Tuesday, 7 June 2016

RHCE 7 Exam Practice with Solution Part-1 (EX 300)

1) configure your systems that should be running Enforcing

Solution: 
[root@server ~]# vim /etc/selinux/config

SELINUX=enforcing

[root@server ~]# reboot

after reboot check that selinux status using following command

[root@server ~]# getenforce
Enforcing

Do the same for desktop machine also....

2) configure repository
--->create a repository for your virtual machines
--->The url is http://station.network0.example.com/content/rhel7.0/x86_64/dvd
Solution:
[root@server ~]# vim /etc/yum.repos.d/server.repos
[server]
name= Siratun Jannat
baseurl= http://station.network0.example.com/content/rhel7.0/x86_64/dvd
gpgcheck= 0

[root@server ~]# yum clean all
[root@server ~]# yum repolist

Do the same for desktop machine also....


3) ssh configuration
--->configure ssh access on your virtual machines as follows
--->clients witin my22ilt.org shouldnot access to ssh on your systems

Solution: 

[root@server ~]#yum install openssh-server
[root@server ~]#systemctl start sshd
[root@server ~]#yum enable sshd
[root@server ~]#firewall-cmd --permanent --add-service=ssh
[root@server ~]#firewall-cmd --reload
[root@server ~]#firewall-config
-->Permanent
-->Rich Rule
-->add-->ipv4 (family)
 -->element -->service -->ssh
 -->action -->reject
 -->source Address-->172.16.0.0/24    --(my22ilt.org )
--> reload firewalld

Now check firewall list that rules applied or not using following command

[root@server ~]#firewall-cmd --list-all

Do the same for desktop machine also....



       
4) configure port forwarding.

--->configure serverX to forward traffic incoming on port 80/tcp from desktop to port on 5243/tcp.

Solution:

[root@server ~]#firewall-config
-->Permanent
-->Rich Rule
-->add-->ipv4 (family)
 -->element -->port-forward
 -->source-->protocol-->tcp
-->port/port Range 5243
-->Local Forwarding 22
 -->source Address-->172.16.25.0/24    --(Server IP )
--> reload firewalld

[root@server ~]# firewall-cmd --list-all

 rich rules:
        rule family="ipv4" source address="172.16.25.0/24" forward-port port="5243" protocol="tcp" to-port="22"
[root@server ~]#



5) simple command
--->create a command called qsatat on both serverX and desktopX
--->It should able to execute the following command
(ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm)
---> The command should be executable by all users

Solution:

[root@server ~]#vim /etc/bashrc
qstat()
{
ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
}
[root@server ~]#source /etc/bashrc
[root@server ~]#qstat

Do the same for desktop machine also....


6) configure ipv6 network

--->create eth0 with a static ipv6 addresses as follows
--->configure a static ipv6 address in serverX as fddb:fe2a:ab1e::c0a8:64/64
--->desktop as fddb:fe2a:ab1e::c0a8:02/64

Solution: 

--Server Machine---
[root@server ~]# nmcli connection modify eno16777736 ipv6.addresses fddb:fe2a:ab1e::c0a8:64/64 ipv6.method static connection.autoconnect yes
[root@server ~]# nmcli connection down eno16777736;nmcli connection up eno16777736
[root@server ~]#ping6 fddb:fe2a:ab1e::c0a8:64

--Desktop Machine---

[root@server ~]# nmcli connection modify eno16777736 ipv6.addresses fddb:fe2a:ab1e::c0a8:02/64 ipv6.method static connection.autoconnect yes
[root@server ~]# nmcli connection down eno16777736;nmcli connection up eno16777736
[root@server ~]#ping6 fddb:fe2a:ab1e::c0a8:02

No comments:

Post a Comment