Red Hat Certified Engineer (RHCE) v1.0
Question 1
SIMULATION -
Configure a mail alias to your MTA, for example, send emails to harry but mary actually is receiving emails.
Answer : Please see explanation
Explanation:
Notice:
This problem is a trap. The question no 31 requires that harry must be able to receive remote emails but the problems in the question no 32 requires mary to receive harry"™s emails. So harry must be added when you are deploying aliases.
Question 2
SIMULATION -
Create a Shell script /root/program:
-> The shell script will come back to "user" parameter when you are entering "kernel" parameter.
-> The shell script will come back to "kernel" when you are entering "user" parameter.
-> It will output the standard error when this script "usage:/root/program kernel|user" don"™t input any parameter or the parameter you inputted is entered as the requirements.
Answer : Please see explanation
Explanation:
Question 3
SIMULATION -
Given the kernel of a permanent kernel parameters: sysctl=1.
It can be shown on cmdline after restarting the system.
Kernel of /boot/grub/grub.conf should be a34dded finally, as:
Answer : Please see explanation
Explanation:
Question 4
SIMULATION -
Prevent Mary from performing user configuration tasks in your system.
Answer : Please see explanation
Explanation:
Conclusions:
1. I find that it is common to add various service access limits in the exam RHCE. The exercises like: require one network segment can be accessed another network segments can not be accessed, the following are some conclusions for various service: tcp_wrappers:/etc/hosts.allow,/etc/hosts.deny tcp_wrappers can filter the TCP"™s accessing service. TCP whether has the filtering function which depends on this service whether use the function library of tcp_wrappers, or this service whether has the xinetd process of starting function of tcp_wrappers. tcp_wrappers"™s main configuration file is /etc/hosts.allow,/etc/ hosts.deny.
And the priority of the documents in hosts. allow is higher than hosts. deny. Visit will be passed if no match was found. sshd,vsftpd can use the filtering service of tcp_wrappers.
Configuration example:
Notice:
The two configuration files"™ syntax can refer to hosts_access (5) and hosts_options(5) sshd_config
There are four parameters in this configuration file: DenyUsers, AllowUsers, DenyGroups, AllowGroups, they are used to limit some users or user groups to proceed Remote Login through the SSH. These parameters"™ priority level is DenyUsers->AllowUsers->DenyGroups->AllowGroups
Configuration example:
Through the /etc/httpd/conf/httpd.conf in parameters, can add <Directory> to control the url access. Just as:
Notice:
So pay attention, deny"™s and allow"™s priority level in order deny,allow is: the backer has the higher priority level. But here, allow"™s priority has a higher priority level. nfs Service nfs service directly control the visits through file /etc/exports, just as:
Parameter hosts allow in /etc/samba/smb.conf which is used as Access Control, just as:
2. Paying attention to use Mount parameters: _netdev,defaults when you are mounting ISCSI disk.
3. Stop the NetworkManager
/etc/init.d/NetworkManager stop
chkconfig NetworkManager off
4. When you are deploying ifcfg-ethX, add parameters:
PEERDNS=no -
5. Empty the firewall in RHCSA RHCE:
ã€
6. Narrow lv steps:
7. Mount the using command - swap which is newly added in /etc/fstab
8. If Verification is not passed when you are installing software, can import public key: rpm import /etc/pki/rpm"¦/"¦release and so on. In yum.repo, you also can deploy gpgkey, for example, gpgkey=/etc/pki/rpm"¦/"¦release
9. When you are using "Find" command to search and keep these files, paying attention to use cp -a to copy files if you use user name and authority as your searching methods.
Question 5
SIMULATION -
Please set the selinux status as enforcing.
Answer : Please see explanation
Explanation:
Question 6
SIMULATION -
Please open the ip_forward and take effect permanently.
Answer : Please see explanation
Explanation:
If no "sysctl.conf" option, use these commands:
Question 7
SIMULATION -
Configure ssh to allow user harry to access, reject the domain t3gg.com (172.25.0.0/16) to access.
Answer : Please see explanation
Explanation:
Question 8
SIMULATION -
Configure the ftp to allow anonymously download the directory /var/ftp/pub, and reject the domain t3gg.com to access.
Answer : Please see explanation
Explanation:
Question 9
SIMULATION -
Shutdown the /root/cdrom.iso under /opt/data and set as boot automatically mount.
Answer : Please see explanation
Explanation:
Question 10
SIMULATION -
Configure the web server, which can be accessed by http://station.domain30.example.com.
Answer : Please see explanation
Explanation:
Question 11
SIMULATION -
Configure the web server and implement the virtual host.
http://www.domain30.example.com can access the pages under the directory: http://ip/dir/example.html. And make sure, http://station.domain30.example.com can also access the previous content.
Answer : Please see explanation
Explanation:
Question 12
SIMULATION -
Download file from http://ip/dir/restircted.html, and the local user harry can access it by http://station.domain30.example.com/restircted.html, and cannot be accessed by t3gg.com.
Answer : Please see explanation
Explanation:
Question 13
SIMULATION -
Configure the nfs server, share the /common directory to domain30.example.com, and allow client to have the root user right when access as a root user.
Answer : Please see explanation
Explanation:
Question 14
SIMULATION -
Configure the samba server, share /common, which can be browsed. The user harry can only read it. If it is needed, the password for harry is harryuser.
Answer : Please see explanation
Explanation:
Question 15
SIMULATION -
Configure an email server domain30.example.com, and it requests to send and receive emails from the local server or the user harry can send or receive emails from network. The email of user harry is /var/spool/mail/harry. Please note: the DNS server has already been MX record analyzed.
Answer : Please see explanation
Explanation:
