Red Hat System Administration I
Course Objectives and Structure
|Getting Started with Red Hat Enterprise Linux
||Creating, Viewing, and Editing Text Files
||Controlling Services and Daemons
||Accessing Linux File Systems
|Accessing the Command Line
||Managing Local Users and Groups
||Configuring and Securing SSH
||Archiving and Transferring Files
||Analyzing Servers and Getting Support
|Managing Files From the Command Line
||Controlling Access to Files
||Analyzing and Storing Logs
||Installing and Updating Software Packages
|Getting Help in Red Hat Enterprise Linux
||Monitoring and Managing Linux Processes
|Creating, Viewing, and Editing Text Files
Orientation to the Classroom Lab Environment
Chapter 1: Getting Started with Red Hat Enterprise Linux
Goal: Describe and define open source, Linux, Linux distributions, and Red Hat Enterprise Linux.
Define and explain the purpose of Linux, open source, Linux distributions, and Red Hat Enterprise Linux.
Why Should You Learn about Linux?
What is Open Source Software?
Types of Open Source Licenses
Who Develops Open Source Software?
What is a Linux distribution?
Trying out Red Hat Enterprise Linux
Quiz: Getting Started with Red Hat Enterprise Linux
- Open source software is software with source code that anyone can freely use, study, modify, and share.
- A Linux distribution is an installable operating system constructed from a Linux kernel and supporting user programs and libraries.
- Red Hat participates in supporting and contributing code to open source projects, sponsors and integrates project software into community-driven distributions, and stabilizes the software to offer it as supported enterprise-ready products.
- Red Hat Enterprise Linux is Red Hat's open source, enterprise-ready, commercially-supported Linux distribution.
Chapter 2: Accessing the Command Line
Goal: Log in to a Linux system and run simple commands using the shell.
Log in to a Linux system on a local text console and run simple commands using the shell.
Log in to a Linux system using the GNOME 3 desktop environment and run commands from a shell prompt in a terminal program.
Save time by using tab completion, command history, and command editing shortcuts to run commands in the Bash shell.
Accessing the Command Line
Introduction to the Bash Shell
Logging in to a Local Computer
Logging in over the Network
Quiz: Accessing the Command Line
Accessing the Command Line Using the Desktop
Introduction to the GNOME Desktop Environment
An empty GNOME 3 desktop
Closeup of an open message tray
Locking the Screen or Logging Out
Powering off or Rebooting the System
Guided Exercise: Accessing the Command Line Using the Desktop
Executing Commands Using the Bash Shell
Examples of Simple Commands
Viewing the Contents of Files
Continuing a Long Command on Another Line
Quiz: Executing Commands Using the Bash Shell
Lab: Accessing the Command Line
- The Bash shell is a command interpreter that prompts interactive users to specify Linux commands.
- Many commands have a
--help option that displays a usage message or screen.
- Using workspaces makes it easier to organize multiple application windows.
- The Activities button located at the upper-left corner of the top bar provides an overview mode that helps a user organize windows and start applications.
file command scans the beginning of a file's contents and displays what type it is.
tail commands display the beginning and end of a file, respectively.
- You can use Tab completion to complete file names when typing them as arguments to commands.
Chapter 3: Managing Files From the Command Line
Goal: Copy, move, create, delete, and organize files while working from the Bash shell.
Describe how Linux organizes files, and the purposes of various directories in the file-system hierarchy.
Specify the location of files relative to the current working directory and by absolute location, determine and change your working directory, and list the contents of directories.
Create, copy, move, and remove files and directories.
Make multiple file names reference the same file using hard links and symbolic (or "soft") links.
Efficiently run commands affecting many files by using pattern matching features of the Bash shell.
Describing Linux File System Hierarchy Concepts
The File-system Hierarchy
Significant file-system directories in Red Hat Enterprise Linux 8
Quiz: Describing Linux File System Hierarchy Concepts
Absolute Paths and Relative Paths
The common file browser view (left) is equivalent to the top-down view (right).
Quiz: Specifying Files by Name
Managing Files Using Command-line Tools
Command-line File Management
Guided Exercise: Managing Files Using Command-line Tools
Making Links Between Files
Managing Links Between Files
Guided Exercise: Making Links Between Files
Matching File Names with Shell Expansions
Quiz: Matching File Names with Shell Expansions
Lab: Managing Files from the Command Line
- Files on a Linux system are organized into a single inverted tree of directories, known as a file-system hierarchy.
- Absolute paths start with a / and specify the location of a file in the file-system hierarchy.
- Relative paths do not start with a / and specify the location of a file relative to the current working directory.
- Five key commands are used to manage files:
- Hard links and soft links are different ways to have multiple file names point to the same data.
- The Bash shell provides pattern matching, expansion, and substitution features to help you efficiently run commands.
Chapter 4: Getting Help in Red Hat Enterprise Linux
Goal: Resolve problems by using local help systems.
Introducing the man command
Navigate and Search Man Pages
Searching for man pages by keyword
Guided Exercise: Reading Manual Pages
Reading Info Documentation
pinfo Info document viewer, top directory
Comparing GNU Info and Man Page Navigation
Guided Exercise: Reading Info Documentation
Lab: Getting Help in Red Hat Enterprise Linux
- Man pages are viewed with the
man command and provide information on components of a Linux system, such as files, commands, and functions.
- By convention, when referring to a man page the name of a page is followed by its section number in parentheses.
- Info documents are viewed with the
pinfo command and are made up of a collection of hypertext nodes, providing information about software packages as a whole.
- The navigational keystrokes used by
pinfo are slightly different.
Chapter 5: Creating, Viewing, and Editing Text Files
Goal: Create, view, and edit text files from command output or in a text editor.
Save command output or errors to a file with shell redirection, and process command output through multiple command-line programs with pipes.
Create and edit text files using the
Use shell variables to help run commands, and edit Bash startup scripts to set shell and environment variables to modify the behavior of the shell and programs run from the shell.
Redirecting Output to a File or Program
Standard Input, Standard Output, and Standard Error
Process I/O channels (file descriptors)
Redirecting Output to a File
Process I/O piping
Process I/O piping with tee
Quiz: Redirecting Output to a File or Program
Editing Text Files from the Shell Prompt
Moving between Vim modes
Guided Exercise: Editing Text Files from the Shell Prompt
Changing the Shell Environment
Configuring Programs with Environment Variables
Setting Variables Automatically
Unsetting and Unexporting Variables
Guided Exercise: Changing the Shell Environment
Lab: Creating, Viewing, and Editing Text Files
- Running programs, or processes, have three standard communication channels, standard input, standard output, and standard error.
- You can use I/O redirection to read standard input from a file or write the output or errors from a process to a file.
- Pipelines can be used to connect standard output from one process to standard input of another process, and can be used to format output or build complex commands.
- You should know how to use at least one command-line text editor, and Vim is generally installed.
- Shell variables can help you run commands and are unique to a particular shell session.
- Environment variables can help you configure the behavior of the shell or the processes it starts.
Chapter 6: Managing Local Users and Groups
Goal: Create, manage, and delete local users and groups and administer local password policies.
Describe the purpose of users and groups on a Linux system.
Switch to the superuser account to manage a Linux system, and grant other users superuser access using the
Create, modify, and delete locally defined user accounts.
Create, modify, and delete locally defined group accounts.
Set a password management policy for users, and manually lock and unlock user accounts.
Describing User and Group Concepts
Quiz: Describing User and Group Concepts
Running Commands with Sudo
Guided Exercise: Gaining Superuser Access
Managing Local User Accounts
Guided Exercise: Managing Local User Accounts
Managing Local Group Accounts
Guided Exercise: Managing Local Group Accounts
Shadow Passwords and Password Policy
Configuring Password Aging
Guided Exercise: Managing User Passwords
Lab: Managing Local Users and Groups
- There are three main types of user account: the superuser, system users, and regular users.
- A user must have a primary group and may be a member of one or more supplementary groups.
- The three critical files containing user and group information are
sudo commands can be used to run commands as the superuser.
userdel commands can be used to manage users.
groupdel commands can be used to manage groups.
chage command can be used to configure and view password expiration settings for users.
Chapter 7: Controlling Access to Files
Goal: Set Linux file-system permissions on files and to interpret the security effects of different permission settings.
List the file system permissions on files and directories, and interpret the effect of those permissions on access by users and groups.
Change the permissions and ownership of files using command-line tools.
Control the default permissions of new files created by users, explain the effect of special permissions, and use special permissions and default permissions to set the group owner of files created in a particular directory.
Interpreting Linux File System Permissions
Linux File-system Permissions
Example group membership to facilitate collaboration
Viewing File and Directory Permissions and Ownership
Examples of Permission Effects
Quiz: Interpreting Linux File System Permissions
Managing File System Permissions from the Command Line
Changing File and Directory Permissions
Changing File and Directory User or Group Ownership
Guided Exercise: Managing File System Permissions from the Command Line
Managing Default Permissions and File Access
Guided Exercise: Managing Default Permissions and File Access
Lab: Controlling Access to Files
- Files have three categories to which permissions apply. A file is owned by a user, a single group, and other users. The most specific permission applies. User permissions override group permissions and group permissions override other permissions.
ls command with the
-l option expands the file listing to include both the file permissions and ownership.
chmod command changes file permissions from the command line. There are two methods to represent permissions, symbolic (letters) and numeric (digits).
chown command changes file ownership. The
-R option recursively changes the ownership of a directory tree.
umask command without arguments displays the current umask value of the shell. Every process on the system has a umask. The default umask values for Bash are defined in the
Chapter 8: Monitoring and Managing Linux Processes
Goal: Evaluate and control processes running on a Red Hat Enterprise Linux system.
Get information about programs running on the system so that you can determine status, resource use, and ownership, so you can control them.
Use Bash job control to manage multiple processes started from the same terminal session.
Control and terminate processes that are not associated with your shell, and forcibly end user sessions and processes.
Describe what load average is and determine processes responsible for high resource use on a server.
Process life cycle
Describing Process States
Linux process states
Describing Jobs and Sessions
Running Jobs in the Background
Guided Exercise: Controlling Jobs
Process control using signals
Logging Users Out Administratively
Guided Exercise: Killing Processes
Monitoring Process Activity
Real-time Process Monitoring
Guided Exercise: Monitoring Process Activity
Lab: Monitoring and Managing Linux Processes
- A process is a running instance of an executable program. Processes are assigned a state, which can be running, sleeping, stopped, or zombie. The
ps command is used to list processes.
- Each terminal is its own session and can have foreground process and independent background processes. The
jobs command displays processes within a terminal session.
- A signal is a software interrupt that reports events to an executing program. The
killall commands use signals to control processes.
- Load average is an estimate of how busy the system is. To display load average values, you can use the
Chapter 9: Controlling Services and Daemons
Goal: Control and monitor network services and system daemons using Systemd.
List system daemons and network services started by the
systemd service and socket units.
Control system daemons and network services, using
Identifying Automatically Started System Processes
Verifying the Status of a Service
Guided Exercise: Identifying Automatically Started System Processes
Controlling System Services
Starting and Stopping Services
Restarting and Reloading Services
Listing Unit Dependencies
Masking and Unmasking Services
Enabling Services to Start or Stop at Boot
Guided Exercise: Controlling System Services
Lab: Controlling Services and Daemons
systemd provides a method for activating system resources, server daemons, and other processes, both at boot time and on a running system.
- Use the
systemctl to start, stop, reload, enable, and disable services.
- Use the
systemctl status command to determine the status of system daemons and network services started by
systemctl list-dependencies command lists all service units upon which a specific service unit depends.
systemd can mask a service unit so that it does not run even to satisfy dependencies.
Chapter 10: Configuring and Securing SSH
Goal: Configure secure command-line service on remote systems, using OpenSSH.
Log in to a remote system and run commands using
Configure key-based authentication for a user account to log in to remote systems securely without a password.
Restrict direct logins as root and disable password-based authentication for the OpenSSH service.
Accessing the Remote Command Line with SSH
Guided Exercise: Accessing the Remote Command Line
Configuring SSH Key-based Authentication
SSH Key-based Authentication
Guided Exercise: Configuring SSH Key-based Authentication
Customizing OpenSSH Service Configuration
Configuring the OpenSSH Server
Prohibit the Superuser From Logging in Using SSH
Prohibiting Password-Based Authentication for SSH
Guided Exercise: Customizing OpenSSH Service Configuration
Lab: Configuring and Securing SSH
ssh command allows users to access remote systems securely using the SSH protocol.
- A client system stores remote servers' identities in
- SSH supports both password-based and key-based authentication.
ssh-keygen command generates an SSH key pair for authentication. The
ssh-copy-id command exports the public key to remote systems.
sshd service implements the SSH protocol on Red Hat Enterprise Linux systems.
- It is a recommended practice to configure
sshd to disable remote logins as
root and to require public key authentication rather than password-based authentication.
Chapter 11: Analyzing and Storing Logs
Goal: Locate and accurately interpret logs of system events for troubleshooting purposes.
Describe the basic logging architecture used by Red Hat Enterprise Linux to record events.
Interpret events in relevant syslog files to troubleshoot problems or review system status.
Find and interpret entries in the system journal to troubleshoot problems or review system status.
Configure the system journal to preserve the record of events when a server is rebooted.
Maintain accurate time synchronization using NTP and configure the time zone to ensure correct time stamps for events recorded by the system journal and logs.
Describing System Log Architecture
Quiz: Describing System Log Architecture
Logging Events to the System
Sending Syslog Messages Manually
Guided Exercise: Reviewing Syslog Files
Reviewing System Journal Entries
Guided Exercise: Reviewing System Journal Entries
Preserving the System Journal
Storing the System Journal Permanently
Guided Exercise: Preserving the System Journal
Maintaining Accurate Time
Setting Local Clocks and Time Zones
Configuring and Monitoring Chronyd
Guided Exercise: Maintaining Accurate Time
Lab: Analyzing and Storing Logs
rsyslog services capture and write log messages to the appropriate files.
/var/log directory contains log files.
- Periodic rotation of log files prevent them from filling up the file system space.
systemd journals are temporary and do not persist across reboot.
chronyd service helps to synchronize time settings with a time source.
- The time zone of the server can be updated based on its location.
Chapter 12: Managing Networking
Goal: Configure network interfaces and settings on Red Hat Enterprise Linux servers.
Describe fundamental concepts of network addressing and routing for a server.
Test and inspect current network configuration with command-line utilities.
Manage network settings and devices using
Modify network settings by editing configuration files.
Configure a server's static host name and its name resolution, and test the results.
Describing Networking Concepts
Describing Network Interface Names
IPv4 addresses and netmasks
Example network topology
IPv6 address parts and subnetting
Host Names and IP Addresses
Quiz: Describing Networking Concepts
Validating Network Configuration
Gathering Network Interface Information
Checking Connectivity Between Hosts
Troubleshooting ports and services
Guided Exercise: Validating Network Configuration
Configuring Networking from the Command Line
Describing NetworkManager Concepts
Viewing Networking Information
Adding a network connection
Controlling network connections
Modifying Network Connection Settings
Deleting a network connection
Who Can Modify Network Settings?
Guided Exercise: Configuring Networking from the Command Line
Editing Network Configuration Files
Describing Connection Configuration Files
Modifying network configuration
Guided Exercise: Editing Network Configuration Files
Configuring Host Names and Name Resolution
Changing the system host name
Configuring name resolution
Guided Exercise: Configuring Host Names and Name Resolution
- The TCP/IP network model is a simplified, four-layered set of abstractions that describes how different protocols interoperate in order for computers to send traffic from one machine to another over the Internet.
- IPv4 is the primary network protocol used on the Internet today. IPv6 is intended as an eventual replacement for the IPv4 network protocol. By default, Red Hat Enterprise Linux operates in dual-stack mode, using both protocols in parallel.
- NetworkManager is a daemon that monitors and manages network configuration.
nmcli command is a command-line tool for configuring network settings with NetworkManager.
- The system's static host name is stored in the
/etc/hostname file. The
hostnamectl command is used to modify or view the status of the system's host name and related settings. The
hostname command displays or temporarily modifies the system's host name.
Chapter 13: Archiving and Transferring Files
Goal: Archive and copy files from one system to another.
Archive files and directories into a compressed file using tar, and extract the contents of an existing tar archive.
Transfer files to or from a remote system securely using SSH.
Synchronize the contents of a local file or directory with a copy on a remote server.
Managing Compressed tar Archives
Listing Options of the
Archiving Files and Directories
Listing Contents of an Archive
Extracting Files from an Archive
Creating a Compressed Archive
Extracting a Compressed Archive
Guided Exercise: Managing Compressed Tar Archives
Transferring Files Between Systems Securely
Transferring Files Using Secure Copy
Transferring Files Using the Secure File Transfer Program
Guided Exercise: Transferring Files Between Systems Securely
Synchronizing Files Between Systems Securely
Synchronize Files and Directories with
Guided Exercise: Synchronizing Files Between Systems Securely
Lab: Archiving and Transferring Files
tar command creates an archive file from a set of files and directories, extracts files from the archive, and lists the contents of an archive.
tar command provides a set of different compression methods reduce archive size.
- Besides providing a secure remote shell, the
SSH service also provides the
sftp commands as secure ways to transfer files from and to a remote system running the
rsync command securely and efficiently synchronizes files between two directories, either one of which can be on a remote system.
Chapter 14: Installing and Updating Software Packages
Goal: Download, install, update, and manage software packages from Red Hat and Yum package repositories.
Register a system to your Red Hat account and assign it entitlements for software updates and support services using Red Hat Subscription Management.
Explain how software is provided as RPM packages, and investigate the packages installed on the system with Yum and RPM.
Find, install, and update software packages using the
Enable and disable use of Red Hat or third-party Yum repositories by a server.
Explain how modules allow installation of specific versions of software, list, enable, and switch module streams, and install and update packages from a module.
Registering Systems for Red Hat Support
Red Hat Subscription Management
The main window of Red Hat Subscription Manager
The service location and account information dialog of Red Hat Subscription Manager
Registration from the Command Line
Quiz: Registering Systems for Red Hat Support
Explaining and Investigating RPM Software Packages
Software packages and RPM
RPM file name elements
Summary of RPM Query Commands
Guided Exercise: Explaining and Investigating RPM Software Packages
Installing and Updating Software Packages with Yum
Managing Software Packages with Yum
Guided Exercise: Installing and Updating Software Packages with Yum
Enabling Yum Software Repositories
Enabling Red Hat software repositories
Guided Exercise: Enabling Yum Software Repositories
Managing Package Module Streams
Introduction to Application Stream
Managing modules using Yum
Guided Exercise: Managing Package Module Streams
Lab: Installing and Updating Software Packages
- Red Hat Subscription Management provides tools to entitle machines to product subscriptions, get updates to software packages, and track information about support contracts and subscriptions used by the systems.
- Software is provided as RPM packages, which make it easy to install, upgrade, and uninstall software from the system.
rpm command can be used to query a local database to provide information about the contents of installed packages and install downloaded package files.
yum is a powerful command-line tool that can be used to install, update, remove, and query software packages.
- Red Hat Enterprise Linux 8 uses Application Streams to provide a single repository to host multiple versions of an application's packages and its dependencies.
Chapter 15: Accessing Linux File Systems
Goal: Access, inspect, and use existing file systems on storage attached to a Linux server.
Explain what a block device is, interpret the file names of storage devices, and identify the storage device used by the file system for a particular directory or file.
Access file systems by attaching them to a directory in the file system hierarchy.
Search for files on mounted file systems using the
Identifying File Systems and Devices
Storage Management Concepts
Quiz: Identifying File Systems and Devices
Mounting and Unmounting File Systems
Mounting File Systems Manually
Automatic Mounting of Removable Storage Devices
Guided Exercise: Mounting and Unmounting File Systems
Locating Files on the System
Searching for Files in Real Time
Guided Exercise: Locating Files on the System
Lab: Accessing Linux File Systems
- Storage devices are represented by a special file type called block device.
df command reports total disk space, used disk space, and free disk space on all mounted regular file systems.
mount command allows the
root user to manually mount a file system.
- All processes need to stop accessing the mount point in order to successfully unmount the device.
- The removable storage devices are mounted in the
/run/media directory when using the graphical environment.
find command performs a real-time search in the local file systems to find files based on search criteria.
Chapter 16: Analyzing Servers and Getting Support
Goal: Investigate and resolve issues in the web-based management interface, getting support from Red Hat to help solve problems.
Activate the Web Console management interface to remotely manage and monitor the performance of a Red Hat Enterprise Linux server.
Describe key resources available through the Red Hat Customer Portal, and find information from Red Hat documentation and the Knowledgebase.
Analyze servers for issues, remediate or resolve them, and confirm the solution with Red Hat Insights.
Analyzing and Managing Remote Servers
Describing the Web Console
Logging in to the Web Console
The Web Console login screen
Privileged user's title bar
Non-privileged user's title bar
Displaying user accounts
User account details
Setting and resetting passwords
Troubleshooting with the Web Console
Non-privileged user's system information page
Non-privileged user's system performance metrics
Log severity selections
Log entry selection
Log entry details
Non-privileged terminal session troubleshooting
Creating a diagnostic report
Downloading a completed report
Saving a diagnostic report
Accessing a completed report
Managing System Services with the Web Console
System power options
Services: Initial view
Services: Service details and management interface
Networking: Initial view
Networking: Interface details
Networking: ens3 configuration section
Adding an IP address to an existing interface
Confirming the new IP address
Existing user accounts
Creating a new account
Account management page
Guided Exercise: Analyzing and Managing Remote Servers
Getting Help From Red Hat Customer Portal
Accessing Support Resources on the Red Hat Customer Portal
Getting Oriented to the Customer Portal
Tour the Customer Portal
Top Navigation Bar
Products and Services
Tools menu in Customer Portal
Searching the Knowledgebase with the Red Hat Support Tool
Managing Support Cases with Red Hat Support Tool
Joining Red Hat Developer
Guided Exercise: Getting Help from Red Hat Customer Portal
Detecting and Resolving Issues with Red Hat Insights
Introducing Red Hat Insights
Red Hat Insights high-level architecture
Installing Red Hat Insights Clients
Red Hat Insights overview on the Cloud Portal
Viewing Reports provided by Red Hat Insights
Rules page in Red Hat Insights console
Inventory page in Red Hat Insights console
Remediations page in Red Hat Insights console
Interpreting Red Hat Insights Reports
Red Hat Insights rules that apply to a host
Remediating rules on systems manually
Quiz: Detecting and Resolving Issues with Red Hat Insights
- Web Console is a web-based management interface to your server based on the open source Cockpit service.
- Web Console provides graphs of system performance, graphical tools to manage system configuration and inspect logs, and an interactive terminal interfaces.
- Red Hat Customer Portal provides you with access to documentation, downloads, optimization tools, support case management, and subscription and entitlement management for your Red Hat products.
redhat-support-tool is a command-line tool to query Knowledgebase and work with support cases from the server's command line.
- Red Hat Insights is a SaaS-based predictive analytics tool to help you identify and remediate threats to your systems' security, performance, availability, and stability.
Chapter 17: Comprehensive Review
Lab: Managing Files from the Command Line
Lab: Managing Users and Groups, Permissions and Processes
Lab: Configuring and Managing a Server
Lab: Mounting Filesystems and Finding Files