memory). To make them persistent, create a directory for
persistent logs:

sudo mkdir -p /var/log/journal

2. Restart the systemd-journald Service:

After making the change, restart the journaling service:

sudo systemctl restart systemd-journald

9. Start, Stop, and Check the Status of Network Services

1. Start a Service:

RHCSA exam objectives 16

 Use systemctl to start a network service (e.g., sshd ):

sudo systemctl start sshd

2. Stop a Service:

To stop the service:

sudo systemctl stop sshd

3. Check the Status of a Service:

To check whether a service is running:

sudo systemctl status sshd

4. Restart a Service:

To restart a service:

sudo systemctl restart sshd

10. Securely Transfer Files Between Systems

1. Use scp to Transfer Files Securely:

Transfer files between two systems using scp :

scp /path/to/local/file user@remote_host:/path/to/remote/destination

2. Download Files from a Remote System:

Example:

scp user@remote_host:/path/to/remote/file /path/to/local/destination

3. Use rsync for More Control:

rsync allows for secure, efficient file transfer with options for compression and syncing:

rsync -avz /path/to/local/dir user@remote_host:/path/to/remote/dir

11. List, Create, Delete Partitions on MBR and GPT Disks

1. List Partitions:

Use fdisk or lsblk to list existing partitions:

sudo fdisk -l

2. Create a New Partition:

Use fdisk to create a partition on an MBR disk:

sudo fdisk /dev/sdX

RHCSA exam objectives 17

 Follow the interactive prompts to create a new partition.

3. Using gdisk for GPT Disks:

For GPT disks, use gdisk instead:

sudo gdisk /dev/sdX

4. Delete a Partition:

Use d in fdisk or gdisk to delete a partition.

12. Create and Remove Physical Volumes

1. Create a Physical Volume:

Use pvcreate to initialize a disk or partition as a physical volume for LVM:

sudo pvcreate /dev/sdX1

2. Remove a Physical Volume:

To remove an LVM physical volume:

sudo pvremove /dev/sdX1

13. Assign Physical Volumes to Volume Groups

1. Create a Volume Group:

Use vgcreate to create a volume group:

sudo vgcreate my_vg /dev/sdX1 /dev/sdY1

2. Extend a Volume Group:

Add more physical volumes to an existing volume group:

sudo vgextend my_vg /dev/sdZ1

14. Create and Delete Logical Volumes

1. Create a Logical Volume:

Use lvcreate to create a logical volume:

sudo lvcreate -L 20G -n my_lv my_vg

2. Delete a Logical Volume:

To delete a logical volume:

sudo lvremove /dev/my_vg/my_lv

15. Configure Systems to Mount File Systems at Boot by UUID or Label

RHCSA exam objectives 18

 1. Find UUID of a Partition:

Use blkid to find the UUID of a disk:

sudo blkid /dev/sdX1

2. Edit /etc/fstab :

Add an entry to /etc/fstab for automatic mounting:

UUID=xxxx-xxxx-xxxx /mnt/my_mountpoint ext4 defaults 0 0

3. Mount by Label:

Instead of UUID, you can also mount by label:

LABEL=my_label /mnt/my_mountpoint ext4 defaults 0 0

16. Add New Partitions and Logical Volumes, and Swap to a System Non-Destructively

1. Create a New Partition Without Destroying Data:

Use parted to create a new partition non-destructively:

sudo parted /dev/sdX mkpart primary ext4 100G 150G

2. Add Swap Space:

Create and enable swap space:

sudo mkswap /dev/sdX2

sudo swapon /dev/sdX2

3. Add Swap Entry to /etc/fstab :

Make swap persistent by adding to /etc/fstab :

/dev/sdX2 none swap sw 0 0

By mastering these steps, you'll gain a deep understanding of how to operate and manage Linux systems effectively. Each
task is essential for system administrators managing both local and remote servers.

Create and configure file systems

1. Create, Mount, Unmount, and Use vfat , ext4 , and xfs File Systems

Create File Systems

1. Creating a vfat File System (commonly used on USB drives or compatibility with older systems):

sudo mkfs.vfat /dev/sdX1

RHCSA exam objectives 19

 mkfs.vfat creates a vfat (FAT32) file system on the specified partition /dev/sdX1 .

2. Creating an ext4 File System (a popular Linux file system):

sudo mkfs.ext4 /dev/sdX1

This formats the partition as an ext4 file system.

3. Creating an xfs File System (used for high-performance systems, especially with large files):

sudo mkfs.xfs /dev/sdX1

This command creates an xfs file system.

Mounting File Systems

1. Mount a File System:

Create a directory to act as the mount point:

sudo mkdir /mnt/my_mountpoint

Mount the partition:

sudo mount /dev/sdX1 /mnt/my_mountpoint

The device /dev/sdX1 will now be mounted at /mnt/my_mountpoint .

2. Verify the Mount:

Use df -h or mount to verify the mounted file systems:

df -h

Unmounting File Systems

1. Unmount a File System:

To unmount the file system:

sudo umount /mnt/my_mountpoint

This unmounts the device from the specified mount point.

2. Force Unmount (if needed):

In case the file system is busy, you may force the unmount:

sudo umount -l /mnt/my_mountpoint

2. Mount and Unmount Network File Systems using NFS

Mounting an NFS File System

1. Install the Required Package:

Install the NFS client utilities if not already installed:

RHCSA exam objectives 20

 sudo apt install nfs-common # Debian/Ubuntu
sudo yum install nfs-utils # RHEL/CentOS

2. Create a Mount Point:

Create a directory to serve as the mount point:

sudo mkdir /mnt/nfs_share

3. Mount the NFS Share:

Mount the remote NFS share:

sudo mount -t nfs <server_IP>:/remote/share /mnt/nfs_share

Example:

sudo mount -t nfs 192.168.1.10:/exported/nfs /mnt/nfs_share

4. Verify the Mount:

Check the mount with df -h or mount :

df -h

Unmounting an NFS File System

1. Unmount the NFS Share:

To unmount the share:

sudo umount /mnt/nfs_share

3. Configure autofs

1. Install the autofs Package:

Install the autofs package:

sudo apt install autofs # Debian/Ubuntu

sudo yum install autofs # RHEL/CentOS

2. Configure the Master File /etc/auto.master :

Add an entry to define the mount point and the map file:

/mnt/nfs_share /etc/auto.nfs

3. Create the Map File /etc/auto.nfs :

Define the remote share and mount options:

nfs_share -fstype=nfs,rw <server_IP>:/remote/share

Example:

RHCSA exam objectives 21

 nfs_share -fstype=nfs,rw 192.168.1.10:/exported/nfs

4. Restart the autofs Service:

Enable and start the autofs service:

sudo systemctl enable autofs

sudo systemctl restart autofs

5. Access the Auto-Mounted Directory:

When you access /mnt/nfs_share , the NFS share will automatically mount.

4. Extend Existing Logical Volumes

1. Check the Available Space on the Volume Group:

List the available space:

sudo vgdisplay

2. Extend the Logical Volume:

Extend the logical volume with the additional space:

sudo lvextend -L +10G /dev/my_vg/my_lv

This adds 10GB to the logical volume my_lv .

3. Resize the File System:

For ext4 file systems, resize the file system to use the additional space:

sudo resize2fs /dev/my_vg/my_lv

For xfs , use xfs_growfs :

sudo xfs_growfs /dev/my_vg/my_lv

4. Verify the New Size:

Use df -h to confirm the new size:

df -h

5. Create and Configure Set-GID Directories for Collaboration

1. Create the Directory:

Create a directory for collaboration:

sudo mkdir /shared_dir

2. Set Group Ownership:

Set a specific group to own the directory:

RHCSA exam objectives 22

 sudo chgrp my_group /shared_dir

3. Set the setgid Bit:

The setgid bit ensures that files created in the directory inherit the group ownership:

sudo chmod 2775 /shared_dir

4. Verify the Permissions:

Use ls -ld to verify the directory has the setgid bit set ( drwxrwsr-x ):

ls -ld /shared_dir

5. Assign Users to the Group:

Add users to the group that owns the directory:

sudo usermod -aG my_group username

6. Test the Setup:

Any file created in /shared_dir will now inherit the group my_group .

6. Diagnose and Correct File Permission Problems

1. Check File Permissions:

Use ls -l to check the permissions of a file or directory:

ls -l /path/to/file_or_dir

2. Diagnose Permission Issues:

Check the user, group, and other permissions. For example, if a file is not writable, it will lack w in the permission
string.

Permissions are represented as rwx (read, write, execute). Example:

-rw-r--r-- 1 user group 12345 Sep 6 12:34 file.txt

This file allows the owner to read/write, and others to only read.

3. Correct Permissions Using chmod :

To modify the file permissions, use chmod . Example: To add write permission for the group:

sudo chmod g+w /path/to/file

4. Change Ownership Using chown :

If ownership is incorrect, change the owner and group:

sudo chown new_owner:new_group /path/to/file

5. Verify Access Using su or sudo :

Switch to the user account and test access:

RHCSA exam objectives 23

 su - username

6. Test File Permissions with sudo -u :

Run a command as another user to test file permissions:

sudo -u username cat /path/to/file

Summary
By following these detailed steps, you will be able to create, manage, and troubleshoot various types of file systems, handle
NFS and autofs configurations, extend logical volumes, set up collaborative directories using setgid , and diagnose and correct
file permission problems. Mastery of these tasks is critical for effectively administering Linux systems.

1. Schedule Tasks Using at and cron

Using at for One-Time Tasks

1. Install at (if not already installed):

sudo apt install at # Debian/Ubuntu

sudo yum install at # RHEL/CentOS

2. Start and Enable the atd Service:

Ensure the atd service is running to process at jobs:

sudo systemctl start atd

sudo systemctl enable atd

3. Schedule a One-Time Task with at :

Example: Schedule a script to run at 6:30 PM:

bashCopy code
echo "bash /path/to/script.sh" | at 6:30 PM

You can also specify a date and time, such as tomorrow or now + 2 minutes .

4. List Pending at Jobs:

Use atq to list scheduled jobs:

atq

5. Remove a Scheduled at Job:

Use atrm to remove a job by its job ID:

atrm <job_id>

Using cron for Recurring Tasks

1. Edit the User's Crontab:

Open the crontab editor:

RHCSA exam objectives 24

 crontab -e

2. Schedule a Recurring Task:

The format for a cron job is minute hour day month day_of_week command . For example, to run a backup script every day at
midnight:

0 0 * * * /path/to/backup.sh

3. List All Scheduled Cron Jobs:

View the user's crontab:

crontab -l

4. Check System-Wide Cron Jobs:

System-wide cron jobs are stored in /etc/crontab or /etc/cron.d .

2. Start and Stop Services and Configure Services to Start Automatically at Boot

1. Start a Service:

Use systemctl to start a service (example: Apache):

sudo systemctl start httpd

2. Stop a Service:

Stop the service:

sudo systemctl stop httpd

3. Enable a Service to Start at Boot:

To ensure the service starts automatically when the system boots:

sudo systemctl enable httpd

4. Disable a Service from Starting at Boot:

To disable automatic start:

sudo systemctl disable httpd

5. Check the Status of a Service:

View the current status of a service:

sudo systemctl status httpd

6. Restart a Service:

Restart a running service:

sudo systemctl restart httpd

RHCSA exam objectives 25

 3. Configure Systems to Boot into a Specific Target Automatically

1. List Available Targets:

Use systemctl list-units --type=target to list available targets (e.g., graphical.target , multi-user.target ):

systemctl list-units --type=target

2. Set the Default Boot Target:

To set the system to boot into a specific target (e.g., multi-user.target ):

sudo systemctl set-default multi-user.target

3. Change the Current Target:

To change the system to another target without rebooting:

sudo systemctl isolate graphical.target

4. Verify the Default Target:

Check the current default target:

systemctl get-default

4. Configure Time Service Clients

Using chrony
1. Install chrony (if not already installed):

sudo apt install chrony # Debian/Ubuntu

sudo yum install chrony # RHEL/CentOS

2. Start and Enable the chronyd Service:

Start the service and enable it to run at boot:

sudo systemctl start chronyd

sudo systemctl enable chronyd

3. Configure NTP Servers in /etc/chrony/chrony.conf :

Edit the configuration file to specify NTP servers:

sudo nano /etc/chrony/chrony.conf

Example of server entries:

server ntp.server1 iburst

server ntp.server2 iburst

4. Restart the chronyd Service:

After changes, restart the service:

RHCSA exam objectives 26

 sudo systemctl restart chronyd

5. Verify Synchronization Status:

Use chronyc to check sync status:

chronyc tracking

Using ntpd (Older Method)

1. Install ntp :

sudo apt install ntp # Debian/Ubuntu

sudo yum install ntp # RHEL/CentOS

2. Configure NTP Servers:

Edit /etc/ntp.conf and add your NTP servers:

sudo nano /etc/ntp.conf

Example:

server ntp.server1
server ntp.server2

3. Start and Enable the ntpd Service:

Start and enable ntpd :

sudo systemctl start ntpd

sudo systemctl enable ntpd

4. Verify Synchronization:

Use ntpq to check synchronization:

ntpq -p

5. Install and Update Software Packages from Red Hat Network, a Remote Repository, or from the
Local File System

Using yum or dnf for Package Management (RHEL/CentOS)

1. Install a Package from a Remote Repository:

Example: Install vim :

sudo yum install vim

2. Update Installed Packages:

Update all installed packages:

sudo yum update

RHCSA exam objectives 27

 3. Install a Package from a Local .rpm File:

Install an .rpm package:

sudo yum install /path/to/package.rpm

Using apt for Package Management (Debian/Ubuntu)

1. Install a Package from a Remote Repository:

Example: Install vim :

sudo apt install vim

2. Update the Package List and Upgrade Installed Packages:

Update the package list and upgrade all installed packages:

sudo apt update

sudo apt upgrade

3. Install a Package from a Local .deb File:

Install a .deb package:

sudo apt install ./package.deb

6. Modify the System Bootloader

Using GRUB (GRand Unified Bootloader)

1. Edit GRUB Configuration File:

The main configuration file for GRUB is /etc/default/grub . Open it for editing:

sudo nano /etc/default/grub

2. Set the Default Boot Entry:

To change the default boot option, modify the GRUB_DEFAULT parameter. Example:

GRUB_DEFAULT=2

3. Set the GRUB Timeout:

Modify the timeout value for how long the GRUB menu is displayed:

GRUB_TIMEOUT=5

4. Update GRUB Configuration:

After making changes, regenerate the GRUB configuration:

sudo grub2-mkconfig -o /boot/grub2/grub.cfg # RHEL/CentOS

sudo update-grub # Debian/Ubuntu

5. Install GRUB to a Specific Device:

RHCSA exam objectives 28

 If you need to reinstall GRUB (e.g., after disk changes), use:

sudo grub-install /dev/sdX

6. Test GRUB Settings:

Reboot the system to ensure the changes are applied correctly:

sudo reboot

Summary
By following these detailed steps, you'll be able to effectively schedule tasks, manage services, configure boot settings, set up
time synchronization, install and update software, and modify the system bootloader. These are essential tasks for maintaining
and configuring Linux systems efficiently.

Manage basic networking

1. Configure IPv4 and IPv6 Addresses

Configure IPv4 Addresses

1. View Current Network Interfaces:

To see the active network interfaces and their IP addresses, use:

ip addr show

2. Manually Assign an IPv4 Address to an Interface:

To assign an IPv4 address (e.g., 192.168.1.100 ) with a subnet mask of 24 bits (which means 255.255.255.0 ) to an
interface ( eth0 ):

sudo ip addr add 192.168.1.100/24 dev eth0

3. Bring the Interface Up:

If the interface is down, bring it up:

sudo ip link set dev eth0 up

4. Add a Default Gateway:

To add a default gateway for your system to reach external networks (e.g., 192.168.1.1 ):

sudo ip route add default via 192.168.1.1

5. Verify the IPv4 Configuration:

Check if the changes are applied correctly:

ip addr show eth0

Persist the IPv4 Configuration (RHEL/CentOS older versions)

RHCSA exam objectives 29

 1. Edit the Network Configuration File:

On RHEL-based systems, the network configuration files are stored in /etc/sysconfig/network-scripts/ . Edit the file for the
interface:

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

2. Add the IPv4 Configuration:

Include the following lines:

BOOTPROTO=none
IPADDR=192.168.1.100
PREFIX=24
GATEWAY=192.168.1.1
ONBOOT=yes

3. Restart the Network Service:

After saving changes, restart the network service:

sudo systemctl restart network

Configure IPv6 Addresses

1. Assign an IPv6 Address:

To assign an IPv6 address (e.g., 2001:db8::1/64 ) to the interface eth0 :

sudo ip -6 addr add 2001:db8::1/64 dev eth0

2. Add an IPv6 Default Gateway:

Add a default gateway for IPv6 (e.g., 2001:db8::fffe ):

sudo ip -6 route add default via 2001:db8::fffe

3. Persist the IPv6 Configuration:

Edit the interface configuration file for eth0 :

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

Add these lines:

IPV6ADDR=2001:db8::1/64
IPV6_DEFAULTGW=2001:db8::fffe

4. Restart the Network Service:

Apply the changes:

sudo systemctl restart network

Persist IPv4 Configuration on RHEL 9

Using nmcli Command-Line Tool

RHCSA exam objectives 30

 nmcli is a command-line tool used to manage NetworkManager.

1. List Available Network Connections:

To list all network connections:

nmcli connection show

2. Edit or Create a Connection:

To modify an existing connection (e.g., Wired connection 1 ):

nmcli connection modify "Wired connection 1" ipv4.addresses 192.168.1.100/24

nmcli connection modify "Wired connection 1" ipv4.gateway 192.168.1.1
nmcli connection modify "Wired connection 1" ipv4.dns "8.8.8.8,1.1.1.1"
nmcli connection modify "Wired connection 1" ipv4.method manual

To create a new connection with static IP settings:

nmcli connection add type ethernet con-name my-static-connection ifname eth0 ip4 192.168.
1.100/24 gw4 192.168.1.1
nmcli connection modify my-static-connection ipv4.dns "8.8.8.8,1.1.1.1"
nmcli connection modify my-static-connection ipv4.method manual

3. Apply Changes and Restart the Connection:

To apply changes and restart the connection:

nmcli connection up "Wired connection 1"

Or for a new connection:

nmcli connection up my-static-connection

4. Verify the Configuration:

Check the configuration to ensure it is applied correctly:

nmcli connection show "Wired connection 1"

Or for a new connection:

nmcli connection show my-static-connection

Using nmtui (NetworkManager Text User Interface)

nmtui is a text-based interface for NetworkManager that can be useful if you prefer a graphical tool over the command line.

1. Open nmtui :

Launch the NetworkManager TUI:

nmtui

2. Edit a Connection:

Use the interface to navigate to Edit a connection . Select the connection you want to modify and press Enter.

RHCSA exam objectives 31

 3. Configure IPv4 Settings:

In the Edit Connection screen, navigate to the IPv4 CONFIGURATION section.

Change the Method to Manual .

Enter the desired IP address, netmask, and gateway in the provided fields.

Add DNS servers if needed.

4. Save Changes and Apply:

Press OK to save changes and exit the editor.

Restart the network connection from the main nmtui menu by choosing Activate a connection , then selecting the
connection to activate it.

5. Verify the Configuration:

To verify the configuration, you can use nmcli or check the connection settings in the nmtui menu.

Using the NetworkManager Configuration Files Directly

For advanced users or scripts, you can also edit the NetworkManager configuration files directly. Configuration files are
located in /etc/NetworkManager/system-connections/ .

1. Locate the Configuration File:

Find the appropriate configuration file for your connection:

ls /etc/NetworkManager/system-connections/

2. Edit the Configuration File:

Open the configuration file with a text editor (e.g., vim or nano ):

sudo nano /etc/NetworkManager/system-connections/my-connection

3. Modify IPv4 Settings:

Edit or add the following sections under [ipv4] :

[ipv4]
method=manual
address1=192.168.1.100/24,192.168.1.1
dns=8.8.8.8;1.1.1.1;

Adjust the address1 , dns , and other settings as needed.

4. Save and Apply Changes:

Save the file and exit the editor.

Restart NetworkManager to apply the changes:

sudo systemctl restart NetworkManager

5. Verify the Configuration:

Use nmcli to check if the settings are correctly applied:

nmcli connection show

RHCSA exam objectives 32

 2. Configure Hostname Resolution

Edit /etc/hosts File for Local Resolution

1. View the /etc/hosts File:

The /etc/hosts file is used for static hostname resolution:

cat /etc/hosts

2. Add Entries to /etc/hosts :

For example, to associate myserver.local with the IP 192.168.1.100 :

sudo nano /etc/hosts

Add the line:

192.168.1.100 myserver.local

3. Test Local Hostname Resolution:

Test the hostname resolution with ping :

ping myserver.local

Configure /etc/resolv.conf for DNS Resolution

1. View Current DNS Configuration:

Check the current DNS configuration in /etc/resolv.conf :

cat /etc/resolv.conf

2. Edit /etc/resolv.conf to Add DNS Servers:

Add or update DNS servers by editing the file:

sudo nano /etc/resolv.conf

Example:

nameserver 8.8.8.8
nameserver 1.1.1.1

3. Make DNS Changes Persistent:

On some systems, /etc/resolv.conf might be overwritten. To prevent this, use resolvconf or edit the network manager’s
configuration (depending on the distribution).

4. Test DNS Resolution:

Ping a domain name to ensure DNS resolution is working:

ping google.com

3. Configure Network Services to Start Automatically at Boot

RHCSA exam objectives 33

 1. Enable a Network Service to Start at Boot:

Example: Enable the NetworkManager service to start at boot:

sudo systemctl enable NetworkManager

2. Verify if the Service is Enabled:

To check if a service is enabled:

sudo systemctl is-enabled NetworkManager

3. Check the Status of a Service:

Example: Check if the NetworkManager service is active:

sudo systemctl status NetworkManager

4. Restart the Service (if needed):

If you need to restart the service:

sudo systemctl restart NetworkManager

5. View Network Services:

To view all active network services:

systemctl list-units --type=service | grep -i network

4. Restrict Network Access Using firewall-cmd (Firewalld)

Basic Firewall Management with firewall-cmd

1. Check the Status of Firewalld:

Check if firewalld is running:

sudo firewall-cmd --state

2. Start and Enable firewalld :

If firewalld is not running, start and enable it:

sudo systemctl start firewalld

sudo systemctl enable firewalld

3. Check the Active Zones:

Firewalld uses zones to define trust levels for different networks. Check active zones:

sudo firewall-cmd --get-active-zones

4. View Allowed Services for a Zone:

Example: View the services allowed in the public zone:

RHCSA exam objectives 34

 sudo firewall-cmd --zone=public --list-services

5. Allow a Service Through the Firewall:

Example: Allow SSH access through the firewall in the public zone:

sudo firewall-cmd --zone=public --add-service=ssh --permanent

6. Reload the Firewall:

After making changes, reload the firewall to apply them:

sudo firewall-cmd --reload

7. Remove a Service from the Firewall:

Example: Block HTTP traffic in the public zone:

sudo firewall-cmd --zone=public --remove-service=http --permanent

sudo firewall-cmd --reload

8. Allow Specific Ports:

Example: Allow traffic on port 8080 in the public zone:

sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent

sudo firewall-cmd --reload

9. Block All Incoming Traffic (Except SSH):

To block all incoming traffic except SSH, switch the default zone to drop (blocks all unless explicitly allowed) and allow
SSH in the drop zone:

sudo firewall-cmd --set-default-zone=drop

sudo firewall-cmd --zone=drop --add-service=ssh --permanent
sudo firewall-cmd --reload

Summary
This guide provides a step-by-step approach to configuring networking features on Linux systems. You’ve learned how to
configure IPv4/IPv6 addresses using both the classic and the modern method, manage hostname resolution, start network
services automatically, and use firewall-cmd to control network access. These tasks are critical for ensuring that your systems
are network-ready and secure.

Manage users and groups

1. Create, Delete, and Modify Local User Accounts

Create a Local User Account

1. Create a User:

To create a new user account (e.g., john ):

RHCSA exam objectives 35

 sudo useradd john

2. Set a Password for the User:

Assign a password to the new user:

sudo passwd john

Follow the prompts to enter and confirm the new password.

3. Verify User Creation:

Check if the user was added successfully by listing users:

getent passwd john

Delete a Local User Account

1. Delete a User:

To remove the user account john :

sudo userdel john

2. Remove User’s Home Directory (Optional):

To remove the user and their home directory:

sudo userdel -r john

3. Verify User Deletion:

Ensure the user is no longer listed:

getent passwd john

Modify a Local User Account

1. Change the User’s Shell:

Change john ’s default shell to /bin/bash :

sudo usermod -s /bin/bash john

2. Change the User’s Home Directory:

Change the home directory of john to /home/newhome :

sudo usermod -d /home/newhome john

3. Verify Modifications:

Check the changes with:

getent passwd john

RHCSA exam objectives 36

 2. Change Passwords and Adjust Password Aging for Local User Accounts

Change a User’s Password

1. Change the Password:

To change the password for john :

sudo passwd john

Follow the prompts to enter and confirm the new password.

2. Verify Password Change:

Test login or use su to switch to the user and check:

bashCopy code
su - john

Adjust Password Aging

1. View Current Password Aging Information:

To view password aging settings for john :

chage -l john

2. Modify Password Aging Settings:

Set the maximum number of days a password is valid to 90:

sudo chage -M 90 john

Set the number of days before a password change is required to 7:

sudo chage -W 7 john

Configure the password to expire after 180 days:

sudo chage -I 180 john

3. Verify Changes:

Check the updated settings:

chage -l john

3. Create, Delete, and Modify Local Groups and Group Memberships

Create a Local Group

1. Create a New Group:

To create a new group called developers :

RHCSA exam objectives 37

 sudo groupadd developers

2. Verify Group Creation:

Check if the group has been created:

getent group developers

Delete a Local Group

1. Delete the Group:

To remove the developers group:

sudo groupdel developers

2. Verify Group Deletion:

Ensure the group is no longer listed:

getent group developers

Modify Group Memberships

1. Add a User to a Group:

To add john to the developers group:

sudo usermod -aG developers john

2. Remove a User from a Group:

To remove john from the developers group:

sudo gpasswd -d john developers

3. Verify Group Memberships:

Check the groups a user is a member of:

groups john

4. Configure Superuser Access

Grant Superuser Access

1. Add a User to the wheel Group (RHEL/CentOS):

On RHEL-based systems, users in the wheel group can execute commands with sudo :

sudo usermod -aG wheel john

2. Verify Group Membership:

Check if john is in the wheel group:

RHCSA exam objectives 38

 groups john

Configure sudo Access

1. Edit the sudoers File:

Use visudo to safely edit the sudoers file:

sudo visudo

2. Add User or Group to sudoers :

To allow john to run all commands as root:

john ALL=(ALL) ALL

To allow the wheel group to run all commands as root (if not already present):

%wheel ALL=(ALL) ALL

3. Save and Exit:

Save the file and exit the editor (usually by pressing Ctrl+X , then Y , and Enter ).

4. Verify sudo Access:

Test sudo access by switching to john and running a command:

su - john
sudo whoami

Summary
This guide covers the essential tasks for managing users and groups in a Linux environment, including creating, deleting, and
modifying accounts, adjusting passwords, and configuring superuser access. By following these steps, you can ensure proper
user and group management, maintain system security, and configure permissions effectively.

Manage security

1. Configure Firewall Settings Using firewall-cmd (Firewalld)

Check Firewall Status

1. Check if Firewalld is Active:

To verify the status of Firewalld:

sudo firewall-cmd --state

If inactive, start it with:

sudo systemctl start firewalld

RHCSA exam objectives 39

 2. Enable Firewalld at Boot:

To enable Firewalld to start automatically at boot:

sudo systemctl enable firewalld

Configure Basic Firewall Rules

1. List All Rules:

To list all current rules and settings:

sudo firewall-cmd --list-all

2. Allow a Service (e.g., HTTP):

To allow incoming HTTP traffic:

sudo firewall-cmd --add-service=http --permanent

3. Add a Port (e.g., 8080):

To open port 8080 for incoming traffic:

sudo firewall-cmd --add-port=8080/tcp --permanent

4. Reload Firewalld to Apply Changes:

After making changes, reload Firewalld:

sudo firewall-cmd --reload

5. Verify Changes:

Ensure the new rules are applied:

sudo firewall-cmd --list-all

2. Manage Default File Permissions

Understand Default Permissions

1. View Default Permissions:

To view default permissions, use the umask command:

umask

Default umask values are typically 0022 , which results in files being created with rw-r--r-- (644) permissions and
directories with rwxr-xr-x (755) permissions.

Change Default Permissions

1. Modify umask Value:

To set a different default permission mask (e.g., 0027 for more restrictive permissions):

RHCSA exam objectives 40

 umask 0027

To make this change permanent, add the umask command to your shell’s configuration file (e.g., ~/.bashrc ):

echo 'umask 0027' >> ~/.bashrc

source ~/.bashrc

2. Verify umask Value:

Check the updated umask :

umask

3. Configure Key-Based Authentication for SSH

Generate SSH Keys

1. Generate SSH Key Pair:

To generate a new SSH key pair:

ssh-keygen -t rsa -b 4096

Follow the prompts to save the key to a file (e.g., ~/.ssh/id_rsa ) and optionally set a passphrase.

2. Verify Key Generation:

Ensure the key files ( id_rsa and id_rsa.pub ) are created in the ~/.ssh directory:

bashCopy code
ls ~/.ssh

Deploy the Public Key

1. Copy Public Key to Remote Server:

Use ssh-copy-id to add your public key to the remote server:

ssh-copy-id user@remote_server

Alternatively, manually copy the public key:

cat ~/.ssh/id_rsa.pub | ssh user@remote_server 'cat >> ~/.ssh/authorized_keys'

2. Verify SSH Key-Based Login:

Test logging in without a password:

ssh user@remote_server

4. Set Enforcing and Permissive Modes for SELinux

Check Current SELinux Mode

RHCSA exam objectives 41

 1. Check SELinux Status:

To view the current mode:

sestatus

Change SELinux Mode

1. Set SELinux to Enforcing Mode:

To switch to enforcing mode:

sudo setenforce 1

2. Set SELinux to Permissive Mode:

To switch to permissive mode:

sudo setenforce 0

3. Make Changes Permanent:

To make the change permanent, edit the SELinux configuration file:

sudo nano /etc/selinux/config

Set SELINUX to enforcing or permissive :

SELINUX=enforcing

Save and close the file, then reboot the system to apply changes:

sudo reboot

5. List and Identify SELinux File and Process Contexts

List File Contexts

1. List Contexts for a Specific File:

To view the SELinux context of a file:

ls -Z /path/to/file

2. List Contexts for All Files in a Directory:

To view contexts for all files in a directory:

ls -Z /path/to/directory

List Process Contexts

1. View Contexts for Running Processes:

To list the SELinux context of running processes:

RHCSA exam objectives 42

 ps -eZ

6. Restore Default File Contexts

Restore Contexts Using restorecon

1. Restore Context for a Specific File:

To restore the default context for a file:

sudo restorecon /path/to/file

2. Restore Context for All Files in a Directory:

To restore contexts for all files in a directory:

sudo restorecon -R /path/to/directory

7. Manage SELinux Port Labels

List SELinux Port Labels

1. List Current SELinux Port Labels:

To view SELinux port contexts:

semanage port -l

Add or Modify Port Labels

1. Add a New Port Label:

To add a new port label for a specific port (e.g., port 8080 for http_port_t ):

sudo semanage port -a -t http_port_t -p tcp 8080

2. Remove a Port Label:

To remove an existing port label:

sudo semanage port -d -t http_port_t -p tcp 8080

8. Use Boolean Settings to Modify System SELinux Settings

List Available SELinux Booleans

1. List All SELinux Booleans:

To view available booleans and their current settings:

getsebool -a

RHCSA exam objectives 43

 Modify SELinux Booleans

1. Enable a Boolean:

To enable a boolean (e.g., httpd_can_network_connect ):

sudo setsebool -P httpd_can_network_connect on

2. Disable a Boolean:

To disable a boolean:

sudo setsebool -P httpd_can_network_connect off

3. Verify Changes:

Check the updated boolean settings:

getsebool httpd_can_network_connect

9. Diagnose and Address Routine SELinux Policy Violations

View SELinux Audit Logs

1. Check Audit Logs for SELinux Violations:

To view SELinux-related log entries:

sudo ausearch -m avc -ts recent

Analyze and Resolve SELinux Violations

1. Install setroubleshoot for Detailed Analysis:

To get detailed explanations of SELinux denials:

sudo dnf install setroubleshoot

2. Review AVC Denials:

Use the sealert tool to analyze AVC denials and get recommendations:

sudo sealert -a /var/log/audit/audit.log

3. Apply Recommendations:

Follow the recommendations provided by sealert to resolve issues.

4. Create Custom Policies (if needed):

If necessary, create custom SELinux policies to address specific issues. For a comprehensive guide on creating
policies, refer to SELinux documentation.

Summary

This detailed guide covers various aspects of managing security in a Linux system, from configuring firewall settings and
managing file permissions to handling SELinux policies and SSH key-based authentication. By following these steps, you can

RHCSA exam objectives 44

 ensure your system’s security is robust, properly configured, and maintained.

Manage containers

1. Find and Retrieve Container Images from a Remote Registry

Find Container Images

1. Search for Images Using podman :

To search for container images in a remote registry (e.g., Docker Hub):

podman search <image_name>

Replace <image_name> with the name of the image you’re looking for (e.g., nginx ).

2. Search for Images Using skopeo :

To search images using skopeo (requires additional setup):

skopeo list-tags docker://docker.io/library/nginx

Retrieve Container Images

1. Pull an Image Using podman :

To pull an image from a remote registry:

podman pull <image_name>:<tag>

Example: To pull the latest nginx image:

podman pull nginx:latest

2. Pull an Image Using skopeo :

To copy an image from one registry to your local system:

skopeo copy docker://docker.io/library/nginx:latest containers-storage:nginx:latest

2. Inspect Container Images

Inspect Using podman

1. Inspect an Image:

To view detailed information about a container image:

podman inspect <image_name>:<tag>

Example: To inspect the nginx image:

RHCSA exam objectives 45

 podman inspect nginx:latest

2. View Specific Information:

To extract specific information (e.g., configuration details):

podman inspect --format '{{.Config.Labels}}' nginx:latest

Inspect Using skopeo

1. Inspect an Image:

To inspect an image on a remote registry:

skopeo inspect docker://docker.io/library/nginx:latest

3. Perform Container Management Using Commands Such as podman and skopeo

Basic Container Management with podman

1. Run a Container:

To start a new container from an image:

podman run -d --name <container_name> <image_name>:<tag>

Example: To run an nginx container:

podman run -d --name mynginx nginx:latest

2. Start a Container:

To start a stopped container:

podman start <container_name>

3. Stop a Container:

To stop a running container:

podman stop <container_name>

4. List Running Containers:

To list all currently running containers:

podman ps

5. List All Containers:

To list all containers (running and stopped):

podman ps -a

6. Remove a Container:

RHCSA exam objectives 46

 To remove a stopped container:

podman rm <container_name>

7. Remove an Image:

To remove a container image:

podman rmi <image_name>:<tag>

Advanced Container Management with skopeo

1. Copy Images:

To copy an image from a remote registry to another registry or local storage:

bashCopy code
skopeo copy docker://docker.io/library/nginx:latest docker://myregistry.com/library/nginx:
latest

2. Sync Registries:

To synchronize images between two registries:

skopeo sync --src docker://docker.io/library/nginx --dest docker://myregistry.com/library/

nginx

4. Run a Service Inside a Container

Run a Service

1. Run a Container with a Service:

To run a service (e.g., a web server) inside a container:

podman run -d --name myservice -p 8080:80 nginx:latest

This command maps port 80 in the container to port 8080 on the host.

2. Verify Service Operation:

Check if the service is running correctly by accessing it via a web browser or curl :

curl http://localhost:8080

5. Configure a Container to Start Automatically as a Systemd Service

Create a Systemd Service Unit

1. Create a Service Unit File:

Create a file named /etc/systemd/system/mycontainer.service with the following content:

[Unit]
Description=My Container Service

RHCSA exam objectives 47

 After=network.target

[Service]
Restart=always
ExecStart=/usr/bin/podman run --rm --name mycontainer -p 8080:80 nginx:latest
ExecStop=/usr/bin/podman stop mycontainer
ExecStopPost=/usr/bin/podman rm mycontainer

[Install]
WantedBy=multi-user.target

2. Reload Systemd Configuration:

To apply the new service unit file:

sudo systemctl daemon-reload

3. Enable and Start the Service:

To enable the service to start at boot:

sudo systemctl enable mycontainer

To start the service immediately:

sudo systemctl start mycontainer

4. Check Service Status:

To check the status of the service:

sudo systemctl status mycontainer

6. Attach Persistent Storage to a Container

Create and Use a Volume

1. Create a Volume:

To create a named volume:

podman volume create myvolume

2. Run a Container with the Volume:

To run a container with the volume attached:

podman run -d --name mycontainer -v myvolume:/data nginx:latest

3. Verify Volume Usage:

To inspect the volume:

podman volume inspect myvolume

4. Access Data in the Volume:

RHCSA exam objectives 48

 Access the data stored in the volume from within the container:

podman exec -it mycontainer /bin/bash

Inside the container, navigate to /data to view or modify the files.

Summary
This detailed guide covers managing containers, including finding and retrieving images, inspecting images, performing basic
container management, running services inside containers, configuring containers to start automatically with systemd , and
attaching persistent storage. By following these steps, you can effectively manage and utilize containers in your Linux
environment.

Manage virtual machines

1. Explain the High-Level Architecture of QEMU, KVM, and Libvirt

QEMU
Overview: QEMU (Quick EMUlator) is an open-source emulator and virtualization tool that can run various operating
systems on different hardware architectures.

Architecture:

User-Space Emulator: Runs CPU and peripheral emulation in user space.

Hardware Emulation: Provides full hardware emulation, supporting multiple architectures (x86, ARM, etc.).

Integration with KVM: When used with KVM, QEMU provides enhanced virtualization performance by leveraging
hardware acceleration.

KVM
Overview: KVM (Kernel-based Virtual Machine) is a Linux kernel module that turns the Linux kernel into a hypervisor.

Architecture:

Kernel Module: Provides the core functionality for virtualization within the Linux kernel.

Virtual CPUs: Manages virtual CPUs and provides access to hardware virtualization features.

Kernel Integration: KVM requires a processor with virtualization extensions (Intel VT-x or AMD-V) for optimal
performance.

Libvirt
Overview: Libvirt is a toolkit and API for managing virtualization platforms, including QEMU and KVM.

Architecture:

Management Layer: Provides a consistent interface for managing different virtualization technologies.

Libvirt Daemon: The libvirtd daemon handles communication with virtual machines and other virtualization services.

Command-Line Tools: Provides tools like virsh and virt-manager for managing VMs.

2. Set Up and Install Virtual Machines from ISO Images or Using Other Methods

Using virt-install

1. Install Required Packages:

RHCSA exam objectives 49

 Ensure virt-install and related tools are installed:

sudo dnf install virt-install libvirt qemu-kvm

2. Create a Virtual Machine:

To create a VM from an ISO image:

sudo virt-install \
--name <vm_name> \
--ram 2048 \
--disk path=/var/lib/libvirt/images/<vm_name>.qcow2,size=20 \
--vcpus 2 \
--os-type linux \
--os-variant <os_variant> \
--cdrom /path/to/iso/image.iso \
--network network=default \
--graphics spice

Replace <vm_name> , <os_variant> , and /path/to/iso/image.iso with appropriate values.

Using virt-manager (Graphical Interface)

1. Launch virt-manager :

Open the Virtual Machine Manager application:

virt-manager

2. Create a New Virtual Machine:

Click "New" and follow the wizard:

Choose "Local install media" to use an ISO image.

Allocate resources (CPU, memory, and disk space).

Configure network settings.

Complete the setup and start the VM.

3. Perform Virtual Machine Management Using virsh

Basic VM Operations

1. Start a Virtual Machine:

To start a VM:

sudo virsh start <vm_name>

2. Stop a Virtual Machine:

To stop a VM:

sudo virsh shutdown <vm_name>

3. List All Virtual Machines:

RHCSA exam objectives 50

 To list all VMs, running or not:

sudo virsh list --all

4. Delete a Virtual Machine:

To delete a VM:

sudo virsh undefine <vm_name>

5. Monitor a Virtual Machine:

To view the status of a VM:

sudo virsh dominfo <vm_name>

4. A Deeper Look at the Most Important Virtual Machine Configuration Settings

VM Configuration Settings

1. Inspect VM Configuration:

To view detailed configuration of a VM:

sudo virsh dumpxml <vm_name>

2. Edit VM Configuration:

To modify VM configuration:

sudo virsh edit <vm_name>

This opens an XML editor for the VM configuration.

3. Key Configuration Parameters:

CPU: Adjust the number of CPUs and cores.

Memory: Set the amount of RAM allocated.

Disk: Configure virtual disks, including size and location.

Network: Define network interfaces and connectivity.

5. Running Containers and Virtual Machines Inside a Virtual Machine

Nested Virtualization

1. Enable Nested Virtualization:

On the host machine, ensure that nested virtualization is enabled:

echo "options kvm-intel nested=1" | sudo tee /etc/modprobe.d/kvm-intel.con

For AMD processors:

echo "options kvm-amd nested=1" | sudo tee /etc/modprobe.d/kvm-amd.conf

RHCSA exam objectives 51

 2. Configure the VM:

When setting up the VM, ensure it has enough resources and enable virtualization extensions in the VM settings.

3. Install Virtualization Tools Inside VM:

Inside the VM, install QEMU and KVM to create and manage nested VMs or containers.

6. Configure a Virtual Machine to Start at Boot

Automatic Startup Configuration

1. Set Auto-Start for a VM:

To configure a VM to start automatically at boot:

sudo virsh autostart <vm_name>

2. Verify Auto-Start Configuration:

To check if a VM is configured to start automatically:

sudo virsh autostart --list

3. Disable Auto-Start:

To disable automatic start for a VM:

sudo virsh autostart --disable <vm_name>

7. Virtual Machine Storage Management and Performance Monitoring

Storage Management

1. List Disk Devices:

To view the disk devices attached to a VM:

sudo virsh domblklist <vm_name>

2. Add or Resize Disk:

To add a new disk to a VM:

sudo virsh attach-disk <vm_name> /path/to/disk.img vdb

To resize an existing disk:

qemu-img resize /path/to/disk.img +10G

3. Monitor Disk Usage:

Use tools like df and du within the VM to check disk space usage.

Performance Monitoring

1. Monitor Resource Usage:

RHCSA exam objectives 52

 Use virt-top to monitor VM performance:

sudo virt-top

2. Check VM Metrics:

Use virsh commands to check VM metrics:

sudo virsh cpu-stats <vm_name>

sudo virsh memstat <vm_name>

8. High-Level Look at Virtual Machine Networking and Available Tools

Networking Overview

1. Understand Network Types:

NAT Network: VMs share the host's IP address.

Bridged Network: VMs get their own IP addresses on the network.

Host-Only Network: VMs can communicate only with the host and other VMs.

2. Configure Networking in virt-manager :

Open virt-manager , select the VM, and navigate to the network settings to configure network interfaces.

3. Use virsh for Network Management:

List Networks:

sudo virsh net-list --all

Start or Stop a Network:

sudo virsh net-start <network_name>

sudo virsh net-destroy <network_name>

4. Network Performance Tools:

iperf : For network performance testing between VMs.

tcpdump : For network traffic analysis.

Summary
This detailed guide covers managing virtual machines with QEMU, KVM, and Libvirt. It includes explanations of architecture,
setup from ISO images, VM management using virsh , advanced configurations, nested virtualization, auto-start
configurations, storage management, performance monitoring, and networking. By following these steps, you can effectively
manage and utilize virtual machines in a Linux environment.

Troubleshooting and disaster recovery

1. Monitoring and Identifying Issues and Warnings Using Various Log Files and Commands

Log Files

RHCSA exam objectives 53

 1. System Logs:

View Logs: Use journalctl to view system logs:

sudo journalctl

Filter Logs: To filter logs by date or service:

sudo journalctl --since "2024-09-01" --until "2024-09-05"

sudo journalctl -u <service_name>

2. Log Files in /var/log :

Syslog: General system log:

sudo less /var/log/syslog

Messages: Contains system messages and errors:

sudo less /var/log/messages

Auth.log: Authentication and security-related logs:

sudo less /var/log/auth.log

Boot.log: Boot process messages:

sudo less /var/log/boot.log

3. Kernel Logs:

dmesg: Display kernel ring buffer messages:

dmesg

Commands
1. top and htop : Monitor system processes and resource usage:

top
htop

2. vmstat : Report virtual memory statistics:

vmstat

3. iostat : Monitor system input/output device loading:

iostat

4. netstat : Display network connections and statistics:

netstat -tuln

2. Typical Workflow, Procedure, and Best Practices for Troubleshooting Linux Hardware Issues

RHCSA exam objectives 54

 Workflow
1. Identify Symptoms:

Determine what hardware issue is affecting the system (e.g., unresponsive system, boot issues).

2. Check Physical Connections:

Ensure all hardware components (e.g., cables, drives) are properly connected.

3. Examine Hardware Logs:

dmesg: Check for hardware-related messages:

dmesg | grep -i error

4. Run Diagnostics:

Use built-in diagnostics tools or third-party utilities to test hardware components.

Procedure
1. CPU Issues:

Check CPU Temperature:

sensors

2. Memory Issues:

Run memtest86+ : Boot from a live CD or USB to test memory.

3. Disk Issues:

Check Disk Health:

sudo smartctl -a /dev/sda

Best Practices
1. Regular Backups: Ensure regular backups are performed to prevent data loss.

2. Hardware Monitoring: Use tools like lm-sensors to monitor hardware health.

3. Documentation: Keep records of hardware configurations and issues.

3. Typical Workflow, Procedure, and Best Practices for Troubleshooting Linux Software Issues

Workflow
1. Identify Symptoms:

Determine the nature of the software issue (e.g., application crashes, system errors).

2. Check Logs:

Review relevant log files ( /var/log and application-specific logs).

3. Replicate the Issue:

Try to reproduce the problem to understand its context.

4. Update and Reinstall:

Ensure software is up-to-date or reinstall if necessary.

Procedure
1. Application Crashes:

RHCSA exam objectives 55

 Check Application Logs:

less /var/log/<app_name>.log

2. Dependency Issues:

Check for Missing Dependencies:

ldd /path/to/executable

3. Configuration Issues:

Review Configuration Files: Ensure settings are correct and consistent.

Best Practices
1. Regular Updates: Keep all software up-to-date to avoid bugs and vulnerabilities.

2. Use Package Managers: Use package managers like dnf , apt , or yum to handle software installations and updates.

3. Document Changes: Keep track of software changes and configurations.

4. Troubleshooting GPU Issues - Workflow, Best Practices, and Available Commands and Files

Workflow
1. Identify Symptoms:

Determine GPU-related issues (e.g., graphical glitches, poor performance).

2. Check Logs:

Xorg Logs: Review X server logs for GPU-related messages:

less /var/log/Xorg.0.log

3. Test GPU:

Use GPU-specific tools to test performance and functionality.

Best Practices
1. Update Drivers: Ensure GPU drivers are up-to-date.

2. Monitor Temperature: Check GPU temperature to prevent overheating.

Commands and Files

1. Check GPU Status:

NVIDIA:

nvidia-smi

AMD:

amdconfig --od-gettemperature

2. Review Configuration:

Xorg Configuration: Verify GPU settings in /etc/X11/xorg.conf .

3. Diagnostic Tools:

Use tools like glxinfo for OpenGL information:

RHCSA exam objectives 56

 glxinfo | grep "OpenGL"

5. Troubleshooting Storage Issues - Workflow, Best Practices, and Available Commands and Files

Workflow
1. Identify Symptoms:

Determine the nature of storage issues (e.g., disk errors, slow performance).

2. Check Disk Health:

SMART Data:

sudo smartctl -a /dev/sda

3. File System Errors:

Check and Repair Filesystems:

sudo fsck /dev/sda1

Best Practices
1. Regular Backups: Ensure regular backups to prevent data loss.

2. Monitor Disk Usage: Use tools to monitor disk health and usage.

Commands and Files

1. Disk Usage:

Check Disk Space:

df -h

2. Disk Performance:

Monitor Disk I/O:

iostat

3. File System Usage:

Check File System:

tune2fs -l /dev/sda1

6. Troubleshooting Sound and Video Issues - Workflow, Best Practices, and Available Commands
and Files

Workflow
1. Identify Symptoms:

Determine sound or video issues (e.g., no audio, display problems).

2. Check Logs:

Review logs related to sound and video.

3. Test Hardware:

RHCSA exam objectives 57

 Use diagnostic tools to test audio and video hardware.

Best Practices
1. Update Drivers: Ensure audio and video drivers are up-to-date.

2. Check Connections: Verify all physical connections and settings.

Commands and Files

1. Sound Issues:

List Sound Devices:

aplay -l

Test Sound:

speaker-test -c2

2. Video Issues:

Check Video Device:

xrandr --listmonitors

Check Video Logs:

less /var/log/Xorg.0.log

7. Troubleshooting Network Issues - Workflow, Best Practices, and Available Commands and Files

Workflow
1. Identify Symptoms:

Determine network-related issues (e.g., connectivity problems, slow speeds).

2. Check Network Configuration:

Verify network settings and configurations.

3. Use Network Diagnostic Tools:

Use commands to diagnose and troubleshoot network issues.

Best Practices
1. Regular Monitoring: Monitor network performance and connectivity.

2. Update Network Drivers: Ensure network drivers are up-to-date.

Commands and Files

1. Check Connectivity:

Ping:

ping google.com

Traceroute:

traceroute google.com

RHCSA exam objectives 58

 2. Network Interfaces:

List Interfaces:

ip addr show

3. Network Logs:

Review Logs:

less /var/log/syslog

8. Troubleshooting Boot Issues - Workflow, Best Practices, and Available Commands and Files

Workflow
1. Identify Symptoms:

Determine boot-related issues (e.g., failure to boot, booting into recovery).

2. Check Boot Logs:

Review logs for errors during the boot process.

3. Test Boot Configuration:

Verify boot loader and configuration files.

Best Practices
1. Regular Updates: Keep boot loader and kernel up-to-date.

2. Create Bootable Media: Have a bootable USB or CD for recovery.

Commands and Files

1. Boot Logs:

View Logs:

less /var/log/boot.log

2. Boot Loader Configuration:

Check GRUB Configuration:

cat /etc/default/grub
sudo update-grub

3. Recovery Mode:

Access Recovery Mode: Use GRUB to boot into recovery mode.

9. Disaster Recovery Procedure and Best Practices on Linux Systems

Procedure
1. Create and Test Backups:

Regularly create backups and test them for reliability.

2. Develop a Recovery Plan:

Document recovery procedures and create a step-by-step guide.

3. Boot from Live Media:

RHCSA exam objectives 59

 Use live CDs/USBs to access and repair systems.

4. Restore from Backup:

Use backup tools to restore data and system configurations.

Best Practices
1. Automated Backups: Schedule regular automated backups.

2. Off-Site Backups: Store backups in a secure off-site location.

3. Regular Testing: Periodically test backups and recovery procedures.

4. Documentation: Maintain detailed documentation of recovery procedures and configurations.

This detailed guide provides an in-depth approach to troubleshooting and disaster recovery, covering various aspects from log
file analysis to best practices for handling different types of issues and ensuring system reliability.

RHCSA exam objectives 60