live chatMcAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Pass4Test 10%OFF Discount Code

RedHat Red Hat Certified System Administrator - RHCSA - EX200 Exam Questions

QUESTION NO: 1
Create a systemd service named backup-now.service that runs /usr/local/bin/backup-now.sh.
Correct Answer:
See the solution below in Explanation.
Explanation:
Solution:
Create the script:
mkdir -p /usr/local/bin
cat > /usr/local/bin/backup-now.sh < < 'EOF'
#!/bin/bash
tar -czf /root/etc-$(date +%F).tar.gz /etc
EOF
chmod +x /usr/local/bin/backup-now.sh
Create the unit file:
cat > /etc/systemd/system/backup-now.service < < 'EOF'
[Unit]
Description=Run manual etc backup
[Service]
Type=oneshot
ExecStart=/usr/local/bin/backup-now.sh
[Install]
WantedBy=multi-user.target
EOF
Reload and test:
systemctl daemon-reload
systemctl start backup-now.service
systemctl status backup-now.service
Detailed Explanation:
* Type=oneshot is correct for a task that runs and exits.
* ExecStart points to the script.
* systemctl daemon-reload is required after adding a new unit file.
* RHEL 10 systemd documentation covers manual unit creation and management. ( Red Hat
Documentation )
QUESTION NO: 2
Build a Podman image, enable lingering for user alex, generate a systemd unit for a user container, and enable it.
Correct Answer:
See the solution below in Explanation.
Explanation:
Solution:
podman build -t myimage -f Containerfile .
loginctl enable-linger alex
cd ~/.config/systemd/user/
podman generate systemd --name mycontainer --files --new
systemctl --user daemon-reload
systemctl --user enable --now container-mycontainer.service
Detailed Explanation:
* podman build creates the container image.
* loginctl enable-linger alex allows user services to keep running without an active login session.
* podman generate systemd creates a systemd unit file for the container.
* systemctl --user manages the unit in the user session scope.
* On newer Podman releases, behavior and defaults have changed in RHEL 10, but the lab's workflow is
still conceptually valid.
QUESTION NO: 3
Configure NTP
Configure your system to synchronize with the NTP server of materials.example.com (Note: materials.example.com is an alias for classroom.example.com).
Correct Answer:
Solution:
# Install the chrony service for configuring NTP server
[root@node1 ~]# yum -y install chrony
[root@node1 ~]# vim /etc/chrony.conf
server materials.example.com iburst
[root@node1 ~]# systemctl restart chronyd
[root@node1 ~]# systemctl enable chronyd
# Check
# Set an arbitrary time
[root@node1 ~]# date -s "1982-1-1"
Fri Jan 1 12:00:00 AM EST 1982
# Restart the NTP server
[root@node1 ~]# systemctl restart chronyd
# Check if the time is synchronized
# Execute after 3-5 seconds, too fast won't synchronize the time
[root@node1 ~]# date
Tue Dec 12 11:40:19 PM EST 2023
# Use the chronyc command to check synchronization status
[root@node1 ~]# chronyc sources -v
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current best, '+' = combined, '-' = not combined,
| / 'x' = may be in error, '~' = too variable, '?' = unusable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
^* classroom.lab.example.com 8 6 17 42 -14us[ -11us] +/- 463us
QUESTION NO: 4
Configure User Account
Configure the user account "manalo" with the user ID 3533. The password for this user should be "flectrag".
Correct Answer:
Solution:
[root@node1 ~]# useradd -u 3533 manalo
[root@node1 ~]# echo flectrag | passwd --stdin manalo
QUESTION NO: 5
Create /share/projects, make alex the owner, and configure the sticky bit so users cannot delete each other's files.
Correct Answer:
See the solution below in Explanation.
Explanation:
Solution:
mkdir -p /share/projects
chown alex /share/projects/
chmod a+rwx,+t /share/projects/
ls -ld /share/projects/
Detailed Explanation:
* chmod a+rwx gives read, write, and execute to everyone.
* +t sets the sticky bit.
* Sticky bit on a shared directory means users can create files, but only the file owner, directory owner, or
root can delete them.
* This is the same model used on /tmp.
QUESTION NO: 6
Configure Container as a Service
As the user "wallah," configure a systemd service for the container:
- Container name: ascii2pdf
- Use the image named pdf created earlier.
- Service name: container-ascii2pdf
- Automatically start the service on system reboot without manual intervention.
- Configure the service to automatically mount /opt/file to /dir1 and /opt/progress to /dir2 in the container upon startup.
Correct Answer:
Solution:
# Note: Perform the following operations by SSHing into localhost as the user "wallah"
[root@node1 ~]# ssh wallah@localhost
# Prepare the relevant mapping directories
[wallah@node1 ~]$ sudo mkdir /opt/{file,progress}
[wallah@node1 ~]$ sudo chown wallah:wallah /opt/{file,progress}
# Start the container and map directories
# :Z changes the SELinux security context of the directory to allow container access.
[wallah@node1 ~]$ podman run -d --name ascii2pdf -v /opt/file:/dir1:Z -v /opt/progress:/dir2:Z pdf
[wallah@node1 ~]$ podman ps -a
# Create systemd service file
[wallah@node1 ~]$ mkdir -p ~/.config/systemd/user
[wallah@node1 ~]$ cd ~/.config/systemd/user/
[wallah@node1 ~]$ podman generate systemd -n ascii2pdf -f --new
[wallah@node1 user]$ ll
total 4
-rw-r--r--. 1 wallah wallah 770 Dec 13 01:07 container-ascii2pdf.service
# Stop and remove the existing ascii2pdf container
[wallah@node1 ~]$ podman stop ascii2pdf
[wallah@node1 ~]$ podman rm ascii2pdf
[wallah@node1 ~]$ podman ps -a
# Enable and start the container-ascii2pdf service
[wallah@node1 ~]$ systemctl --user daemon-reload
[wallah@node1 ~]$ systemctl --user enable --now container-ascii2pdf
# Check container status
[wallah@node1 ~]$ systemctl --user status container-ascii2pdf
[wallah@node1 ~]$ podman ps
# On node1, switch to the root user to perform the following operations
# Ensure that the services for the wallah user start automatically at system boot
[root@node1 ~]# loginctl enable-linger
[root@node1 ~]# loginctl show-user wallah
# Check to ensure the container starts on boot (mandatory operation)
[root@node1 ~]# reboot
[root@node1 ~]# ssh wallah@node1
[wallah@node1 ~]# podman ps
QUESTION NO: 7
Create a script to search for files
* Create a script named myresearch
* Place the script under /usr/local/bin
* The script is used to search for all files under /usr that are smaller than 10 MB and have group write permission, and place these files into /root/myfiles
Correct Answer:
Solution:
mkdir /root/myfiles
vim /usr/local/bin/myresearch
#!/bin/bash
find /usr -type f -and -size -10M -and -perm -2000 -exec cp -a {} /root/myfiles \;
:wq
chmod +x /usr/local/bin/myresearch
bash /usr/local/bin/myresearch
ll -h /root/myfiles
Script explanation:
(#!/bin/bash): #! is a conventional marker that tells the system which interpreter should be used to execute the script.
/bin/bash means the script is executed using the default Bash shell.
Here, a for loop is needed to iterate over the found GIDs (group IDs) for processing.
(awk -F':' '{print $3}' /etc/group):
awk is used to split and process text.
-F specifies the field separator.
":" indicates that the colon is used as the delimiter.
{print $3} prints the third field (the group ID).