1) Basically in RHCE exam selinux must be in enforcing mode
So use
Root#setenforce 1
Or
Change in
root#system-config-securitylevel
change selinux enforcing
Or
change in
vi /etc/selinux/config
SELINUX=enforcing
So be carefully for selinux error specially in Web server , smb share , ftp server ,
Examples
a) If your share a directory in SMB then for selinux security context
Use
root# ls -ldZ /path
for checking security context
&
Use
Root#chcon -t samba_share_t /path for change to samba share context
Note :-> If in exam you have to share user home directory through selinux then use
Root#setsebool -P samba_enable_home_dirs on
b) In other cases when we have to share or publish file taken from other location like in web pages taken from RHCE server in virtual hosing in web server & ftp server .
So it's quiet confusing to remember security context of all files
So in that case best way for preventing selinux error use
Root#restorecon -R -v /path
other way for for prompting selinux error on GUI please install
setroubleshoot-plugins
setroubleshoot-server
RPM's
2) The next is that in exam it's not mention about firewall
So your 1st work is to disable firewall
Change in
Root#system-config-securitylevel
Change firewall to disable
Otherwise it may create problems for your network services
Then apply IPTABLES rule
a) Majorly iptables rules would be for blocking(other than your network) services like ssh ,ftp ,pop3-pop3s , imap-imaps
So please apply correct iptables rule with correct port no (for port no use /etc/services file) & finally use
Root#Service iptables save
for reboot persistence
3) Next thing is that your all services would be reboot persistent & your root password would be as per your exam question paper.
So 1st check your all services are working after reboot then submit your exam to your exam instructor
4) Majorly I found that resizing LVM through command mode is quite tuff work (because majorly LVM would be user home directory & you have to apply user quota in same directory . so any mistake in LVM & quota would create CTRL + D error )
so I prefer you to resize LVM in graphical mode (& if you found that graphical tool of LVM is not installed in your system then please install system-config-lvm RPM via YUM repository )
5) Apart from that precaution god forbid if you face any unrecoverable error that cannot be recovered by you then you can reinstall your system by instructor but that installation time would consider with your exam time
6) & the most important is "don't loose confidence & be fear free" because only that will help you in exam hall
You know I faced problems while giving IP of my system, dovecot implementation & smb implementation
& only my fear free thought helped me to win in these issues
That he was unable to modify /etc/passwd file
then i suggest him to use
lsattr /etc/passwd
then he find
----i-------- /etc/passwd
& then he use
chattr -i /etc/passwd
so i am posting syntax & attributes for chattr command
SYNTAX & COMMAND FOR CHATTR
chattr - change file attributes on a Linux second extended file system
SYNOPSIS
chattr [ -RV ] [ -v version ] [ mode ] files...
DESCRIPTION
chattr changes the file attributes on a Linux second extended file system.
OPTIONS
-R
Recursively change attributes of directories and their contents. Symbolic links encountered during
recursive directory traversals are ignored.
-V
Be verbose with chattr's output and print the program version.
-v version
Set the file's version/generation number.
Opcodes
+
Add attribute.
-
Remove attribute.
=
Assign attributes (removing unspecified attributes).
ATTRIBUTES
1) A file with the `i' attribute cannot be modified: it cannot be deleted or renamed, no link can be
created to this file and no data can be written to the file. Only the superuser or a process pessessing
the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.
2) A file with the `j' attribute has all of its data written to the ext3 journal before being written to
the file itself, if the filesystem is mounted with the "data=ordered" or "data=writeback" options. When
the filesystem is mounted with the "data=journalled" option all file data is already journalled and this
attribute has no effect. Only the superuser or a process possessing the CAP_SYS_RESOURCE capability can
set or clear this attribute.
3) When a file with the `s' attribute set is deleted, its blocks are zeroed and written back to the disk.
4) When a file with the `S' attribute set is modified, the changes are written synchronously on the disk;
this is equivalent to the `sync' mount option applied to a subset of the files.
5) When a file with the `u' attribute set is deleted, its contents are saved. This allows the user to ask
for its undeletion.
6) A file with the `a' attribute set can only be open in append mode for writing. Only the superuser or a
process pessessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.
7) A file with the `c' attribute set is automatically compressed on the disk by the kernel. A read from
this file returns uncompressed data. A write to this file compresses data before storing them on the
disk.
8) When a directory with the `D' attribute set is modified, the changes are written synchronously on the
disk; this is equivalent to the `dirsync' mount option applied to a subset of the files.
9) A file with the `d' attribute set is not candidate for backup when the "dump" program is run.
