Hi:

I'm in canada and ordered this book as well. I can't seem to find anywhere I can buy exam vouchers or where I can actually take the exam. The Red Hat site talks about certification but doesn't say where or how you can take the exam. It does say it's around $400 and exam. Anyone have this info? or can point me in the right direction?

Cheers

Dear Viper9,

The Red Hat exams are officially "courses" starting with EX. For more info, see https://www.redhat.com/courses/ ,

For example, the RHCSA exam is EX200.

FYI, the info on exam signups is also in the Front Matter, pages xlv -- xlvii

So you're saying I have to do the courses to get certified? I can't self study and challenge the exam? Hell I'm not pay $2,400 for level 1 Red Hat lol

No I'm not saying that. Please click through, and you'll see for yourself. (example: https://www.redhat.com/courses/ex200_rhcsa_exam/ shows $400)

If you click through, you'll see that EX200 and EX300 are 1/2 day "courses" that are exams. That's the reason for the EX prefix, and they cost $400 each.

You may be confusing EX200 and EX300 with RH200 and RH300, which include instruction.

Just want to give Mr Jang a big THANK you for you study guide. I've used your book twice now both with good results :-)

-C

Dear custangro,

Your kind words are appreciated. I hope you can let others know the secret of your success

Iam new to linux but want to get both Linux certs. Ihave installed min centos install no gui. For the test(s) do you use gui or CLI?

Dear Rodger,

First, if you're completely new to Unix-type operating systems, you may want to consider an entry-level Linux certification first, such as the level 1 exams of the Linux Professional Institute. However, from the stories I've heard, many users who are experienced in other Unix-based operating systems such as Solaris or BSD have success when jumping straight to Linux.

If you're not sure, you may want to take one of the pre-assessment questionnaires provided by Red Hat. One for the RHCSA is available from https://www.redhat.com/courses/rh135...d_rhcsa_exam/; click the "Pre-Assessment Questionnaires" on the right-hand side of the pae.

Second, to answer your question, the Red Hat objectives do not specifically require the use of the CLI or the GUI. In fact, based on the objectives as written, you could get and solve problems in either the GUI or the CLI. In fact, it doesn't matter what you use to say configure SELinux, as long as you meet the requirements of the problem that you're given. Many admins believe that it's faster to administer from the CLI. However, Red Hat also provides several excellent GUI configuration tools. I demonstrate how you can use both the CLI and the GUI to solve many problems in my book.

Third, there are more than two Linux certifications, so when you say
it's not clear what you mean. In the context of this thread, I assume that you want to qualify for both the RHCSA and RHCE. Just be aware, there are several other Linux certs, including some more advanced certs from Red Hat.

Just went for the RHCSA yesterday, the book was very helpful.
I have noticed 2 errors / omissions concerning first half of the book:

1. page 381, just before Certification objective 6.06, /etc/crypttab entries are wrong
- it should be:
- luks-opened device is used in /etc/fstab, not /etc/crypttab

2. securing basic ftp service
- iptables should be setup with nf_conntrack_ftp module, otherwise ftp service won't work correctly in passive mode. You'll get errors trying to list directories or download stuff:
Finding the module:
Including it in iptables configuration:
- edit /etc/sysconfig/iptables-config
- find line with IPTABLES_MODULES="", and replace it with IPTABLES_MODULES="nf_conntrack_ftp"
- restart the iptables service:
service iptables restart
(of course, tcp port 21 should be opened as well )

EDIT:
Scratch second one. nf_conntrack_ftp is added automatically by system-config-firewall or system-config-firewall-tui. It is only a problem if you edit iptables configuration by hand . But anyway, it's worth noting.

Dear stef80,

I appreciate the kind words, and the corrections. You're right on both accounts (including the edit). I do monitor this thread. Saw your note yesterday, just had time to sit down and confirm what you've said. If you have any more corrections, or questions related to the RHCE, do feel free to let me know here.

Chapter 17. - just 3 notes about Bind (named) configuration.

1.) "nemeserver" directive in /etc/resolv.conf on DNS server "needs" to point to loopback device address (127.0.0.1) or server's own IP address. Whatever is written in "listen-on port" directive in /etc/named.conf ... I guess.
reference:
http://www.redhat.com/magazine/025nov06/features/dns/
I'm not really sure if it's needed or if it's just a good practice.
EDIT: it is needed only for localhost resolving. Not really necessary, but good for testing named service from DNS server itself.

2.) rndc utility is not working by default. There's no rndc.key after installing bind* packages (at least not on RHEL 6.2).
Procedure to get it working:
After /etc/rndc.key is generated, we need to edit /etc/named.conf.
We add "controls" section and include rndc.key:
After that:
Also, TCP port 953 needs to be allowed in firewall configuration.

rndc should work after that.

3.) I had problem with dnssec options in /etc/named.conf
It seems "dnssec-lookaside auto;" statement needs to be commented out for named to work.
Either that or setting "dnssec-enable" and "dnssec-validation" to "no".
I'm not really into dnssec so I don't know if that's OK or not.

1 members found this post helpful.

Dear stef80,

You're correct, I've left out a couple of things from Chapter 17, w/r/t the configuration of bind. Per your specific points:

1) On p 953 of the book, in the /etc/named.conf file, I already do note a required change to the listen-on-port directive, to include two addresses; 127.0.0.1 the local IP address on the network card.

2) You're right about the missing rndc.key file, and your commands for setting it up are spot on. However, as we're talking 'basic configuration', all you need to add to the /etc/named.conf file is

include "/etc/rndc.key";

(You don't need the controls stanza.)

You don't need to open port 953 -- unless this DNS server is exchanging databases with others. And since this is a local network-only caching or forwarding name server, exchanging databases is not required.

3) I've checked, and the default dnssec* options work for me. In any case, such security options go beyond basic operation.

Thank you for taking the time to show me some of the errors that remain in the book. I appreciate it!

Thank you very much for explanation . I'll test 2) and 3).
I hope I'm not bugging you to much. I try out various things and then cross-reference it with other sources to get wider picture.

Hi Mike,

Great book! I'm half way through Chapter 5 at the moment, and although I've used Linux for some time now I'm finding I understand a few things a lot better since picking up your book (selinux in particular).

One thing that I constantly find myself doing is going back chapters to see what packages I installed which are in a way prerequisits for other chapters. This is mainly due to me working across two different computers but this also would apply to people who are in a similar situation to me who have a solid fundamental grasp of RHEL and might skip a chapter here or there.

For example: 1 thing that I was working on last night was revising the labs at the end of chapter 4 at home. I booted up the KVM image i've been working on and decided to go through the lab once more. The first issue I came across was semanage, because I hadn't gone through all the exercises on chapter 4 on my VM at home I hadn't gone through all the exercises in this chapter.

It was easy enough to do a "yum provides */semanage" which gave me the package which contains the semanage binary. I decided to look into this further since I didn't recall having to install the policycoreutils-python-2.0.83-19.21.el6_2.x86_64 manually on my VM at work. So after going through the chapter again I realised the reason I didn't have to do that was because I had installed policycoreutils-gui which policycoreutils-python-2.0.83-19.21.el6_2.x86_64 is one of its dependancies. I have come across similar senarios in the past few days.

Other than that I'm really enjoying the book and will hopefully be sitting for my RHCSA exam in the next two week and then looking towards sitting the RHCE.

Cheers!

Dear elfinlied,

I appreciate your kind words, and how you're sharing the experiences you're having with the book. I like your approach, as it in some ways simulate what happens when you take over from another admin. And Red Hat takes pains to focus on such situations in their exam prep courses.