rhcsa & rhce exam objective list

www.OneCourseSource.com

RHCSA & RHCE Exam Resource Guide for Red Hat Enterprise Linux 6

Table of Contents 1.0 Introduction 2.0 About One Course Source Certification Prep Classes 3.0 How to use this guide 4.0 Introduction to RHCSA

4.1 Understand and Use Essential Tools 4.1.1 Access a shell prompt and issue commands with correct syntax 4.1.2 Use input-output redirection (>, >>, |, 2>, etc.) 4.1.3 Use grep and regular expressions to analyze text 4.1.4 Access remote systems using ssh and VNC 4.1.5 Log in and switch users in multi-user runlevels 4.1.6 Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2 4.1.7 Create and edit text files 4.1.8 Create, delete, copy and move files and directories 4.1.9 Create hard and soft links 4.1.10 List, set and change standard ugo/rwx permissions 4.1.11 Locate, read and use system documentation including man, info, and files in /usr/share/doc


4.2 Operate Running Systems 4.2.1 Boot, reboot, and shut down a system normally 4.2.2 Boot systems into different runlevels manually 4.2.3 Use single-user mode to gain access to a system 4.2.4 Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes 4.2.5 Locate and interpret system log files 4.2.6 Access a virtual machine's console 4.2.7 Start and stop virtual machines 4.2.8 Start, stop and check the status of network services

4.3 Configure Local Storage 4.3.1 List, create, delete and set partition type for primary, extended, and logical partitions 4.3.2 Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes 4.3.3 Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted

file system at boot 4.3.4 Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label 4.3.5 Add new partitions, logical volumes and swap to a system non-destructively

4.4 Create and Configure File Systems 4.4.1 Create, mount, unmount and use ext2, ext3 and ext4 file systems 4.4.2 Mount, unmount and use LUKS-encrypted file systems 4.4.3 Mount and unmount CIFS and NFS network file systems 4.4.4 Configure systems to mount ext4, LUKS-encrypted and network file systems automatically 4.4.5 Extend existing unencrypted ext4-formatted logical volumes 4.4.6 Create and configure set-GID directories for collaboration 4.4.7 Create and manage Access Control Lists (ACLs) 4.4.8 Diagnose and correct file permission problems


4.5 Deploy, Configure and Maintain Systems 4.5.1 Configure networking and hostname resolution statically or dynamically 4.5.2 Schedule tasks using cron 4.5.3 Configure systems to boot into a specific runlevel automatically 4.5.4 Install Red Hat Enterprise Linux automatically using Kickstart 4.5.5 Configure a physical machine to host virtual guests 4.5.6 Install Red Hat Enterprise Linux systems as virtual guests 4.5.7 Configure systems to launch virtual machines at boot 4.5.8 Configure network services to start automatically at boot 4.5.9 Configure a system to run a default configuration HTTP server 4.5.10 Configure a system to run a default configuration FTP server 4.5.11 Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem 4.5.12 Update the kernel package appropriately to ensure a bootable system 4.5.13 Modify the system bootloader

4.6 Manage Users and Groups 4.6.1 Create, delete, and modify local user accounts 4.6.2 Change passwords and adjust password aging for local user accounts 4.6.3 Create, delete and modify local groups and group memberships 4.6.4 Configure a system to use an existing LDAP directory service for user and group information

4.7 Manage Security 4.7.1 Configure firewall settings using system-config-firewall or iptables 4.7.2 Set enforcing and permissive modes for SELinux 4.7.3 List and identify SELinux file and process context 4.7.4 Restore default file contexts 4.7.5 Use boolean settings to modify system SELinux settings 4.7.6 Diagnose and address routine SELinux policy violations


5.0 Introduction to RHCE 5.1 System Configuration and Management

5.1.1 Route IP traffic and create static routes 5.1.2 Use iptables to implement packet filtering and configure network address translation (NAT) 5.1.3 Use /proc/sys and sysctl to modify and set kernel run-time parameters 5.1.4 Configure system to authenticate using Kerberos 5.1.5 Build a simple RPM that packages a single file 5.1.6 Configure a system as an iSCSI initiator that persistently mounts an iSCSI target 5.1.7 Produce and deliver reports on system utilization (processor, memory, disk, and network) 5.1.8 Use shell scripting to automate system maintenance tasks 5.1.9 Configure a system to log to a remote system 5.1.10 Configure a system to accept logging from a remote system

5.2 Network Services 5.2.1 Install the packages needed to provide the service 5.2.2 Configure SELinux to support the service 5.2.3 Configure the service to start when the system is booted 5.2.4 Configure the service for basic operation 5.2.5 Configure host-based and user-based security for the service

5.3 HTTP/HTTPS 5.3.1 Configure a virtual host 5.3.2 Configure private directories 5.3.3 Deploy a basic CGI application 5.3.4 Configure group-managed content

5.4 DNS 5.4.1 Configure a caching-only name server 5.4.2 Configure a caching-only name server to forward DNS queries

5.5 FTP 5.5.1 Configure anonymous-only download

5.6 NFS 5.6.1 Provide network shares to specific clients 5.6.2 Provide network shares suitable for group collaboration


5.7 SMB 5.7.1 Provide network shares to specific clients 5.7.2 Provide network shares suitable for group collaboration

5.8 SMTP 5.8.1 Configure a mail transfer agent (MTA) to accept inbound email from other systems 5.8.2 Configure an MTA to forward (relay) email through a smart host

5.9 SSH 5.9.1 Configure key-based authentication 5.9.2 Configure additional options described in documentation

5.10 NTP 5.10.1 Synchronize time using other NTP peers


1.0 Introduction

This guide is designed to provide some assistance for those who are studying for the RHCSA (Red Hat Certified System Administrator) and RHCE (Red Hat Certified Engineer) exams. This guide is not intended to replace formal training, such as the classes offered by One Course Source, but rather as a supplement. While it is possible to self-study for these exams, individuals are highly recommended to take exam prep classes. To sign up for these classes, visit these links: http://www.onecoursesource.com/ocs-prep-classes This guide provides the user with the resources needed to study for the RHCSA and RHCE exams, making use of free resources on the system as well as online resources. The free resources will consist of the following:

• man/info pages (available on a Red Hat Enterprise Linux system) • Documentation found under /usr/share/doc on a Red Hat Enterprise Linux system • Official Red Hat documentation (available online) • Free Internet resources.

This guide is freely available as long as it is not modified. Feel free to share this document. We are constantly working to improve the quality of this Resource Guide. As you use this Resource Guide, please report any of the following to [email protected]:

• Broken links • Suggested new material (new web resources, new man pages, etc.) • Suggested notes


2.0 About One Course Source Certification Prep Classes One Course Source offers preparation classes for RHCSA and RHCE certifications: OCS RHCSA™ preparation track:

• OCS-linux-075 (Linux Essentials) - A five-day class that covers non-administrative tasks that are crucial to working on a Linux system.

• OCS-linux-175 (Linux Administration I) - A five-day class that covers administrative tasks that are primarily "local" machine administration in nature.

OCS RHCE™ preparation track:

• Completion of OCS-linux-075 and OCS-linux-175 • OCS-linux-275 (Linux Administration II) - A five-day class that covers administrative tasks that are primarily "network" and

security-based machine in nature. This class prepares the student for the RHCE™ exam. Compare OCS classes to the classes provided by other training Organizations. The following lists just a few of the advantages of OCS classes: Feature Other programs One Course Source Typical class cost $2,400 $1,900 Courseware Printed only Printed and digital Courseware updates None For up to 1 year after class date

Certification discussion Limited Instructors highlight testable topics, courseware clearly indicates testable topics Certification reviews None One-day, instructor-led, online review classes

Additional study guide None "Hands-on Guide to the Red Hat® Exams: RHCSA™ and RHCE™ Cert Guide and Lab Manual"

Media May provide install media

Bootable live USB thumb drive with classroom-based OS. Just boot and learn; no installation or modification to your system is required.

To learn more about One Course Source classes, visit our web site: www.OneCourseSource.com


3.0 How to Use this Guide As previously mentions, this Reference Guide is not designed to replace instructor-led training. This isn't to suggest that it is impossible to pass the exams solely by using this Reference Guide. While some experience Linux users/administrators can use this Guide as their sole study source, most people will want to take an official class and use this Guide as a supplement. As a supplement, this Guide is extremely useful. You will likely find while studying a topic you want to learn more than you were taught in class. Or, you may find that this guide provides you with additional resources that help you learn a topic better. Keeping in mind that this Resource Guide was designed to assist individuals in their goal to pass the certification exams. With that in mind, we suggest you use this Guide in the following manner:

• Use this Guide to remind yourself of the testable topics. On a regular basis, review these topics to make sure that you feel that you know them well.

• As you are reviewing a topic, use the additional resources that we have provided to reinforce your knowledge. Review the man pages and web links for key commands and procedures.

• Each topic has several boxes for you to check off as you studying. Each time you complete a review of a topic, check off another box. This helps you keep track of how many times you have reviewed each topic.

• Add more references: "blank lines" have been provided to allow you to add your own resources. If you find a good man page, web page or other resource, make a note of it. To have these new found resources officially added to the Guide, email use at [email protected].

4.1.1 Access a shell prompt and issue commands with correct syntax Reference(s): • man bash • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): This is a basic skill that requires little references. Most commands follow the syntax of cmd -option argument. 1st review: 2nd review: 3rd review: 4th review:

Add your resources here

Check a box after you complete a review


4.0 Introduction to RHCSA The following lists the RHCSA exam objections as of the date of this publication as listed on Red Hat’s web site: Red Hat reserves the right to add, modify and remove objectives. Such changes will be made public in advance through revisions to this document. RHCSA exam candidates should be able to accomplish the tasks below without assistance. These have been grouped into several categories. Understand and Use Essential Tools

� Access a shell prompt and issue commands with correct syntax � Use input-output redirection (>, >>, |, 2>, etc.) � Use grep and regular expressions to analyze text � Access remote systems using ssh and VNC � Log in and switch users in multi-user runlevels � Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2 � Create and edit text files � Create, delete, copy and move files and directories � Create hard and soft links � List, set and change standard ugo/rwx permissions � Locate, read and use system documentation including man, info, and files in /usr/share/doc .

[Note: Red Hat may use applications during the exam that are not included in Red Hat Enterprise Linux for the purpose of evaluating candidate's abilities to meet this objective.] Operate Running Systems

� Boot, reboot, and shut down a system normally � Boot systems into different runlevels manually � Use single-user mode to gain access to a system � Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes


� Locate and interpret system log files � Access a virtual machine's console � Start and stop virtual machines � Start, stop and check the status of network services

Configure Local Storage

� List, create, delete and set partition type for primary, extended, and logical partition � Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes � Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file

system at boot � Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label � Add new partitions, logical volumes and swap to a system non-destructively

Create and Configure File Systems

� Create, mount, unmount and use ext2, ext3 and ext4 file systems � Mount, unmount and use LUKS-encrypted file systems � Mount and unmount CIFS and NFS network file systems � Configure systems to mount ext4, LUKS-encrypted and network file systems automatically � Extend existing unencrypted ext4-formatted logical volumes � Create and configure set-GID directories for collaboration � Create and manage Access Control Lists (ACLs) � Diagnose and correct file permission problems

Deploy, Configure and Maintain Systems

� Configure networking and hostname resolution statically or dynamically � Schedule tasks using cron � Configure systems to boot into a specific runlevel automatically � Install Red Hat Enterprise Linux automatically using Kickstart � Configure a physical machine to host virtual guests � Install Red Hat Enterprise Linux systems as virtual guests


� Configure systems to launch virtual machines at boot � Configure network services to start automatically at boot � Configure a system to run a default configuration HTTP server � Configure a system to run a default configuration FTP server � Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem � Update the kernel package appropriately to ensure a bootable system � Modify the system bootloader

Manage Users and Groups

� Create, delete, and modify local user accounts � Change passwords and adjust password aging for local user accounts � Create, delete and modify local groups and group memberships � Configure a system to use an existing LDAP directory service for user and group information

Manage Security

� Configure firewall settings using system-config-firewall or iptables � Set enforcing and permissive modes for SELinux � List and identify SELinux file and process context � Restore default file contexts � Use boolean settings to modify system SELinux settings � Diagnose and address routine SELinux policy violations


4.1.0 Understand and Use Essential Tools 4.1.1 Access a shell prompt and issue commands with correct syntax Reference(s): • man bash • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): This is a basic skill that requires little references. Most commands follow the syntax of cmd -option argument. 1st review: 2nd review: 3rd review: 4th review: 4.1.2 Use input-output redirection (>, >>, |, 2>, etc.) Reference(s): • man bash (search for REDIRECTION by typing /REDIRECTION) • http://www.tldp.org/LDP/Bash-Beginners-Guide/html/sect_09_04.html • http://www.tldp.org/LDP/abs/html/io-redirection.html • http://tldp.org/LDP/intro-linux/html/sect_05_01.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.1.3 Use grep and regular expressions to analyze text Reference(s): • man grep • info grep • http://www.tldp.org/LDP/abs/html/textproc.html#GREPREF • http://www.tldp.org/LDP/Bash-Beginners-Guide/html/sect_04_01.html • http://www.tldp.org/LDP/Bash-Beginners-Guide/html/sect_04_02.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.1.4 Access remote systems using ssh and VNC Reference(s): • man ssh • man scp • man sftp • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-ssh-clients.html#s2-ssh-clients-ssh • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-ssh-clients-scp.html • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-ssh-clients-sftp.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.1.5 Log in and switch users in multi-user runlevels

Reference(s): • man su • man su • man sudo • man sudoers • http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch09_:_Linux_Users_and_Sudo • _____________________________________________________________________________________________

Notes(s): Logging in is a simple task that requires no references. A multi-user runlevel is simply when the system is in a state which allows multiple users to log in. This is how the system is normally booted up. A single-user runlevel is when the system is in a state in which only the root user can log in. These system states will be covered in more detail later.

1st review: 2nd review: 3rd review: 4th review:

4.1.6 Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2

Reference(s): • info star • man tar • man gzip • man bzip2 • info tar • /usr/share/doc/gzip-*/README • http://tldp.org/LDP/abs/html/filearchiv.html • http://tldp.org/LDP/GNU-Linux-Tools-Summary/html/backing-up-files.html • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/Introduction_To_System_Administration/s2-disaster-

backups-tech.html • _____________________________________________________________________________________________

Notes(s): None



4.1.7 Create and edit text files Reference(s): • man vim • vimtutor • man gedit • http://tldp.org/LDP/intro-linux/html/sect_06_02.html • http://tldp.org/LDP/LGNET/152/srinivasan.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.1.8 Create, delete, copy and move files and directories Reference(s): • man cp • man mv • man rm • http://tldp.org/LDP/intro-linux/html/sect_03_03.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): It is worthwhile to note that the cp and mv commands affect file attributes differently. Generally, the cp command will

cause files to inherit permissions and SELinux contexts based on the user performing the command and/or the directory the new files are created in. With the mv command, files will retain their original permissions and contexts. This can be important for directories and files related to network services.



4.1.9 Create hard and soft links Reference(s): • man ln • info ln • http://tldp.org/LDP/LGNET/105/pitcher.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.1.10 List, set and change standard ugo/rwx permissions Reference(s): • man chmod • http://tldp.org/LDP/GNU-Linux-Tools-Summary/html/file-permissions.html • http://tldp.org/LDP/intro-linux/html/sect_03_04.html • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/3/html/Step_by_Step_Guide/s1-navigating-ownership.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.1.11 Locate, read and use system documentation including man, info, and files in /usr/share/doc Reference(s): • man grep • man man • man rpm (-d) • man locate • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): System documentation can sometimes be difficult to find. Thoughtful use of the grep command in the

/usr/share/doc directory is often the best (or only) way to quickly find the documentation pertinent to you. 1st review: 2nd review: 3rd review: 4th review:


4.2 Operate Running Systems 4.2.1 Boot, reboot, and shut down a system normally Reference(s): • man init • man 5 init • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.2.2 Boot systems into different runlevels manually Reference(s): • man init • man 5 init • http://tldp.org/LDP/sag/html/run-levels-intro.html • http://tldp.org/LDP/sag/html/inittab.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.2.3 Use single-user mode to gain access to a system Reference(s): • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/System_Administration_Guide/ch-rescuemode.html • http://tldp.org/HOWTO/Remote-Serial-Console-HOWTO/configure-boot-loader-grub.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): If an error causes a machine to boot to single-user mode, it may be necessary to remount the file system read/write or set

SELinux to permissive mode in order to make changes to the file system. 1st review: 2nd review: 3rd review: 4th review: 4.2.4 Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes Reference(s): • man top • man free • man renice • man kill • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/Introduction_To_System_Administration/s1-resource-

rhlspec.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.2.5 Locate and interpret system log files Reference(s): • http://linux.about.com/library/cmd/blcmdl8_logwatch.htm • http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/5.4/html/Installation_Guide/s1-log-files.html • http://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/var.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.2.6 Access a virtual machine's console Reference(s): • man virt-manager • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html-single/Virtualization/ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.2.7 Start and stop virtual machines Reference(s): • man virsh • man virt-manager • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Virtualization/chap-Virtualization-

Managing_guests_with_virsh.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.2.8 Start, stop and check the status of network services Reference(s): • man service • man chkconfig • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): service start|stop available for all services restart|reload may also be available; however, these options

may not behave as expected with all services. 1st review: 2nd review: 3rd review: 4th review:


4.3 Configure Local Storage 4.3.1 List, create, delete and set partition type for primary, extended, and logical partitions Reference(s): • man fdisk • man pvcreate, pvremove, vgcreate, vgextend, lvcreate • man fsck • http://tldp.org/HOWTO/LVM-HOWTO/commontask.html • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/Introduction_To_System_Administration/s2-storage-adv-

lvm.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.3.2 Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes Reference(s): See above section (4.3.1). • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.3.3 Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot

Reference(s): • man cryptsetup • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-

LUKS_Disk_Encryption.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.3.4 Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label Reference(s): • man fstab • man blkid • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.3.5 Add new partitions, logical volumes and swap to a system non-destructively Reference(s): • man fdisk • man lvm • man mkswap • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Logical_Volume_Manager_Administration/ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.4 Create and Configure Filesystems 4.4.1 Create, mount, unmount and use ext2, ext3 and ext4 file systems Reference(s): • man mount • man mkfs • http://tldp.org/LDP/sag/html/filesystems.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.4.2 Mount, unmount and use LUKS-encrypted file systems Reference(s): • man cryptsetup • man mount • man fstab • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-

LUKS_Disk_Encryption.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.4.3 Mount and unmount CIFS and NFS network file systems

Reference(s): • man NFS • man samba • man smb.conf • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/sect-Security-Enhanced_Linux-

Booleans-Booleans_for_NFS_and_CIFS.html • http://tldp.org/HOWTO/NFS-HOWTO/ • _____________________________________________________________________________________________

Notes(s): Proper SELinux settings and directory permission are critical to networked file systems. Be sure you understand how these settings will affect your networked file systems.

1st review: 2nd review: 3rd review: 4th review: 4.4.4 Configure systems to mount ext4, LUKS-encrypted and network file systems automatically

Reference(s): • man mount • man cryptsetup • man cypttab • man NFS • man fstab • man mkfs • _____________________________________________________________________________________________

Notes(s): Errors in /etc/fstab are likely to render a system unbootable. It is highly recommended that after you modify the /etc/fstab file, you umount the partition related to the change and then run the mount -a. This command will attempt to mount all file systems listed in /etc/fstab that are not currently mounted. Misconfigurations of the configuration file should generate errors.



4.4.5 Extend existing unencrypted ext4-formatted logical volumes Reference(s): • man lvextend • http://tldp.org/HOWTO/LVM-HOWTO/extendlv.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): lvextend -r will resize the underlying file system along with the logical volume. This greatly simplifies the process! 1st review: 2nd review: 3rd review: 4th review: 4.4.6 Create and configure set-GID directories for collaboration Reference(s): • man chmod • man chown • http://tldp.org/LDP/intro-linux/html/sect_03_04.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.4.7 Create and manage Access Control Lists (ACLs) Reference(s): • man acl • man getfacl • man setfacl • http://tldp.org/LDP/LGNET/152/prestia.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): How ACLs will affect file permissions can sometimes be difficult to anticipate. It is worth noting that the order of

permission precedence is: 1) user, 2) user ACLs, 3) group, 4) group ACLs, 5) other. 1st review: 2nd review: 3rd review: 4th review: 4.4.8 Diagnose and correct file permission problems Reference(s): • man chmod • man setfacl • man getfacl • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): Incorrect directory permissions may allow users who otherwise could not access certain files to force changes to those files.

Permissions on parent directories are crucial to file security. 1st review: 2nd review: 3rd review: 4th review:


4.5 Deploy, Configure and Maintain Systems 4.5.1 Configure networking and hostname resolution statically or dynamically

Reference(s): • man hostname • man system-config-network • man NetworkManager • http://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap9sec95.html • http://tldp.org/LDP/nag/node84.html • http://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap9sec93.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________

Notes(s): Modifying the hostname locally of a machine on a DHCP network may not change the name that other machines on the network see.

1st review: 2nd review: 3rd review: 4th review: 4.5.2 Schedule tasks using cron

Reference(s): • man cron • man crontab • man 5 crontab • http://tldp.org/LDP/GNU-Linux-Tools-Summary/html/scheduling.html • http://tldp.org/LDP/LGNET/151/prestia.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________

Notes(s): None



4.5.3 Configure systems to boot into a specific runlevel automatically Reference(s): • man inittab • http://tldp.org/LDP/sag/html/run-levels-intro.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.5.4 Install Red Hat Enterprise Linux automatically using Kickstart Reference(s): • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/ch-kickstart2.html • http://www.redhat.com/magazine/024oct06/features/kickstart/?intcmp=bcm_edmsept_007 • http://tldp.org/HOWTO/Network-Install-HOWTO-7.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.5.5 Configure a physical machine to host virtual guests Reference(s): • http://docs.redhat.com/docs/en-

US/Red_Hat_Enterprise_Virtualization_for_Desktops/2.2/pdf/Administration_Guide/Red_Hat_Enterprise_Virtualization_for_Desktops-2.2-Administration_Guide-en-US.pdf

• _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.5.6 Install Red Hat Enterprise Linux systems as virtual guests Reference(s): • http://docs.redhat.com/docs/en-


• _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.5.7 Configure systems to launch virtual machines at boot Reference(s): • man startup • http://docs.redhat.com/docs/en-


• _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.5.8 Configure network services to start automatically at boot Reference(s): • man chkconfig • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.5.9 Configure a system to run a default configuration HTTP server Reference(s): • man httpd • http://tldp.org/LDP/LG/issue12/server.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.5.10 Configure a system to run a default configuration FTP server Reference(s): • man vsftpd • man vsftpd.conf • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Virtual_Server_Administration/s1-lvs-ftp-VSA.html • http://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/ftpd.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.5.11 Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem Reference(s): • man rpm • man yum • man yum.conf • https://access.redhat.com/kb/docs/DOC-9935 • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sec-

Configuring_Yum_and_Yum_Repositories.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.5.12 Update the kernel package appropriately to ensure a bootable system Reference(s): • man yum • http://tldp.org/LDP/intro-linux/html/sect_07_06.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.5.13 Modify the system bootloader Reference(s): • man grub • info grub • http://tldp.org/HOWTO/Remote-Serial-Console-HOWTO/configure-boot-loader-grub.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.6 Manage Users and Groups 4.6.1 Create, delete, and modify local user accounts Reference(s): • man useradd • man userdel • man usermod • man chage • http://tldp.org/LDP/sag/html/managing-users.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): Deleting user accounts will not automatically (without the proper options) delete user home directories or change ownership

of files. 1st review: 2nd review: 3rd review: 4th review: 4.6.2 Change passwords and adjust password aging for local user accounts Reference(s): • man passwd • man chage • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): chage -d0 <username> will effectively cause a user's password to expire immediately, prompting the user to

change his password at next login. 1st review: 2nd review: 3rd review: 4th review:


4.6.3 Create, delete and modify local groups and group memberships Reference(s): • man groupadd • man groupdel • man groupmod • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.6.4 Configure a system to use an existing LDAP directory service for user and group information Reference(s): • man authconfig-gtk • man authconfig • http://tldp.org/HOWTO/LDAP-HOWTO/ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.7 Manage Security 4.7.1 Configure firewall settings using system-config-firewall or iptables Reference(s): • man iptables • http://tldp.org/LDP/nag2/x-087-2-firewall.checkingconf.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): Adding a LOG line to the firewall INPUT chain makes troubleshooting firewall rules much easier. Messages will appear in

/var/log/messages. 1st review: 2nd review: 3rd review: 4th review: 4.7.2 Set enforcing and permissive modes for SELinux Reference(s): • man setenforce • man getenforce • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): When troubleshooting, toggling setenforce is a simple way to determine if there are SELinux issues. 1st review: 2nd review: 3rd review: 4th review:


4.7.3 List and identify SELinux file and process context Reference(s): • man ls • man semanage • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.7.4 Restore default file contexts Reference(s): • man semanage • man restorecon • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


4.7.5 Use boolean settings to modify system SELinux settings Reference(s): • man getsebool • man setsebool • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 4.7.6 Diagnose and address routine SELinux policy violations Reference(s): • See section 4.7.2 through 4.7.5 • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.0 Introduction to RHCE The following lists the RHCE exam objections as of the date of this publication as listed on Red Hat’s web site: RHCE exam candidates should consult the RHCSA Exam Objectives document and be capable of RHCSA-level tasks, as some of these skills may be required in order to meet RHCE exam objectives. Red Hat reserves the right to add, modify and remove objectives. Such changes will be made public in advance through revisions to this document. RHCE exam candidates should be able to accomplish the following without assistance. These have been grouped into several categories. System Configuration and Management

� Route IP traffic and create static routes � Use iptables to implement packet filtering and configure network address translation (NAT) � Use /proc/sys and sysctl to modify and set kernel run-time parameters � Configure system to authenticate using Kerberos � Build a simple RPM that packages a single file � Configure a system as an iSCSI initiator that persistently mounts an iSCSI target � Produce and deliver reports on system utilization (processor, memory, disk, and network) � Use shell scripting to automate system maintenance tasks � Configure a system to log to a remote system � Configure a system to accept logging from a remote system


Network Services Network services are an important subset of the exam objectives. RHCE candidates should be capable of meeting the following objectives for each of the network services listed below:

� Install the packages needed to provide the service � Configure SELinux to support the service � Configure the service to start when the system is booted � Configure the service for basic operation � Configure host-based and user-based security for the service

RHCE candidates should also be capable of meeting the following objectives associated with specific services: HTTP/HTTPS

� Configure a virtual host � Configure private directories � Deploy a basic CGI application � Configure group-managed content

DNS

� Configure a caching-only name server � Configure a caching-only name server to forward DNS queries � Note: Candidates are not expected to configure master or slave name servers

FTP

� Configure anonymous-only download


NFS

� Provide network shares to specific clients � Provide network shares suitable for group collaboration

SMB

� Provide network shares to specific clients � Provide network shares suitable for group collaboration

SMTP

� Configure a mail transfer agent (MTA) to accept inbound email from other systems � Configure an MTA to forward (relay) email through a smart host

SSH

� Configure key-based authentication � Configure additional options described in documentation

NTP

� Synchronize time using other NTP peers


5.1 System Configuration and Management 5.1.1 Route IP traffic and create static routes Reference(s): • man ip • man ifcfg • man route • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-networkscripts-static-routes.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 5.1.2 Use iptables to implement packet filtering and configure network address translation (NAT) Reference(s): • man iptables • http://docs.redhat.com/docs/mr-IN/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/ch-iptables.html • http://tldp.org/HOWTO/IPCHAINS-HOWTO-1.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): To ease troubleshooting, it may be best to end iptables chains with LOG and REJECT lines instead of the typical DROP.

Rejected packets will now appear in /var/log/messages. 1st review: 2nd review: 3rd review: 4th review:


5.1.3 Use /proc/sys and sysctl to modify and set kernel run-time parameters Reference(s): • man sysctl • man sysctl.conf • http://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap5sec53.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 5.1.4 Configure system to authenticate using Kerberos Reference(s): • man authconfig • man system-config-authentication • man kerberos • http://tldp.org/HOWTO/html_single/Kerberos-Infrastructure-HOWTO/ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): Some authconfig functionality can be accessed through the TUI tool, authconfig-tui and the GUI tool,

system-config-authentication. 1st review: 2nd review: 3rd review: 4th review:


5.1.5 Build a simple RPM that packages a single file Reference(s): • man rpmbuild • http://tldp.org/HOWTO/RPM-HOWTO/build.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): Building RPMs requires the optional rpm-build package. It is advisable to create RPMs as a user other than root, as

doing so may create problems on the running system. The command rpmbuild -bp /dev/null will create the rpm directory structure and generate an error (because /dev/null is not an appropriate target). Within this directory structure the .spec and .rpm file can be created.

1st review: 2nd review: 3rd review: 4th review: 5.1.6 Configure a system as an iSCSI initiator that persistently mounts an iSCSI target Reference(s): • man iscsiadm • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): The package iscsi-initiator-utils provides iscsiadm. 1st review: 2nd review: 3rd review: 4th review:


5.1.7 Produce and deliver reports on system utilization (processor, memory, disk, and network) Reference(s): • man df • man iostat • man vmstat • man aide • man tmpwatch • man logrotate • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 5.1.8 Use shell scripting to automate system maintenance tasks Reference(s): • http://tldp.org/LDP/abs/html/index.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.1.9 Configure a system to log to a remote system Reference(s): • man logrotate • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 5.1.10 Configure a system to accept logging from a remote system Reference(s): • man logrotate • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.2 Network Services 5.2.1 Install the packages needed to provide the service

Reference(s): • man yum • man rpm • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________

Notes(s): yum search and yum whatprovides are useful for determining what packages provide certain services or files.

1st review: 2nd review: 3rd review: 4th review: 5.2.2 Configure SELinux to support the service

Reference(s): • man selinux • man semanage • man getenforce • man setenforce • man getsebool • man setsebool • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/Reference_Guide/s2-SELinux-files-etc.html • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________

Notes(s): None



5.2.3 Configure the service to start when the system is booted Reference(s): • man chkconfig • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 5.2.4 Configure the service for basic operation Reference(s): • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): This objective will be specific to each service. Resources and information for specific services will be provided in the

appropriate sections below. 1st review: 2nd review: 3rd review: 4th review:


5.2.5 Configure host-based and user-based security for the service Reference(s): • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): This objective will be specific to each service. Resources and information for specific services will be provided in the

appropriate sections below. 1st review: 2nd review: 3rd review: 4th review:


5.3 HTTP/HTTPS 5.3.1 Configure a virtual host Reference(s): • man httpd • http://tldp.org/HOWTO/SSL-RedHat-HOWTO-4.html • http://tldp.org/HOWTO/pdf/Virtual-Web.pdf • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): Vim porvides basic syntax checking for /etc/httpd/conf/httpd.conf. Also, misconfigurations in Virtual

Host blocks will usually result in error messages when the httpd service is restarted. 1st review: 2nd review: 3rd review: 4th review: 5.3.2 Configure private directories Reference(s): • less /etc/httpd/conf/httpd.conf • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.3.3 Deploy a basic CGI application Reference(s): • http://tldp.org/HOWTO/Java-CGI-HOWTO.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): CGI scripts will not run in browser unless cgi script files are given executable permissions. 1st review: 2nd review: 3rd review: 4th review: 5.3.4 Configure group-managed content Reference(s): • man chmod • man chown • http://tldp.org/LDP/intro-linux/html/sect_03_04.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): This refers to allowing members of a group to be able to place content into a directory. This involves using the special permission SGID on a directory. 1st review: 2nd review: 3rd review: 4th review:


5.4 DNS 5.4.1 Configure a caching-only name server Reference(s): • man named • http://www.redhat.com/magazine/025nov06/features/dns/ • http://tldp.org/HOWTO/DNS-HOWTO-3.html • http://wiki.tldp.org/DNS-HOWTO • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): The bind package provides named. 1st review: 2nd review: 3rd review: 4th review: 5.4.2 Configure a caching-only name server to forward DNS queries Reference(s): • man named • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.5 FTP 5.5.1 Configure anonymous-only download Reference(s): • less /etc/vsftpd/vsftpd.conf • man vsftpd.conf • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/Reference_Guide/s2-ftp-vsftpd-conf-opt-anon.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.6 NFS 5.6.1 Provide network shares to specific clients Reference(s): • man nfs • man showmount • man exports • http://tldp.org/HOWTO/pdf/NFS-HOWTO.pdf • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): nfs-utils is the basic nfs package. 1st review: 2nd review: 3rd review: 4th review: 5.6.2 Provide network shares suitable for group collaboration Reference(s): • man nfs • http://tldp.org/HOWTO/pdf/NFS-HOWTO.pdf • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.7 SMB 5.7.1 Provide network shares to specific clients Reference(s): • man samba • man smb.conf • http://tldp.org/HOWTO/SMB-HOWTO.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 5.7.2 Provide network shares suitable for group collaboration Reference(s): • man samba • man smb.conf • http://tldp.org/HOWTO/SMB-HOWTO.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): It is important to note that file permissions are determined by UID not user name. To ease administration and avoid Samba

file permissions errors, it is best to set consistent user names, UIDs, group names, and GIDs across systems with common Samba shares.



5.8 SMTP 5.8.1 Configure a mail transfer agent (MTA) to accept inbound email from other systems

Reference(s): • man postfix • less /etc/postfix/main.cf • less /usr/share/doc/postfix_*/README_FILES/BASIC_CONFIGURATION_README • less /usr/share/doc/postfix_*/STANDARD_CONFIGURATION_README • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4/html/Reference_Guide/s2-email-mta-postfix.html • http://tldp.org/HOWTO/Postfix-Cyrus-Web-cyradm-HOWTO/postfix-config.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________

Notes(s): None

1st review: 2nd review: 3rd review: 4th review: 5.8.2 Configure an MTA to forward (relay) email through a smart host

Reference(s): • man postfix • less /etc/postfix/main.cf • less /usr/share/doc/postfix_*/README_FILES/BASIC_CONFIGURATION_README • less /usr/share/doc/postfix_*/STANDARD_CONFIGURATION_README • http://tldp.org/HOWTO/Postfix-Cyrus-Web-cyradm-HOWTO/postfix-config.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________

Notes(s): None



5.9 SSH 5.9.1 Configure key-based authentication Reference(s): • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-ssh-configuration-keypairs.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review: 5.9.2 Configure additional options described in documentation Reference(s): • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-ssh-configuration.html#s2-ssh-

configuration-configs • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-ssh-beyondshell.html • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-ssh-beyondshell.html#s2-ssh-

beyondshell-x11 • http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s2-ssh-beyondshell-tcpip.html • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): None 1st review: 2nd review: 3rd review: 4th review:


5.10 NTP 5.10 Synchronize time using other NTP peers Reference(s): • man ntpd • man ntp.conf • less /etc/ntp.conf • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ • _____________________________________________________________________________________________ Notes(s): system-config-date 1st review: 2nd review: 3rd review: 4th review:

rhcsa & rhce exam objective list

Documents