Posts Tagged Under: RHCSA

Samba – How to set up a Samba client on CentOS/RHEL 7

If you have directories on your machine that you want to share out to other machines then you can do this by setting up your machine as an NFS server. However with NFS you can only share out folders to machine that are in the same private network. If you want share folders to other machines over the public internet, then that’s where you need to use the Samba/CIFS protocol. You can follow along this article using this vagrant project on Github.

We will walk through the following example:

+--------------------------+              +--------------------------+
|                        															

NFS – How to set up an NFS client on CentOS/RHEL 7

Network Files System (NFS) is a protocol that let’s one Linux box (NFS server) to share a folder with another Linux box (NFS Client). On the NFS client this shared folder looks like just an ordinary folder. NFS only works in an internal network so you can share folders over the public internet.

This article doesn’t cover how to setup an NFS server, instead we will assume that we already have an NFS server already setup and we want to configure an NFS client to connect to it. We created a NFS vagrant project on github to help you following along with this example. In our example we have:

+--------------------------+              +--------------------------+
|      															

RHCSA – About this Course

This course covers everything you need to know in order to pass the Red Hat Certified Systems Administrator (RHCSA) exam for RHEL 7.

Becoming RHCSA certified proves that you have developed a strong proficiency in RHEL. RHEL is short for “RedHat Enterprise Linux” and as the name suggests, it’s a Linux based Operating System. RHEL is not free, and is actually quite expensive, especially if you want to practice using RHEL at home. However there’s a free alternative of RHEL called CentOS.

CentOS is identical to RHEL in nearly every way. The main exception being that the RedHat logo and branding are replaced with CentOS’s own logo and branding. Therefore we will be using CentOS 7 throughout this course, and everything we do will cover/demo will work in exactly the



Setting up an LDAP client

Overview

There are 2 main server-side ldap software you can use to set up an ldap server:

  • OpenLDAP
  • Microsoft Active Directory (AD)

Unfortunately we don’t have a single client-side ldap software that can connect to both of these types of LDAP servers. Instead we have the following 2 options:

  • openldap-clients: This ldap client-side software is used for connecting to an OpenLDAP based LDAP server
  • realmd: This ldap client-side software is used for connecting to an Microsoft AD based LDAP server

In most cases you won’t know which type of LDAP server you are dealing with. If that is the case, then the only way to do figure it out is by first try one approach, if that doesn’t work then try the other approach.

One of the RHCSA exam object is:

Configure a system to use an existing authentication


SELinux Summary

The policy book can be thought of as a really big text book, which contains 3 chapters.

Chapter 1 – Contains a list of all available security attributes. There are actually 4 lists, one for each type of the differnt types of suecurity attributes user:role:type:level. In the targeted policy, the “type” list is by far the longest, containing about 4500 entries.
Chapter 2 – lists mapping rules about which security attribute can access to which other security attributes.
chapter 3 – list selinux context assignment rules. This chapter gives info about what SELinux needs, in order to determine what selinux context values every object in your machine should have.

Overview

By the end of this article you should be able to answer the following questions:


[toggle title="What is the command to list

Applying ACLs to directories

Overview

By the end of this article you should be able to answer the following questions:


Lets say you have a folder called /tmp/research-team-folder and you want to give the user jerry, 'rw-' permissions. Note, jerry is not the owner nor one of the group owners of this folder. What are the five steps you need to do achieve this

1. Update user+group ownerships using chown (if necessary).
2. Update the normal ugo+rwx permissons using chmod (if necessary).
3. Update suid, sgid, and sticky bit special permissions, if necessary.
4. Apply ACL settings recursively to all existing child files/folders (using the setfacl command)
5. Set default ACL settings on the folder (using setfacl command)

[toggle title="What is the command to apply specials permissions to give jerry, 'rw-' to the

The ACL’s mask setting

Overview

By the end of this article you should be able to answer the following questions:


What are the 2 commands you can use for setting mask values?

– chmod
– setfacl

What is the command that indirectly applies the mask, '---', to the file /tmp/testfile.txt?

$ chmod 000 /tmp/testfile.txt

What is the command to explictly apply the mask, 'r-x'?, to the file /tmp/testfile.txt?

$ setfacl -m m::r-x /tmp/testfile.txt
# notice the double colon syntax.


In the previous example we had:

$ getfacl /tmp/testfile.txt
getfacl: Removing leading '/' from absolute path names
# file: tmp/testfile.txt
# owner: root
# group: root
user::rw-
user:homer:rw-
group::r--
mask::rw-
other::r--

Here we have the “mask” setting. This acts as safety-mechanism. To understand how this works, lets first create a few more users:

$ useradd bart	 
$ useradd marge	 
$ useradd lisa																

The systemd emergency.target

Overview

By the end of this article you should be able to answer the following questions:


How do you switch to the 'emergency.target' via the grub menu?

1. (Re)boot the machine
2. Wait for the grub menu to appear, then hit “e”,
3. scroll down to the “linux16” line then press the ‘end’ key
4. type the following:
systemd.unit=emergency.target
5. press ctrl+x

What is the command to make the root directory wrieable?

$ mount -o rw,remount /


If you have problems booting up your machine, then you can boot into the emergency.target. In this target you can explore your filesystem for possible issues.

In this filesystem, the root filesystem (/) has been mounted as root only mode. Therefore before you can make any fixes, then while in


Job Scheduling

There will be times when you will want to schedule some task to automatically occur in the future. There are 2 possible scenrario.

Scenario 1 – In the first scenario you might want to run tasks periodically, e.g. once a month. In which case the best way to achieve is by setting up a cron job.

Scenario 2 – The second scenario is that you want to schedule a one-off task to take place at some point in the future, e.g. perform a patch installation at 2am on early Sunday morning. The best solution to achieve this is by using the “at” utility.

In the next few articles we will cover cron (in its various forms) as well as the “at” utility.