Sie sind auf Seite 1von 7

RHCE Solved Paper RHEL 6.

0
NETWORK INFORMATION
1.desktop45.example.com (hostname)
2.ipadd=192.168.0.45
3.example.com=192.168.0.0/24(Network Address)
4.remote.test=192.168.1.0/24(crackers Address)
#setup
#/etc/init.d/network restart
#ping 192.168.0.254
#vim base.repo

1. Selinux
Set SELinux to enforcing mode
#setenforece 1
#lokkit selinux=enforcing
#sestatud
2. IPforward
Configure your host such that it can forward ipv4 packets .
#vim /etc/sysctl.conf
net.ipv4.ip_forward=1
:wq!
#sysctl -p
3. SMTP
Configure an SMTP mail server. Your host should be able to receive remote
mails.
Mail of <user> should be spooled to /var/spool/mail/<user> .
#yum install postfix* -y
#rpm -qa postfix
#vim /etc/postfix/main.cf
inet_interface=all (remove comment)
#inet_interface=localhost (comment here)
:wq!
#/etc/init.d/postfix restart
#chkconfig postfix on
Check from Physical Machine.. (Remote Testing)

#mail root@desktop45.example.com
Check on virtual m/c..will get mail..
4. ALIAS
All mails sent to admin user should be directed to natasha
#vim /etc/alises
admin: natasha
:wq!
#newalises
Check from Physical Machine.. (Remote Testing)
#mail admin@desktop45.example.com
Check on virtual m/c..will get mail.
#su natasha
$mail
5. Script
Create a script in bash /root/script.sh such that ,If the script is run in
the
following manner # /root/script.sh python
o/p > perl
AND
# /root/script.sh perl
o/p > python
Make sure that if the no. arguement is not provided properly , then error
o/p
should be displayed as
o/p > Invalid Arguement
If wrong arguement is provided , then error o/p should be displayed as
o/p > python|perl
#vim script.sh
#!/bin/bash
if [ $# -ne 1 ]; then
echo -e \nInvalid Entry\n
elif [ $1 = "perl" ]; then
echo -e \npython\n
elif [ $1 = "python" ]; then
echo -e \nperl\n

else
echo -e \nperl|python\n
fi
:wq!
#chmod u+x script.sh
#./script.sh perl
6. FTP
Configure an ftp server. User <user> should be able to login via ftp .
anonymous user can download from your site.
(.my133.org) .remote.test should be denied access to ftp server.
#yum install vsftpd*
#vim /etc/vsftpd/vsftpd.conf
tcp_wrappers=YES
:wq!
#/etc/init.d/vsftpd restart
#chkconfig vsftpd on
#getsebool -a | grep ftp
#setsebool -P ftp_home_dir 1
#yum install nmap*
#nmap 192.168.0.45 (To check the service)
#vim /etc/host.deny
vsftpd:ALL EXCEPT .example.com
:wq!
Check from Physical Machine.. (Remote Testing)
#ftp 192.168.0.45 (virtual m/c ip)
7. NFS
Share a directory /nfsshare over a n/w ,accessable to (domainX.example.com)
.example.com network.
Your share can be remotely tested from your physical host in
(/nfs/domainXshare) /nfs/desktopX . xxx
#mkdir /nfsshare
#yum install nfs* -y
#rpm -qa nfs-utils
#vim /etc/exports
/nfsshare 192.168.0.0/255.255.255.0(sync)
:wq!
#/etc/init.d/nfs restart
#chkconfig nfs on
Check from Physical Machine.. (Remote Testing)
#showmount -e 192.168.0.45
#cd /nfs/domainsXhare

8. LOOP
Mount an iso file /root/boot.iso on /disk . This mount should be persistant
across system restart
#mkdir /disk
#vim /etc/fstab
/root/boot.iso /disk auto or(iso9660) defaults,loop 0 0
:wq!
#mount -a
#df -hT
9. SSH
Congigure ssh server.
This service must be accessable only over (domainX.example.com)
.example.com network .
#yum install openssh-server* -y
#yum install sshd*
#/etc/init.d/sshd restart
#chkconfig sshd on
#vim /etc/host.deny
sshd:ALL EXCEPT .example.com
:wq!
Check from Physical Machine.. (Remote Testing)
#ssh natasha@desktop45.example.com
10. Website
Host an apache webserver over your hostname.
The webpage to be hosted is shared as
(ftp://host.domainX.example.com/pub/web/station.html)
ftp://instructor.example.com/pub/web/station.html.
The name resolution is provided on your dns server.
Do not edit the webpage contents .
#yum install httpd*
#lftp 192.168.0.254(server)
>ls > cd pub/web
> get station.html
#cp station.html /var/www/html/index.html
#vim /etc/httpd/conf/httpd.conf
copy last 7 lines & paste
<virtualHost desktop45.example.com:80>
ServerAdmin webmaster@desktop45.example.com
DocumentRoot /var/www/html
ServerName desktop45.example.com

:wq!
#httpd -t
#/etc/init.d/httpd restart
#chkconfig httpd on
#restorecon -Rv /var/www/html
#elinks http://desktop45.example.com
Check from Physical Machine.. (Remote Testing)
#elinks http://desktop45.example.com
11. iSCSI
Import an iscsi disk from the server <hostname.domainname>
instructor.example.com.
The iscsi disk must be mounted as /mnt/iscsi.Download iscsi.txt file in
mounted directory from(ftp://host.domainX.example.com/pub/)
This mount should be persistant across reboot.
#yum install iscsi-initiator-utils*
#iscsiadm -m discovery -t st -p 192.168.0.254
It gives iqn.no copy & paste it to login
#iscsiadm -m node -T iqn.no (paste) -l
#fdisk /dev/sdb
create a partition>
#mkfs.ext4 /dev/sdb1
#mkdir /mnt/iscsi
#blkid /dev/sdb1 (It gives UUID)
#vim /etc/fstab
UUID /mnt/iscsi ext4 defaults,_netdev 0 0
:wq!
#mount -a
#cd /mnt/iscsi
#lftp 192.168.0.254>download iscsi.txt file
#df -hT
12. V Web
Host a virtual website over (wwwX.domainX.example.com) d.example.com . The
webpage to be hosted
is shared as (ftp://host.domainX.example.com/pub/web/www.html)
ftp://instructor.example.com/pub/web/www.html .
Create a DocumentRoot /var/www/virtual for hosting this page.
Owner of /var/www/virtual should be harry.
The name resolution is provided on your dns server.
#lftp 192.168.0.254
>cd pub/web

> get http://www.html


#mkdir /var/www/virtual
#cp http://www.html /var/www/virtual/index.html
#vim /etc/httpd/conf/httpd.conf
NamevirtualHost desktop45.example.com
copy last 7 lines & paste
<virtualHost www45.example.com:80>
ServerAdmin webmaster@www45.example.com
DocumentRoot /var/www/virtual
ServerName www45.example.com
:wq!
#httpd -t
#/etc/init.d/httpd restart
#chkconfig httpd on
#restorecon -R /var/www/virtual
#chown harry /var/www/virtual
#elinks http://www45.example.com
Check from Physical Machine.. (Remote Testing)
#elinks http://www45.example.com
15. copy the file station.html to /var/www/html/secure/index.html. Secure the file & make
it available to only localhost over apache webserver .
#mkdir /var/www/html/secure
#cp station.html /var/www/html/secure/index.html
#vim /etc/httpd/conf/httpd.conf
<Directory /var/www/html/secure>
order deny,allow
Allow from desktop45.example.com
Deny all
</Directory>
:wq!
#httpd -t
#/etc/init.d/httpd restart
#chkconfig httpd on
#elinks http://www45.example.com
Check from Physical Machine.. (Remote Testing)
#elinks http://www45.example.com
13. Samba
Create a samba share /samba with share name samba .
Your workgroup should be IT .
this share should be browsable . The natasha <user> can access this share

as readable only .
This share is accessable only over (domainX.example.com) example.com .
#yum install samba*
#mkdir /samba
#vim /etc/samba/smb.conf
workgroup=WORKGROUP
copy last 7 lines & paste
[samba]
path=/samba
browsable=yes
read list=natasha
hosts allow= 192.168.0.
:wq!
#testparm
#smbpasswd -a natasha
#/etc/init.d/smb restart
#chkconfig smb on
#chcon -R -t samba_share_t /samba
#smbclient //192.168.0.45/samba -U natasha
14. Cron deny
The user jean should not be able to add a cron job for herself.
#vim /etc/cron.deny
jean
:wq!
#su jean
$crontab -e
It will not allow jean.
16. Pass a parameter sysvctl=1 to your kernel at boot time
. changes made should be persistant .
#vim /boot/grub/grub.conf
After kernal entry,last write
sysvctl=1
:wq!