07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari

Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 1/18
Free Tri al
RHCSA/RHCE Red Hat Linux Certification Study Guide
(Exams EX200 & EX300), Sixth Edition
By: Jang Michael
Publisher: McGraw-Hill
Pub. Date: June 17, 2011
Print ISBN-13: 978-0-07-176565-7
Web ISBN-13: 978-0-07-176567-1
Pages in Print Edition: 1072
Subscriber Rating: [7 Ratings] Subscriber Reviews
Overview Table of
Contents
Search This
Book
Cookies are important to the proper functioning of this site. By continuing to browse this site, you agree to accept cookies. Find out more here.
Download Safari Books Online apps: Apple iOS | Android | BlackBerry
Help Sign In Reactivate Subscribe
Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.
Table of Contents

Copyright
About the Contributors
Acknowledgments
Preface
Introduction
1 Prepare for Red Hat Hands-on Certifications
The RHCSA and RHCE Exams
The Exam Experience
The RHCSA Exam
The RHCE Exam
If You're Studying "Just" for the RHCSA Exam
Evolving Requirements
Basic Hardware Requirements
Hardware Compatibility
Architectures
RAM Requirements
Hard Drive Options
Networking
Virtual Machine Options
Get Red Hat Enterprise Linux
Purchase a Subscription
Get an Evaluation Copy
Third-Party Rebuilds
Entire Site
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 2/18
Check the Download
Installation Requirements
You Won't Start from Scratch
The Advantages of Network Installation
Red Hat and Virtual Machines
Virtual and Physical Systems
A Pre-installed Environment for Practice Labs
System Roles
Installation Options
Boot Media
CD/DVD or Boot USB Starts Installation
Basic Installation Steps
The Installation Perspective on Partitions
Partition Creation Exercises
Exercise 1-1: Partitioning During Installation
Configure the Bootloader
Wow, Look at All That Software!
Baseline Packages
Package Groups
On Reboot
System Setup Options
The First Boot Process
Default Security Settings
Special Setup Options for Virtual Machines
Configure Default File Sharing Services
Mount and Copy the Installation DVD
Set Up a Default Configuration Apache Server
Exercise 1-2: Configure Apache as an Installation Server
Share Copied Files via FTP Server
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
2 Virtual Machines and Automated Installations
Configure KVM for Red Hat
Why Virtual Machines
If You Have to Install KVM
The Right KVM Modules
Configure the Virtual Machine Manager
Exercise 2-1: Create a Second Virtual Network
Configure a Virtual Machine on KVM
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 3/18
Configure a Virtual Machine on KVM
Exercise 2-2: Add Virtual Hard Drives
KVM Configuration Files
Control Virtual Machines from the Command Line
Automated Installation Options
Kickstart Concepts
Set Up Local Access to Kickstart
Set Up Network Access to Kickstart
Sample Kickstart File
Exercise 2-3: Create and Use a Sample Kickstart File
The Kickstart Configurator
Administration with the Secure Shell
Configure an SSH Client
Command Line Access
More SSH Command Line Tools
Graphical Secure Shell Access
Consider Adding These Command Line Tools
Checking Ports with telnet
Checking Ports with nmap
Configure an E-Mail Client
The Use of Text and Graphical Browsers
Using lftp to Access URLs
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
3 Fundamental Command Line Skills
Shells
Other Shells
Terminal Consoles
GUI Shell Interfaces
Differences Between Regular and Administrative Users
Text Streams and Command Redirection
Standard Command Line Tools
File and Directory Concepts
File Lists and ls
File Creation Commands
Wildcards
File Searches
The Management of Text Files
Commands to Read Text Streams
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 4/18
Commands to Process Text Streams
Edit Text Files at the Console
Exercise 3-1: Using vi to Create a New User
If You Don't Like vi
Edit Text Files in the GUI
Local Online Documentation
When You Need Help
A Variety of man Pages
The info Manuals
Detailed Documentation in /usr/share/doc
A Networking Primer
IP Version 4 Numbers and Address Classes
Basic IP Version 6 Addressing
How to Define a Network with IP Addresses
Tools, Commands, and Gateways
Network Configuration and Troubleshooting
Network Configuration Files
Network Configuration Tools
Exercise 3-2: Configure a Network Card
Hostname Configuration Files
Hostname Configuration Options
The Network Manager Applet
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
4 RHCSA-Level Security Options
Basic File Permissions
File Permissions and Ownership
Basic User and Group Concepts
The umask
Commands to Change Permissions and Ownership
Special File Attributes
Access Control Lists and More
Every File Already Has an ACL
Make a Filesystem ACL Friendly
Manage ACLs on a File
Configure a Directory for ACLs
Special Restrictions with ACLs
ACLs and Masks
Exercise 4-1: Use ACLs to Deny a User
NFS Shares and ACLs
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 5/18
Basic Firewall Control
Standard Ports
A Focus on iptables
Keep That Firewall in Operation
The Default RHEL 6 Firewall
The Firewall Configuration Tools
Exercise 4-2: Adjust Firewall Settings
A Security-Enhanced Linux Primer
Basic Features of SELinux
SELinux Status
SELinux Configuration at the Command Line
Configure Basic SELinux Settings
Configure Regular Users for SELinux
Manage SELinux Boolean Settings
List and Identify SELinux File Contexts
Restore SELinux File Contexts
Identify SELinux Process Contexts
Diagnose and Address SELinux Policy Violations
The GUI SELinux Management Tool
The SELinux Troubleshoot Browser
Exercise 4-3: Test an SELinux User Type
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
5 The Boot Process
The BIOS and the UEFI
Basic System Configuration
Startup Menus
Access to Linux Bootloaders
Bootloaders and GRUB
GRUB, the GRand Unified Bootloader
Boot into Different Runlevels
Exercise 5-1: Boot into a Different Runlevel
Modify the System Bootloader
More Options
GRUB Security and Password Protection
How to Update GRUB
Effects of GRUB Errors
The GRUB Command Line
Exercise 5-2: Using the GRUB Command Line
Create Your Own GRUB Configuration File
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 6/18
An Option to Booting from GRUB: Rescue Mode
Between GRUB and Login
Kernels and the Initial RAM Disk
The First Process, Runlevels, and Services
Switch Between Runlevels
Reboot and Shut Down a System Normally
Upstart Replaces SysVInit
Upstart Configuration Files
Terminals and Login Screens
Control by Runlevel
Functionality by Runlevel
The Innards of Runlevel Scripts
Service Configuration from the Command Line
The Text Console Service Configuration Tool
The GUI Service Configuration Tool
Network Configuration
Network Configuration Commands
Network Configuration Files
The /etc/sysconfig/network-scripts Files
Red Hat Configuration Tools
Exercise 5-3: Modify Network Interfaces with the Network Connections Tool
Configure Name Resolution
Exercise 5-4: Revise Network Interfaces on a Cloned System
Time Synchronization
An NTP Client
Date/Time Properties
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
6 Linux Filesystem Administration
Storage Management and Partitions
Current System State
The fdisk Utility
The parted Utility
Graphical Options
Exercise 6-1: Work with fdisk and parted
Filesystem Formats
Standard Formatting Filesystems
Journaling Filesystems
Filesystem Format Commands
Swap Volumes
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 7/18
Filesystem Check Commands
Filesystem Conversions
Exercise 6-2: Format, Check, and Mount Different Filesystems
Basic Linux Filesystems and Directories
Separate Linux Filesystems
Directories That Can Be Mounted Separately
Logical Volume Management (LVM)
Definitions in LVM
Create a Physical Volume
Create a Volume Group
Create a Logical Volume
Make Use of a Logical Volume
More LVM Commands
Remove a Logical Volume
Resize Logical Volumes
The GUI Logical Volume Management Tool
Volume Encryption with the Linux Unified Key Setup
Passwords, Passphrases, and More
Encryption During Installation
Prepare and Initialize Encryption
Prepare the New Filesystem
Create the New Filesystem
Filesystem Management
The /etc/fstab File
Universally Unique Identifiers in /etc/fstab
The mount Command
More Filesystem Mount Options
Virtual Filesystems
Add Your Own Filesystems to /etc/fstab
Removable Media and /etc/fstab
Networked Filesystems
The Automounter
Mounting via the Automounter
Exercise 6-3: Configure the Automounter
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
7 Package Management
The Red Hat Package Manager
What Is a Package?
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 8/18
What Is a Red Hat Package?
What Is a Repository?
Install an RPM Package
Uninstall an RPM Package
Install RPMs from Remote Systems
RPM Installation Security
Special RPM Procedures with the Kernel
More RPM Commands
Package Queries
Package Signatures
File Verification
Different Databases of Installed Packages
Dependencies and the yum Command
An Example of Dependency Hell
Relief from Dependency Hell
Basic yum Configuration
The Basic yum Configuration File: yum.conf
Configuration Files in the /etc/yum/pluginconf.d Directory
Configuration Files in the /etc/yum.repos.d Directory
Create Your Own /etc/yum.repos.d Configuration File
Exercise 7-1: Create a yum Repository from the RHEL 6 DVD
Third-Party Repositories
Basic yum Commands
Installation Mode
Security and yum
Updates and Security Fixes
Package Groups and yum
More yum Commands
More Package Management Tools
The GNOME Software Update Tool
Automated Updates
GNOME Add/Remove Software Tool
Exercise 7-2: Installing More with yum and the Add/Remove Software Tool
The Red Hat Network
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
8 User Administration
User Account Management
Different Kinds of Users
The Shadow Password Suite
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 9/18
Command Line Tools
Exercise 8-1: Add a User with the Red Hat User Manager
Exercise 8-2: Real and Fake Shells
Delete a User
Modify an Account
More User and Group Management Commands
Administrative Control
The Ability to Log In as root
Exercise 8-3: Limit root Logins
The Ability to Log In
The Proper Use of the su Command
Limit Access to su
The Proper Use of the sg Command
Custom Administrators with the sudo Command
Other Administrative Users
User and Shell Configuration
Home Directories and /etc/skel
/etc/bashrc
/etc/profile and /etc/profile.d
/etc/profile.d
Exercise 8-4: Another Way to Secure a System
Shell Configuration Files in User Home Directories
Login, Logout, and User Switching
Users and Network Authentication
LDAP Client Configuration
The Name Service Switch File
Red Hat Network Authentication Tools
Special Groups
Standard and Red Hat Groups
Shared Directories
Exercise 8-5: Control Group Ownership with the SGID Bit
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
9 RHCSA-Level System Administration Tasks
Configure Access with VNC
Install and Configure a TigerVNC Server
The GNOME-Based vino Server
Install and Configure a VNC Client
Firewall Options
Confirm Access to a VNC Server
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 10/18
Route Through a Secure Shell
More VNC Configuration
A User VNC Configuration File
Elementary System Administration Commands
System Resource Management Commands
Archives and Compression
Control Services Through Daemons
Automate System Administration: cron and at
The System crontab and Components
Hourly cron Jobs
Regular Anacron Jobs
Setting Up cron for Users
Exercise 9-1: Create a cron Job
Running a Job with the at System
Secure cron and at
Local Log File Analysis
System Log Configuration File
Log File Management
A Variety of Log Files
Service Specific Logs
Exercise 9-2: Learn the Log Files
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
10 A Security Primer
The Layers of Linux Security
Bastion Systems
Best Defenses with Security Updates
Service-Specific Security
Host-Based Security
User-Based Security
Console Security
Recommendations from the U.S. National Security Agency
The PolicyKit
Firewalls and Network Address Translation
Definitions
The Structure of the iptables Command
The Default Firewall
Recommendations from the NSA
Make Sure the Firewall Is Running
IP Masquerading
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 11/18
IP Forwarding
The Red Hat Firewall Configuration Tool
The Extended Internet Super-Server
Generic xinetd Configuration
Service-Specific xinetd Configuration
Exercise 10-1: Configure xinetd
TCP Wrappers
Is a Service Protected by TCP Wrappers?
TCP Wrappers Configuration Files
Exercise 10-2: Configure TCP Wrappers
Pluggable Authentication Modules
Configuration Files
Control Flags
The Format of a PAM File
Exercise 10-3: Configure PAM
PAM and User-Based Security
Exercise 10-4: Use PAM to Limit User Access
Secure Files and More with GPG2
GPG2 Commands
Current GPG2 Configuration
GPG2 Encryption Options
Generate a GPG2 Key
Use a GPG2 Key to Secure a File
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
11 System Services and SELinux
Red Hat System Configuration
Service Management
System Services
Bigger Picture Configuration Process
Available Configuration Tools
Security-Enhanced Linux
Options in the SELinux Booleans Directory
Service Categories of SELinux Booleans
Boolean Configuration with the SELinux Management Tool
Boolean Settings
SELinux File Contexts
Exercise 11-1: Configure a New Directory with Appropriate SELinux Contexts
The Secure Shell Server
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 12/18
SSH Configuration Commands
SSH Configuration Files
Basic Encrypted Communication
Set Up a Private/Public Pair for Key-Based Authentication
Configure an SSH Server
User-Based Security for SSH
Host-Based Security for SSH
A Security and Configuration Checklist
Installation of Server Services
Basic Configuration
Make Sure the Service Survives a Reboot
Review Access Through Layers of Security
Exercise 11-2: Review the Different Effects of iptables and TCP Wrappers
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
12 RHCE Administrative Tasks
Automate System Maintenance
Standard Administrative Scripts
Script Commands
Create Your Own Administrative Scripts
Exercise 12-1: Create a Script
Kernel Run-Time Parameters
How sysctl Works with /etc/sysctl.conf
Settings in the /etc/sysctl.conf File
Exercise 12-2: Disable Responses to the ping Command
Create an RPM Package
Source RPMs
The Directory Structure of an RPM Source
Create Custom Source Code
One More Prep Package
Create Your Own spec File
Build Your Own RPM
The Built RPMs
Special Network Options
Configure Special IP Routes
Set Up a Kerberos Client
Connect to Remote iSCSI Storage
Two-Minute Drill
Q&A: Self Test
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 13/18
Lab Questions
Self Test Answers
Lab Answers
13 Electronic Mail Servers
A Variety of E-Mail Agents
Definitions and Protocols
Relevant Mail Server Packages
Use alternatives to Select an E-Mail System
General User Security
Mail Logging
Common Security Issues
Testing an E-Mail Server
Exercise 13-1: Create Users Just for E-Mail
The Configuration of Postfix
Configuration Files
The main.cf Configuration File
The /etc/aliases Configuration File
The master.cf Configuration File
Test the Current Postfix Configuration
Configure Postfix Authentication
Configure Incoming E-Mail
Configure a Relay Through a Smart Host
Exercise 13-2: Switch Services
The Other SMTP Service: sendmail
The Basics of sendmail
Configuration Files
The sendmail.mc Macro File
The submit.mc Macro File
Configure sendmail to Accept E-Mail from Other Systems
Configure sendmail to Relay E-Mail to a Smart Host
Configure User- and Host-Based sendmail Security
Test the Current sendmail Configuration
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
14 The Apache Web Server
The Apache Web Server
Apache 2.2
The LAMP Stack
Installation
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 14/18
Exercise 14-1: Install the Apache Server
The Apache Configuration Files
Analyze the Default Apache Configuration
The Main Apache Configuration File
Basic Apache Configuration for a Simple Web Server
Apache Log Files
Standard Apache Security Configuration
Ports and Firewalls
Apache and SELinux
Module Management
Security Within Apache
Exercise 14-2: The Apache Welcome and the noindex.html Story
Exercise 14-3: Create a List of Files
Host-Based Security
User-Based Security
Specialized Apache Directories
Control Through the .htaccess File
Password-Protected Access
Home Directory Access
Group-Managed Directories
Exercise 14-4: Password Protection for a Web Directory
Regular and Secure Virtual
The Standard Virtual Host
Secure Virtual Hosts
Create a New SSL Certificate
Test Pages
Syntax Checkers
Apache Troubleshooting
Exercise 14-5: Set Up a Virtual Web Server
Deploy a Basic CGI Application
Apache Configuration Changes for CGI Files
Set Up a Simple CGI Script
Connections to a Web Site
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
15 The Samba File Server
Samba Services
Install Samba Services
Some Samba Background
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 15/18
Ports, Firewalls, and Samba
Configure SELinux Booleans for Samba
Configure SELinux File Types for Samba
Samba Daemons
Samba Server Global Configuration
Shared Samba Directories
Let Samba Join a Domain
The Samba User Database
Create a Public Share
Exercise 15-1: Configure a Samba Home Directory Share
The Samba Web Administration Tool
Test Changes to /etc/samba/smb.conf
Review User- and Host-Based Samba Security
Review Basic Samba Shares
Exercise 15-2: Configuring Samba with Shares
Samba as a Client
Command Line Tools
Mount Options
Automated Samba Mounts
Samba Troubleshooting
Samba Problem Identification
Local Log File Checks
Enable Remote Access
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
16 More File-Sharing Services
The Network File System (NFS) Server
NFS Options for RHEL
Basic NFS Installation
Basic NFS Server Configuration
Configure NFS for Basic Operation
Special Requirements for /home Directories
Fixed Ports in /etc/sysconfig/nfs
Make NFS Work with SELinux
Quirks and Limitations of NFS
Performance Tips
NFS Security Directives
Options for Host-Based Security
Options for User-Based Security
Exercise 16-1: NFS
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 16/18
Test an NFS Client
NFS Mount Options
Configure NFS in /etc/fstab
Diskless Clients
Soft Mounting
Current NFS Status
The Very Secure FTP Server
Basic vsFTP Configuration
The Main vsFTP Configuration File
Other vsFTP Configuration Files
Configure SELinux Support for vsFTP
Ports, Firewalls, and vsFTP
Exercise 16-2: Configure a Basic vsFTP Server
Anonymous-Only Download Configuration
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
17 Administrative Services: DNS, FTP, and Logging
Basic Domain Service Organization
Basic Parameters
DNS Package Options
Different Types of DNS Servers
Minimal DNS Server Configurations
BIND Configuration Files
A Caching-Only Name Server
Starting named
A Forwarding Name Server
Forwarding from a Caching-Only Name Server
BIND Troubleshooting Commands
Exercise 17-1: Set Up Your Own DNS Server
Set Up System Utilization Reports
System Utilization Commands
The System Status Service
Collect System Status into Logs
Prepare a System Status Report
Configure a System Logging Server
System Logging Modules
Enable Logging Clients
Configure Logging Servers
Configure Logging Clients
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 17/18
Limit Access to Specified Systems
The Network Time Server Service
The NTP Server Configuration File
Security Limits on NTP
Two-Minute Drill
Q&A: Self Test
Lab Questions
Self Test Answers
Lab Answers
A: Prepare a System for the Sample Exams
Basic Sample Exam System Requirements
Additional Sample Exam System Requirements for the RHCE
B: Sample Exam 1: RHCSA
RHCSA Sample Exam 1 Discussion
C: Sample Exam 2: RHCSA
RHCSA Sample Exam 2 Discussion
D: Sample Exam 3: RHCE Sample Exam 1
RHCE Sample Exam 1 Discussion
E: Sample Exam 4: RHCE Sample Exam 2
RHCE Sample Exam 2 Discussion
F: About the CD
System Requirements
Electronic Book
Technical Support
Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
07/11/13 RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), Sixth Edition: Safari Books Online
my.safaribooksonline.com/book/certification/rhce/9780071765657 18/18
R
S
T
U
V
W
X
Y
Z