RHCE Solved Paper RHEL 6.0NETWORK INFORMATION1.desktop45.example.com (hostname)2.ipadd=192.168.0.453.example.com=192.168.0.0/24(Network Address)4.remote.test=192.168.1.0/24(crackers Address)#setup#/etc/init.d/network restart#ping 192.168.0.254#vim base.repo1. SelinuxSet SELinux to enforcing mode#setenforece 1#lokkit selinux=enforcing#sestatud2. IPforwardConfigure your host such that it can forward ipv4 packets .#vim /etc/sysctl.confnet.ipv4.ip_forward=1:wq!#sysctl -p3. SMTPConfigure an SMTP mail server. Your host should be able to receive remotemails.Mail of should be spooled to /var/spool/mail/ .#yum install postfix* -y#rpm -qa postfix#vim /etc/postfix/main.cfinet_interface=all (remove comment)#inet_interface=localhost (comment here):wq!#/etc/init.d/postfix restart#chkconfig postfix onCheck from Physical Machine.. (Remote Testing)#mail root@desktop45.example.comCheck on virtual m/c..will get mail..4. ALIASAll mails sent to admin user should be directed to natasha#vim /etc/alisesadmin: natasha:wq!#newalisesCheck from Physical Machine.. (Remote Testing)#mail admin@desktop45.example.comCheck on virtual m/c..will get mail.#su natasha$mail5. ScriptCreate a script in bash /root/script.sh such that ,If the script is run inthefollowing manner -# /root/script.sh pythono/p > perlAND# /root/script.sh perlo/p > pythonMake sure that if the no. arguement is not provided properly , then erroro/pshould be displayed aso/p > Invalid ArguementIf wrong arguement is provided , then error o/p should be displayed aso/p > python|perl#vim script.sh#!/bin/bashif [ $# -ne 1 ]; thenecho -e \nInvalid Entry\nelif [ $1 = "perl" ]; thenecho -e \npython\nelif [ $1 = "python" ]; thenecho -e \nperl\nelseecho -e \nperl|python\nfi:wq!#chmod u+x script.sh#./script.sh perl6. FTPConfigure an ftp server. User should be able to login via ftp .anonymous user can download from your site.(.my133.org) .remote.test should be denied access to ftp server.#yum install vsftpd*#vim /etc/vsftpd/vsftpd.conftcp_wrappers=YES:wq!#/etc/init.d/vsftpd restart#chkconfig vsftpd on#getsebool -a | grep ftp#setsebool -P ftp_home_dir 1#yum install nmap*#nmap 192.168.0.45 (To check the service)#vim /etc/host.denyvsftpd:ALL EXCEPT .example.com:wq!Check from Physical Machine.. (Remote Testing)#ftp 192.168.0.45 (virtual m/c ip)7. NFSShare a directory /nfsshare over a n/w ,accessable to (domainX.example.com).example.com network.Your share can be remotely tested from your physical host in(/nfs/domainXshare) /nfs/desktopX . xxx#mkdir /nfsshare#yum install nfs* -y#rpm -qa nfs-utils#vim /etc/exports/nfsshare 192.168.0.0/255.255.255.0(sync):wq!#/etc/init.d/nfs restart#chkconfig nfs onCheck from Physical Machine.. (Remote Testing)#showmount -e 192.168.0.45 #cd /nfs/domainsXhare8. LOOPMount an iso file /root/boot.iso on /disk . This mount should be persistantacross system restart#mkdir /disk#vim /etc/fstab/root/boot.iso /disk auto or(iso9660) defaults,loop 0 0:wq!#mount -a#df -hT9. SSHCongigure ssh server.This service must be accessable only over (domainX.example.com).example.com network .#yum install openssh-server* -y#yum install sshd*#/etc/init.d/sshd restart#chkconfig sshd on#vim /etc/host.denysshd:ALL EXCEPT .example.com:wq!Check from Physical Machine.. (Remote Testing)#ssh natasha@desktop45.example.com10. WebsiteHost an apache webserver over your hostname.The webpage to be hosted is shared as(ftp://host.domainX.example.com/pub/web/station.html)ftp://instructor.example.com/pub/web/station.html.The name resolution is provided on your dns server.Do not edit the webpage contents .#yum install httpd*#lftp 192.168.0.254(server)>ls > cd pub/web> get station.html#cp station.html /var/www/html/index.html#vim /etc/httpd/conf/httpd.confcopy last 7 lines & paste

ServerAdmin webmaster@desktop45.example.comDocumentRoot /var/www/htmlServerName desktop45.example.com:wq!#httpd -t #/etc/init.d/httpd restart#chkconfig httpd on#restorecon -Rv /var/www/html#elinks http://desktop45.example.comCheck from Physical Machine.. (Remote Testing)#elinks http://desktop45.example.com11. iSCSIImport an iscsi disk from the server instructor.example.com.The iscsi disk must be mounted as /mnt/iscsi.Download iscsi.txt file inmounted directory from(ftp://host.domainX.example.com/pub/)This mount should be persistant across reboot.#yum install iscsi-initiator-utils*#iscsiadm -m discovery -t st -p 192.168.0.254It gives iqn.no copy & paste it to login#iscsiadm -m node -T iqn.no (paste) -l#fdisk /dev/sdbcreate a partition>#mkfs.ext4 /dev/sdb1#mkdir /mnt/iscsi#blkid /dev/sdb1 (It gives UUID)#vim /etc/fstabUUID /mnt/iscsi ext4 defaults,_netdev 0 0:wq!#mount -a#cd /mnt/iscsi#lftp 192.168.0.254>download iscsi.txt file#df -hT12. V WebHost a virtual website over (wwwX.domainX.example.com) d.example.com . Thewebpage to be hostedis shared as (ftp://host.domainX.example.com/pub/web/www.html)ftp://instructor.example.com/pub/web/www.html .Create a DocumentRoot /var/www/virtual for hosting this page.Owner of /var/www/virtual should be harry.The name resolution is provided on your dns server.#lftp 192.168.0.254>cd pub/web> get http://www.html#mkdir /var/www/virtual#cp http://www.html /var/www/virtual/index.html#vim /etc/httpd/conf/httpd.confNamevirtualHost desktop45.example.comcopy last 7 lines & paste

ServerAdmin webmaster@www45.example.comDocumentRoot /var/www/virtualServerName www45.example.com:wq!#httpd -t#/etc/init.d/httpd restart#chkconfig httpd on#restorecon -R /var/www/virtual#chown harry /var/www/virtual#elinks http://www45.example.comCheck from Physical Machine.. (Remote Testing)#elinks http://www45.example.com15. copy the file station.html to /var/www/html/secure/index.html. Secure the file & makeit available to only localhost over apache webserver .#mkdir /var/www/html/secure#cp station.html /var/www/html/secure/index.html#vim /etc/httpd/conf/httpd.conf

order deny,allowAllow from desktop45.example.comDeny all

:wq!#httpd -t#/etc/init.d/httpd restart#chkconfig httpd on#elinks http://www45.example.comCheck from Physical Machine.. (Remote Testing)#elinks http://www45.example.com13. SambaCreate a samba share /samba with share name samba .Your workgroup should be IT .this share should be browsable . The natasha can access this shareas readable only .This share is accessable only over (domainX.example.com) example.com .#yum install samba*#mkdir /samba#vim /etc/samba/smb.confworkgroup=WORKGROUPcopy last 7 lines & paste[samba]path=/sambabrowsable=yesread list=natashahosts allow= 192.168.0.:wq!#testparm#smbpasswd -a natasha#/etc/init.d/smb restart#chkconfig smb on#chcon -R -t samba_share_t /samba#smbclient //192.168.0.45/samba -U natasha14. Cron denyThe user jean should not be able to add a cron job for herself.#vim /etc/cron.denyjean:wq!#su jean$crontab -eIt will not allow jean.16. Pass a parameter sysvctl=1 to your kernel at boot time. changes made should be persistant .#vim /boot/grub/grub.confAfter kernal entry,last write sysvctl=1:wq!