[RHCSA] 03 – Operate running systems

03.1 – Boot, reboot, and shut down a system normally

1. Booting the System

Boot Process Overview

1. BIOS/UEFI: Initializes hardware and loads the bootloader from the disk’s Master Boot Record (MBR) or EFI partition.
2. Bootloader (GRUB2): Loads the Linux kernel and initial RAM disk (initramfs).
3. Kernel Initialization: Initializes system hardware and mounts the root filesystem.
4. Systemd Initialization: Starts services and targets based on system configuration.

Key Commands for Boot Management

• Check GRUB Configuration:

cat /boot/grub2/grub.cfg

• Edit GRUB at Boot Time:
  1. Press e at the GRUB menu.
  2. Edit kernel parameters as required (e.g., add rd.break for troubleshooting).
  3. Press Ctrl+x to boot with the modified parameters.

2. Rebooting the System

Reboot Command

• Reboot the System Immediately:

reboot

This command signals all processes to terminate and reboots the system.

Reboot with Delayed Timer:

• Specify a delay (in seconds):

shutdown -r +5 "System will reboot in 5 minutes"

After 5 minutes, the system will reboot.

Reboot Using Systemctl:

systemctl reboot

Broadcast a Reboot Message to Users:

• Notify logged-in users before rebooting:

wall "System is rebooting for maintenance in 2 minutes."
shutdown -r +2

3. Shutting Down the System

Shutdown Command

• Shut Down the System Immediately:

shutdown -h now

The -h flag halts the system, powering it off if supported by the hardware.

• Schedule a Shutdown:

shutdown -h +10 "System will shut down in 10 minutes"

Power Off Using Systemctl:

systemctl poweroff

Halt the System (without Power Off):

halt

4. Cancel a Scheduled Shutdown/Reboot

• To abort a scheduled shutdown or reboot:

shutdown -c

Example:

shutdown -r +5 "Rebooting in 5 minutes"
shutdown -c  # Cancels the scheduled reboot

5. Force Shutdown or Reboot

Sometimes, the system might hang and fail to shut down or reboot normally. Use the following commands:

• Force Immediate Reboot:

echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger

Caution: This forces a reboot without syncing filesystems or unmounting disks, which can cause data loss.

• Force Immediate Shutdown:

echo o > /proc/sysrq-trigger

6. Check System Logs for Boot, Reboot, and Shutdown

• Use journalctl to view logs for specific events:
  • Logs related to reboot:

journalctl -b -1

The -b option shows logs from the last boot session.

• Logs for shutdown:

journalctl --since "2024-11-28 10:00" --until "2024-11-28 11:00"

7. Ensure Proper Shutdown in Remote Sessions

If connected to a remote system via SSH, ensure you don’t get disconnected prematurely:

• Use nohup to persist a shutdown command:

nohup shutdown -h +1 &

Best Practices

• Always notify users before shutting down or rebooting shared systems.
• Check system activity (e.g., active sessions, running critical processes) using:

who
top

• Ensure filesystems are synced before forced shutdowns:

sync

Let me know if you need further notes or examples!

03.2 – Boot systems into different targets manually

To manage boot targets manually on systems following the Red Hat Enterprise Linux (RHEL) framework, you’ll primarily use systemctl and the GRUB bootloader. Here’s a detailed guide with examples for booting systems into different targets manually, relevant to the RHCSA exam.

1. Understanding System Targets

System targets in RHEL represent different boot states. They are similar to runlevels in SysVinit. Some common targets include:

2. Listing Available Targets

To list all available targets:

systemctl list-units --type=target

Example output:

UNIT                   LOAD   ACTIVE SUB    DESCRIPTION
basic.target           loaded active active Basic System
graphical.target       loaded active active Graphical Interface
multi-user.target      loaded active active Multi-User System
rescue.target          loaded active active Rescue Mode
emergency.target       loaded active active Emergency Mode

3. Checking the Current Target

To check the current boot target:

systemctl get-default

Example output:

multi-user.target

4. Setting the Default Target

To set a new default target:

sudo systemctl set-default <target>

Example: Set the system to boot into graphical mode by default.

sudo systemctl set-default graphical.target

To verify:

systemctl get-default

5. Switching Targets Temporarily

To switch to a specific target without making it permanent:

sudo systemctl isolate <target>

Example: Switch to rescue mode:

sudo systemctl isolate rescue.target

This command does not persist after a reboot.

6. Booting Into a Target Manually via GRUB

Sometimes, you might need to boot into a specific target directly during system startup. This is useful if the system is not booting properly.

Steps:

1. Access the GRUB Menu:
   • Reboot the system.
   • Press Esc (or another key like Shift) during boot to access the GRUB menu.
2. Edit the Kernel Parameters:
   • Select the desired kernel entry.
   • Press e to edit the boot parameters.
   • Locate the line starting with linux (or linux16 or linuxefi).
   • Append the desired target to the end of the line. For example:

ruby

systemd.unit=rescue.target

3. Boot the System:
   • Press Ctrl + X or F10 to boot with the modified parameters.

7. Examples of Common Scenarios

Example 1: Booting into Emergency Mode

Emergency mode provides a minimal environment and is used for critical troubleshooting.

Using systemctl:

sudo systemctl isolate emergency.target

Using GRUB:

1. Add systemd.unit=emergency.target to the kernel parameters in GRUB.

Example 2: Booting into Rescue Mode

Rescue mode provides more functionality than emergency mode and mounts the root filesystem.

Using systemctl:

sudo systemctl isolate rescue.target

Using GRUB:

1. Add systemd.unit=rescue.target to the kernel parameters in GRUB.

Example 3: Booting into Graphical Mode

Using systemctl:

sudo systemctl isolate graphical.target

8. Exam Tips

1. Understand the difference between temporary (isolate) and permanent (set-default) target changes.
2. Practice modifying GRUB parameters during boot.
3. Familiarize yourself with common targets like rescue.target and emergency.target.
4. Always test switching between targets in a virtual environment to ensure commands behave as expected.

By mastering these commands and concepts, you can confidently manage boot targets during your RHCSA exam and in real-world scenarios.

03.3 – Interrupt the boot process in order to gain access to a system

RHCSA Notes: Interrupting the Boot Process to Gain Access to a System
This topic is crucial for troubleshooting or recovering a Linux system when the root password is lost, or the system cannot boot normally. It involves booting the system into single-user mode or emergency mode using GRUB (Grand Unified Bootloader).

Steps to Interrupt the Boot Process

1. Access the GRUB Menu
   • Reboot the system.
   • During the boot process, press the Esc or Shift key (depending on your system) to access the GRUB menu.

2. Edit the GRUB Boot Parameters
3. Highlight the Kernel Entry:
   o Use the arrow keys to select the default boot entry (usually the first entry).
4. Enter Edit Mode:
   o Press e to edit the selected GRUB entry.
5. Modify the Kernel Parameters:
   o Locate the line starting with linux or linux16 (for legacy systems). This line specifies the kernel and boot options.
   o Append one of the following options to the end of this line:
    single or S: Boot into single-user mode.
    rd.break: Interrupt the boot process to access the emergency shell.
   Example:

linux /vmlinuz- root=/dev/mapper/rhel-root ro crashkernel=auto rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap single

4. Boot the Modified Entry:
   o Press Ctrl + X or F10 to boot with the modified parameters.

3. Gaining Access in Single-User Mode
   • The system boots into a root shell without requiring a password.
   • The root filesystem is mounted in read-only mode.
   • To make changes:

mount -o remount,rw /

4. Gaining Access Using rd.break
   • The system interrupts the boot process and drops into an emergency shell.
   • The root filesystem is available but not mounted.
5. Mount the Root Filesystem:
   o Identify the root filesystem:

lsblk

Mount it:

mount /dev/mapper/ /sysroot

2. Switch to the Root Filesystem:

chroot /sysroot

3. Remount the Filesystem as Read-Write:

mount -o remount,rw /

5. Resetting the Root Password (Optional)
   If the purpose of interrupting the boot process is to recover a lost root password:
6. Use the following command:

passwd

2. Enter and confirm the new root password.
3. Reboot the system:

exec /sbin/init

Example Commands Summary
• Edit GRUB entry:

linux /vmlinuz-<version> root=/dev/mapper/rhel-root ro single

• Remount filesystem as read-write:

mount -o remount,rw /

• Change root environment:

chroot /sysroot

• Reset root password:

passed

• Reboot the system:

exec /sbin/init

Precautions
• Use this method responsibly, as it provides root access without requiring authentication.
• Ensure the system is physically secure to prevent unauthorized access via GRUB.

Important Notes:

1. Security Implications:
   • Ensure physical access to your server is secured. Interrupting the boot process does not require authentication.
   • Password-protect the GRUB menu to prevent unauthorized access.
2. GRUB Password Protection:
   • To secure GRUB, generate an encrypted password and add it to the GRUB configuration.

Command to Generate Password:

grub2-mkpasswd-pbkdf2

2. Copy the generated hash and add it to /etc/grub.d/40_custom:

set superusers="root"
password_pbkdf2 root <hash>

2. Update the GRUB configuration:

grub2-mkconfig -o /boot/grub2/grub.cfg

3. SELinux Considerations:
   • When the system boots into single-user mode, SELinux may not be fully operational. Running touch /.autorelabel ensures that files are properly labeled after a reboot.

passwd
touch /.autorelabel
reboot

By following these steps, you can interrupt the boot process to troubleshoot or recover access to a Linux system effectively.

03.4 – Identify CPU/memory intensive processes and kill processes

This topic involves monitoring the system’s resource usage, identifying processes that consume high CPU or memory resources, and managing those processes (e.g., terminating them if necessary). Below are the details, examples, and commands to perform these tasks effectively.

1. Identifying CPU/Memory Intensive Processes

a. Using the top Command

The top command provides a real-time view of the system’s processes and their resource consumption.

1. Launch top:

top

1. Key Columns to Observe:
   • %CPU: Percentage of CPU usage by a process.
   • %MEM: Percentage of memory usage by a process.
   • COMMAND: Name of the process.
2. Sort by CPU Usage:
   • Press P within top to sort by CPU usage.
3. Sort by Memory Usage:
   • Press M within top to sort by memory usage.
4. Exit top:
   • Press q to quit.

b. Using the htop Command (Alternative to top)

htop is an interactive process viewer with a user-friendly interface.

1. Install htop:

sudo yum install htop

2. Launch htop:

htop

3. Filter or Search for Specific Processes:
   • Press / and type the process name.
4. Sort by CPU/Memory:
   • Use the arrow keys to navigate and press F6 to sort columns.

c. Using the ps Command

The ps command can be combined with other utilities to display processes based on resource usage.

1. View Top 10 CPU-Intensive Processes:

ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%cpu | head

2. View Top 10 Memory-Intensive Processes:

ps -eo pid,ppid,cmd,%mem,%cpu --sort=-%mem | head

3. Key Columns Explained:
   • pid: Process ID.
   • ppid: Parent process ID.
   • cmd: Command name.
   • %mem: Percentage of memory used.
   • %cpu: Percentage of CPU used.

d. Using the vmstat Command

vmstat provides overall system performance statistics.

1. Basic Usage:

vmstat 1 5

1. Outputs system statistics every second for five iterations.
2. Relevant Columns:
   • us: Percentage of CPU time spent on user processes.
   • sy: Percentage of CPU time spent on system processes.
   • id: Percentage of CPU time spent idle.

e. Using the sar Command

sysstat provides historical data on CPU and memory usage.

1. Install sysstat:

sudo yum install sysstat

2. Monitor CPU Usage:

sar -u 1 5

3. Monitor Memory Usage:

sar -r 1 5

2. Killing Processes

a. Using the kill Command

The kill command terminates processes using their PID.

1. Find the Process PID: Use ps or top to identify the PID.
2. Kill the Process:

kill <PID>

3. Force Kill (if the process does not terminate):

kill -9 <PID>

b. Using the pkill Command

The pkill command kills processes by their name.

1. Kill a Process by Name:

pkill <process_name>

2. Force Kill a Process:

pkill -9 <process_name>

c. Using the killall Command

The killall command terminates all processes with a specific name.

1. Kill All Processes with the Same Name:

killall <process_name>

2. Force Kill All Processes:

killall -9 <process_name>

d. Using the systemctl Command

If the process is managed by a service, use systemctl.

1. Stop the Service:

sudo systemctl stop <service_name>

2. Kill the Process of a Service:

sudo systemctl kill <service_name>

3. Example Scenarios

Scenario 1: Kill a CPU-Intensive Process

1. Identify a CPU-intensive process using top or ps:

ps -eo pid,%cpu,cmd --sort=-%cpu | head

2. Kill the process:

kill -9 <PID>

Scenario 2: Kill a Memory-Intensive Process

1. Identify a memory-intensive process:

ps -eo pid,%mem,cmd --sort=-%mem | head

2. Kill the process:

kill -9 <PID>

Scenario 3: Kill All Instances of a Process

If multiple instances of httpd are consuming resources:

killall -9 httpd

4. Important Notes

• Always attempt to terminate a process gracefully using kill before using kill -9.
• Killing critical system processes may cause instability. Be cautious.
• Monitor the system regularly to avoid resource exhaustion.

This detailed guide ensures you can efficiently manage CPU/memory-intensive processes and troubleshoot performance issues.

03.5 – Adjust process scheduling
Process scheduling in Linux involves managing how CPU time is allocated to running processes. This is crucial for optimizing system performance and ensuring that critical tasks are executed efficiently.

Key Concepts

1. Process Priorities:
   • Linux assigns each process a priority that determines how much CPU time it gets.
   • Priorities range from -20 (highest priority) to 19 (lowest priority).
   • By default, processes start with a priority of 0.
2. Nice Value:
   • The nice value is used to adjust a process’s priority.
   • A lower nice value results in a higher priority and vice versa.
3. Real-time Processes:
   • Real-time scheduling uses policies like RR (Round-Robin) and FIFO (First-In-First-Out) for processes requiring consistent CPU access.

Commands for Adjusting Scheduling

1. nice Command

Used to start a process with a specified nice value.

Syntax:

nice -n [nice_value] command

Example:

nice -n 10 tar -czf backup.tar.gz /home/user

• Starts the tar process with a nice value of 10, reducing its priority.

2. renice Command

Used to change the nice value of an already running process.

Syntax:

renice [nice_value] -p [PID]

Example:

renice -5 -p 1234

• Changes the priority of the process with PID 1234 to -5.

3. chrt Command

Used to manage real-time scheduling policies.

Syntax:

chrt -p [policy] [priority] [PID]

Scheduling Policies:

• SCHED_OTHER (default, normal processes)
• SCHED_RR (real-time, round-robin)
• SCHED_FIFO (real-time, first-in-first-out)

Example:

chrt -p 10 1234

• Sets the priority of the process with PID 1234 to 10 under the real-time policy.

4. ps Command

Used to view process information, including nice values.

Example:

ps -o pid,ni,cmd

• Displays the PID, nice value, and command name of running processes.

5. top or htop

Interactive tools to monitor and adjust process priorities.

Example (using top):

1. Start top by typing:

top

2. Locate the desired process.
3. Press r and enter the PID to renice the process.
4. Specify the new nice value.

Practical Examples

1. Run a CPU-intensive task with low priority:

nice -n 19 gzip largefile

1. Compress a file without significantly impacting other processes.
2. Boost the priority of a critical process:

renice -10 -p 4567

2. Assigns higher priority to a process with PID 4567.
3. Set real-time scheduling for a media application:

chrt -f 5 vlc

3. Starts VLC media player with FIFO scheduling and priority 5.

Checking Scheduling and Priority

1. Using ps:

ps -eo pid,ppid,ni,pri,cmd

1. Lists PID, parent PID, nice value, priority, and command.
2. Using chrt:

chrt -p 1234

2. Displays the scheduling policy and priority of the process with PID 1234.
3. Using top:
   • Displays dynamic process information, including priority and nice value.

Best Practices

1. Use nice and renice to manage system load without disrupting critical processes.
2. Reserve real-time scheduling (chrt) for tasks requiring guaranteed CPU time.
3. Monitor system performance using tools like top or htop.

These notes cover the essentials of adjusting process scheduling with practical examples to prepare for RHCSA certification.

03.6 – Manage tuning profiles

Tuning profiles in Red Hat Enterprise Linux are used to optimize the system’s performance for specific workloads or use cases. These profiles are managed using the tuned service and the tuned-adm command-line tool.

Key Concepts

1. tuned Service:
   • A daemon that monitors and dynamically adjusts system settings based on the active tuning profile.
2. Tuning Profiles:
   • Predefined sets of system settings optimized for specific workloads.
   • Custom profiles can also be created.
3. Tools:
   • tuned-adm: CLI tool to manage tuning profiles.

Default Tuning Profiles

Run the following command to list available tuning profiles:

tuned-adm list

Example output:

Available profiles:
- balanced
- desktop
- latency-performance
- network-latency
- network-throughput
- powersave
- throughput-performance
- virtual-guest
- virtual-host
Current active profile: balanced

Default Profile

The default profile is balanced, which provides a good trade-off between performance and power consumption.

Steps to Manage Tuning Profiles

1. Install tuned if not installed

Ensure the tuned package is installed:

sudo yum install tuned -y

2. Enable and Start the tuned Service

sudo systemctl enable --now tuned

Check the status:

sudo systemctl status tuned

3. List Available Profiles

tuned-adm list

4. Set a Profile

To apply a specific profile:

sudo tuned-adm profile <profile_name>

Example:

sudo tuned-adm profile throughput-performance

Verify the active profile:

tuned-adm active

Commonly Used Profiles

• balanced: Default profile; balances performance and power consumption.
• throughput-performance: Optimized for maximum throughput.
• latency-performance: Reduces latency for low-latency workloads.
• powersave: Reduces power consumption.
• network-latency: Optimized for low network latency.
• network-throughput: Optimized for high network throughput.

5. Custom Tuning Profiles

Create a Custom Profile

1. Navigate to the profiles directory:

cd /etc/tuned

2. Create a new directory for the custom profile:

sudo mkdir my-custom-profile

3. Create the tuned.conf file in the new directory:

sudo nano /etc/tuned/my-custom-profile/tuned.conf

4. Add custom settings to the file:

[main]
summary=My custom profile for performance
include=throughput-performance

[cpu]
governor=performance

[vm]
transparent_hugepages=never

Apply the Custom Profile

sudo tuned-adm profile my-custom-profile

6. Verify the Current Settings

To verify what settings the current profile has applied:

sudo tuned-adm verify

7. Temporarily Disable Tuning

If you want to disable tuning profiles temporarily:

sudo tuned-adm off

To re-enable:

sudo systemctl restart tuned

8. Debugging and Logs

Check the tuned logs for troubleshooting:

sudo journalctl -u tuned

Examples

Example 1: Optimize for Virtual Machines

For a virtual machine host:

sudo tuned-adm profile virtual-host

Example 2: Optimize for Network Performance

For a network-intensive workload:

sudo tuned-adm profile network-throughput

Example 3: Verify the Current Profile

sudo tuned-adm active

Example 4: Disable Transparent Hugepages

Modify the tuned.conf file in your custom profile:

[vm]
transparent_hugepages=never

Apply the profile and check the settings:

sudo tuned-adm profile my-custom-profile
sudo tuned-adm verify

By mastering these steps, you can effectively manage and optimize system performance using tuning profiles for the RHCSA exam and real-world scenarios.

03.7 – Locate and interpret system log files and journals

Locate and Interpret System Log Files and Journals

Overview

System logs are crucial for monitoring and troubleshooting in Linux. RHEL uses both traditional log files and the systemd journal.

Traditional Log Files

• Location: /var/log/
• Common Log Files:
  • /var/log/messages: General system messages.
  • /var/log/secure: Authentication and security-related messages.
  • /var/log/cron: Cron job logs.
  • /var/log/maillog: Mail server logs.
  • /var/log/boot.log: Boot process logs.
  • /var/log/dmesg: Kernel ring buffer messages.

Viewing Log Files

• Display Entire Log:

sudo cat /var/log/messages

• View Last 10 Lines:

sudo tail /var/log/secure

• Follow Log Updates in Real-Time:

sudo tail -f /var/log/cron

Searching Log Files

• Search for Specific Term:

sudo grep "Failed password" /var/log/secure

• Count Occurrences:

sudo grep -c "ssh" /var/log/messages

The systemd Journal

• Managed by: systemd-journald
• Stores: System service logs, kernel messages, boot logs.

Viewing the Journal

• View All Logs:

sudo journalctl

• View Logs Since Last Boot:

sudo journalctl -b

• View Kernel Messages:

sudo journalctl -k

• Follow Journal in Real-Time:

sudo journalctl -f

Filtering the Journal

• By Service Unit:

sudo journalctl -u sshd.service

• By Priority Level:

sudo journalctl -p err

• By Timeframe:

sudo journalctl --since "2023-10-01 12:00" --until "2023-10-01 13:00"

Persisting the Journal

By default, logs are stored in memory. To make them persistent:

1. Create Directory:

sudo mkdir -p /var/log/journal

1. Set Permissions:

sudo systemd-tmpfiles --create --prefix /var/log/journal

1. Restart Journal Service:

sudo systemctl restart systemd-journald

Log Rotation

• Managed by: logrotate
• Configuration Files:
  • Global: /etc/logrotate.conf
  • Specific: /etc/logrotate.d/

Example: Forcing Log Rotation Manually

sudo logrotate -f /etc/logrotate.conf

Analyzing Logs

• Check Disk Usage by Journal Logs:

sudo journalctl --disk-usage

• Vacuum Old Logs (e.g., keep only last 2 days):

sudo journalctl --vacuum-time=2d

Practical Examples

• Identify Failed Login Attempts:

sudo grep "Failed password" /var/log/secure

• View System Reboot History:

sudo last reboot

• Monitor Real-Time SSH Access:

sudo journalctl -u sshd.service -f

Conclusion

Being proficient in locating and interpreting system logs is essential for system administration. Regularly monitoring logs helps in early detection of issues and ensures system integrity.

03.8 – Preserve system journals

Preserving System Journals

Overview

By default, the systemd journal stores logs in volatile memory (RAM), which means the logs are lost after a reboot. To retain logs across reboots, you need to configure the journal to store logs persistently on disk.

Configuring Persistent Journals

Step 1: Create the Journal Directory

Create the directory where the journal will store persistent logs:

sudo mkdir -p /var/log/journal

Step 2: Adjust Permissions and Ownership

Ensure the directory has the correct permissions and ownership:

sudo systemd-tmpfiles --create --prefix /var/log/journal

Step 3: Modify the Journald Configuration (Optional)

Edit the /etc/systemd/journald.conf file to ensure that persistent storage is enabled:

sudo nano /etc/systemd/journald.conf

Uncomment and set the Storage parameter:

[Journal]
Storage=persistent

Save and exit the editor.

Step 4: Restart Systemd-Journald Service

Apply the changes by restarting the journal service:

sudo systemctl restart systemd-journald

Verifying Persistent Journals

Now, the journal logs will be stored persistently. You can verify this by checking logs from previous boots.

• List all boots recorded in the journal:

journalctl --list-boots

• View logs from the previous boot:

journalctl -b -1

Managing Journal Size

Persistent journals can consume significant disk space. You can manage the size using the following methods.

Configure Journald Limits

Edit /etc/systemd/journald.conf:

sudo nano /etc/systemd/journald.conf

Set limits such as:

[Journal]
SystemMaxUse=500M
SystemKeepFree=100M

• SystemMaxUse: Maximum disk space the journal may use.

• SystemKeepFree: Amount of disk space to leave free.

Vacuum Old Logs

Manually remove old logs to free up space:

• Remove logs older than a specific time:

sudo journalctl --vacuum-time=2weeks

• Limit journal size to a specific amount:

sudo journalctl --vacuum-size=1G

Example Commands

• View logs since a certain time:

journalctl --since "2023-10-01 12:00:00"

• Follow logs in real-time:

journalctl -f

Benefits of Preserving Journals

• Persistent Logs: Helps in troubleshooting issues that persist across reboots.
• Historical Data: Allows analysis of system behavior over time.
• Centralized Logging: Facilitates easier log management compared to traditional log files.

Conclusion

Configuring the systemd journal for persistent storage is essential for effective system administration. It ensures that critical log information is retained across reboots, aiding in system analysis and troubleshooting.

03.9 – Start, stop, and check the status of network services

Overview

Managing network services is a fundamental task in system administration. RHEL uses systemd and the systemctl command to control services. Common network services include sshd, httpd (Apache), vsftpd, and firewalld.

Basic systemctl Commands

• Start a Service:

sudo systemctl start <service_name>

• Stop a Service:

sudo systemctl stop <service_name>

• Restart a Service:

sudo systemctl restart <service_name>

• Reload a Service (if supported):

sudo systemctl reload <service_name>

• Check the Status of a Service:

systemctl status <service_name>

• Enable a Service to Start at Boot:

sudo systemctl enable <service_name>

• Disable a Service from Starting at Boot:

sudo systemctl disable <service_name>

Examples

Example 1: Managing the SSH Service (sshd)

• Start the SSH Service:

sudo systemctl start sshd

• Enable SSH to Start on Boot:

sudo systemctl enable sshd

• Check SSH Service Status:

systemctl status sshd

• Stop the SSH Service:

sudo systemctl stop sshd

Example 2: Managing the Apache Web Server (httpd)

• Install Apache:

sudo yum install httpd

• Start Apache:

sudo systemctl start httpd

• Enable Apache to Start on Boot:

sudo systemctl enable httpd

• Check Apache Status:

systemctl status httpd

• Restart Apache:

sudo systemctl restart httpd

Example 3: Managing the Firewall Service (firewalld)

• Start Firewalld:

sudo systemctl start firewalld

• Enable Firewalld to Start on Boot:

sudo systemctl enable firewalld

• Check Firewalld Status:

systemctl status firewalld

• Reload Firewalld Configuration:

sudo firewall-cmd --reload

Checking Service Status and Logs

• View All Active Services:

systemctl list-units --type=service --state=running

• Check for Failed Services:

systemctl --failed

• View Service Logs:

sudo journalctl -u <service_name>

Managing NetworkManager

• Check NetworkManager Status:

systemctl status NetworkManager

• Restart NetworkManager:

sudo systemctl restart NetworkManager

Enabling and Disabling Services

• Enable Service at Boot:

sudo systemctl enable <service_name>

• Disable Service at Boot:

sudo systemctl disable <service_name>

• Check if a Service is Enabled:

systemctl is-enabled <service_name>

Additional Tips

• Reload Systemd Daemon (after changes to unit files):

sudo systemctl daemon-reload

• Mask a Service (prevent it from being started):

sudo systemctl mask <service_name>

• Unmask a Service:

sudo systemctl unmask <service_name>

Notes

• Replace <service_name> with the actual name of the service (e.g., sshd, httpd).
• Use sudo to run commands with elevated privileges.
• Always check the status of a service after starting or stopping it to ensure it is in the desired state.

Conclusion

Being adept at starting, stopping, and checking the status of network services is essential for system administration and is a key competency for the RHCSA exam. Mastery of systemctl commands will enable you to manage services efficiently.

03.10 – Securely transfer files between systems

Securely Transfer Files Between Systems

Overview

Transferring files securely between systems is a fundamental skill for a system administrator. In RHEL, this is typically done using SSH-based tools like scp, sftp, and rsync. These tools encrypt the data during transfer, ensuring confidentiality and integrity.

Using scp (Secure Copy)

The scp command securely copies files between hosts over an SSH connection.

Syntax

scp [options] source destination

Examples

• Copy a local file to a remote system

scp /path/to/localfile user@remote_host:/path/to/destination/

• Copy a file from a remote system to the local system

scp user@remote_host:/path/to/remotefile /path/to/localdestination/

• Copy a directory recursively

scp -r /path/to/localdir user@remote_host:/path/to/destination/

• Specify a custom SSH port

scp -P 2222 /path/to/localfile user@remote_host:/path/to/destination/

Common Options

• -r: Recursively copy entire directories.
• -P: Specify an alternative SSH port.
• -C: Enable compression.
• -v: Verbose mode; useful for debugging.

Using sftp (Secure File Transfer Protocol)

The sftp command provides an interactive interface similar to ftp, but over an encrypted SSH connection.

Starting an SFTP Session

sftp user@remote_host

Common SFTP Commands

• ls: List files in the remote directory.
• pwd: Display the current remote directory.
• lcd: Change the local directory.
• get remotefile: Download a file from the remote system.
• put localfile: Upload a file to the remote system.
• mget remotefiles: Download multiple files.
• mput localfiles: Upload multiple files.
• exit or bye: Close the SFTP session.

Example Session

sftp user@remote_host
sftp> pwd
Remote working directory: /home/user
sftp> ls
file1.txt  file2.txt  directory
sftp> get file1.txt
Fetching /home/user/file1.txt to file1.txt
sftp> put localfile.txt
Uploading localfile.txt to /home/user/localfile.txt
sftp> exit

Using rsync (Remote Synchronization)

The rsync command efficiently synchronizes files and directories between systems.

Syntax

rsync [options] source destination

Examples

• Copy a local directory to a remote system

rsync -avz /path/to/localdir/ user@remote_host:/path/to/remotedir/

• Copy a directory from a remote system to the local system

rsync -avz user@remote_host:/path/to/remotedir/ /path/to/localdir/

Common Options

• -a: Archive mode (recursive, preserves permissions and timestamps).
• -v: Verbose output.
• -z: Compress data during transfer.
• -P: Show progress and resume partial transfers.

Excluding Files

• Exclude specific files or patterns

rsync -avz --exclude 'pattern' source destination

Example with Exclusion

rsync -avz --exclude '*.tmp' /path/to/localdir/ user@remote_host:/path/to/remotedir/

Setting Up SSH Keys for Passwordless Authentication

To automate file transfers, you can set up SSH key-based authentication.

Generate an SSH Key Pair

ssh-keygen -t rsa -b 2048

Press Enter to accept the default file location and enter a passphrase if desired.

Copy the Public Key to the Remote System

ssh-copy-id user@remote_host

Verify Passwordless Login

ssh user@remote_host

Additional Tips

• Preserve File Attributes: Use -p with scp or -a with rsync to preserve permissions, timestamps, and ownership.
• Use Compression: Enable compression with -C in scp or -z in rsync to speed up transfers.
• Verbose Output: Use -v to get detailed output useful for troubleshooting.
• Dry Run with rsync: Use --dry-run to simulate the transfer without making changes.

Security Considerations

• Always ensure you are connecting to the correct remote host to prevent man-in-the-middle attacks.
• Keep your SSH private keys secure and never share them.
• Use strong passwords or passphrases for SSH keys if not using key-based authentication.

Conclusion

Understanding how to securely transfer files between systems using scp, sftp, and rsync is essential for system administration. These tools leverage SSH to provide encrypted data transfer, ensuring security and integrity.

These notes should help you understand how to securely transfer files between systems for the RHCSA exam.