RHCSA-EX200

RHCSA Practice Exam Questions -EX200

PRINCE BAJAJ
RHCSA-EX200

Starting with important Tasks

Task 1 . Install CentOS-7 Virtual machine on VMWare Workstation using image file with disk
space allocation as below :
Total Disk Space – 40 GiB
“/” - 15 GiB
“/home” - 10 GiB
“/boot” - 300 MiB
RAM Memory – 4 GiB
Procedure :
-Open VMWare Workstation Software and click on “Create a New Virtual Machine”
- Click Next and Browse the OS Image file from your local storage.
-Give Virtual Machine name and then Click Next.
-Give Maximum disk space = 40 GiB and click next.
-Customise hardware settings in case you need and click finish.
Then follow the instructions for installation.

PRINCE BAJAJ
RHCSA-EX200

Task 2. Interrupt the boot process to Set the root password as “password”.
Procedure :
- Reboot the system or start the system
- Wait for GRUB menu to appear and then press e to edit
- Find the line starting with linux16 and enter the rd.break at the end.
- Press Ctrl+x to boot the system with these options.
- At this stage, root file system is mounted in read only mode to /sysroot and must be
remounted with r/w permissions
mount -o remount,rw /sysroot -To mount the root file system with r/w permissions
chroot /sysroot -Switch

Task 3 . Set the SELinux on system.example.com in enforcing mode.

Commands :
getenforce -To check the of SELinux mode
vim /etc/selinux/config - Set the SELINUX =enforcing mode
:wq
systemctl reboot -Restart the system
sestatus or getenforce -To check status of SELinux

Task 4. Verify SELinux status on system.example.com

Commands :
sestatus or getenforce -To check status of SELinux

PRINCE BAJAJ
RHCSA-EX200

LAB SET UP PREPRATION

Steps to configure LDAP(S) Server and Integrated DNS server with FREE IPA server solution.

Commands :
yum install -y ipa-server bind-dyndb-ldap ipa-server-dns -To install all required packages
ipa-server-install -To install FreeIPA Server
Do you want to configure integrated DNS (BIND)? [no]: yes
Server host name [ipaserver.example.com]: ipaserver.example.com
Please confirm the domain name [example.com]: example.com
Please provide a realm name [EXAMPLE.COM]: EXAMPLE.COM
Directory Manager password :*********
Password (confirm): *********
IPA admin password: ********
Password (confirm): *********
Do you want to configure DNS forwarders? [yes]:no
Do you want to search for missing the reverse zone? [yes]: no
Continue to configure the system with these values? [no]: yes (approximate 15-20 minutes
firewall-cmd --permanent --add-service={ntp,http,https,ldap,ldaps,kerberos,dns} --
permanent -To allow inbound traffic
firewall-cmd --reload -To reload the firewall

PRINCE BAJAJ
RHCSA-EX200

Managing DNS zones and DNS Record Entries

kinit admin -To authenticate as IPA Admin
ipa dnszone-add 122.168.192.in-addr.arpa. -To add Reverse zone by name
ipa dnsrecord-add 122.168.192.in-addr.arpa. 254 --ptr-rec ipaserver.example.com - Adding
PTR record for 192.168.122.254
ipa dnsrecord-add example.com system --a-rec 192.168.122.10 -Adding A record for
system.example.com
ipa dnszone-show example.com -To query the DNS zone
host system.example.com -To query DNS for hostname(forward DNS lookup)
host 192.168.122.10 -To query DNS for IP (Reverse DNS lookup)
You can also use dig or nslookup utility for querying DNS Server

Creating LDAP users

kinit admin -To authenticate as Kerberos Admin
ipa user-add --homedir=/home/ldapuser/ldap --password -Creating user with non-default
home directory
mkdir -p /home/ldapuser/ldap -To create non-default home directory
chown ldap:ldap /home/ldapuser/ldap -To set user and group ownership to ldap
ipa user-add --password -To Create LDAP user ldap1 and ldap2 with Default home
directories
mkdir /home/ldap1 -To create home directory for ldap1 user
mkdir /home/ldap2 -To create home directory for ldap2 user
chown ldap1:ldap1 /home/ldap1 -To set user and group ownership to ldap1
chown ldap2:ldap2 /home/ldap2 -To set user and group ownership to ldap

PRINCE BAJAJ
RHCSA-EX200

Exporting LDAP Home Directories on ipaserver.example.com with NFS Service

yum install nfs-utils -To install NFS Service

systemctl start nfs-server.service -To start NFS service
systemctl enable nfs-server.service -To enable NFS service
vim /etc/exports -To define the export
/home *(rw)
:wq
exportfs -arv -To export the NFS share
firewall-cmd --add-service={nfs,rpc-bind,mountd} --permanent -To add NFS service on
Firewall
firewall-cmd --reload -To make the definition effective

Configure SAMBA share on ipaserver.example.com

yum install samba samba-common -To install Samba Service
systemctl start smb nmb -To Start Samba service
systemctl enable smb nmb -To enable Samba service
mkdir /samba - To create directory to be shared
vim /etc/samba/smb.conf - To define Samba Share
[samba]
comment = samba_share
path = /samba
writable = yes
:wq
firewall-cmd --add-service=samba –permanent -To add service on firewall
firewall-cmd –reload -To make the firewall definition effective
semanage fcontext -a -t samba_share_t “/samba(/.*)?” - To apply correct Selinux context
type
restorecon -Rv /samba -To restore the selinux context

PRINCE BAJAJ
RHCSA-EX200

Deploy,Configure and Maintain Systems

Task 1. Execute command to change system to run in “Graphical” target.

-Make this setting persistent and system should boot in same target on next reboot.
SYSTEMD Targets:
Commands
systemctl get-default -To Display the current SYSTEMD Target
systemctl isolate graphical.target -To change the SYSTEMD target in current session
systemctl set-default graphical.target -To set the SYSTEMD target which system will use by
default
cd /usr/lib/systemd/system -Directory containing SYSTEMD units of installed Packages
cd /etc/systemd/system -Directory containing local SYSTEMD Configurations
man systemd.unit -Manual page for SYSTEMD Units

Task 2. Assign the host name ‘system.example.com’ to your machine.

Commands :
hostnamectl --To display the current hostname assigned to system
hostnamectl set-hostname system.example.com --To assign new hostname to machine

PRINCE BAJAJ
RHCSA-EX200

Task 3. Configure the IP 192.168.122.10 on eth0 interface on ‘system.example.com’ and set

the DNS IP as 192.168.122.254.
- IP assigned must be static.
Commands :
nmcli connection show -To display existing connections with interface names and status
ip address -To display the existing interfaces with IP address assigned and status of
interfaces
nmcli connection add con-name system type ethernet ifname eth0 ip4 192.168.122.10/24
-To add new connection
nmcli connection modify ipv4.dns 192.168.122.254 ipv4.method manual -To assign DNS IP
and Make connection static
nmcli connection up system -To activate the connection
cd /etc/sysconfig/network-scripts -To verify the connection settings
cat /etc/resolv.conf -To verify DNS IP address

Task 4. Create local yum repository at location /root/system_repo on local system.

- Repo should be created with yum group information to use yum groups.
Commands :
yum repolist -To list the repositories configured for system
yum groups list hidden -To list yum group packages
mount -o loop CentOS_DVD.iso /mnt -To mount image file on /mnt directory
mkdir /root/system_repo -To create the directory for repository
cp -iv /mnt/Packages/*rpm /root/system_repo -Copy all the *.rpm files from packages
folder to /root/repo
cp /mnt/repodata/*comps.xml /root/system_repo -Copy the comps.xml file from
repodata directory to /root/repo
createrepo -g *comps.xml /root/system_repo -To create the repository with group
information
man createrepo -Manual page for createrepo

PRINCE BAJAJ
RHCSA-EX200

Task 5. Configure the system to use repository present at /root/system_repo.

Configuration :
vim /etc/yum.repos.d/system.repo //Add below lines in system.repo file
name = system_repo
baseurl = file:///root/system_repo
gpgcheck = 0
enabled = 1
:wq
yum clean all -To clear the cache
yum repolist -To list the repositories configured for system
yum groups list -To list yum group packages

PRINCE BAJAJ
RHCSA-EX200

Task 6. Schedule a script /test.sh as user “riya” which should be executed every 15 minutes

Commands :
crontab -u riya -e -As root ,to make entry as riya user
*/15 * * * * /test.sh -Add this line in crontab file
:wq -Write to file and quit
crontab -u riya -l -List all the crontab entries for riya

PRINCE BAJAJ
RHCSA-EX200

Task 7. Schedule a script /test1.sh as user “bob” which should be executed 12:15 every
Monday.
- User “bob” should be able to create entry in crontab file.

Commands :
vim /etc/cron.allow -Open cron.allow as root and allow user bob
bob -Make Entry in cron.allow file
:wq
su - bob -To switch to user bob
crontab -l -List all the crontab entries created by bob
crontab -e -open the crontab file in editing mode
15 12 * * 1 /test1.sh -Add this line in crontab file
:wq -Write to file and quit
crontab -l -List the crontab entries to verify the changes done

PRINCE BAJAJ
RHCSA-EX200

Task .8 Schedule below command using at to execute 30 minutes from now.

ps -ef > process.txt
-Check the queue of at jobs to verify
Commands :
yum install at –Intall the package in not installed
systemctl status atd –To check status
at now + 30 minutes -Execute at to schedule job
at>ps -ef > process.txt
Ctrl+d
atq -Check at jobs queue
atrm – To delete jobs

PRINCE BAJAJ
RHCSA-EX200

Task 9. Install the “autofs” service and configure to start at boot.

Commands :
yum install autofs -y //To install autofs package
systemctl start autofs //To start the autofs service
systemctl enable autofs //To configure the service to start at boot

Task 10. Configure the system to use NTP server - ipaserver.example.com.

- Configure iburst option to make the initial synchronisation faster.
Commands :
systemctl status chronyd -To check the status chronyd service

Configuration file :
vim /etc/chrony.conf -Open the configuration file with vim edior
server ipaserver.example.com iburst -Add this line in file to Configure system to use NTP
server
:wq
chronyc sources -To verify the NTP server

PRINCE BAJAJ
RHCSA-EX200

Task 11. Upgrade system to new kernel and this should be default kernel.
- Use the kernel Package from Downloads directory.
Commands :
rpm -qa gpg-pubkey* -Query the PUBKEY to verify if it is present on system
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 -To import PUBKEY if not present
rpm --checksig package_name -Check the PGP signature of packages before installing
rpm -Uvh package_name - To install/Update kernel package
cat /boot/grub2/grubenv - To check the saved default menu entry
grub2-set-default 0 - To change the default menu entry
systemctl reboot - Restart the system to boot with new kernel
man rpm -To check manual page for rpm
man rpmkeys -To check manual page for rpmkeys

In the exam, you might need to download kernel package from webserver. You can
download by pasting http link on Firefox Web Browser or with wget command.

PRINCE BAJAJ
RHCSA-EX200

Task 12. Modify GRUB2(Bootloader) not to boot the system with GUI Mode booting
screen(rhgb).
-Also all boot messages should be shown on the screen
-Make sure interface names(eth*) should be used.

Commands :
vim /etc/default/grub -Open the GRUB settings file in editing mode
GRUB_CMDLINE_LINUX= “vconsole.keymap=us crashkernel=auto
vconsole.font=latarcyrheb-sun16 net.ifnames=0 biosdevname=0” -Edit the variable
GRUB_CMDLINE_LINUX – Remove rhgb and quiet and add net.ifnames=0 and
boisdevname=0
grub2-mkconfig -o /boot/grub2/grub.cfg -Rebuild the grub.cfg file every time when you
make changes to /etc/default/grub file.

PRINCE BAJAJ
RHCSA-EX200

Task 1. Establish SSH connection to “ipaserver.example.com” from “system.example.com”

- Use user “riya” to make this connection.
Commands :
systemctl status sshd - To check the status of SSH Service
ssh riya@ipaserver.example.com -To establish ssh connection
Enter password for riya : ******
hostname -To verify “riya” is connected to ipaserver.example.com

PRINCE BAJAJ
RHCSA-EX200

Task 2. Securely copy /root/details file from “system.example.com” to

“ipaserver.example.com” to /backup directory.
- Use the password "password" for this task.
Commands :
man scp - Manual page for scp
scp /root/details ipaserver.example.com:/backup/ -To transfer file securely with scp
Enter password for root : ******

Task 3. Copy all lines starting with word “Sed“ or “sed” from /file.txt and copy to file
"/word/file“
Commands :
man grep - Manual page for grep
more /file.txt | grep -i ^sed > /word/file
more /word/file

Task 4. Copy all lines not containing “sEd or SeD" from file /root/rhcsa.txt to /root/results.txt
file.
Commands :
more /root/rhcsa.txt | grep -v -i "sEd" > /root/results.txt - To copy lines not containing sed
or Sed
more /root/results.txt - To verify the results

PRINCE BAJAJ
RHCSA-EX200

Task 5. Find all the files owned by user “riya” and redirect the output to /root/riya_files
Commands :
find / -user riya -type f > /root/riya_files -To copy files owned by riya

Task 6. Locate the file “dummy.txt” searching through "/" file system and save the output in
/location file.
Commands :
find / -name “dummy.txt” -type f > /location -To find file with name “dummy.txt”
cat /location -To verify the results

Task 7. Locate the files with extension “.txt” searching through "/" file system and save the
output in /text file.
Commands :
find / -name “*.txt” -type f > /text -To find file with extension “.txt”
cat /text -To verify the results

Task 8. Find all the directories owned by user “bob” and save the output to /bob_dir.
Commands :
find / -user bob -type d > /bob_dir -To copy directories owned by bob
cat /bob_dir -To verify the results

PRINCE BAJAJ
RHCSA-EX200

Task 9. Find all the directories and files owned by user with userid 1002 and save the
output to /uid1002.
Commands :
find / -uid 1002 > /uid1002 -To copy all files and directories owned by user with uid 1002
cat /uid1002 -To verify the results

Task 10. Use tar command to archive all contents of /home directory in /root/home.tar file.
- Compress the archived files using bzip2
Commands :
tar -cjvf home.tar.bz2 /home -To archive all the contents of /home directory in home.tar file
ls -l --block-size=MB -To display the output in MB to check gain after compressing the
archive

Task 11. Use tar command to extract the contents of home.tar.bz2 to / directory.
- Delete contents of /home directory before extracting the data.
Commands :
tar -xvf home.tar.bz2 -C / -To extract all the contents from home.tar.bz2 directory in /
directory
cd /home -Change to home Directory
ls -l - List the contents ,Contents should be recovered

Task 12. Use tar command to archive all contents of /etc directory in /root/etc.tar file.
- Compress the archived files using gzip
Commands :
tar -czvf etc.tar.gz /etc -To archive all the contents of /etc directory in /root/etc.tar file

PRINCE BAJAJ
RHCSA-EX200

Task 13. Use gunzip command to decompress contents of /root/etc.tar.gz

Use bunzip2 command to decompress contents of /root/home.tar.bz2
Commands :
gunzip /root/etc.tar.gz - To decompress contents of /root/etc.tar.gz
bunzip2 /root/etc.tar.bz2 - To decompress contents of /root/home.tar.bz2
man gunzip -To check manual page
man bunzip2 -To check manual page

Task 14. Create directory /test and set the user ownership to riya and Group ownership to
sys.
-Remove all the permissions for others on this directory
-Give full permissions at group level

Commands :
mkdir /test- To create directory /test
chown riya:sys /test - To change user ownership and group ownership
chmod 770 /test -To remove all permissions for others and giving full permissions at group
level
chmod g+w,o-rx /test - Alternate method to removing permissions for others and assigning
permissions as group level
ls -ld /test -To verify the permissions
man chown -To check man for chown,search for EXAMPLES

Task 15. Create symbolic link for file “/test/sys/link/file” in /root directory.
Commands :
cd /root -Change directory to /root
ln -s /test/sys/link/file - To Create sym link

PRINCE BAJAJ
RHCSA-EX200

Task 1. CPU intensive Process with name dd is running on system with NICE value of -5 and
taking more CPU attention than default.
Adjust the niceness value to 5 so that CPU pays less attention to this process.
Commands :
top - To check the NICE value and priority
renice -n 5 -p PID - To adjust nice value

NICE value can be between -20 to 19. Lesser the NICE value, more CPU resources will be
used. Higher the NICE value, Less CPU attention will be given.
-Never run process with nice value of -20 ,CPU will give highest priority and no other jobs
will be able to run.

Task 2 . Run the below command in back ground with NICE value of 10.
sleep 3600
Commands :
nice -n 10 sleep 3600 & - To start a process with pre-defined nice value

PRINCE BAJAJ
RHCSA-EX200

Task 3 . Kill the process dd to stop forcefully.

Command :
kill -9 PID - To start a process with pre-defined nice value

Task 4. Install RedHat/CentOS 7 on system as guest OS using KVM hypervisor.

-Virtual machine must be started at boot process.
Prerequisites : (When using Linux as Host Operating System)
-Host machine CPU must have 64-bit architecture
-Virtualization must be enabled from BIOS setting of Machine
- Check cat /proc/cpuinfo | grep vmx (for Intel Processors)
Commands :
yum groups install “Virtualization Host” or yum install libvirt virt-manager qemu-kvm -
To install required packages
systemctl status libvirtd - To check status of libvirtd
virt-manager - Then follow the installation sequence
virsh list --all -To list all KVMs running on machine
virsh start machine_name – To start the machine console
virsh reboot machine_name -To reboot the machine

PRINCE BAJAJ
RHCSA-EX200

Task 1. Create a user with name “lisa” with password “access”.

- Use UID 434 for this user.
- User should have non-interactive shell.
Commands :
useradd -u 434 -s /sbin/nologin lisa -To create user with UID 434 and non-interactive login
shell
passwd lisa -To set the password for user lisa
Related files :
/etc/passwd - Contains the user account information i.e. login name ,home
directory,UID,GID Shell
/etc/shadow - Contains the encrypted password information and Password aging and
account expirations info
/etc/group - Contains the group related information

PRINCE BAJAJ
RHCSA-EX200

Task 2 . Create a user “lara” with home directory /lara/private and set password “access”
- At first login, it should prompt to change the password.
- Password should be set to expire after every one month.
Commands :
mkdir -p /lara/private -To create the home directory for user
useradd -d /lara/private lara -To create user with non-default home directory /lara/private
chown lara:lara /lara/private -To set User and Group Owner as lara on this directory
chmod 700 /lara/private – To restrict the access to lara for her home directory
passwd lara -To set the password for user lara
chage lara -To set the Maximum password age and Password change after first login

Related files :
/etc/passwd - Contains the user account information i.e. login name ,home
directory,UID,GID Shell
/etc/shadow - Contains the encrypted password information and Password aging and
account expirations info
/etc/group - Contains the group related information

Task 3. Create a group named “sys” and assign this group to user “lara” as secondary group.
- GID 555 should be used.
Commands :
groupadd -g 555 sys - To Create group sys with GID 555
usermod -aG sys lara -To assign sys group to user lara as supplementary group

Related files :
/etc/group - Contains the group related information

PRINCE BAJAJ
RHCSA-EX200

Task 4. Create user “harry” and set password as ‘access’.

st
- Account should expire on 31 Dec 2018
- Password should expire every 7 days.
- Set password expiry warning to 2 days
Commands :
useradd harry -To create user harry with default settings
passwd harry -To set the password for user harry
chage harry -To set the Maximum password age ,password expiry warning and account
expiration date

Related files :
/etc/passwd - Contains the user account information i.e. login name ,home
directory,UID,GID Shell
/etc/shadow - Contains the encrypted password information and Password aging and
account expirations info
/etc/group - Contains the group related information

Task 5. Create the directory /home and set the group and user ownership to “sys” and “lisa”
respectively.
- Give read only access to group “sys” and ‘rwx’ access to “lisa”.
Commands :
mkdir /home -To create directory /home
chown lisa:sys /home-To set lisa as user owner and sys as group owner

PRINCE BAJAJ
RHCSA-EX200

Task 6. Authenticate “system.example.com” against LDAP server configured on

“ipaserver.example.com”.
-BASE DN: dc=example,dc=com
- Get the certificate from “/root/ca.cert"
- LDAP User “ldap” should be able to login into your system.
Commands :
Method 1. (Using nslcd)
yum install nss-pam-ldapd -y -To install LDAP Client Daemon
systemctl start nslcd; systemctl enable nslcd – To star/enable nslcd daemon
cp /root/ca.cert /etc/openldap/cacerts/ - Copy certificate on /etc/openldap/cacerts/
authconfig-tui - To authenticate system against LDAP server
vim /etc/nslcd.conf | grep -v ^# - To verify configurations
su - ldap -User should be able to login but should not be able to get to home directory
Method 2. (Using sssd)
yum groups install “Directory Client” -To install packages required for LDAP client
cp /root/ca.cert /etc/openldap/cacerts/ -Copy the CA certificate to this location
authconfig-tui - To authenticate system against LDAP server
vim /etc/sssd/sssd.conf - To verify configurations
su - ldap -User should be able to login but should not be able to get to home directory
Note – In exam, You might be asked to download certificate from some web server , you
can download with wget command.

PRINCE BAJAJ
RHCSA-EX200

Task 7. Verify LDAP Authentication configured in last task.

Commands :
Method 1. (If nslcd is used)
systemctl status nslcd -To check the status of LDAP Client Service
vim /etc/nslcd.conf | grep -v ^# - To verify configurations
su - ldap -User should be able to login
Method 2. (if sssd used)
systemctl status sssd -To check the status of LDAP Client Service
vim /etc/sssd/sssd.conf - To verify configurations
su - ldap -User should be able to login

Task 8. Configure “system.example.com” to automount home directory of LDAP user “ldap”

when logged in.
-Home directory of LDAP user is /home/ldapuser/ldap
- Home directory is shared by “ipaserver.example.com” through NFS export
- LDAP user should get his home directory when logged in.
Commands :
yum install autofs -To install packages required autofs
systemctl start autofs -To Start the service
systemctl enable autofs -To enable the service to start automatically on boot
vim /etc/auto.master
/home/ldapuser /etc/auto.ldap
:wq
vim /etc/auto.ldap
ldap ipaserver.example.com:/home/ldapuser/ldap
:wq
systemctl restart autofs -Restart the autofs service
su - ldap -Switch to user ldap
pwd -ldap home directory should be shown

PRINCE BAJAJ
RHCSA-EX200

Task 9. Configure “system.example.com” to automount home directory of LDAP users

“ldap1” and “ldap2”.
-Home directory of LDAP users ldap1 and ldap2 is /home/ldap1 and /home/ldap2
respectively.
- Home directory is shared by “ipaserver.example.com” through NFS export
- LDAP user should get his home directory when logged in.
Commands :
yum install autofs -To install packages required autofs
systemctl start autofs -To Start the service
systemctl enable autofs -To enable the service to start automatically on boot
vim /etc/auto.master
/home /etc/auto.ldap12 -To define Base location for home directory
:wq
vim /etc/auto.ldap12
* ipaserver.example.com:/home/&
:wq
systemctl restart autofs -Restart the autofs service
su - ldap1 -Switch to user ldap1 (Also check for ldap2)
pwd - home directory of ldap users should be shown

Task 10 . Delete existing user “maria” from system.example.com

- User home directory and mailbox should also be deleted.
Command :
userdel -r maria -To delete user and also home directory and mail spool

PRINCE BAJAJ
RHCSA-EX200

Task 11. Modify user harry account so that harry should be able to use root permissions with
sudo.
- Create a test user with user name TEST as harry user
Commands:
vim /etc/group - Find the group wheel and add user harry to this group
wheel:x:10:harry
:wq
su - harry -Switch to user harry
sudo useradd TEST - Add user TEST as user harry with sudo and it should be created

PRINCE BAJAJ
RHCSA-EX200

Task 1. Create a disk partition of 2 GiB size and mount this on /partition directory.
- Partition should use xfs file system.
- Mount should be persistent.
Commands :
fdisk /dev/sda -To create partition (We will create extended partition)
First input : n , Second input : e , Two times Enter(to assign remaining space for Logical
partitions) ,
Third input : n , Enter (Default First sector),Fourth input: +2G ,wq (to save and quit)
partprobe -To inform kernel about this partition
mkdir /partition -To create the mount directory
mkfs.xfs /dev/sda5 -To create xfs File System on partition
mkdir /partition -To create the mount directory
mount /dev/sda5 /partition -To mount partition on directory /partition
mount -To check the mounted File system
lsblk -To list block devices

PRINCE BAJAJ
RHCSA-EX200

Task 2. Create a disk partition of size 1 GiB and mount this for read only access on /fat
directory.
-Use vfat file system for the partition
- Mount should be persistent
Commands :
fdisk /dev/sda -To create partition (We will create logical partition)
First input : n ,Enter(Default First sector), Second input : +1G ,wq (to save and quit)
partprobe -To inform kernel about this partition
mkdir /fat -To create the mount directory
mkfs -t vfat /dev/sda6 -To create vfat File System on partition
mount /dev/sda6 /fat -To mount partition on directory /partition
mount -To check the mounted File system
lsblk -To list block devices
vim /etc/fstab
/dev/sda6 /fat vfat ro 0 0 (make entry in fstab file)

Task 3. Configure and add 1 GiB swap space to your system.

Commands :
fdisk /dev/sda -To create partition (We will create logical partition)
First input : n ,Enter (Default First sector), Second input : +1G , Third input : t ,Enter( for
default Partition),Fourth input : 82 ,wq (to save and quit)
partprobe -To inform kernel about this partition
mkswap /dev/sda7 - To configure partition as SWAP
vim /etc/fstab
/dev/sda7 swap swap defaults 0 0 (make entry in fstab file)
swapon -a -To activate SWAP as per entry in fstab file
free -m -To verify Added SWAP

PRINCE BAJAJ
RHCSA-EX200

Task 4. Configure logical volume with name “lv_volume” which should use 200 MiB from
volume group vg_group.
-ext4 file system should be used
- Mount this on /log_vol directory and mount should be persistent.
Commands :
fdisk /dev/sda -To create partition (We will create logical partition)
First input : n ,Enter, Second input :+300M ,Third input : t,Enter( for default
Partition),Fourth input : 8e ,wq (to save and quit)
partprobe -To inform kernel about this partition
pvcreate /dev/sda8 - To create physical volume
vgcreate vg_group /dev/sda8 -To create volume group
lvcreate -n lv_volume -L 200M vg_group -To create logical volume on volume group
mkdir /log_vol - To create mount directory
mkfs -t ext4 /dev/vg_group/lv_volume -To create ext4 File System for logical volume
mount /dev/vg_group/lv_volume /log_vol -To mount logical volume on directory /vol_log
mount -To check the mounted File system
lsblk -To list block devices
vim /etc/fstab
/dev/vg_group/lv_volume /log_vol ext4 defaults 0 0 (make
entry in fstab file)
mount -a -To mount persistently through fstab file

PRINCE BAJAJ
RHCSA-EX200

Task 5. Configure logical volume with name “volume” which should use 20 PE’s from
volume group “group”.
-Size of PE should be 16 MiB and file system used must be ext4 file system.
- Mount this on /volume directory and mount should be persistent.
- Use UUID to mount this.
Commands :
fdisk /dev/sda -To create partition (We will create logical partition)
First input : n ,Enter, Second input : +400M , Third input : t, Enter( for default
Partition),Fourth input : 8e ,wq (to save and quit)
partprobe -To inform kernel about this partition
pvcreate /dev/sda9 - To create physical volume
vgcreate -s 16M group /dev/sda9 -To create volume group with PE size of 16 MiB
lvcreate -n volume -l 20 group -To create logical volume on volume group using 20 PE’s
mkdir /volume - To create mount directory
mkfs -t ext4 /dev/home/volume -To create ext4 File System for logical volume
mount /dev/home/volume /volume -To mount logical volume on directory /volume
mount -To check the mounted File system
lsblk -To list block devices
vim /etc/fstab
/dev/home/volume /volume ext4 defaults 0 0 (make entry
in fstab file)
mount -a -To mount persistently through fstab file

PRINCE BAJAJ
RHCSA-EX200

Task 6. Configure LVM with name “lvm” from volume group “vgroup” of size 1 GiB.
-Logical volume should use complete free space on volume group.
- Create ext4 file system on this volume.
Commands :
fdisk /dev/sda -To create partition (We will create logical partition)
First input : n ,Enter, Second input : +1G , Third input : t ,Enter, Fourth input : 8e ,wq (to
save and quit)
pvcreate /dev/sda11 - To create physical volume
vgcreate vgroup /dev/sda11 -To create volume group
lvcreate -n lvm -l 100%FREE vgroup -To create logical volume using all free space on
volume group
mkfs.ext4 /dev/vgroup/lvm -To create ext4 File System for logical volume

Task 7. Resize the lvm “log" so that after reboot size should be in between 217MiB to
245MiB.
-Make sure complete logical volume should be usable.
Commands :
lvdisplay -To display logical volumes
lvextend -r -L +130M /dev/vg/log -To extend the logical volume and resize file system

Task 8. Extend size of LVM with name “lvm” to 2 GiB.

-Create new partition to increase the size of volume group.
- Format the complete volume with ext4 file system.
Commands :
fdisk /dev/sda -To create partition (We will create logical partition)
First input : n ,Enter, Second input : +2G , Third input : t ,Enter, Fourth input : 8e ,wq (to
save and quit)
pvcreate /dev/sda12 - To create physical volume
vgextend vgroup /dev/sda12 -To extend volume group
lvcreate -r -L +1G /dev/vgroup/lvm -To extend the logical volume by 1 GiB
mkfs.ext4 /dev/vgroup/lvm -To create ext4 File System for logical volume

PRINCE BAJAJ
RHCSA-EX200

Task 9. Create a standard partition of size 200 MiB and format this with ext4 file system.
- Change the file system to xfs and verify same.
Commands :
fdisk /dev/sda -To create partition (We will create logical partition)
First input : n ,Enter(To select default first sector), Second input : +200MiB ,wq (to save and
quit)
partprobe -To inform kernel about the partition
mkfs.ext4 /dev/sda13 -Create ext4 file system for partition
mkfs.xfs -f /dev/sda13 -Force the file system change to xfs
blkid - To verify

Task 10. Create a directory /private/home

- Set the user ownership to “lisa” and group ownership to “sys”.
- Give full permissions to group “sys” on this directory.
- User “riya” should have no access on this directory.
- Add user “bob” to group “sys”.
- Files created by user “bob” and “lara” should have group ownership to “sys”.
Commands :
mkdir -p /private/home -To create directory
chown lisa:sys /private/home -To set the user and group ownership
chmod g+rwx /private/home - To provide full access to group
yum install acl -To install the package for acl if not already installed
setfacl -R -m u:riya:- /private/home -To remove all access for riya on this directory
setfacl -R -m d:u:riya:- /private/home -To apply same for future files and sub-directories
under this directory
getfacl /private/home - To display acl applied to directory
usermod -aG sys bob -To assign supplementary group to bob
chmod g+s /private/home -To set the GID bit
getfacl /private/home - To display acl applied to directory

PRINCE BAJAJ
RHCSA-EX200

Task 11. Create a directory /system and configure the access as per below conditions :
-User “harry” should have full access on directory.
- User “bob” should have read-only access on this directory.
- User “lisa” have no access on this directory.
- Same access rules should be applicable to future files created under this directory.
Commands :
mkdir /system -To create directory
yum install acl -To install the package for acl if not already installed
setfacl -R -m u:harry:rwx /system -To configure acl for harry
setfacl -R -m d:u:harry:rwx /system -Default acl for harry
setfacl -R -m u:bob:rx /system -To configure acl for bob
setfacl -R -m d:u:bob:rx /system -Default acl for bob
setfacl -R -m u:lisa:- /system -To configure acl for lisa
sefacl -R -m d:u:lisa:- /system -Default acl for lisa
getfacl /system -Display acls

PRINCE BAJAJ
RHCSA-EX200

Task 12. Discover the NFS share exported by NFS server “ipaserver.example.com”

-Mount the share /nfsshare on directory /share and mount should be persistent.
- NFS version 3 should be used
Commands:
yum install “Network File System Client” -To install NFS Client
showmount -e ipaserver.example.com - To discover NFS exports
mkdir /share -To create directory
mount -o nfsvers=3 ipaserver.example.com:/nfshare /share -To mount NFS export with
NFSv3 to test if it works
umount /share -Unmounting NFS export
vim /etc/fstab -Mounting persistently through fstab file
ipaserver.example.com:/nfsshare /share nfs _netdev,nfsvers=3 0 0
:wq
mount -a -To mount through fstab file
mount -To display the mounted file systems

PRINCE BAJAJ
RHCSA-EX200

Task 13. Discover the samba share and mount share “samba” on /smb1 directory with
“smb1” user.
- Use the password “password” to mount this share.
Commands:
yum install samba-client cifs-utils -Install required Packages for Samba-Client
smbclient -L ipaserver.example.com -To Discover Samba Share
mkdir /smb -To create mount Directory
mount -o username=smb1 //ipaserver.example.com/samba /smb1 -To mount the samba
share to test if it works
Enter the Samba user password : *********
umount /smb1 -To Umount the Samba Share
vim /etc/fstab -Make entry in fstab file to make mount persistent
//ipaserver.example.com/samba /smb1 cifs
_netdev,username=smb1,password=password 0 0
:wq
mount –a - To mount through fstab file
mount -To verify the mounted file systems

PRINCE BAJAJ
RHCSA-EX200

Task 1. Web server (httpd) needs to access the files in /web directory. Set the correct
SELinux context type on /web directory to make this possible.
-Restore the SELinux context.
-Changes done should be persistent.
Commands :
chcon -t httpd_sys_content_t /web -To Set the Selinux Context Type for run time,not
permanent
semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?” -To set the Selinux Context Type
persistently
restorecon -R -v /web -To restore the Selinux context
ls -ldZ /web -To vefify the SELinux Context

PRINCE BAJAJ
RHCSA-EX200

Task 2. Configure the firewall on “system.example.com” to allow inbound “http” traffic.

- Changes done should be persistent.
Commands :
systemctl status firewalld -To check the status of firewalld service
firewall-cmd --get-services -To get list of firewalld services
firewall-cmd --add-service=http -To add service on firewall to allow inbound traffic for run
time environment
firewall-cmd --add-service=http --permanent -To add service on firewall persistently to
allow inbound traffic
firewall-cmd --list-all - To Display all firewall settings

Task 3. Configure the firewall to accept inbound traffic on 443/tcp port.

- Changes done should be persistent.
-Use firewall-config for this task.

Commands :
systemctl status firewalld -To check the status of firewalld service
firewall-config -To use Graphical user interface for firewall settings
firewall-cmd --list-all - To Display all firewall settings

Task 3. Configure the firewall to accept inbound traffic on 443/tcp port.

- Changes done should be persistent.
-Use firewall-config for this task.

Commands :
systemctl status firewalld -To check the status of firewalld service
firewall-config -To use Graphical user interface for firewall settings
firewall-cmd --list-all - To Display all firewall settings

PRINCE BAJAJ
RHCSA-EX200

Task 4. Configure password-less ssh login for “system.example.com” to establish

connection to “ipaserver.example.com”.
-Use passphrase "access" to protect the private key
Commands :
ssh ipaserver.example.com -To test the SSH connection
ssh-keygen -t rsa -To generate SSH Key-pair
ssh-copy-id ipaserver.example.com -To copy the public key to “ipaserver.example.com”
ssh ipaserver.example.com -Again test the SSH connection. It should not ask for password
Related Directories :
/root/.ssh -Path where private/public keypair is stored on client machine
/root/.ssh/authorized_keys –File on server where public key is saved

Task 5. List all SELinux booleans and set the SELinux boolean samba_export_all_rw to 1 to
allow Samba server to share exports with r/w permissions.
- Changes should be persistent.
Commands:
getsebool -a -To list all SELinux Booleans
setsebool -P samba_export_all_rw 1 -To set the Boolean persistently

PRINCE BAJAJ
RHCSA-EX200

GOOD LUCK !!!

PRINCE BAJAJ