Friday, May 28, 2010

Red Hat RHCE course learnings

I recently did the RH300 fast-track Red Hat Certified Engineer course, and learnt a few things. Some of the things I learnt were specific to red hat, some were genuinely new, and some were things I knew but had forgotten. Here is a summary, in no particular order.

Red Hat specific

There is a free version of Satellite Server called Spacewalk that works for Fedora and Centos clients.  Satellite requires Oracle (suck), but Red Hat is working on a mysql/postgres solution.   Incidentally our instructor hinted that RHEL desktop might be dropped soon in favour of free Fedora desktops for enterprise customers.

Red Hat is looking at removing the --no-deps option from RPM because too many people break their install with it.

To update your yum repo with createrepo, you should delete the repodata directory.  Since creating a repo is slow with many packages, you should separate out your corporate packages that require regular changes into a separate repo.

You can do a kickstart from GRUB directly by adding some kernel params (the ksdevice removes a prompt on devices with multiple interfaces, and noipv6 cuts out a long ipv6 timeout):
ks=http://my.kickstart/box.cfg ksdevice=eth0 noipv6
The easy way to configure network services on Red Hat is to use the 'setup' ncurses UI, which calls out to the relevant Text User Interfaces (TUIs) such as 'system-config-network-tui'

Configure and manage LVM with system-config-lvm.  It is an impressive GUI, and makes resizing partitions and file systems really easy.

Install the setroubleshoot server and use the GUI to find selinux problems (it usually gives you a sensible solution):
sealert -b
To change a selinux context to a reference context, ie. give the file the same context as /home:
chcon --reference=/home /home/new
You also can change selinux context by specifying a context from the many pre-built ones available from the targeted policy in the /etc/selinux directory:
chcon -t public_content_t /shared
chcon -t samba_share_t /windowsshare
To check selinux status (e.g is it enforcing?):
To see the selinux status of files/processes, add 'Z' to the usual tools:
ls -lZ
ps -auxZ  
You can also see status and change it with (also handles iptables):
iptables rules are stored in /etc/sysconfig/iptables and can be edited directly, or rules applied and then saved with 'service iptables save'

If you have more than one mail agent installed (e.g. sendmail and postfix), you can switch between them with the 'system-switch-mail' ncurses gui, which is a frontend to the alternatives system.

Other Random Learnings

The kernel limits the number of partitions possible on IDE and SCSI/SATA disks in different ways (in addition to the MBR limitations of 3 primary and 1 extended).  For IDE (/dev/hd*), the max number of partitions is 63, for SCSI/SATA (/dev/sd*) it is 15.

To view and set disk labels for ext2/3:
dumpe2fs /dev/sda1
e2label /dev/sda1 label
dumpe2fs will also show you the mount defaults for the partition, which is handy to know when /etc/fstab just says 'defaults'.  You can change these defaults with 'tune2fs', this adds the 'acl' option:
tune2fs -o acl /dev/sda1
To get disk labels and UUIDs:
Then if you want to know which device has that label or UUID:
fuser UUID="sdfkshdfkjshdkjshdf"
Backup a disk partition table with:
sfdisk -d /dev/sda > sda.backup
To find out which process is holding a mount point:
fuser -m /mnt/point
and to kill all those processes (be careful):
fuser -km /mnt/point
To get serial numbers and other information from the system management BIOS (handy when you are in a different location to a server):
 x86info has a nicer formatted version of the /proc/cpuinfo CPU information

To see if a NIC has a link I usually use ethtool, but that isn't installed by default, so if it is unavailable:
ip link show eth0
You can get access to the bootloader of a xen machine with:
xm create -c xenname


advait said...

Thanks for sharing. I am planning to do RHCE and so looking for redhat notes.

Could you please share some info on books and notes you used for RHCE

G said...

I just did the short course and used the redhat materials.