(cn)CD

(ct)Sample Exam 2

(6)Self Test
     The following questions will help you measure your understanding of the material presented in this book.

     As discussed in the introduction, the RHCE exam consists of three different, equally weighted exams: Debug (2.5 hours), Multiple Choice (1 hour), and Server Installation and Network Services Setup (2.5 hours).

     To pass, you need an average score of 80 percent on all three exams, with no score below 50 percent on any one exam. All three exams are "closed book"; on the Debug and Installation exams, you are allowed to use any documentation such as man pages that you can find on the Red Hat Linux computer. However, you are allowed a pen and paper to make any notes that you might need.

(5)Debug Exam
     It is difficult at best to provide valid sample questions for this exam. You would need a computer that you're willing to dedicate for experimental purposes. Actual debug questions would require the installation of the latest version of Red Hat Linux, configured with a specific problem. The exam conditions would delete any and all data that you have on that computer.

     For the purpose of this exam, the most practical solution is to provide a set of exercises. As described in the RHCE Exam Prep guide (www.redhat.com/training/rhce/examprep.html), "…these problems range from boot failure to problematic network services." You can use any documentation that you can find on your Red Hat Linux computer, and reinstalling Linux is not an allowed option.

     Partial credit is not allowed for any problem on this exam. You'll get four problems on this exam. Either you solve the problem and demonstrate your solution to the proctor for credit, or not. Thus, your score on this exam will be 0 percent, 25 percent, 50 percent, 75 percent, or 100 percent.

     You need to budget your time judiciously on this exam; if you can't solve one problem, you may want to give up and move on to the next problem. But you can't go back. You may be able to debug the next problem in just a few minutes. Even if you have time left over at the end of the exam, you can't go back and will not get any credit for any problems that you have abandoned.

     These are not actual questions, but exercises consistent with the guidelines in the RHCE Exam Prep guide. As exercises, they have no answers per se; however, they include a lot of information that can help you as a Linux administrator, as well as on the RHCE debug exam.

     Even for these exercises, do not use a production computer. Some or all of these exercises are designed to make Linux unbootable. If you're unable to recover from the steps documented in these exercises, you may need to reinstall Red Hat Linux. Saving any data that you have on your computer at that point may not be possible.

(6)Debug Exercise I
     In this exercise, you’ll be working without an /etc/passwd authentication file. To prepare, rename this file to something that you can remember and restore as required, such as /etc/bak.passwd. You’ll also need a rescue disk. If your computer can boot directly from your CD drive, the first Red Hat Installation CD can serve this purpose. Otherwise, you’ll also need a boot disk that also allows you access to the actual Red Hat Linux installation files, locally, or over a network. And you’ll need to know the root password for this system.

     The objective is to learn more about the authentication process.

  1. Start Red Hat Linux. Rename your /etc/passwd configuration file. One possible name is /etc/bak.passwd.
  2. Make sure you have a boot disk that can serve as a rescue disk. If you know that your computer can boot directly from your Red Hat Linux installation CD, you’re set. Otherwise, create a boot disk from the appropriate image file (boot.img, bootnet.img, or pcmcia.img).
  3. Use the reboot command to restart Linux.
  4. When you see your boot loader, probably GRUB, select your current version of Red Hat Linux.
  5. It will look like your computer boots normally.
  6. Now try to log in. Use any account that you’ve previously created on this computer. Note what happens.
    WARNING: couldn't open /etc/fstab: No such file or directory
  7. Reboot your computer. Make sure the appropriate installation boot disk or CD is installed.
  8. When you see the Red Hat Linux installation options, type linux rescue at the boot prompt.
  9. Follow the first basic steps toward regular installation of Red Hat Linux.
  10. Direct the installation program toward the source for the Red Hat Linux installation files, as required.
  11. As long as you used the linux rescue command in step 8, you’ll soon see a Rescue menu. When you do, select Continue and press ENTER.
  12. Select OK and press ENTER to continue.
  13. Remember, assuming your normal directories and filesystems are detected, they are mounted on the /mnt/sysimage directory.
  14. Restore the basic workings of your directory structure with the chroot /mnt/sysimage command.
  15. Examine the /etc/passwd- file. Compare it to your original /etc/passwd file. If you followed the suggestion in step 1, you can do this with the diff /etc/passwd- /etc/bak.passwd command. If you’ve added or deleted users recently, you’ll see a difference between the two files.
  16. Copy /etc/passwd- to /etc/passwd (these are two different files). Reboot your computer again. Remember to remove your boot disk or CD before rebooting.
  17. Try logging in as root. Log out again.
  18. Try logging in as one of the regular users in your /etc/passwd- file. Note what happens.
  19. Now restore the original /etc/passwd file. If you followed the suggestion in step 1, run the mv /etc/bak.passwd /etc/passwd command.
  20. Reboot your Linux computer and repeat steps 17 and 18.

(6)Debug Exercise II
     In this exercise, you’ll be working with a modified /etc/inittab configuration file. To prepare, back up this file to something that you can remember and restore as required, such as /etc/bak.inittab.

     The objective is to learn the effect of a corrupt or erroneous /etc/inittab file.

  1. Start Red Hat Linux. Copy and back up your /etc/inittab configuration file. One possible name is /etc/bak.inittab.
  2. Run the ps aux | less command. Note the substantial number of running processes. Save this output to a file, or send it to a printer.
  3. Open your /etc/inittab file in a text editor.
  4. Change the x in the id:x:initdefault line to 4.
  5. Comment out the l4:4:wait:/etc/rc.d/rc 4 line in /etc/inittab. Save your changes.
  6. Use the reboot command to restart Linux.
  7. Observe the messages as Linux reboots. Note how inittab starts in runlevel 4.
  8. Log in at the text console.
  9. Run the ps aux command. Note the relatively small number of running processes.
  10. Compare the output to the process list running when you started Linux in runlevel 3.
  11. Note the processes that haven’t started. Especially if you’ve already configured network processes such as NFS or Samba, note how those daemons are not active.
  12. Restore your original /etc/inittab file. Use the backup you created in step 1 if required.

(6)Debug Exercise III
     In this exercise, you’ll be working with an erroneous /etc/fstab configuration file. To prepare, copy and back up this file to something that you can remember and restore as required, such as /etc/bak.fstab. A simple mistake in editing /etc/fstab can keep your computer from booting properly.

     You’ll want to observe the result carefully.

     The objective is to learn the effect of an improperly edited /etc/fstab file.

  1. Start Red Hat Linux. Copy and back up your /etc/fstab configuration file. One possible name is /etc/bak.fstab.
  2. Edit the /etc/fstab file. For the filesystem associated with your root (/) directory, delete ext3, the standard Linux format. Save your changes.
  3. Make sure you have a boot disk that can serve as a rescue disk. If you know that your computer can boot directly from your Red Hat Linux installation CD, you’re set. Otherwise, create a boot disk from the appropriate image file (boot.img, bootnet.img, or pcmcia.img).
  4. Use the reboot command to restart Linux.
  5. When you see your boot loader, probably GRUB, select your current version of Red Hat Linux.
  6. Watch the messages as they scroll across the screen. Note the large number of references to a “Read-only file system.” Since the root directory isn’t properly recognized, Red Hat Linux tries to compensate.
  7. The boot process will stop. The actual details depend on the other filesystems that you may have configured in /etc/fstab.
  8. Reboot your computer. When you see your boot loader, probably GRUB, you’ll want to add a message to the kernel command line. In GRUB, enter p and type in your password if required. Then enter the a command to modify the kernel command line. You should see something like the following:
    grub append> ro root=/dev/hda1
  9. Type the word single at the end of this command line, and press ENTER. See what happens.
  10. You are taken to single-user mode.
  11. Now try restoring your /etc/fstab file from the backup that you made. What happens?
  12. Remount your root directory (/) in read/write mode. For example, if your root directory is normally located on /dev/hda2, run the following command:
    mount -o remount,rw /dev/hda2
  13. Try restoring your /etc/fstab file from the backup again. You should now be successful.
  14. Try the reboot command again. Linux can now find the proper formats from the original /etc/fstab and should reboot fairly normally.

(6)Debug Exercise IV
     In this exercise, you’ll be practicing with an FTP server, wu-ftpd. This is also known as the Washington University FTP server, or WU-FTP. The service can be on or off by default. It may be blocked by a firewall. Service may be denied through the /etc/xinetd.d/telnet configuration file or through /etc/hosts.deny. Ideally, you’ll be able to check your work through another computer on a LAN.

  1. Start Red Hat Linux. Check for the installation of the wu-ftpd package with the rpm -q wu-ftpd command. Install the wu-ftpd RPM if required.
  2. Check your configuration for a firewall with the /sbin/service iptables status command.
  3. If there are iptables rules active on your system, you may want to back them up with the /sbin/iptables-save > filename command.
  4. If you have iptables rules, flush them with the /sbin/iptables -F command.
  5. Check your /etc/hosts.allow and /etc/hosts.deny files. If there are rules related to in.ftpd or ALL services in either file, comment them out.
  6. Check the default status of the WU-FTP server with the /sbin/chkconfig --list wu-ftpd command. The response should be off or on. Use chkconfig to turn WU-FTP on if required.
  7. Check the /etc/xinetd.d/wu-ftpd configuration file. If there are only_from or no_access directives in this file, comment them out.
  8. Now you should be able to connect to the WU-FTP server. Try it from the local computer with the ftp localhost command. You should be able to log in as “anonymous,” or with a local user name and password.
  9. See the files you access if you log in as a real user. Repeat again with an anonymous login. Once you’re finished browsing around, log out of ftp.
  10. Repeat the ftp access request from a remote computer. Use the name or the IP address of the ftp server. Log out of ftp.
  11. On the wu-ftpd server computer, add the following line to the /etc/xinetd.d/wu-ftpd configuration file:
    no_access = 127.0.0.1
  12. Try the ftp localhost command. What happens? Is a successful login through ftp unexpected?
  13. Run the /sbin/service xinetd reload command. Repeat step 11. What happens now? If possible, try to use the ftp command to connect to the wu-ftpd server from a different computer on your LAN. Can you connect?
  14. Restore the original /etc/xinetd.d/wu-ftpd configuration file and run /sbin/service xinetd reload command again.
  15. Open the /etc/hosts.deny file in a text editor. Add the following line:
    in.ftpd : ALL
  16. Repeat step 11. What happens now? Try this again from another computer on your LAN.
  17. Restore the original /etc/hosts.deny file.
  18. Now try to set up a firewall to block yourself from accessing the WU-FTP server on the local computer.
  19. Add the following iptables chain to your firewall (the TCP/IP port for ftp is 21. You can look up the port you need in /etc/services):
    /sbin/iptables -A INPUT -s 127.0.0.1 -p tcp --dport 21 -j REJECT
  20. Verify that your computer accepted this new rule with the iptables -L command. You should see that packets destined for the WU-FTP server are to be dropped.
  21. Repeat step 12. What happens now? Try to log in via ftp again from another computer on your LAN.
  22. Note how the response is different when you block access through a firewall and through a file such as /etc/hosts.deny.
  23. Restore your original firewall. Flush the rule that you created with the /sbin/iptables -F command. Then restore the old rules if required with the /sbin/iptables-restore < filename command.