考试说明
yum服务器的位置:ftp://192.168.0.254/pub/rhel6/dvd
gpgkey的位置/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
DNS:192.168.0.254
网关:192.168.0.254
ipaddr:192.168.0.x
虚拟机主机名:serverX.example.com
iscsi 服务器: instructor.example.com
rhce测试题
1. SELinux 设置为开机自动 enforcing
2. 启用内核IP转发
3. 禁用student用户使用crontab
4. ftp服务器仅允许example.com域用户匿名登录
5. mail服务器可以接收本机和远程邮件,student用户可以从远程接收邮件,邮件存放到指定目录/var/spool/mail/username
6. 配置mail别名,使发送给admin的邮件发给student
7. 配置apache服务器,下载页面:ftp://instructor.example.com/pub/materials/station.html 到 /var/www/html 作为首页,可以访问
8. 建立apache虚拟主机,下载页面:ftp://instructor.example.com/pub/materials/ 到 /www/virtual 作为首页,可以访问
9. 在/var/www/html 建一个 secret 目录,并启用身份验证,仅允许本地用户访问
10. 下载文件ftp://instructor.example.com/materials/words,查找hr字符串行,并按顺序复制到/root/lines.txt
11. 挂载 ISO 镜像文件到/mnt/img,启动时自动挂载 ftp://instructor.example.com/pub/materials/boot.iso
12. 编写一个脚本 test.sh,当执行命令“sh test.sh cat”执行脚本时,输出 dog
执行”sh test.sh dog”执行脚本时 输出 cat
执行“sh test.sh 空格或其他字符“执行脚本时,屏幕输出错误写符串。
13. 开机后查看/proc/cmdline,其中包含max_loop=16
14. 禁止只允许 192.168.0.0/24 网段用户访问 ssh 服务
15. 配置iscsi 目标:iqn.2010-09.com.example:rdisks.serverX, 永久挂载到/mnt/data,下载文件到/mnt/data 权限为0644,ftp://instructor.example.com/materials/iscsi.txt
16. nfs共享/common, 仅允许当前example.com域用户访问
17. Samba 共享/common,工作组名 STAFF,要求 browseable=yes ,harry用户可以读取密码为harry
以下是答案!========================================================
1. grep SELINUX /etc/sysconfig/selinux SELINUX=enforcing2. vim /etc/sysctl.conf net.ipv4.ip_forward = 13. vim /etc/cron.deny student4. iptables -A INPUT ! -s 192.168.0.0/24 -p tcp --dport 21 -j REJECT /etc/init.d/iptables save chkconfig iptables on5. postconf -e inet_interfaces=all yum -y install dovecot /etc/init.d/dovecot restart chkconfig dovecot on mkdir /home/student/mail/.imap/INBOX6. vim /etc/aliases admin: student postalias /etc/aliases7. cd /var/www/html/ wget ftp://instructor.example.com/pub/materials/station.html mv station.html index.html vim /etc/httpd/conf/httpd.conf NameVirtualHost *:80 DocumentRoot /var/www/html ServerName server2.example.com/etc/init.d/httpd restartchkconfig httpd on8. mkdir /www/virtual -pchcon -R --reference=/var/www/html /wwwcd /www/virtualwget ftp://instructor.example.com/pub/materials/mv index.html vim /etc/httpd/conf/httpd.conf DocumentRoot /www/virtual ServerName www2.example.com /etc/init.d/httpd restart9.mkdir /var/www/html/secret echo testpage > /var/www/html/secret/index.htmlgrep bash$ /etc/passwdroot:x:0:0:root:/root:/bin/bashstudent:x:500:500::/home/student:/bin/bashhtpasswd -cm /etc/httpd/.htpasswd roothtpasswd -m /etc/httpd/.htpasswd student cat /etc/httpd/.htpasswd root:$apr1$29J0ILbM$xBtCrHaBTUelc8pl9EZGK/student:$apr1$8ihT4fOH$HbGrtWybjPXTrXXBlaL2W/vim /etc/httpd/conf/httpd.conf DocumentRoot /var/www/html ServerName server2.example.com AuthName "secret page" AuthType basic AuthUserFile /etc/httpd/.htpasswd Require valid-user/etc/init.d/httpd restart10. wget ftp://instructor.example.com/pub/materials/wordsgrep hr words > /root/lines.txt11. wget ftp://instructor.example.com/pub/materials/boot.isomkdir /mnt/img/mnt/boot.iso /mnt/img iso9660 loop 0 0mount -a12. vim test.sh- #!/bin/bash
-
case $1 in
-
dog)
-
echo cat;
-
;;
-
cat)
-
echo dog;
-
;;
-
*)
-
echo "please show cat or dog!"
-
esac
13.vim /boot/grub/grub.confkernel max_loop=1614. iptables -A INPUT ! -s 192.168.0.0/24 -p tcp --dport 22 -j REJECT/etc/init.d/iptables savechkconfig iptables on15.iscsiadm -m discovery -t st -p 192.168.0.254Starting iscsid: [ OK ]192.168.0.254:3260,1 iqn.2010-09.com.example:rdisks.server2iscsiadm -m node -T iqn.2010-09.com.example:rdisks.server2 -p 192.168.0.254 -l ll /dev/sda fdisk -cu /dev/sda [
] partx -a /dev/sda mkfs.ext4 /dev/sda1 blkid /dev/sda1/dev/sda1: UUID="9b0369e7-289e-4e25-b270-c8a088d415fa" TYPE="ext4"vim /etc/fstabUUID="9b0369e7-289e-4e25-b270-c8a088d415fa" /mnt/data ext4 _netdev 0 0 mkdir /mnt/data mount -awget ftp://instructor.example.com/pub/materials/iscsi.txt16. mkdir /common vim /etc/exports /common 192.168.0.0/24(ro,async) exportfs -r exportfs -v/common 192.168.0.0/24(ro,async,wdelay,root_squash,no_subtree_check)17. yum install samba -ychcon -t samba_share_t /commonvim /etc/samba/smb.confworkgroup = STAFF[common]comment=commonpath=/commonbrowseable=yesuseradd -s /sbin/nologin harrysmbpasswd -a harry/etc/init.d/smb restartchkconfig smb onsmbclient //localhost/common -U harry
阅读(1335) | 评论(0) | 转发(0) |