The RHCSA/RHCE Red Hat Linux Certification Study Guide 6th Edition is now available!
Linux - CertificationThis forum is for the discussion of all topics relating to Linux certification.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm in canada and ordered this book as well. I can't seem to find anywhere I can buy exam vouchers or where I can actually take the exam. The Red Hat site talks about certification but doesn't say where or how you can take the exam. It does say it's around $400 and exam. Anyone have this info? or can point me in the right direction?
Cheers
Click here to see the post LQ members have rated as the most helpful post in this thread.
If you click through, you'll see that EX200 and EX300 are 1/2 day "courses" that are exams. That's the reason for the EX prefix, and they cost $400 each.
You may be confusing EX200 and EX300 with RH200 and RH300, which include instruction.
First, if you're completely new to Unix-type operating systems, you may want to consider an entry-level Linux certification first, such as the level 1 exams of the Linux Professional Institute. However, from the stories I've heard, many users who are experienced in other Unix-based operating systems such as Solaris or BSD have success when jumping straight to Linux.
If you're not sure, you may want to take one of the pre-assessment questionnaires provided by Red Hat. One for the RHCSA is available from https://www.redhat.com/courses/rh135...d_rhcsa_exam/; click the "Pre-Assessment Questionnaires" on the right-hand side of the pae.
Second, to answer your question, the Red Hat objectives do not specifically require the use of the CLI or the GUI. In fact, based on the objectives as written, you could get and solve problems in either the GUI or the CLI. In fact, it doesn't matter what you use to say configure SELinux, as long as you meet the requirements of the problem that you're given. Many admins believe that it's faster to administer from the CLI. However, Red Hat also provides several excellent GUI configuration tools. I demonstrate how you can use both the CLI and the GUI to solve many problems in my book.
Third, there are more than two Linux certifications, so when you say
Quote:
"want to get both Linux certs"
it's not clear what you mean. In the context of this thread, I assume that you want to qualify for both the RHCSA and RHCE. Just be aware, there are several other Linux certs, including some more advanced certs from Red Hat.
Just went for the RHCSA yesterday, the book was very helpful.
I have noticed 2 errors / omissions concerning first half of the book:
1. page 381, just before Certification objective 6.06, /etc/crypttab entries are wrong
- it should be:
Code:
shared /dev/sda1 none
shared sda1LuksUUID none
- luks-opened device is used in /etc/fstab, not /etc/crypttab
2. securing basic ftp service
- iptables should be setup with nf_conntrack_ftp module, otherwise ftp service won't work correctly in passive mode. You'll get errors trying to list directories or download stuff:
Code:
ftp> ls
227 Entering Passive Mode (192,168,1,103,252,255).
ftp: connect: No route to host
Finding the module:
Code:
modprobe -l |grep conntrack_ftp
Including it in iptables configuration:
- edit /etc/sysconfig/iptables-config
- find line with IPTABLES_MODULES="", and replace it with IPTABLES_MODULES="nf_conntrack_ftp"
- restart the iptables service:
service iptables restart
(of course, tcp port 21 should be opened as well )
EDIT:
Scratch second one. nf_conntrack_ftp is added automatically by system-config-firewall or system-config-firewall-tui. It is only a problem if you edit iptables configuration by hand . But anyway, it's worth noting.
I appreciate the kind words, and the corrections. You're right on both accounts (including the edit). I do monitor this thread. Saw your note yesterday, just had time to sit down and confirm what you've said. If you have any more corrections, or questions related to the RHCE, do feel free to let me know here.
Chapter 17. - just 3 notes about Bind (named) configuration.
1.) "nemeserver" directive in /etc/resolv.conf on DNS server "needs" to point to loopback device address (127.0.0.1) or server's own IP address. Whatever is written in "listen-on port" directive in /etc/named.conf ... I guess.
reference: http://www.redhat.com/magazine/025nov06/features/dns/
I'm not really sure if it's needed or if it's just a good practice.
EDIT: it is needed only for localhost resolving. Not really necessary, but good for testing named service from DNS server itself.
2.) rndc utility is not working by default. There's no rndc.key after installing bind* packages (at least not on RHEL 6.2).
Procedure to get it working:
Code:
# generating /etc/rndc.key and setting permissions
rndc-confgen -a
restorecon -v /etc/rndc.key
chown root:named /etc/rndc.key
chmod 640 /etc/rndc.key
After /etc/rndc.key is generated, we need to edit /etc/named.conf.
We add "controls" section and include rndc.key:
Also, TCP port 953 needs to be allowed in firewall configuration.
rndc should work after that.
3.) I had problem with dnssec options in /etc/named.conf
It seems "dnssec-lookaside auto;" statement needs to be commented out for named to work.
Either that or setting "dnssec-enable" and "dnssec-validation" to "no".
I'm not really into dnssec so I don't know if that's OK or not.
You're correct, I've left out a couple of things from Chapter 17, w/r/t the configuration of bind. Per your specific points:
1) On p 953 of the book, in the /etc/named.conf file, I already do note a required change to the listen-on-port directive, to include two addresses; 127.0.0.1 the local IP address on the network card.
2) You're right about the missing rndc.key file, and your commands for setting it up are spot on. However, as we're talking 'basic configuration', all you need to add to the /etc/named.conf file is
include "/etc/rndc.key";
(You don't need the controls stanza.)
You don't need to open port 953 -- unless this DNS server is exchanging databases with others. And since this is a local network-only caching or forwarding name server, exchanging databases is not required.
3) I've checked, and the default dnssec* options work for me. In any case, such security options go beyond basic operation.
Thank you for taking the time to show me some of the errors that remain in the book. I appreciate it!
Thank you very much for explanation . I'll test 2) and 3).
I hope I'm not bugging you to much. I try out various things and then cross-reference it with other sources to get wider picture.
Great book! I'm half way through Chapter 5 at the moment, and although I've used Linux for some time now I'm finding I understand a few things a lot better since picking up your book (selinux in particular).
One thing that I constantly find myself doing is going back chapters to see what packages I installed which are in a way prerequisits for other chapters. This is mainly due to me working across two different computers but this also would apply to people who are in a similar situation to me who have a solid fundamental grasp of RHEL and might skip a chapter here or there.
For example: 1 thing that I was working on last night was revising the labs at the end of chapter 4 at home. I booted up the KVM image i've been working on and decided to go through the lab once more. The first issue I came across was semanage, because I hadn't gone through all the exercises on chapter 4 on my VM at home I hadn't gone through all the exercises in this chapter.
It was easy enough to do a "yum provides */semanage" which gave me the package which contains the semanage binary. I decided to look into this further since I didn't recall having to install the policycoreutils-python-2.0.83-19.21.el6_2.x86_64 manually on my VM at work. So after going through the chapter again I realised the reason I didn't have to do that was because I had installed policycoreutils-gui which policycoreutils-python-2.0.83-19.21.el6_2.x86_64 is one of its dependancies. I have come across similar senarios in the past few days.
Other than that I'm really enjoying the book and will hopefully be sitting for my RHCSA exam in the next two week and then looking towards sitting the RHCE.
I appreciate your kind words, and how you're sharing the experiences you're having with the book. I like your approach, as it in some ways simulate what happens when you take over from another admin. And Red Hat takes pains to focus on such situations in their exam prep courses.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.