From Fedora Project Wiki

m (moved Fedora Sys-Admin Study Guide to System Administration Study Guide: no need to have 'Fedora' in the name, plus the full name for sysadmin is better imo)
(adding local system admin tasks)
Line 1: Line 1:
 +
= Why the System Administration Study Guide? =
 +
 +
The Fedora Project is in constant need for administrators with better skills.  In a yet-to-be-named initiative, the Fedora Project wishes to help as many contributors as possible improve their basic system administration skills.  This study guide is to help those pursuing additional goals, including higher-pay, certifications and more.
 +
 +
The study guide as it stands is intended to be printed by those who wish to study common tasks performed by many system administrators.  This study guide is based upon the Red Hat Certified System Administrator and Red Hat Certified Engineer Exam preparation guides.  Other useful study components will be added here.  Community contributions are always welcome.
 +
 +
== Local System Administration Tasks ==
 +
 +
Generally speaking, the items below are specific to a local machine and do not involve services or network components.  In many cases, however, these components are the groundwork for other areas of specialization in the Linux system administration world.
 +
 
==='''Understand and Use Essential Tools'''===
 
==='''Understand and Use Essential Tools'''===
  
    * Access a shell prompt and issue commands with correct syntax
+
* Access a shell prompt and issue commands with correct syntax
 
      
 
      
  
Line 17: Line 27:
  
  
    * Use input-output redirection (>, >>, |, 2>, etc.)
+
* Use input-output redirection (>, >>, |, 2>, etc.)
  
  
Line 35: Line 45:
  
  
    * Use grep and regular expressions to analyze text
+
* Use grep and regular expressions to analyze text
  
  
Line 52: Line 62:
  
  
    * Access remote systems using ssh and VNC
+
* Access remote systems using ssh and VNC
  
  
Line 69: Line 79:
  
  
    * Log in and switch users in multi-user runlevels
+
* Log in and switch users in multi-user runlevels
  
  
Line 88: Line 98:
  
  
    * Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2
+
* Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2
  
  
Line 107: Line 117:
  
  
    * Create and edit text files
+
* Create and edit text files
  
  
Line 124: Line 134:
  
  
    * Create, delete, copy and move files and directories
+
* Create, delete, copy and move files and directories
  
  
Line 141: Line 151:
  
  
    * Create hard and soft links
+
* Create hard and soft links
  
  
Line 160: Line 170:
  
  
    * List, set and change standard ugo/rwx permissions
+
* List, set and change standard ugo/rwx permissions
  
  
Line 176: Line 186:
  
  
    * Locate, read and use system documentation including man, info, and files in /usr/share/doc .
+
* Locate, read and use system documentation including man, info, and files in /usr/share/doc .
 
        
 
        
  
Line 194: Line 204:
 
==='''Operate Running Systems'''===
 
==='''Operate Running Systems'''===
  
    * Boot, reboot, and shut down a system normally
+
* Boot, reboot, and shut down a system normally
  
  
Line 210: Line 220:
  
  
    * Boot systems into different runlevels manually
+
* Boot systems into different runlevels manually
  
  
Line 227: Line 237:
  
  
    * Use single-user mode to gain access to a system
+
* Use single-user mode to gain access to a system
  
  
Line 244: Line 254:
  
  
    * Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes
+
* Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes
  
  
Line 262: Line 272:
  
  
    * Locate and interpret system log files
+
* Locate and interpret system log files
  
  
Line 279: Line 289:
  
  
    * Access a virtual machine's console
+
* Access a virtual machine's console
  
  
Line 297: Line 307:
  
  
    * Start and stop virtual machines
+
* Start and stop virtual machines
  
  
Line 314: Line 324:
  
  
    * Start, stop and check the status of network services
+
* Start, stop and check the status of network services
  
  
Line 334: Line 344:
 
==='''Configure Local Storage'''===
 
==='''Configure Local Storage'''===
  
    * List, create, delete and set partition type for primary, extended, and logical partitions
+
* List, create, delete and set partition type for primary, extended, and logical partitions
  
  
Line 352: Line 362:
  
  
    * Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes
+
* Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes
  
  
Line 371: Line 381:
  
  
    * Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot
+
* Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot
  
  
Line 389: Line 399:
  
  
    * Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label
+
* Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label
  
  
Line 407: Line 417:
  
  
    * Add new partitions, logical volumes and swap to a system non-destructively
+
* Add new partitions, logical volumes and swap to a system non-destructively
  
  
Line 427: Line 437:
 
==='''Create and Configure File Systems'''===
 
==='''Create and Configure File Systems'''===
  
    * Create, mount, unmount and use ext2, ext3 and ext4 file systems
+
* Create, mount, unmount and use ext2, ext3 and ext4 file systems
  
  
Line 446: Line 456:
  
  
    * Mount, unmount and use LUKS-encrypted file systems
+
* Mount, unmount and use LUKS-encrypted file systems
  
  
Line 463: Line 473:
  
  
    * Mount and unmount CIFS and NFS network file systems
+
* Mount and unmount CIFS and NFS network file systems
  
  
Line 481: Line 491:
  
  
    * Configure systems to mount ext4, LUKS-encrypted and network file systems automatically
+
* Configure systems to mount ext4, LUKS-encrypted and network file systems automatically
  
  
Line 498: Line 508:
  
  
    * Extend existing unencrypted ext4-formatted logical volumes
+
* Extend existing unencrypted ext4-formatted logical volumes
  
  
Line 516: Line 526:
  
  
    * Create and configure set-GID directories for collaboration
+
* Create and configure set-GID directories for collaboration
  
  
Line 534: Line 544:
  
  
    * Create and manage Access Control Lists (ACLs)
+
* Create and manage Access Control Lists (ACLs)
  
  
Line 554: Line 564:
  
  
    * Diagnose and correct file permission problems
+
* Diagnose and correct file permission problems
  
  
Line 575: Line 585:
 
==='''Deploy, Configure and Maintain Systems'''===
 
==='''Deploy, Configure and Maintain Systems'''===
  
    * Configure networking and hostname resolution statically or dynamically
+
* Configure networking and hostname resolution statically or dynamically
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Schedule tasks using cron
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Configure systems to boot into a specific runlevel automatically
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Install automatically using Kickstart
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Configure a physical machine to host virtual guests
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Install systems as virtual guests
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Configure systems to launch virtual machines at boot
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Configure network services to start automatically at boot
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Configure a system to run a default configuration HTTP server
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Configure a system to run a default configuration FTP server
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Install and update software packages from a remote repository, or from the local filesystem
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Update the kernel package appropriately to ensure a bootable system
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Modify the system bootloader
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
=== Manage Users and Groups ===
 +
 
 +
* Create, delete, and modify local user accounts
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
* Change passwords and adjust password aging for local user accounts
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
 +
 
  
  
Line 581: Line 886:
  
  
 +
* Create, delete and modify local groups and group memberships
  
  
Line 593: Line 899:
  
  
    * Schedule tasks using cron
 
  
  
Line 601: Line 906:
  
  
 +
* Configure a system to use an existing LDAP directory service for user and group information
  
  
Line 611: Line 917:
  
  
    * Configure systems to boot into a specific runlevel automatically
 
  
  
Line 620: Line 925:
  
  
 +
=== Manage Security ===
  
 +
* Configure firewall settings using system-config-firewall or iptables
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
* Set enforcing and permissive modes for SELinux
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
* List and identify SELinux file and process context
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
* Restore default file contexts
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
* Use boolean settings to modify system SELinux settings
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
* Diagnose and address routine SELinux policy violations
  
  
Line 629: Line 1,036:
  
  
    * Install Red Hat Enterprise Linux automatically using Kickstart
 
    * Configure a physical machine to host virtual guests
 
    * Install Red Hat Enterprise Linux systems as virtual guests
 
    * Configure systems to launch virtual machines at boot
 
    * Configure network services to start automatically at boot
 
    * Configure a system to run a default configuration HTTP server
 
    * Configure a system to run a default configuration FTP server
 
    * Install and update software packages from Red Hat Network, a remote repository, or from the local filesystem
 
    * Update the kernel package appropriately to ensure a bootable system
 
    * Modify the system bootloader
 
  
Manage Users and Groups
 
  
    * Create, delete, and modify local user accounts
 
    * Change passwords and adjust password aging for local user accounts
 
    * Create, delete and modify local groups and group memberships
 
    * Configure a system to use an existing LDAP directory service for user and group information
 
  
Manage Security
 
  
    * Configure firewall settings using system-config-firewall or iptables
 
    * Set enforcing and permissive modes for SELinux
 
    * List and identify SELinux file and process context
 
    * Restore default file contexts
 
    * Use boolean settings to modify system SELinux settings
 
    * Diagnose and address routine SELinux policy violations
 
  
Links for this sub-section:
 
  
    * RHCSA Overview
 
    * Exam Details
 
    * Exam Objectives
 
    * Enroll Now
 
  
Related Links
 
  
    * Certification FAQ
 
    * Past RHCT exam objectives
 
    * Re-certification Policies
 
    * Verify a Certification
 
    * Certification Success Packs
 
    * RHCE Success Stories
 
    * Contact Us
 
  
  
  
 
==='''System Configuration and Management'''===
 
==='''System Configuration and Management'''===
 +
 +
  
 
* Route IP traffic and create static routes
 
* Route IP traffic and create static routes

Revision as of 18:19, 7 February 2011

Why the System Administration Study Guide?

The Fedora Project is in constant need for administrators with better skills. In a yet-to-be-named initiative, the Fedora Project wishes to help as many contributors as possible improve their basic system administration skills. This study guide is to help those pursuing additional goals, including higher-pay, certifications and more.

The study guide as it stands is intended to be printed by those who wish to study common tasks performed by many system administrators. This study guide is based upon the Red Hat Certified System Administrator and Red Hat Certified Engineer Exam preparation guides. Other useful study components will be added here. Community contributions are always welcome.

Local System Administration Tasks

Generally speaking, the items below are specific to a local machine and do not involve services or network components. In many cases, however, these components are the groundwork for other areas of specialization in the Linux system administration world.

Understand and Use Essential Tools

  • Access a shell prompt and issue commands with correct syntax








  • Use input-output redirection (>, >>, |, 2>, etc.)









  • Use grep and regular expressions to analyze text









  • Access remote systems using ssh and VNC









  • Log in and switch users in multi-user runlevels










  • Archive, compress, unpack and uncompress files using tar, star, gzip, and bzip2










  • Create and edit text files









  • Create, delete, copy and move files and directories









  • Create hard and soft links










  • List, set and change standard ugo/rwx permissions








  • Locate, read and use system documentation including man, info, and files in /usr/share/doc .








Operate Running Systems

  • Boot, reboot, and shut down a system normally








  • Boot systems into different runlevels manually









  • Use single-user mode to gain access to a system









  • Identify CPU/memory intensive processes, adjust process priority with renice, and kill processes









  • Locate and interpret system log files









  • Access a virtual machine's console









  • Start and stop virtual machines









  • Start, stop and check the status of network services









Configure Local Storage

  • List, create, delete and set partition type for primary, extended, and logical partitions









  • Create and remove physical volumes, assign physical volumes to volume groups, create and delete logical volumes










  • Create and configure LUKS-encrypted partitions and logical volumes to prompt for password and mount a decrypted file system at boot









  • Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label









  • Add new partitions, logical volumes and swap to a system non-destructively









Create and Configure File Systems

  • Create, mount, unmount and use ext2, ext3 and ext4 file systems










  • Mount, unmount and use LUKS-encrypted file systems









  • Mount and unmount CIFS and NFS network file systems









  • Configure systems to mount ext4, LUKS-encrypted and network file systems automatically









  • Extend existing unencrypted ext4-formatted logical volumes









  • Create and configure set-GID directories for collaboration









  • Create and manage Access Control Lists (ACLs)










  • Diagnose and correct file permission problems










Deploy, Configure and Maintain Systems

  • Configure networking and hostname resolution statically or dynamically









  • Schedule tasks using cron









  • Configure systems to boot into a specific runlevel automatically










  • Install automatically using Kickstart










  • Configure a physical machine to host virtual guests










  • Install systems as virtual guests










  • Configure systems to launch virtual machines at boot










  • Configure network services to start automatically at boot











  • Configure a system to run a default configuration HTTP server











  • Configure a system to run a default configuration FTP server











  • Install and update software packages from a remote repository, or from the local filesystem











  • Update the kernel package appropriately to ensure a bootable system










  • Modify the system bootloader










Manage Users and Groups

  • Create, delete, and modify local user accounts











  • Change passwords and adjust password aging for local user accounts










  • Create, delete and modify local groups and group memberships










  • Configure a system to use an existing LDAP directory service for user and group information










Manage Security

  • Configure firewall settings using system-config-firewall or iptables










  • Set enforcing and permissive modes for SELinux










  • List and identify SELinux file and process context











  • Restore default file contexts










  • Use boolean settings to modify system SELinux settings










  • Diagnose and address routine SELinux policy violations










System Configuration and Management

  • Route IP traffic and create static routes









  • Use iptables to implement packet filtering and configure network address translation (NAT)








  • Use /proc/sys and sysctl to modify and set kernel run-time parameters








  • Configure system to authenticate using Kerberos









  • Build a simple RPM that packages a single file









  • Configure a system as an iSCSI initiator that persistently mounts an iSCSI target








  • Produce and deliver reports on system utilization (processor, memory, disk, and network)








  • Use shell scripting to automate system maintenance tasks








  • Configure a system to log to a remote system









  • Configure a system to accept logging from a remote system











Network Services

  • Install the packages needed to provide the service









  • Configure SELinux to support the service









  • Configure the service to start when the system is booted









  • Configure the service for basic operation









  • Configure host-based and user-based security for the service








HTTP/HTTPS

  • Configure a virtual host








  • Configure private directories









  • Deploy a basic CGI application








  • Configure group-managed content









DNS

  • Configure a caching-only name server











  • Configure a caching-only name server to forward DNS queries









FTP

  • Configure anonymous-only download









NFS

  • Provide network shares to specific clients









  • Provide network shares suitable for group collaboration









SMB

  • Provide network shares to specific clients









  • Provide network shares suitable for group collaboration









SMTP

  • Configure a mail transfer agent (MTA) to accept inbound email from other systems









  • Configure an MTA to forward (relay) email through a smart host








SSH

  • Configure key-based authentication








NTP

  • Synchronize time using other NTP peers