Exam Information:
IPADDR: 172.25.254.x (referred to herein as the X-number of your workstation plus 100)
NETMASK: 255.255.255.0
GATEWAY: 172.25.254.250
the DNS: 172.25.254.250
yum source address is: http: //172.25.254.250/ rhel7
perfect test information
1, configure the network
cd /etc/sysconfig/network-scripts/ ##配置网络
vim ifcfg-ens33
BOOTPROTO=none
DEVICE=ens33
ONBOOT=yes
IPADDR=172.25.254.30
GATEWAY=172.25.254.250
NETMASK=255.255.255.0
DNS1=172.25.254.250
systemctl restart network ##重启网络服务
ifconfig ##再次查看网络信息
2, configure yum warehouse
cd /etc/yum.repos.d
vim wang.repo
[rhel7]
name=rhel7
baseurl=ftp://172.25.254.250/rhel7
gpgcheck=0
yum clean all
yum repolist
1. Before the exam, please reset the password for the root user examwestos
passwd
examwestos
examwestos
2. Change the hostname station.domainX.example.com (X here refers to your station number)
hostnamectl set-hostname station.domain30.example.com
3. / home partition extended to 512MB, the error range is limited to between 490MB-515MB, and preserve the integrity of its original data
cp -rp /home/* /mnt
fdisk /dev/sda n p +512M wq
partprobe
mkfs.xfs /dev/sda1
mount /dev/sda1 /home
cp -rp /mnt/* /home
4. Add a new SWAP partition
a) size is 512MB,
B) so that each can be switched into effect SWAP, and retain the original partition SWAP
fdisk /dev/sda n p +512M t 82 wq
partprobe
mkswap /dev/sda2
/dev/sda2 swap swap defaults 0 0
6. Set selinux as mandatory level
vim /etc/sysconfig/selinux
SELINUX=enforcing
reboot
7. A new group, the name sysadms, specify the GID 600
groupadd sysadms -g 600
8. Tommy new users, as specified UID 2013, configure the user password is redhat
useradd tommy -u 2013
passwd tommy
9. New User Jimmy, and ban the user interactive logon, configure the user password is redhat
useradd jimmy -s /sbin/nologin
passwdd jimmy
10. New User Natasha, Harry, and add them to the user sysadms two groups, the group as a slave, if desired, then a user password is configured redhat
useradd -G sysadms natasha
passwd natasha
useradd -G sysadms harry
passwd harry
11. Create the / home directory catalog materials, configuration belongs to the group of the directory is sysadms, which is part of the requirements of sysadms group members have read and write access to the directory, the file or directory created in sysadms among folders, groups to which they belong also automatically inherit belongs to the group sysadms
mkdir /home/materials
chgrp sysadms /home/materials
chmod g+rw /home/materials
chmod g+s /home/materials
12. Copy / etc / fstab file to / var / tmp directory, the following requirements set
a file so that the user harry no permissions
b natasha make the file has full control
c root user profile belongs
to your profile d group root
E all other users have read access to the file
f all the other user does not have permissions to the file
cp /etc/fstab /var/tmp/fstab
(a) setfacl -m u:harry:0 /var/tmp/fstab
(b) setfacl -m u:natasha:rwx /var/tmp/fstab
(c)(d) chown root.root /var/tmp/fstab
(e) chmod o+r /var/tmp/fstab
(f) chmod o-x /var/tmp/fstab
13. natasha create a scheduled task for users, it requires the implementation of "/ bin / echo hiya" at 14:23
crontab -eu natasha
23 14 * * * /bin/echo hiya
14. Set NTP clients, time synchronization with 172.25.254.254
vim /etc/chrony.conf
server 172.25.254.250 ibust
systemctl restart chronyd.service
chronyc sources -v
15. users to find files owned by group mail, and put them in / root / findresults directory
mkdir /root/findresults
find /* -group mail -exec cp -rp {} /root/findresults/ \;
16. Find all the lines contained in the file /usr/share/mime/packages/freedesktop.org.xml in ich, will identify the rows in the order they are copied to / root / lines in the file, / root / lines file does not contain spaces,
an exact copy of the content and where the line is the original line of the source file /usr/share/mime/packages/freedesktop.org.xml
grep ich /usr/share/mime/packages/freedesktop.org.xml > /root/lines
vim /root/lines
:%s/[[:space:]]//g
17. Configure FTP Service
a) that anonymous users can upload and download / var / ftp / pub directory contents,
b) the FTP service to boot automatically activated
yum install vsftpd
vim /etc/vsftpd/vsftpd.conf
anon_upload_enable=YES
anon_world_readable_only=NO
systemctl restart vsftpd
systemctl enable vsftpd
setsebool -P ftpd_anon_write=1
firewall-cmd --permanent --add-service=ftp
firewall-cmd --reload
chmod 777 /var/ftp/pub
chgrp ftp /var/ftp/pub
chcon -t public_content_rw_t /var/ftp/pub
18. Configure encryption sshd service access requirements are as follows
cryptographic public address
ftp://172.25.254.250/pub/exam/id_rsa.pub
you need to run their own encryption sshd service
19. Create lvm device and meet the following requirements
a) vg group name created for westosvg
B) established lvm pe apparatus size 16M
C) establishing lvm device name westoslv
D) lvm equipment fat format formatted
e) Ensure apparatus lvm power is automatically mounted at / mnt / westoslvm
pvcreate /dev/sda1
vgcreate westosvg /dev/sda1 -s 16M
lvcreate -L 100M -n westoslv westosvg
mkfs.vfat /dev/westosvg/westoslv
mkdir /mnt/westoslvm
vim /etc/fstab
/dev/wetsosvg/westoslv /mnt/westoslvm vfat defaults 0 0