Q1. CORRECT TEXT

You are giving RHCE exam. Examiner gave you the Boot related problem and told to you that make successfully boot the System. When you started the system, System automatically asking the root password for maintenance. How will you fix that problem?

Answer and Explanation:

Maintenance mode also known as emergency mode. System boots on emergency mode when file system error occurred. It is due to unknown partition, bad filesystem specified in /etc/fstab. To slove follow the steps

6. Give the Root password

7. fdisk -l àVerify the Number of parations.

8. Identify the Root partition, e2label /dev/hda1, e2label /dev/hda2.....

9. Remount the root partation on rw mode: mount -o remount,defaults /dev/hda6 /

10. vi /etc/fstab

Correct all partitions, mount point, mount options, file system etc.

6. Press ctrl+d

Q2. CORRECT TEXT

Change the root Password to redtophat

Answer and Explanation:

Boot the system in Single user modeUse the passwd command

Q3. CORRECT TEXT

Deny to john user login locally.

Answer and Explanation:

1. vi /etc/security/access.conf

-:john:LOCAL

2. vi /etc/pam.d/system-auth

account required /lib/security/pam_access.so

/etc/security/access.conf file helps to allow or deny login to users on the basis of origin.

Syntax of /etc/security/access.conf

permission : users : origins

The first field should be a "+" (access granted) or "-" (access denied) character.

The second field should be a list of one or more login names, group names, or ALL (always matches). A pattern of the form user@host is matched when the login name matches the "user" part, and when the "host" part matches the local machine name.

The third field should be a list of one or more tty names (for non-networked logins), host names, domain names (begin with "."), host addresses, internet network numbers (end with "."), ALL (always matches) or LOCAL (matches any string that does not contain a "." character).

In our example denied to john user to login locally.

Q4. CORRECT TEXT

Your Local Domain is example.com. Configure the send mail server for you local LAN. As well as enable the pop and pop secured protocol.

Answer and Explanation:

1. vi /etc/mail/local-host-names

example.com

2. vi /etc/mail/sendmail.mc

dnl # DEAMON_OPTIONS(`Port=smtp,Addr=127.0.0.1,Name=MTA`)dnl

3. m4 /etc/mail/sendmail.mc >/etc/mail/sendmail.cf

4. vi /etc/mail/access

192.168.0 RELAY

example.com RELAY

5. service sendmail start | restart

6. chkconfig dovecot on

7. vi /etc/dovecot.conf

protocols = pop3 pop3s

8. service dovecot start | restart

9. chkconfig dovecot on

/etc/mail/local-host-names file contains the aliases to hostname. Mail server program reads the

/etc/mail/sendmail.cf. To change the configuration on mail server, we should edit the

/etc/mail/sendmail.mc file and should generate the sendmail.cf using m4 command.

By default sendmail server allows to connect to local host only. So we should edit the

/etc/mail/sendmail.mc file to allow connect to other hosts.

By default sendmail server will not forward mail. we should specify on /etc/mail/access to relay or to block mail coming from domain or network or individual email address.

By default dovecot service start only the imap protocol. To start pop protocol with dovecot, we should write in /etc/dovecot.conf file.

Q5. CORRECT TEXT

Configure to deny the pop and imap connection from outside local LAN as well as station20.example.com.

Answer and Explanation:

1. vi /etc/hosts.deny

dovecot:ALL EXCEPT .example.com EXCEPT station20.example.com

We can secure the services using tcp_wrappers. There are main two files, /etc/hosts.allow and /etc/hosts.deny.

There will be three stage access checking

-Is access explicitly permitted? Means permitted from /etc/hosts.allow?

- Otherwise, Is access explicitly denied? Means denied from /etc/hosts.deny?

- Otherwise, by default permit access if neither condition matched.

To deny the services we can configure /etc/hosts.deny file using ALL and EXCEPT operation.

Pattern of /etc/hosts.allow and /etc/hosts.deny file is:

Demon_list:client_list:options

In Client list can be either domain name or IP address.

Q6. CORRECT TEXT

Create the group named sysuser.

Answer and Explanation:

1. groupadd sysuser

groupadd command is used to create the group and all group information is stored in /etc/group file.

Q7. CORRECT TEXT

Raw (Model) printer named printer1 is installed and shared on 192.168.0.254. You should install the shared printer on your PC to connect shared printer using IPP Protocols.

Answer and Explanation:

IPP( Internet Printing Protocol), allows administrator to manage printer through browser so CUPS is called Internet Printing Protocol based on HTTP. We can Install the printer either through:

system-confing-printer tool or through Browser.

1. Open the browser and Type on address: http://localhost:631 àCUPS (Common Unix Printing System) used the IPP protocol. CUPS use the 631 port.

2. Click on Manage Printer.

3. Click on Add Printer.

4. Type Printer name, Location, Description.

5. Select Device for bb. (Select IPP).

6. Device URL: ipp://192.168.0.254/ipp/ queue name àSame printer name of shared printer.

7. Select Model/Driver RAW printer.

8. service cups restart

Q8. CORRECT TEXT

Install the Redhat Linux RHEL 4 through NFS. Where your Server is server1.example.com having IP 192.168.0.254 and shared /var/ftp/pub. The size of the partitions are listed below:

/ à 1048

/home à 1028

/boot à 512

/var à 1028

/usr à 2048

Swap -> 1.5 of RAM Size

/data à configure the RAID Level 0 of remaining all free space.

After completing the installation through NFS solve the following questions. There are two networks 192.168.0.0/24 and 192.168.1.0/24. As well as there are two domains example.com on 192.168.0.0/24 network and cracker.org on 192.168.1.0/24 network. Your system is based on example.com domain.

Answer and Explanation:

1. Insert the CD on CD-ROM and start the system.

2. In Boot: Prompt type linux askmethod

3. It will display the language, keyboard selection.

4. It will ask you for the installation method.

5. Select the NFS Image from the list

6. It will ask the IP Address, Net mask, Gateway and Name Server. Select Use

Dynamic IP Configuration: because DHCP Server will be configured in your exam lab.

7. It will ask for the NFS Server Name and Redhat Enterprise Linux Directory.

Specify the NFS Server: 192.168.0.254

Directory: /var/ftp/pub

8. After Connecting to the NFS Server Installation start in GUI. Go up to the partition screen by selecting the different Options.

9. Create the partition According to the Question because Size and what-what partition should you create at installation time is specified in your question

10. Create the two RAID partitions having equal size of remaining all free space.

11. Click on RAID button

12. Type mount point /data

13. Select RAID Level 0

14. Click on ok

15. Then select the MBR Options, time zone and go upto package selections.

It is another Most Important Time of installation. Due to the time limit, you should care about the installation packages. At Exam time you these packages are enough.

X-Window System

GNOME Desktop

(these two packages are generally not required)

Administration Tools.

System Tools

Windows File Server

FTP Servers

Mail Servers

Web Servers

Network Servers

Editors

Text Based Internet

Server Configuration Tools

Printing Supports

When installation will complete, your system will reboot. Jump for another Question.

Q9. CORRECT TEXT

Install the Redhat Linux RHEL 4 through NFS. Where your Server is server1.example.com having IP 172.24.254.254 and shared /var/ftp/pub. The size of the partitions are listed below:

/ à 1048

/home à 1028

/boot à 512

/var à 1028

/usr à 2048

Swap -> 1.5 of RAM Size

/data à configure the RAID Level 0 of remaining all free space.

After completing the installation through NFS solve the following questions. There are two networks 172.24.0.0/16 and 172.25.0.0/16. As well as there are two domains example.com on 172.24.0.0/16 network and cracker.org on 172.25.0.0/16 network. Your system is based on example.com domain.

Answer and Explanation:

1. Insert the CD on CD-ROM and start the system.

2. In Boot: Prompt type linux askmethod

3. It will display the language, keyboard selection.

4. It will ask you for the installation method.

5. Select the NFS Image from the list

6. It will ask the IP Address, Net mask, Gateway and Name Server. Select Use Dynamic IP Configuration: because DHCP Server will be configured in your exam lab.

7. It will ask for the NFS Server Name and Redhat Enterprise Linux Directory.

Specify the NFS Server: 172.24.254.254

Directory: /var/ftp/pub

8. After Connecting to the NFS Server Installation start in GUI. Go up to the partition screen by selecting the different Options.

9. Create the partition According to the Question because Size and what-what partition should you create at installation time is specified in your question

10. Create the two RAID partitions having equal size of remaining all free space.

11. Click on RAID button

12. Type mount point /data

13. Select RAID Level 0

14. Click on ok

15. Then select the MBR Options, time zone and go upto package selections.

It is another Most Important Time of installation. Due to the time limit, you should care about the installation packages. At Exam time you these packages are enough.

X-Window System

GNOME Desktop

(these two packages are generally not required)

Administration Tools.

System Tools

Windows File Server

FTP Servers

Mail Servers

Web Servers

Network Servers

Editors

Text Based Internet

Server Configuration Tools

Printing Supports

When installation will complete, your system will reboot. Jump for another Question.

Q10. CORRECT TEXT

Port 8080

Configure the squid server to allow the Local Domain and deny to my133t.org domain.

Answer and Explanation:

At exam Lab example.com domain resides on 172.24.0.0/16 Network and my133t.org resides on 172.25.0.0/16 Network.

1. vi /etc/squid/squid.conf

#detault:

http_port 8080

#Recommended minimum configuration:

# Near the src acl src section

acl allownet src 172.24.0.0/255.255.0.0

acl denynet src 172.25.0.0/255.255.0.0

#Default:

# http_access deny all

#Under Here

http_access allow allownet

http_access deny denynet

2. service squid start

3. chkconfig squid on

squid is a proxy caching server, using squid we can share the internet, block the internet, to certain network. First we should define the port for squid, the standard port for squid is 3128. We can run squid on different port by specifying http_port portnumber.