From Fedora Project Wiki

Line 65: Line 65:
==== Log in and switch users in multi-user runlevels ====
==== Log in and switch users in multi-user runlevels ====


By default, the default multiple user environments in Fedora (and RHEL) are levels 3, 4, and 5 (the default run level is set in /etc/inittab ).  Once logged in, the shell environment (bash, by default) is loaded. 


To switch users, the su (basic syntax: su user) command may be used.  When changing users, to ensure that the user profile is updated to the target user's profile, the - character should follow su (example: su - user or su -l user).  su or su - without a user specified will default to root.


To end a user session and return to the previously logged in user session, simply run the 'exit' command.


Alternatively, sudo may be configured to run specific commands as superuser (example sudo command).  Use the visudo command to set this up.


 
Specific commands may also be set up to be run under the permissions of another user or group.  This is done by setuid or setgid.
 
 
 
 
 
 
 
 


==== Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2 ====
==== Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2 ====

Revision as of 22:04, 20 January 2012

This is the RHCSA Study Guide for the System Administration Study Group.

The study guide is intended to be printed by those who wish to study common tasks performed by many system administrators. This study guide is based upon the Red Hat Certified System Administrator Exam Objectives. Other useful study components will be added here. Community contributions are always welcome.

Understand and Use Essential Tools

Access a shell prompt and issue commands with correct syntax

Access to shell can be done by logging in at boot, or if a graphical desktop environment (X) is used, access can be gained by opening gnome-terminal, konsole, or Terminal. Alternatively, using Alt-Ctrl+fX (F1-F6) will gain access to a virtual teletype terminal. The default shell environment is bash, though sh, zsh, and csh are also available.






Use input-output redirection (>, >>, |, 2>)

The linux command prompt allows the user access to a great variety of useful tools. Furthermore, the shells support advanced ways in which the information generated by the tools can be used further. By using pipes and redirects, the user can take the output from a program (for example: cat) ad send that information to a file or another program. The following are some basic tools:

> (example: cat filename1 filename2 > filename.txt) This puts all the output of the program into a file. If the filename specified does not exist, it will be created. If the filename does exist, it will be completely overwritten, providing the user has permissions to do so.

>> (example: cat filename 1 filename2 >> filename.txt) This basically does the same thing as > except that instead of overwritting files, it ammends and adds to them. It sends the output the the very end of the specified file.

| (example: dmesg | tail | fpaste) Instead of sending the output to a file, the user can send the output to another program. In this example, the user effectively runs dmesg, the output is then sent to tail to truncate it to the last 5 lines, which is then sent to the fpaste program which will then send the output to a pastebin.


2> (example: foo 2>1 ) To understand this, you must understand that there are essentially two outputs for programs. Standard output is basically what you see on the screen (represented by the "1" in the example). Standard error contains errors that occur when the program runs that do not get sent to standard output (represented by "2"). In this example, standard error is getting send to standard output, thus displaying the messages on the screen. This is useful for debugging purposes.

2>&1, &> (example: ls > dirlist.txt 2>&1 or: ls &>dirlist.txt ) This is also functionally the same as &> and >&, though 2>&1 is more compatible. This is similar to the above example of 2>1 except that instead of piping standard error to standard output, this will send the ouput of both to a file. This is useful for debugging and logging purposes. This will create the specified output file if it doesn't exist and completely overwrite it if it does exist, providing the user has such permissions.

&>>, >> 2>&1 (example ls &>>dirlist.txt or: ls >> dirlist.txt 2>&1 ) This also will send the output to a file, but in the case the file exists, it will append the output of both standard output and stadard error to the end of the file rather than overwriting it.

Use grep and regular expressions to analyze text

Access remote systems using ssh and VNC

Remote systems can be accessed by a variety of different methods, including ssh, vnc, freenx, telnet, and rdp. ssh and vnc are the most commonly used metyhods for accessing linux systems remotely.

SSH - The ssh command can be used to access a remote server that has sshd running. The most basic syntax is ssh <hostname> or ssh <IP>. A user can be specified by ssh user@host. If a graphical interface is available at the remote machine, -X or -Y may be used to run graphical programs (recommended only for use over high bandwidth or LAN connections). ssh keys may be used to further increase the security. For more information on the features and syntax, please read the ssh manual (man ssh).

VNC - Virtual Network Computing (vnc) uses a different protocol than ssh and is primarily meant for graphical remote access. Because this protocol works by sending compressed images, it is recommended more for high bandwidth or LAN connections. VNC should be run within a graphical environment. The two clients which are primarily used are the Tiger VNC Viewer (vncviewer) and vino.

In both cases, you should ensure that your firewall allows the necessary client connections for ssh (22) and vnc (5900-590X).

Log in and switch users in multi-user runlevels

By default, the default multiple user environments in Fedora (and RHEL) are levels 3, 4, and 5 (the default run level is set in /etc/inittab ). Once logged in, the shell environment (bash, by default) is loaded.

To switch users, the su (basic syntax: su user) command may be used. When changing users, to ensure that the user profile is updated to the target user's profile, the - character should follow su (example: su - user or su -l user). su or su - without a user specified will default to root.

To end a user session and return to the previously logged in user session, simply run the 'exit' command.

Alternatively, sudo may be configured to run specific commands as superuser (example sudo command). Use the visudo command to set this up.

Specific commands may also be set up to be run under the permissions of another user or group. This is done by setuid or setgid.

Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2

Create and edit text files

Create, delete, copy and move files and directories

Create hard and soft links

List, set and change standard ugo/rwx permissions

Locate, read and use system documentation including man, info, and files in /usr/share/doc .

Operate Running Systems

Boot, reboot, and shut down a system normally








Boot systems into different runlevels manually








Use single-user mode to gain access to a system








Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes









Locate and interpret system log files








Access a virtual machine's console










Start and stop virtual machines








Start, stop and check the status of network services








Configure Local Storage

List, create, delete and set partition type for primary, extended, and logical partitions








Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes








Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot









Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label








Add new partitions, logical volumes and swap to a system non-destructively








Create and Configure File Systems

Create, mount, unmount and use ext2, ext3 and ext4 file systems








Mount, unmount and use LUKS-encrypted file systems








Mount and unmount CIFS and NFS network file systems








Configure systems to mount ext4, LUKS-encrypted and network file systems automatically








Extend existing unencrypted ext4-formatted logical volumes









Create and configure set-GID directories for collaboration








Create and manage Access Control Lists (ACLs)









Diagnose and correct file permission problems








Deploy, Configure and Maintain Systems

Configure networking and hostname resolution statically or dynamically








Schedule tasks using cron








Configure systems to boot into a specific runlevel automatically








Install Red Hat Enterprise Linux automatically using Kickstart









Configure a physical machine to host virtual guests









Install Red Hat Enterprise Linux systems as virtual guests









Configure systems to launch virtual machines at boot









Configure network services to start automatically at boot








Configure a system to run a default configuration HTTP server








Configure a system to run a default configuration FTP server








Install and update software packages from a remote repository, or from the local filesystem








Update the kernel package appropriately to ensure a bootable system








Modify the system bootloader








Configure a system to run a default configuration NTP server and synchronize time using other NTP peers








Manage Users and Groups

Create, delete, and modify local user accounts








Change passwords and adjust password aging for local user accounts








Create, delete and modify local groups and group memberships








Configure a system to use an existing LDAP directory service for user and group information








Manage Security

Configure firewall settings using system-config-firewall or iptables









Set enforcing and permissive modes for SELinux








List and identify SELinux file and process context








Restore default file contexts









Use boolean settings to modify system SELinux settings









Diagnose and address routine SELinux policy violations