Preface

This book was written as a lab guide to help individuals pass the RHCSA (EX200) and RHCE (EX300) exams. It is meant for those with different amounts of experience, from novice to expert, and is structured to make it easy for any reader to find what he is looking for. The book contains 22 chapters and two full-length lab exams.

Book Features

Each chapter includes the following elements to aid your learning:

• Opening topics list— This list defines the topics to be covered in the chapter; it also lists the corresponding Red Hat objectives.

• Review Questions— Review questions help reinforce what you learned and help you identify what you may need to review.

• Answers to Review Questions— Answers are provided for each of the review questions.

• Labs— Chapters conclude with several lab-based exercises that provide hands-on training and also help you to see what questions on the actual exam might be like.

The labs also include scripts that can help you with troubleshooting. The scripts use the following syntax:

• v_script_name Used to verify a service or configuration

• t_script_name Used to cause trouble on your system

I have also included two full-length labs at the end of the book intended to give you an experience like that of the real exam as well as examples of what the real exam might cover.

I have also produced an additional set of scripts that you can download that will purposely cause trouble on your system. You can download them from

• http://sourceforge.net/projects/rhcelabscripts/

Exam Registration and Costs

To register for the Red Hat exams, you must visit Red Hat’s site at http://www.redhat.com/training and enroll online. The price for the new RHCSA exam is $399, and it is 2 hours in length. With the addition of the RHCSA certification, the price of the RHCE exam has been reduced to $399 (down from $799). The RHCE exam is also 2.5 hours in length. Each exam is performance based, meaning it is given in the form of labs. With the addition of the RHCSA certification, you are now required to obtain the RHCSA before you can become RHCE certified. You can still take the RHCE exam; however, you will not receive the certification until you have completed and passed both exams.

LPIC, RHCE, and Other Things You Should Know

The Red Hat exams are a big undertaking, particularly if you have never taken a performance-based exam before. There is the unknown element of what to expect on the exam plus the amount of material you need to be familiar with. Before sitting for either of the Red Hat exams, you might want to consider completing the LPIC-1 exam series. Why? The Red Hat exams test experience and skill, not just your ability to memorize content within a book. There is also a certain skill set that you need before you take the Red Hat exams. You are expected to know basic Linux commands, to be able to navigate around a system, and to be able to perform basic file operations. Being able to effectively use some form of text editor is a good thing, too.

The LPIC-1 certification is broken down into two exams: LPIC 101 and LPIC 102. The material covered in both of these exams is equivalent to the knowledge a junior system administrator should have, and it gives you a solid foundation for taking on the Red Hat exam material. Although many topics overlap between the LPIC-1 material and the Red Hat exams, this will only help to reinforce your understanding of particular topics. You should look through the exam objectives of the LPIC-1 exams to gain a better understanding of some of the prerequisite skills required. The objectives for the LPIC-1 exams are very detailed, so they will help you identify any weak areas you might have:

• LPIC-101

  http://www.lpi.org/eng/certification/the_lpic_program/lpic_1/exam_101_detailed_objectives

• LPIC-102

  http://www.lpi.org/eng/certification/the_lpic_program/lpic_1/exam_102_detailed_objectives

If you already have a solid set of Linux skills, you should have no problem starting out here. If you don’t, you can still proceed with this book but will need to put in some extra effort in areas you don’t fully understand. One question I see frequently is, “Should I take the LPIC exams if I’m an RHCSA/RHCE?” My answer is always yes! The reason behind this is that the Red Hat exams are vendor specific, whereas the LPIC-1 exams are vendor neutral. They focus more on implementing services and working with Linux from an unbiased perspective. Holding both certifications adds diversity to your resume, and the exams shouldn’t be hard to pass with the amount of overlap in the material between the Red Hat exams and the LPIC-1 exams.

You should know the following topics (prerequisites) before you start studying for the Red Hat exams. This is by no means a complete list!

• How to use a text editor (vim, emacs, or nano)

• File system hierarchy structure

• Different types of media (/dev/sda versus /dev/hda)

• File operations:

  pwd	~	find	w
  path	cat	locate	who
  ls	more	cp
  echo	less	mv
  cd	tail	ln
  sort	head	wc

  
  

• How to search with grep

• Command piping

• The basics of sed and awk

• Compression:

  • tar

  • gunzip

  • bzip2

• Networking basics:

  • ping

  • netstat

  • ifconfig

• IP addresses, subnets, and gateways

• How to use a command line and a GUI-based email client

If you lack the experience, the introduction to this book covers a majority of these prerequisite commands. Although it shouldn’t count as a replacement for learning all these commands individually, the introduction can get you up to speed quickly if you have little to no current Linux experience.

Self-Study and Experience

One of the biggest debates I see among those studying for the Red Hat exams is, “Should I self-study or take a course?” I am a self-study person and have yet to find a halfway decent course for a price that wouldn’t give a person a heart attack. The problem that most people seem to encounter with taking a course is the cost. Simply put, they are not cheap! The average price for a Red Hat training course is around $3,000, and such a course typically consists of four to five days of classroom training (which means footing the bill and taking time off work).

The benefits to taking a course, however, are that it is tailored specifically for the exams and the instructors can help you with questions. With the self-study option, you have to balance what you think important topics are (more likely to be tested on) versus less important topics (not likely to appear on the exam). This is really a strong point of the LPIC-1 exams: They list a “weight” for each topic, so you know how heavily it will count on the exam. If you spend the time researching the experience others have had on the Red Hat exams and read through the Red Hat Exam Prep Guide, you will start to get a feel for what topics are more likely to appear on the exam.

Experience plays another big factor in taking the Red Hat exams. After much research and talking to those who have taken the exams, I believe the amount of experience presented in Table P-1 would be required for each exam.

Table P-1. Experience Recommended for the Red Hat Exams

Exam	Years of Experience
LPIC-101/102	0–1 year
LPIC-201/202	2 years
RHCSA	2 years
RHCE	3 years

Although these are only my recommendations, you will probably find, with a little research on the Web, they are pretty accurate. As you probably know too, everyone is different and learns at different rates. The biggest difference between the two exams is that the Red Hat exams are all hands-on (performance based), whereas the LPIC-1 exams are multiple choice. Unless you truly know what you are doing and have experience in the technologies listed in the Red Hat Exam Prep Guide, you will not pass the Red Hat exams. Don’t worry, though, because a little experience (either at home or on the job) and some lab work will fix that. I hope that you will have both, which makes the learning process slightly easier and more rewarding.

Materials from Red Hat

No exam would be complete without a listing of what you should know. In Red Hat’s case, the company has created a prep guide that lists the topics you need to know for the exams. With the release of Red Hat Enterprise Linux 6 and the addition of the RHCSA, the exam prep guide has become more specific about what you are required to know for the Red Hat exams. This book covers every topic you need to know for both exams. Before you begin studying, review the prep guide for each exam. If you don’t have one printed out or saved already, you can get it here:

• Red Hat RHCSA Exam Prep Guide

  https://www.redhat.com/certification/rhcsa/objectives/

• Red Hat RHCE Exam Prep Guide

  https://www.redhat.com/certification/rhce/objectives/

I have also included a copy of each in the next two sections of this preface. If you have taken an earlier version of the RHCE, you may notice that the required objectives have become more specific about what you need to know. This is good because they leave you with less guessing to do. One of the great benefits of the Red Hat exams is that they don’t list any specific technology that you must know. For example, if the exam requires that you block access to a particular service, you can choose to use TCP Wrappers, iptables, or the security of the service itself. This approach is good because, just as in the real world, there is always more than one way to do something. Another example might be the exams requiring you to set up outgoing mail using SMTP. You could use the Sendmail service or Postfix. As long as the system is allowed to send out mail, the exams don’t care how you accomplish it. The only exception, of course, is unless the exams specifically ask you to use a particular service. These requirements will be useful as you study and practice for the exams in case you already have experience with a particular service.

To aid you in setting up, configuring, and securing everything needed for the exams, Red Hat also provides documentation for its operating system. With the release of Red Hat Enterprise Linux 6, the documentation layout has also changed. The documentation guides are broken down into different sections instead of the two guides (installation guide and deployment guide) that were previously given. The following documentation is available from Red Hat:

• Installation Guide

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/index.html

• Managing Confined Services

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Confined_Services/index.html

• Migration Planning Guide

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Migration_Planning_Guide/index.html

• Security-Enhanced Linux

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security-Enhanced_Linux/index.html

• Security Guide

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/index.html

• Storage Administration Guide

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/index.html

• Virtual Server Administration

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Virtual_Server_Administration/index.html

• Virtualization Guide

  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization/index.html

You can find these guides available in HTML, EPUB, and PDF format. These guides are helpful tools when you’re studying for the exams because they provide more command options than can be covered in any book. I recommend that you keep them close by as a reference.

RHCSA Exam Prep Guide

Understand and Use Essential Tools

• Access a shell prompt and issue commands with the correct syntax.
  
  
• Use input-output redirection (>, >>, |, 2>, etc.).
  
  
• Use grep and regular expressions to analyze text.
  
  
• Access remote systems using SSH and VNC.
  
  
• Login and switch users in multi-user runlevels.
  
  
• Archive, compress, unpack, and uncompress files using tar, star, gzip, and bzip2.
  
  
• Create and edit text files.
  
  
• Create, delete, copy, and move files and directories.
  
  
• Create hard and soft links.
  
  
• List, set, and change standard ugo/rwx permissions.
  
  
• Locate, read, and use system documentation including man, info, and files in /usr/share/doc.
  
  

Operate Running Systems

• Boot, reboot, and shut down a system normally.
  
  
• Boot systems into different runlevels manually.
  
  
• Use single-user mode to gain access to a system.
  
  
• Identify CPU and memory-intensive processes, adjust process priority with renice, and kill processes.
  
  
• Locate and interpret system log files.
  
  
• Access a virtual machine’s console.
  
  
• Start and stop virtual machines.
  
  
• Start, stop, and check the status of network services.
  
  

Configure Local Storage

• List, create, delete, and set partition types for primary, extended, and logical partitions.
  
  
• Create and remove physical volumes, assign physical volumes to volumes groups, and create and delete logical volumes.
  
  
• Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and be available at system boot.
  
  
• Configure systems to mount file systems at boot by using Universally Unique ID (UUID) or labels.
  
  
• Add new partitions, logical volumes, and swap to a system non-destructively.
  
  

Create and Configure File Systems

• Create; mount; unmount; and use ext2, ext3, and ext4 file systems.
  
  
• Mount, unmount, and use LUKS-encrypted file systems.
  
  
• Mount and unmount CIFS and NFS network file systems.
  
  
• Configure systems to mount ext4, LUKS-encrypted, and network file systems automatically.
  
  
• Extend existing unencrypted ext4 formatted logical volumes.
  
  
• Create and configure set-GID directories for collaboration.
  
  
• Create and manage access control lists (ACLs).
  
  
• Diagnose and correct file permission problems.
  
  

Deploy, Configure, and Maintain Systems

• Configure network and hostname resolution statically or dynamically.
  
  
• Schedule tasks using cron.
  
  
• Configure systems to boot into a specific runlevel automatically.
  
  
• Install Red Hat Enterprise Linux automatically using kickstart.
  
  
• Configure a physical machine to host virtual guests.
  
  
• Install Red Hat Enterprise Linux systems as virtual guests.
  
  
• Configure systems to launch virtual machines at boot.
  
  
• Configure network services to start automatically at boot.
  
  
• Configure a system to run a default configuration HTTP server.
  
  
• Configure a system to run a default configuration FTP server.
  
  
• Install and update software packages from the Red Hat Network, a remote repository, or from the local file system.
  
  
• Update the kernel package appropriately to ensure a bootable system.
  
  
• Modify the system bootloader.
  
  

Manage Users and Groups

• Create, delete, and modify local user accounts.
  
  
• Change passwords and adjust password aging for local user accounts.
  
  
• Create, delete, and modify local groups and group memberships.
  
  
• Configure a system to use an existing LDAP directory service for user and group information.
  
  

Manage Security

• Configure firewall settings using system-config-firewall or iptables.
  
  
• Set enforcing and permissive modes for SELinux.
  
  
• List and identify SELinux and file process context.
  
  
• Restore default file contexts.
  
  
• Use Boolean settings to modify system SELinux settings.
  
  
• Diagnose and address routine SELinux policy violations.
  
  

RHCE Exam Prep Guide

System Configuration and Management

• Route IP traffic and create static routes.
  
  
• Use iptables to implement packet filtering and configure network address translation (NAT).
  
  
• Use /proc/sys and sysctl to modify and set kernel run-time parameters.
  
  
• Configure a system to authenticate using Kerberos.
  
  
• Build a simple RPM that packages a single file.
  
  
• Configure a system as an iSCSI initiator that persistently mounts an iSCSI target.
  
  
• Produce and deliver reports on system utilization (processor, memory, disk, and network).
  
  
• Use shell scripting to automate system maintenance tasks.
  
  
• Configure a system to log to a remote system.
  
  
• Configure a system to accept logging from a remote system.
  
  

HTTP/HTTPS

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Configure a virtual host.
  
  
• Configure private directories.
  
  
• Deploy a basic CGI application.
  
  
• Configure group-managed content.
  
  

DNS

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Configure a caching-only name server.
  
  
• Configure a caching-only name server to forward DNS queries (forwarding server).
  
  

FTP

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Configure anonymous-only downloads.
  
  

NFS

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Provide network shares to specific clients.
  
  
• Provide shares suitable for group collaboration.
  
  

Samba

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Provide network shares to specific clients.
  
  
• Provide shares suitable for group collaboration.
  
  

SMTP

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Configure a mail transfer agent (MTA) to accept inbound email from other systems.
  
  
• Configure an MTA to forward (relay) email through a smart host.
  
  

SSH

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Configure key-based authentication.
  
  
• Configure additional options described in documentation.
  
  

NTP

• Install the packages needed to provide the service.
  
  
• Configure SELinux to support the service.
  
  
• Configure the service to start when the system is booted.
  
  
• Configure the service for basic operation.
  
  
• Configure host-based and user-based security for the service.
  
  
• Synchronize time using other NTP peers.
  
  

Setting Up the Lab

Throughout this book, I show you how to use different systems to set up services, perform configurations, and implement security. In many forums I often see people asking how to set up labs or practice for the Red Hat exams. The lab used throughout this book is built completely on top of VirtualBox. VirtualBox is like VMware in that it allows you to virtualize systems. If you don’t have VirtualBox, you should grab a copy because it is free to use and very helpful when practicing labs.

• VirtualBox

  http://www.virtualbox.org/wiki/Downloads

Because you will be using many different machines in the lab environment, Chapter 1 describes how to set up Red Hat Enterprise Linux (RHEL). You can install RHEL on your own or follow along in Chapter 1 to completely set up the lab.

Table P-2 presents a layout of the lab used here. Each ID is a different virtual machine.

Table P-2. Lab Layout

ID	Hostname	Red Hat Version	IP Address	Network
1	RHEL01	RHEL6	DHCP	Bridged
			172.168.1.1	Internal
2	RHEL02	RHEL6	172.168.1.2	Internal
3	Client01	RHEL5	172.168.1.10	Internal
4	Client02	RHEL6	172.168.1.20	Internal

As you can see, four machines are used. The first is a dual-homed server that also serves as the gateway for all the internal clients. A majority of the configuration work takes place on this server, and you use the second server (RHEL02) as a backup. The two client machines are to simulate users on the network. The reason I set up the network like this for you is that all testing and configuration are done in a controlled environment (which is a good habit to get into). If something ever happens on the internal network, it doesn’t affect the rest of the external (home) network. Some other details for the lab setup include those shown in Table P-3.

Table P-3. Lab Layout

Host	Drive	Size	Layout
RHEL01	Disk 1	20GB	Default
	Disk 2	8GB
	Disk 3	8GB
	Disk 4	8GB
RHEL02	Disk 1	10GB	Default
RHEL02	Disk 1	10GB	Default
Client01	Disk 1	10GB	Default

All virtual machines use 384MB of RAM for memory. I also disabled the sound device for each virtual system because I never use it, but that is entirely up to you.

In the first chapter, you set up each virtual machine for the lab. If you have experience working with VirtualBox, you can set up your lab with the outlined requirements beforehand; otherwise, you can follow along in the first chapter.

No network is complete without documentation and a diagram to finally tie it all together. The network is represented in Figure P-1.

Figure P-1. The network diagram.

Who Should Read This Book?

The Red Hat exams are some of the most challenging exams in the Linux arena. This book is meant to be used as a hands-on lab guide to readers with all types of backgrounds. Whether you are just starting out or are a seasoned system administrator, this book helps you learn or fine-tune your skills to take the Red Hat exams. Although those just starting out need to put in more effort to learn some of the skills discussed in this book, it is possible to gain the required skills for the exams. While this book teaches you the necessary skills, the key to passing the Red Hat exams is practice, practice, practice.

How This Book Is Organized

This book is laid out in a logical format that flows from cover to cover. Although you could jump around, each chapter builds on where the previous one left off, allowing you to build a system and understand how it works from the ground up. Although each chapter covers a different set of exam objectives, the first half of the book (Chapters 2 through 12) deals primarily with the RHCSA exam. The second half of the book (Chapters 13 through 21) covers the RHCE exam.

Chapter 1, “Installation,” is an introductory chapter designed to help you install the Red Hat Enterprise Linux operating system and set up your virtual lab. The virtual lab that you set up will help you with the labs in each chapter, allowing you to build your hands-on skills for the real exams.

The first half of the book, Chapters 2 through 12, covers the following topics:

• Chapter 2, “System Initialization”—This chapter focuses on how to manage system services, system runlevels, and everything that occurs during the boot process. It also looks at how services work and are started and stopped.

• Chapter 3, “Disks and Partitioning”—This chapter addresses partitioning Red Hat systems. It discusses basic partitions, LVM, and RAID. Also covered are swap partitions and advanced use of LVM for in-depth storage management. This chapter prepares you to work with file systems in Chapter 4.

• Chapter 4, “File Systems and Such”—This chapter follows up where Chapter 3 left off. It describes file systems, how they work, and how to manage them. Also discussed are the new LUKS encryption options and file system security.

• Chapter 5, “Networking”—This chapter is all about networks. Nothing can happen unless you can communicate with other systems. This chapter describes how to set up and troubleshoot network connections and client-side DNS problems.

• Chapter 6, “Package Management”—This chapter examines how to install, search for, and remove software from Red Hat systems. It covers many different ways to work with packages, including building your own packages and package repositories.

• Chapter 7, “User Administration”—No system would be complete without users. This chapter covers user administration (creating, managing, and deleting). Also covered are switching between users and client-side authentication.

• Chapter 8, “Network Installs”—To make life easier, you can use automated installations. This chapter covers kickstart and how it can aid in the installation of Red Hat Enterprise Linux. Also covered is hands-free installation with DHCP and PXE boot clients.

• Chapter 9, “System Logging, Monitoring, and Automation”—This chapter dives into system logging and monitoring and how to interpret that data. It looks at different ways to find problems (or their answers). Also discussed is the automation of system monitoring.

• Chapter 10, “The Kernel”—This chapter discusses updating and tuning the kernel properly. Although the kernel is not a huge topic, it is important to address critical security issues with any system.

• Chapter 11, “SELinux”—This chapter covers one of the most complex topics in the book. It describes how to set up and work with SELinux without giving you a headache. Also covered is how to work with SELinux Boolean values to allow services to run properly.

• Chapter 12, “System Security”—This chapter talks all about system security, including TCP Wrappers, firewall rules, and security policies. Because firewall rules play a heavy role in all services, the second half of the book covers this topic in particular.

The second half of the book, Chapters 13 through 21, covers the following topics:

• Chapter 13, “Remote Access”—This chapter demonstrates how to remotely and securely manage your Red Hat systems. It covers SSH, the most popular remote management tool in Linux. Also covered is VNC for remote desktop management.

• Chapter 14, “Web Services”—This chapter discusses how to set up and manage Apache web servers. Because it is the most widely deployed web server in the world, this is a big topic in the Linux arena. This chapter also covers the Squid web proxy and how to use it in conjunction with Apache.

• Chapter 15, “NFS”—This chapter discusses network file systems. A great choice for centralized storage, NFS has many benefits over its SMB and FTP counterparts. Also covered in this chapter is connecting clients to NFS servers.

• Chapter 16, “Samba”—This chapter discusses Samba and how to set it up. As Samba progresses more and more, integration with Windows becomes easier for Linux systems. The chapter describes how to set up basic shares and printer services for Windows and Linux systems.

• Chapter 17, “FTP”—This chapter explains how to set up and use an FTP server. FTP is great for sharing files both securely and insecurely. The chapter describes the benefits of both, including how to troubleshoot FTP issues.

• Chapter 18, “DNS”—This chapter discusses how DNS works, server setup, and management of DNS servers. Although this is one of the most complex topics in the book, it is one of the easiest to work with after you understand it. This chapter also delves into different types of DNS servers.

• Chapter 19, “Network Services”—This chapter discusses setting up the core network services for your network. Topics include DHCP servers, NTP for time management, and more.

• Chapter 20, “Email Services”—This chapter explains how to properly set up different types of mail servers. Because email is one of the most critical business components, it is essential to understand how to work with this technology. The chapter also covers how to secure your mail servers so you don’t get overrun by spammers.

• Chapter 21, “Troubleshooting”—This chapter discusses different troubleshooting steps for a variety of topics. Although this chapter doesn’t cover all troubleshooting topics discussed throughout the book, it does cover the big topics that you should know for the exam.

The last chapter deals with Red Hat’s newest addition, virtualization:

• Chapter 22, “Virtualization with KVM”—This chapter discusses how to use virtualization with Red Hat Enterprise Linux 6. It talks about installation, setup, and configuration of virtual machines. Also discussed is how to monitor your virtual machines when they are in use.

Also included are two full exams that simulate what the real exams are like. The lab activities will help you prepare by asking you to accomplish various tasks, which is very similar to the real exam. There is one practice exam for each of the Red Hat exams this book covers. If you can comfortably make it through the full exams in the allotted time, then you should be in good shape for the real exam! In addition to the 22 chapters and 2 full labs, this book provides end of chapter questions and tasks to help you prepare for the exam. There are also additional troubleshooting scripts available for download at http://sourceforge.net/projects/rhcelabscripts.