FY BSc Cyber & Digital Science CDS 104MJP Linux System Adminstration 2 PDF

Summary

This document is a collection of assignments for a Linux system administration course. The assignments cover various aspects of Linux, including installation, configuration, maintenance, security, and advanced topics such as cron and Docker.

Full Transcript

Assignment Index
Sr.No Assignment Name Page No
1 Assignment 1:Introduction to Linux System Administration 1
 Install a Linux distribution of your choice.
 Explore and explain the file system hierarchy using basic shell
Commands.
 Create a new user and group, demonstrating user and group
management.
2 Assignment 2: Installation and Configuration 8
 Choose a different Linux installation method than in Question 1.
 Perform a manual partitioning and file system setup during the
installation.
 Configure network settings and troubleshoot any connectivity
issues
3 Assignment 3: System Maintenance and Updates 16
 Use APT or YUM to install, update, and remove packages on
your system.
 Analyze system logs to troubleshoot a specific issue (e.g.,
networking, package installation).
 Monitor system performance using tools like top or htop.
4 Assignment 4: Security and Access Control 21
 Configure user authentication using PAM. Implement firewall
rules using IP tables.
 Secure SSH by modifying its configuration file.
 Implement either SE Linux or App Armor for Mandatory
Access Control.
5 Assignment 5: Advanced Topics in Linux Administration 26
 Schedule automated tasks using Cron.
 Install and run a Docker container, explaining the basics of
containerization.
 Set up file and directory permissions for a specific scenario.
6 Assignment 6: Installation and Configuration 31
 Choose a different Linux distribution than in Question 2.
 Perform an advanced partitioning scheme, including separate
partitions for /, /home, and swap.
7 Assignment 7: System Maintenance and Updates 34
 Explore and demonstrate the process of upgrading the Linux
kernel.
 Analyze logs to identify and troubleshoot issues related to
kernel updates.

Signature of Instructor:
F. Y. B.Sc Cyber and Digital Science
 Assignment Completion Sheet

Sr. Assignment Name Marks Teacher’s
No. (outof5) Sign
1 Introduction to Linux System Administration

2 Installation and Configuration

3 System Maintenance and Updates
4 Security and Access Control

5 Advanced Topics in Linux Administration

6 Installation and Configuration (Disk Partitioning)
7 System Maintenance and Updates

Total(Out of 35 )

Total(Out of 5 )

Signature of Instructor:

F. Y. B.Sc Cyber and Digital Science
 Assignment1
Introduction to Linux System Administration

Aim:
 Install a Linux distribution of your choice.
 Explore and explain the file system hierarchy using basic shell Commands.
 Create a new user and group, demonstrating user and group management..

Practical 1 Install a Linux distribution of your choice. (rhel 9)
Prerequisites
1. VMware Workstation or VMware Player: Ensure you have VMware Workstation or VMware
Player installed.
2. RHEL 9 ISO: Obtain the RHEL 9 ISO file. You may need a Red Hat account to download it
from the Red Hat Customer Portal.

Steps to Install RHEL 9 on VMware

1. Create a New Virtual Machine
1. Open VMware Workstation/Player.
o Click on “Create a New Virtual Machine” or “New Virtual Machine” depending on your
VMware version.
2. Choose the Installation Media:
o Select “Installer disc image file (iso)” and browse to the location where you saved the
RHEL 9 ISO file.
o Click “Next.”
3. Select the Guest Operating System:
o Choose “Linux” and then “Red Hat” from the dropdown menu.
o Click “Next.”
4. Name the Virtual Machine:
o Enter a name for your virtual machine (e.g., “RHEL 9 VM”).
o Choose a location to store the virtual machine files.
o Click “Next.”
5. Specify Disk Capacity:
o Choose the size of the virtual disk. A typical size is 20-30 GB, but adjust based on your
needs.
o Select “Store virtual disk as a single file” for better performance.
o Click “Next.”
6. Customize Hardware (Optional):
o Click on “Customize Hardware” to adjust settings like memory (RAM), processors, and
network settings.
1
 o Allocate at least 2 GB of RAM and 2 CPU cores for smooth performance.
o Click “Close” when done.
7. Finish Setup:
o Click “Finish” to create the virtual machine.
2. Install RHEL 9
1. Start the Virtual Machine:
o Select your new virtual machine and click “Power on this virtual machine.”
o The VM will boot from the RHEL 9 ISO file.
2. Begin RHEL 9 Installation:
o You will see the RHEL 9 installation screen. Select “Install Red Hat Enterprise Linux 9”
and press Enter.
3. Follow the Installation Wizard:
o Choose your language and region and click “Continue.”
o Installation Summary:
 Date & Time: Set the date and time.
 Keyboard: Verify the keyboard layout.
 Language Support: Confirm or adjust language support.
 Installation Destination: Select the disk where you want to install RHEL. If you
only have one disk, it will be automatically selected.
 Software Selection: Choose the desired installation environment. For a basic
setup, you might select “Server” or “Minimal Install.”
 Network & Hostname: Set up your network configuration and hostname.
o Begin Installation: Click “Begin Installation.”
4. Set Root Password and Create User:
o During installation, set the root password and create a user account. Follow the prompts to
complete these steps.
5. Complete the Installation:
o The installer will copy files and configure RHEL 9. This process may take some time.
o Once the installation is complete, you’ll be prompted to restart. Click “Reboot.”
6. Remove the ISO from the Virtual Drive:
o After rebooting, go to the VM menu and select “Virtual Machine” > “Removable
Devices” > “CD/DVD (SATA)” and choose “Disconnect” or “Remove Disk from Virtual
Drive” to avoid booting from the ISO again.
7. Log In:
o After rebooting, you’ll see the RHEL login screen. Log in with the username and
password you created.

2
Practical 2 : Explore and explain the file system hierarchy using basic shell Commands.

the Linux file system hierarchy is crucial for navigating and managing a Linux system. The file
system hierarchy is structured in a tree-like format with a root directory (/) at the top. Here’s a guide to
understanding the Linux file system hierarchy using basic shell commands:
Basic File System Hierarchy Overview
Here’s a brief overview of some common directories found in the Linux file system hierarchy:
 /: The root directory. All other directories are under this directory.
 /bin: Essential command binaries (e.g., ls, cp, mv).
 /boot: Static files for booting the system, including the kernel.
 /dev: Device files (e.g., hard drives, terminals).
 /etc: Configuration files and directories for system-wide settings.
 /home: User home directories (e.g., /home/username).
 /lib: Shared libraries needed by system programs and applications.
 /media: Mount points for removable media (e.g., USB drives).
 /mnt: Temporary mount points for file systems.
 /opt: Optional application software packages.
 /root: Home directory for the root user.
 /sbin: System binaries for system administration tasks (e.g., shutdown, reboot).
 /srv: Data for services provided by the system (e.g., web server data).
 /tmp: Temporary files, usually cleared upon reboot.
 /usr: User-related programs and data (e.g., /usr/bin for binaries, /usr/lib for libraries).
 /var: Variable data files (e.g., logs, spool files).

Exploring the File System Hierarchy Using Shell Commands

The BASH Shell –
The linux command line is provided by a program calledas shell. The default shell for the user in RHEL
is the Bourn-Again-Shell (bash).

The bash is improved version of one of the mostsuccessful shell used on Unix OS ,the bourn shell (sh).
1. Regular User –
[username@hostnamecurrent_folder]$

2. Super User –
[root@hostnamecurrent_folder]#

Basic Commands-

1.date - Display Current date and time

date +%F - Show Date (yy/mm/dd)
date +%x - Show Date (mm/dd/yy)
date +%R -Show Time (Minutes)

3
 date +%T -Show Time (Seconds)
date +%r -Show Time (AM/PM)

2. Is
The ls command is commonly used to identify the files anddirectories in the working directory. This
command is one of themany often-used Linux commands that you should know.
3. pwd
The pwd command is mostly used to print the current working directory on your terminal. It is also one
of the most commonly used commands.
4. cal -Show Calender
5. hostname - Show name of computer
6. echo date - Show output date
7. echo $(date) - Command substitution.It gives actual
output.
8. wc
wc command in Linux indicates the number of words, characters, lines, etc using a set of options.
wc -w shows the number of words
wc –l shows the number of lines
wc –m shows the number of characters present in a file

9. ls - listing

ls -l - long listing
ls -a - Show hidden files
ls -R - Recursive search Show contents of subdirectories.
10. whoami
The whoami command provides basic information that is extremely useful when working on multiple
systems. In general, if you are working with a single computer, you will not require it as frequently as a
network administrator.
11. mkdir
This mkdir command allows you to create fresh directories in the terminal itself.
12. cd
The cd command is used to navigate between directories. It requires either the full path or the directory
name, depending on your current working directory.
If you run this command without any options, it will take you to your home folder.
13. rmdir
The rmdir command is used to delete permanently an empty directory. To perform this command the
user running this command must be having sudo privileges in the parent directory.
14. cp
The cp command of Linux is equivalent to copy-paste and cut- paste in Windows.
15. mv
The mv command is generally used for renaming the files in Linux.
16. rm
rm command in Linux is generally used to delete the files created in the directory.
17. uname
The uname command is used to check the complete OS information of the system.

4
18. touch
The touch command creates an empty file when put in the terminal in this format as touch
19. cat
The cat command is the simplest command to use when you want to see the contents of a particular
file.
20. clear
The clear command is a standard command to clear the terminal screen.
21. ps
ps command in Linux is used to check the active processes in the terminal.
22. whereis
whereis command in Linux is generally used to see the exact location of any command typed after this.
Eg.Whereisprintf
23. df
df command in Linux gets the details of the file system

Questions/Goals

Q1.Create three directories dir1 , dir2 , dir3 also create 3 files ch1,ch2,ch3 in dir1 directory.

Q2.Create test directory under tmp. and create 10 files inside it. Remove 4 files.

Q3.Create directory of your name under tmp folder and create subdirectories Cyber and Hacker in
it.copy ch1,ch2,ch3 to Cyber and Hacker.

4.Create Six files start with songx.m3,create 6 files start with snapx.jpg and also create 6 files filmx.avi

5.Move song files into Music directory snap into Picture and film into Videos directory
6.Create 3directories friends,family and work

7.Copy all files containing 1 & 2 to friends and 3 &4 to family

8.Remove all directories

Practical 3 :Create a new user and group, demonstrating user and group management.

Creating and managing users and groups in Linux is essential for controlling access and organizing
users. Here’s a step-by-step guide to creating a new user and group, along with some basic management
commands.

Steps to Create a New User and Group

1. Create a New Group
To create a new group, use the groupadd command.

5
  Create a Group:
sudogroupaddmynewgroup
Replace mynewgroup with the desired group name.
2. Create a New User
To create a new user, use the useradd command. You can also specify the group the user should belong
to.
 Create a User:
sudouseradd -m -g mynewgroup -s /bin/bash mynewuser
Here’s what the options mean:
o -m: Creates a home directory for the user.
o -g mynewgroup: Sets the primary group for the user.
o -s /bin/bash: Sets the default shell for the user.
o mynewuser: The username.
3. Set a Password for the New User
You need to set a password for the new user using the passwd command.
 Set Password:
sudo passwd mynewuser
Follow the prompts to enter and confirm the new password.
4. Verify the New User and Group
To verify that the new user and group were created successfully, use the following commands:
 List Groups:
getent group mynewgroup
 List Users:
getent passwd mynewuser
5. Add an Existing User to a Group
If you need to add an existing user to an additional group, use the usermod command.
 Add User to Group:
sudousermod -a -G mynewgroupexistinguser
The -a option appends the user to the group without removing them from other groups, and -G specifies
the group.
6. Delete a User and/or Group
If you need to delete a user or group, use the following commands. Be cautious, as these operations can
remove important data.

 Delete a User:
sudouserdelmyolduser
Add the -r option to remove the user’s home directory and mail spool:
sudouserdel -r myolduser
 Delete a Group:
sudogroupdelmyoldgroup

Examples and Verification
1. Create a Group and User:
sudogroupadd developers
sudouseradd -m -g developers -s /bin/bash alice
sudo passwd alice

6
 2. Verify Group Creation:
getent group developers
Output should show the developers group and its members.
3. Verify User Creation:
getent passwd alice
Output should show the user alice with details including the home directory and shell.
4. Add an Existing User to the Group:
sudousermod -a -G developers bob
5. Delete a User and Group:
sudo userdel -r alice
sudo groupdeldeveloper

Assignment Evaluation

0:NotDone[] 1:Incomplete[] 2:LateComplete[ ]

3: Need Improvement[] 4: Complete[] 5:WellDone []

Signature of Instructor

7
 Assignment2

Installation and Configuration

Aim :
 Choose a different Linux installation method than in Question 1.
 Perform a manual partitioning and file system setup during the installation.
 Configure network settings and troubleshoot any connectivity issues

Practical 1 : Install Kali Linux on a Live USB with Persistence

Theory:

Installing Kali Linux can be done using various methods depending on your needs and the
hardware available. Here, I'll cover a method different from the typical ISO installation: installing Kali
Linux via a Live USB with persistence. This method allows you to run Kali Linux from a USB drive
while preserving changes and data across reboots.

Prerequisites
1. Kali Linux ISO: Download the Kali Linux ISO from the Kali Linux official website.
2. USB Drive: At least 8 GB in size. (16 GB or more is recommended for persistence.)
3. Rufus or Etcher: To create a bootable USB drive.
4. A computer: To perform the installation.

Steps to Install Kali Linux on a Live USB with Persistence
1. Create a Bootable USB Drive
1. Download and Install Rufus or Etcher:
o Rufus: (for Windows)
o Etcher: (for Windows, macOS, or Linux)
2. Prepare the USB Drive:
o Rufus:
 Insert your USB drive.
 Open Rufus and select your USB drive from the “Device” dropdown.
 Click “Select” and choose the Kali Linux ISO.
 Set “Partition scheme” to MBR or GPT depending on your system's BIOS/UEFI
mode.
 Click “Start” and confirm any prompts.
o Etcher:
 Open Etcher and click “Flash from file.”
 Select the Kali Linux ISO.
 Choose your USB drive.

8
  Click “Flash!” and wait for the process to complete.
2. Boot from the Live USB
1. Restart Your Computer:
o Insert the bootable USB drive into the computer.
o Restart the computer and enter the BIOS/UEFI settings (usually by pressing F2, F12, Esc,
or Del during startup).
2. Change Boot Order:
o Set the USB drive as the primary boot device.
o Save changes and exit BIOS/UEFI.
3. Boot into Kali Linux:
o When the computer boots from the USB drive, you’ll see the Kali Linux boot menu.
o Select “Live USB Persistence” to boot into Kali Linux with persistence enabled.
3. Create a Persistence Partition
1. Start Kali Linux:
o Boot into Kali Linux as described above.
2. Open a Terminal:
o Once logged in, open a terminal window.
3. Prepare the Persistence Partition:
o Find the USB Drive’s Partition:
sudofdisk -l
Look for the partition corresponding to your USB drive (e.g., /dev/sdb1).
o Create a Persistence Partition: Use gparted (GUI) or fdisk (CLI) to resize or create a
new partition on the USB drive.
sudo apt update
sudo apt install gparte d
sudogparted
Use gparted to create a new partition with the remaining space and format it as ext4.
4. Set Up Persistence:
o Create a Directory for Persistence:
sudomkdir -p /mnt/my_usb
sudo mount /dev/sdb2 /mnt/my_usb # Replace with your persistence partition
o Label the Partition:
sudo e2label /dev/sdb2 persistence
o Create Persistence Configuration File:
sudo nano /mnt/my_usb/persistence.conf
Add the following line to the file:
/ union
Save and close the file (Ctrl+O, Enter, Ctrl+X).
o Unmount the Partition:
sudoumount /mnt/my_usb

4. Reboot and Test Persistence
1. Reboot the System:
o Restart the computer and boot into Kali Linux using the “Live USB Persistence” option.
2. Verify Persistence:
o Make some changes or create files, then reboot the system.

9
 o Check if your changes persist after rebooting.
Conclusion
This method allows you to use Kali Linux on a USB drive with the ability to save data and
settings between sessions. It’s especially useful for security professionals and researchers who need a
portable and persistent environment.

Practical 2 :Perform a manual partitioning and file system setup during the installation.

Performing manual partitioning and file system setup during a Linux installation involves
creating and configuring partitions to meet your specific needs. This guide demonstrates how to do
manual partitioning and file system setup using the Debian-based installer as an example, but the process
is similar for other Linux distributions with minor variations.

Manual Partitioning and File System Setup

Prerequisites
1. Linux Installation ISO: Download the installation ISO for your chosen Linux distribution (e.g.,
Debian, Ubuntu, Fedora).
2. Bootable Installation Media: Create a bootable USB drive or DVD with the ISO.
3. Backup Data: Ensure any important data on the target disk is backed up.

Steps for Manual Partitioning During Installation

1. Boot from the Installation Media
1. Insert the Bootable Media:
o Insert the USB drive or DVD into the computer and boot from it.
o You might need to change the boot order in BIOS/UEFI to boot from the installation
media.
2. Start the Installation:
o Select the option to install the Linux distribution. For Debian or Ubuntu, you would
typically choose "Install" or "Graphical Install" from the boot menu.

2. Proceed to Manual Partitioning
1. Choose Installation Type:
o During the installation process, you will be prompted to choose the installation type.
Select "Manual" or "Something else" to start manual partitioning.
2. Enter the Partitioning Tool:
o You will enter the partitioning tool where you can view and modify partitions on your
disk.

3. Manual Partitioning Steps
1. Select the Disk:
o Choose the disk you want to partition. Ensure you select the correct disk, as this operation
can erase existing data.

10
2. Create Partitions:
o Create New Partitions:
 If you are setting up partitions on a blank disk, you may need to create a new
partition table first. You can usually find an option like "Create a new partition
table" or "New partition table."
o Define Partitions:
 Root Partition (/):
 Select the free space and create a new partition.
 Choose a size (e.g., 20-30 GB or more, depending on your needs).
 Set the mount point as /.
 Choose the file system type (e.g., ext4).
 Swap Partition (Optional but recommended):
 Create a partition for swap space. A common size is equal to your RAM
size or double if you use hibernation.
 Set the partition type as "swap."
 Home Partition (/home) (Optional):
 Create a partition for user data if you want to separate it from the root file
system.
 Choose the remaining space or a specific size.
 Set the mount point as /home.
 Choose the file system type (e.g., ext4).
 Boot Partition (/boot) (Optional but useful for certain configurations):
 Create a small partition (e.g., 500 MB to 1 GB).
 Set the mount point as /boot.
 Choose the file system type (e.g., ext4).

3. Review and Apply Changes:
o Review the partition setup to ensure it meets your requirements.
o Confirm the changes and apply them. This action will format the selected partitions and
prepare them for installation.

4. Complete the Installation

1. Proceed with Installation:
o Continue with the installation process. The installer will copy files to the partitions and
configure the system.
2. Set Up Boot loader:
o You will be prompted to install the boot loader (e.g., GRUB). Ensure it’s installed on the
correct disk (usually the primary disk where your partitions reside).
3. Finish Installation:
o Follow the prompts to complete the installation. Once done, the installer will prompt you
to reboot.
4. Remove Installation Media:
o After rebooting, remove the installation media to boot from your newly installed system.

11
Verifying the Partition Setup
1. Check Partitions:
o After installation, log in and open a terminal.
o Use the lsblk or df -h command to verify the partitions and their mount points:
lsblk
df -h
2. Inspect File Systems:
o You can also inspect file systems using blkid to ensure the correct file system types are in
use:
sudoblkid
Example Configuration
a typical manual partition setup for a Linux installation:
 /dev/sda1: ext4, mount point / (20 GB)
 /dev/sda2: swap (2 GB)
 /dev/sda3: ext4, mount point /home (Remaining space)

This configuration provides a root partition for system files, a swap partition for virtual memory, and
a separate home partition for user data.
By performing manual partitioning, you gain control over how your disk space is allocated and
organized, which can be useful for optimizing performance or meeting specific requirements.

Practical 3 :Configure network settings and troubleshoot any connectivity issues.

Configuring network settings and troubleshooting connectivity issues on Red Hat
Enterprise Linux 9 (RHEL 9) involves using various tools and commands, as well as
understanding how Red Hat handles network configurations. Here’s a step-by-step guide tailored
to RHEL 9.

Configuring Network Settings on RHEL 9

1. Using nmcli (Network Manager Command Line Interface)

Network Manager is the default network configuration tool on RHEL 9. You can use nmcli to manage
network connections.

Configure a Static IP Address

1. List Network Connections:
nmcli con show
2. Modify a Connection: Replace "Wired connection 1" with your connection name:
nmcli con mod "Wired connection 1" ipv4.addresses 192.168.1.100/24
nmcli con mod "Wired connection 1" ipv4.gateway 192.168.1.1
nmcli con mod "Wired connection 1" ipv4.dns 8.8.8.8

12
 nmcli con mod "Wired connection 1" ipv4.method manual
nmcli con up "Wired connection 1"

Configure DHCP
1. Modify Connection for DHCP:
nmcli con mod "Wired connection 1" ipv4.method auto
nmcli con up "Wired connection 1"

2. Using Configuration Files
You can also manually edit network configuration files, though NetworkManager is typically preferred.

Edit Configuration Files
 For Ethernet Connections: Edit /etc/sysconfig/network-scripts/ifcfg-eth0 (or the appropriate file
for your interface):

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

Example configuration for static IP:
bash
Copy code
TYPE=Ethernet
BOOTPROTO=static
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8
For DHCP:
bash
Copy code
TYPE=Ethernet
BOOTPROTO=dhcp
NAME=eth0
DEVICE=eth0
ONBOOT=yes
 Restart the Network Service:
sudosystemctl restart NetworkManager

Troubleshooting Connectivity Issues on RHEL 9

1. Check Network Interface Status
 List Network Interfaces:
ipaddr show

13
  Check Link Status:
ip link show
 Bring Interface Up/Down:
sudoip link set dev eth0 up
sudoip link set dev eth0 down
2. Test Network Connectivity
 Ping Localhost:
ping 127.0.0.1
 Ping External IP:
ping 8.8.8.8
 Ping Hostname:
ping google.com
3. Check Routing Table
 View Routing Table:
ip route show
 Add/Modify Routes:
sudoip route add default via 192.168.1.1
4. Verify DNS Configuration
 Check DNS Resolution:

nslookup google.com
or
dig google.com
 Check /etc/resolv.conf:
cat /etc/resolv.conf
Ensure it contains the correct nameserver entries:
nameserver 8.8.8.8
5. Review Logs for Network Issues
 View System Logs:
sudojournalctl -xe
 Check NetworkManager Logs:
sudojournalctl -u NetworkManager
6. Check Network Services
 Check NetworkManager Status:
sudosystemctl status NetworkManager
 Restart NetworkManager:
sudosystemctl restart NetworkManager

Example Troubleshooting Scenario

Scenario: You configured a static IP but can't connect to the internet.
1. Verify IP Configuration:
ipaddr show
2. Test Local Connectivity:
ping 127.0.0.1
3. Test External Connectivity:

14
 ping 8.8.8.8
4. Check Routing:
ip route show
5. Verify DNS Resolution:
nslookup google.com
6. Inspect Configuration Files:
Check /etc/sysconfig/network-scripts/ifcfg-eth0 and /etc/resolv.conf for
correctness.

By following these steps, you can configure and troubleshoot network settings on RHEL 9 effectively. If
you encounter specific issues or error messages, providing those details can help in diagnosing and
resolving problems more accurately.

Assignment Evaluation

0:NotDone[] 1:Incomplete[] 2:LateComplete[ ]

3: Need Improvement[] 4: Complete[] 5:Well Done []

Signature of Instructor

15
 Assignment3

System Maintenance and Updates
Aim:
 Use APT or YUM to install, update, and remove packages on your system.
 Analyze system logs to troubleshoot a specific issue (e.g., networking, package installation).
 Monitor system performance using tools like top or htop.

Practical 01- Use YUM to install, update, and remove packages on your system.

Theory:

APT (Used in Debian-based Systems like Ubuntu)

1. Install a Package: To install a package, you use the install command. This command retrieves
the package from the repository and installs it on your system.

Copy code
sudo apt install package-name

2. Update Package List: Before installing or updating packages, it's a good idea to update the list
of available packages and their versions. This command refreshes the package list.

bash
sudo apt update

3. Upgrade Packages: After updating the package list, you can upgrade all the installed packages
to their latest versions.

bash
sudo apt upgrade

4. Remove a Package: If you no longer need a package, you can remove it using the remove
command.

bash
sudo apt remove package-name

YUM (Used in Red Hat-based Systems like CentOS, Fedora)
1. Install a Package: Similar to APT, YUM installs packages from repositories.

bash
Copy code
sudo yum install package-name

16
 2. Update Package List and Upgrade Packages: YUM automatically handles package list updates
when you use the update command. This command updates the list and upgrades all the
packages.

bash
sudo yum update

3. Remove a Package: To remove a package you no longer need, use the remove command.

bash
sudo yum remove package-name

Goals:

Goal 1 : How do you install the httpd package using YUM?

Goal 2: Before installing or upgrading packages, how can you update the package metadata to

Goal 3: How can you upgrade all installed packages on your system to their latest versions using YUM?

Goal 4: How do you remove the httpd package from your system using YUM?

Goal 5: How can you check for available updates for all installed packages without actually updating
them?

Goal 6: How do you install a specific version of a package using YUM? For example, install version
2.4.6 of the httpd package.

Goal 7: How do you list all installed packages on your system using YUM?

Goal 8: How can you view detailed information about the httpd package, such as its version,
repository and description?

17
Practical 02 :Analyze system logs to troubleshoot a specific issue (e.g., networking, package
installation).

Theory System Logs:
Understanding System Logs in RHEL

1. What are System Logs?
o System logs are files that record events and messages from the system and applications. These
logs provide valuable information about the operation of the system and are stored in specific
directories.
2. Location of System Logs:
o In RHEL, system logs are typically stored in the /var/log directory. Common log files include:
 /var/log/messages: General system messages and important events.
 /var/log/secure: Security-related messages (e.g., authentication attempts).
 /var/log/boot.log: Messages related to the system boot process.
 /var/log/yum.log: Logs related to YUM package management activities.
 /var/log/dmesg: Kernel ring buffer messages (hardware-related information).
3. Tools for Viewing Logs:
o You can use text-based tools to view and analyze logs. Common tools include:
 cat: Displays the entire contents of a file.
 less: Allows scrolling through the file contents.
 tail: Shows the last few lines of a file, often used with the -f option to follow real-time
updates.
 grep: Searches for specific patterns or keywords within files.

Goals :
Goal 01- You are unable to connect to the network from your RHEL server. How would you use system
logs to troubleshoot this issue?

Goal 02: A recent package installation failed on your RHEL system. How would you investigate the
cause of this failure using logs?

Goal 03: You notice that a service is failing to start on boot. How can you use system logs to
troubleshoot the issue?

Goal 04: Your RHEL system is experiencing slow performance, and you suspect a high load due to
certain processes. How would you use logs to investigate this?

18
Practical 03: Monitor system performance using tools like top or htop.

Theory : Monitor system performance

RHEL provides several built-in tools that help monitor system performance:

1. top:
o Purpose: Displays real-time information about system processes, including CPU usage,
memory usage, and process IDs.
o Usage: Simply type top in the terminal.
o Key Metrics: Shows the percentage of CPU and memory each process uses, system load
average, and total tasks running.
2. htop (if installed):
o Purpose: An enhanced version of top with a more user-friendly, color-coded display.
o Usage: Type htop in the terminal (install it using sudo yum install htop if not already
installed).
o Key Metrics: Similar to top but with additional features such as sorting by different
criteria and interactive process management.
3. vmstat:
o Purpose: Provides a summary of system performance, showing information about
processes, memory, paging, block I/O, traps, and CPU activity.
o Usage: Type vmstat followed by the interval (e.g., vmstat 5 to update every 5 seconds).
o Key Metrics: Memory usage, system processes, I/O blocks, and CPU idle time.
4. iostat:
o Purpose: Displays statistics related to input/output operations for devices and partitions.
o Usage: Type iostat followed by an interval (e.g., iostat 5).
o Key Metrics: CPU utilization, device read/write rates, and disk I/O activity.
5. sar (part of the sysstat package):
o Purpose: Provides comprehensive data on system performance metrics over time.
o Usage: Type sar followed by options to specify the metrics (e.g., sar -u 5 for CPU
usage every 5 seconds).
o Key Metrics: CPU usage, memory usage, I/O activity, network statistics, and more.
6. free:
o Purpose: Displays the amount of free and used memory in the system.
o Usage: Type free -h for a human-readable format.
o Key Metrics: Total, used, and free memory, as well as swap usage.
7. netstat and ss:
o Purpose: Both commands provide detailed information about network connections,
routing tables, and network interfaces.

19
 o Usage: Type netstat -an or ss -tuln to display network connections and listening
ports.
o Key Metrics: Active connections, listening ports, and network statistics.

Goals:

Goal 01: How can you check the current CPU usage on a RHEL system?

Goal 02: How do you check the amount of free and used memory on a RHEL system?

Goal 03: How can you monitor disk space usage across all mounted file systems?

Goal 04 : How can you view real-time network bandwidth usage on a RHEL system?

Goal 05: What tool would you use to monitor the load average of a system over time?

Conclusion:

 APT/YUM Commands: Use APT or YUM to install, update, and remove software packages on
your system.
 Log Analysis: Analyze system logs to diagnose and troubleshoot issues related to networking
and package installations.
 Performance Monitoring: Use tools like top or htop to monitor system performance and
identify resource usage.
 These skills ensure effective system management, troubleshooting, and performance optimization

Assignment Evaluation

0:NotDone[] 1:Incomplete[] 2:LateComplete[ ]

3: Need Improvement[] 4: Complete[] 5:WellDone []

Signature of Instructor

20
 Assignment4
Security and Access Control

Aim :

 Configure user authentication using PAM. Implement firewall rules using IP tables.
 Secure SSH by modifying its configuration file.
 Implement either SE Linux or App Armor for Mandatory Access Control.

Practical 01: Configure user authentication using PAM. Implement firewall rules using IP tables.

Theory:

Configuring User Authentication Using PAM in RHEL

PAM (Pluggable Authentication Modules) is a framework used to manage authentication and
authorization in Linux systems. It allows for a modular approach to authentication, meaning that
different methods can be used and configured independently. Here’s an overview of how PAM is
configured for user authentication in RHEL:

Key Concepts

1. PAM Configuration Files:

o Configuration files for PAM are located in /etc/pam.d/. Each service or application

that requires authentication has its own PAM configuration file, such as

/etc/pam.d/sshd for SSH or /etc/pam.d/su for the su command.

2. PAM Modules:

o PAM modules are the building blocks for authentication. They provide different types of

authentication methods, such as password checking, account management, and session

handling.

o Common modules include:

 pam_unix.so: Handles traditional Unix authentication using /etc/passwd

and /etc/shadow.

21
  pam_tally2.so: Keeps track of failed login attempts.

 pam_google_authenticator.so: Implements two-factor authentication.

Goals:
Goal 01: How do you configure PAM to enforce password complexity requirements?
Goal 02: How can you configure PAM to lock a user account after a certain number of failed login
attempts?
Goal 03: How can you configure PAM to require users to change their password after a specified period?
Goal 04: How do you list all current IP tables rules?
Goal 05: How do you block incoming traffic on port 80 using IP tables?

Practical 02: Secure SSH by modifying its configuration file.
Thoery: SSH

1. Basic Concepts

 Purpose: SSH provides a secure method for logging into a remote computer, executing
commands, and transferring files. It replaces older protocols like Telnet and rlogin that transmit
data in plaintext.
 Encryption: SSH encrypts the data transmitted between the client and server, protecting it from
eavesdropping and man-in-the-middle attacks.

2. Components of SSH

 SSH Client: The software used by the user to connect to a remote system. Common clients
include ssh command-line utility and graphical clients like PuTTY.
 SSH Server: The service running on the remote machine that accepts and handles incoming SSH
connections. On Linux, this is typically the sshd daemon.

3. Authentication Methods

 Password Authentication: Users log in using a username and password. While simple, it’s less
secure compared to key-based authentication.
 Public Key Authentication: Involves a pair of cryptographic keys: a public key (stored on the
server) and a private key (stored on the client). Authentication is performed using these keys
rather than a password.
 Host-Based Authentication: Authentication is based on the client machine’s identity. The client
and server must trust each other’s host keys.
22
4. SSH Protocol Versions
 SSH-1: The original version, which has known security vulnerabilities and is largely deprecated.
 SSH-2: The current version, which provides stronger security features and better encryption
algorithms. Always use SSH-2 for secure communications.

5. How SSH Works

1. Initiation: The SSH client initiates a connection to the SSH server.
2. Key Exchange: The client and server exchange encryption keys to establish a secure channel.
3. Authentication: The client authenticates itself to the server using the chosen authentication
method (password, public key, etc.).
4. Session Establishment: Once authenticated, a secure session is established. The client can now
execute commands or transfer files securely.
5. Encryption: All data transmitted during the session is encrypted to prevent interception and
tampering.

6. SSH Port Forwarding

 Local Port Forwarding: Redirects traffic from a local port to a remote server through an
encrypted SSH tunnel.
 Remote Port Forwarding: Redirects traffic from a remote port to a local machine through an
SSH tunnel.
 Dynamic Port Forwarding: Allows the SSH client to act as a SOCKS proxy, enabling dynamic
forwarding of traffic to various destinations.

7. Security Considerations

 Key Management: Protect private keys with strong passphrases and manage key pairs securely.
 Configuration: Harden SSH configuration by disabling root login, using strong encryption
algorithms, and limiting user access.
 Logging and Monitoring: Enable and review SSH logs to monitor for suspicious activity.

8. SSH Alternatives and Extensions

 SFTP (SSH File Transfer Protocol): A secure file transfer protocol over SSH, allowing for
secure file transfers and management.
 SCP (Secure Copy Protocol): A simpler protocol for transferring files over SSH, though less
feature-rich compared to SFTP.
 Tunneling: SSH can be used to create secure tunnels for other protocols, providing encrypted
communication for various services.

23
 Goals:

Goal 01: How do you configure SSH to automatically log in inactive sessions after 10 minutes on RHEL?

Goal 02 : How do you disable password authentication and enforce public key authentication only on

RHEL?

Goal 03: How do you limit SSH access to only a specific user, e.g., johndoe, on RHEL?

Practical 03: Implement either SE Linux or App Armor for Mandatory Access Control.

Theory: SE Linux

Basic Concepts

 Mandatory Access Control (MAC): Unlike discretionary access control (DAC), where users
have control over their own files and resources, MAC policies are enforced by the system, and
users cannot override them. SELinux uses MAC to enforce policies that define how processes
and users can interact with each other and with system resources.
 Policies: SELinux operates based on policies that define the permissions and constraints for
system processes and files. These policies are written in a specific policy language and dictate
how different parts of the system interact.

2. Components

 SELinux Policy: A set of rules defining how processes and users interact with system resources.
Policies can be custom-designed or use pre-defined types and rules.
 SELinux Contexts: Each file, process, and resource in an SELinux system is assigned a security
context. A security context is a label consisting of several attributes:
o User: Represents the SELinux user identity.
o Role: Defines the role of the subject (e.g., process) or object (e.g., file).
o Type: Specifies the type of the object (e.g., a file or process).
o Level: Used for optional security levels (e.g., sensitivity levels in multi-level security).
 Labels: SELinux labels, also known as security contexts, are assigned to all files, processes, and
other system resources. These labels help determine access controls based on the SELinux policy.

3. Modes of Operation

 Enforcing Mode: SELinux actively enforces the policies. If a process tries to perform an action
that is not allowed by the policy, SELinux denies the action and logs the event.

24
  Permissive Mode: SELinux does not enforce the policy but still logs actions that would have
been denied in enforcing mode. This is useful for debugging and policy development.

 Disabled Mode: SELinux is turned off entirely, and no access control policies are enforced. This
mode is not recommended for production environments due to the lack of security.

Common SELinux Commands

 Check SELinux Status:

sestatus
 Change SELinux Mode Temporarily:

sudo setenforce 0 # Permissive mode
sudo setenforce 1 # Enforcing mode

 View Current SELinux Context:

ls -Z
 Change SELinux Context:

sudo chcon -t type_name file_name
 Manage SELinux Policies:
o Install or update policies: yum install policycoreutils-python-utils
o Restore default contexts: restorecon -R /path/to/directory

5. Policy Types

 Targeted Policy: The most commonly used policy, which focuses on protecting specific services
(like web servers) while leaving other parts of the system less restricted.

 MLS (Multi-Level Security) Policy: A more stringent policy designed for environments
requiring high levels of security, using sensitivity levels to control access.

6. SELinux Booleans

 SELinux Booleans: These are runtime tunables that allow you to enable or disable specific
aspects of SELinux policies without requiring a policy update or a system restart. You can view
and modify them using:

25
 getsebool –a
setsebool boolean_name on|off

Goals:
Goal 01: How do you check the current SELinux mode on your system?
Goal 02: How do you set SELinux to enforcing mode temporarily?
Goal 03 : How do you change the SELinux mode permanently to enforcing in RHEL?

Assignment Evaluation

0: Not Done [] 1: Incomplete[] 2: Late Complete [ ]

3: Need Improvement [] 4: Complete [] 5: Well Done []

Signature of Instructor
26
 Assignment5

Advanced Topics in Linux Administration
Aim:
 Schedule automated tasks using Cron.
 Install and run a Docker container, explaining the basics of containerization.
 Set up file and directory permissions for a specific scenario.

Practical 1 : Schedule automated tasks using Cron.

Theory: Cron

In Red Hat Enterprise Linux (RHEL), cron is a time-based job scheduler that allows you to run scripts
or commands at specified times or intervals. Here’s a brief overview of how it works:

1. Cron Daemon (crond): The crond daemon runs in the background and checks the cron tables
(crontabs) for jobs to execute. It is typically started automatically at boot.
2. Crontab Files: There are different crontab files:
o User Crontabs: These are individual files for each user, located in
/var/spool/cron/crontabs/ or /var/spool/cron/. Each user can have their own
crontab file.
o System Crontabs: These are used for system-wide jobs and are located in /etc/crontab
and /etc/cron.d/.
3. Crontab Syntax: A crontab file consists of lines with the following format:

javascript
Copy code
* * * * * /path/to/command

Each asterisk represents a time field in the order: minute, hour, day of month, month, and day of
week. For example, 0 5 * * * would run a command every day at 5:00 AM.

4. Editing Crontabs:
o For user-specific crontabs, use the crontab -e command to edit the current user’s
crontab file.
o System-wide crontabs can be edited directly in /etc/crontab or in files within
/etc/cron.d/.
5. Common Directories:
o /etc/cron.daily/, /etc/cron.hourly/, /etc/cron.weekly/, and
/etc/cron.monthly/ contain scripts that are executed at the respective intervals.
6. Environment Variables: Cron jobs have a minimal environment. If your job relies on certain
environment variables, you may need to set them within the crontab file or within the script itself.
7. Permissions: Ensure that cron jobs have the appropriate permissions to execute and that paths
and commands are correctly specified.
27
Practical 01: Schedule automated tasks using Cron.

Goal 01: How would you schedule a script to run every day at midnight?
Goal 02: How do you set up a job to execute every 30 minutes?
Goal 03: What syntax would you use to run a backup script at 3:00 AM on the first day of every month?
Goal 04: How can you schedule a task to run every Friday at 5:00 PM?
Goal 05: What steps are needed to execute a command every hour on the hour?

Practical 2 : Install and run a Docker container, explaining the basics of containerization.

Theory : Docker:
Docker is a platform used for developing, shipping, and running applications in containers. Here’s a short theory
on Docker in RHEL (Red Hat Enterprise Linux):

1. Containers: Docker containers package an application and its dependencies together, allowing it
to run consistently across different environments. Containers are lightweight and isolated from
each other and the host system.
2. Docker Engine: The Docker Engine is the runtime that manages containers. It consists of a
daemon (background service) that handles building, running, and managing containers.
3. Docker Images: Docker images are read-only templates used to create containers. They contain
the application code, libraries, and dependencies. Images are built from a Dockerfile, which
defines the configuration and installation steps.
4. Dockerfiles: A Dockerfile is a script containing instructions to build a Docker image. It specifies
the base image, environment variables, and commands to run.
5. Docker Hub: Docker Hub is a cloud-based registry service where Docker images can be stored
and shared. It provides access to both public and private repositories.
6. Container Management: Docker provides commands to manage containers, including docker
run (to start a container), docker ps (to list running containers), and docker stop (to stop a
container).
7. Networking: Docker containers can communicate with each other through networks. Docker
provides various network drivers to manage communication between containers and with the
external world.
8. Volumes: Docker volumes are used to persist data generated by and used by Docker containers.
They allow data to be stored outside the container filesystem, ensuring that data persists even if
the container is removed.
9. Security: Docker containers provide a level of isolation, but security best practices should be
followed, such as running containers with the least privileges and keeping images up to date.
10. Integration with RHEL: Docker can be installed on RHEL using the yum package manager or
by setting up Docker’s official repository. RHEL 8 and later have integrated support for Docker
and its components, facilitating containerized application development and deployment.

28
Practical 02: Install and run a Docker container, explaining the basics of containerization.

Goal 01: Install Docker on your RHEL system.
Goal 02: Start and enable the Docker service to run on boot.
Goal 03: Pull a Docker image of your choice from Docker Hub.
Goal 04: Run a Docker container from the pulled image and verify it is running.
Goal 05: Execute a command inside a running container (e.g., check the OS version).

Practical 3 : Set up file and directory permissions for a specific scenario.

Theory :
1. File Permissions

In RHEL, file permissions determine who can read, write, or execute a file. Permissions are represented
using a combination of symbols or octal numbers.

 Symbolic Representation:
o r (read)
o w (write)
o x (execute)
o - indicates no permission

Permissions are displayed as a string of 10 characters, such as -rwxr-xr--. The first character
denotes the file type (e.g., - for a regular file, d for a directory), followed by three sets of
permissions for user (owner), group, and others.

 Octal Representation: Permissions can also be represented by a three-digit octal number, where
each digit ranges from 0 to 7:
o 0 = no permissions
o 1 = execute
o 2 = write
o 3 = write + execute
o 4 = read
o 5 = read + execute
o 6 = read + write
o 7 = read + write + execute

For example, chmod 755 file.txt sets permissions to rwxr-xr-x.

2. Changing Permissions

29
  chmod Command: Used to change file and directory permissions.
o Symbolic Mode: chmod u+rwx file.txt (adds read, write, and execute
permissions for the owner).
o Octal Mode: chmod 755 file.txt (sets permissions to rwxr-xr-x).
 chown Command: Changes the owner and group of a file or directory.
o Example: chown user:group file.txt changes the owner to user and the
group to group.
 chgrp Command: Changes the group ownership of a file or directory.
o Example: chgrp group file.txt changes the group to group.

3. Special Permissions

 Setuid (s): Allows a file to be executed with the permissions of the file's owner.
o Example: chmod u+s file.txt sets the setuid bit.
 Setgid (s): Allows a file to be executed with the permissions of the group of the file, or sets the
group ID on a directory so new files inherit the group.
o Example: chmod g+s directory sets the setgid bit on a directory.
 Sticky Bit (t): Ensures that only the file owner can delete or rename the file within a directory.
o Example: chmod +t directory sets the sticky bit on a directory.

4. Ownership and Permissions for Directories

 Directories: The x (execute) permission on a directory allows users to enter and search the
directory. The r (read) permission allows listing the contents, and the w (write) permission
allows creating and deleting files within the directory.

Practical 03: Set up file and directory permissions for a specific scenario

Scenario:

You are managing a project on a RHEL server that involves several team members. You need to set up
permissions for a project directory with the following
requirements

The project directory should be accessible only by the team members.

1. The team members should have full access (read, write, execute) to the project directory.
2. Each team member should be able to add and modify files within the directory.
3. Files and directories created inside the project directory should automatically inherit the group
ownership of the project directory.
4. Only the project manager should be able to delete files and directories from the project directory.

30
Goals:

Goal 01: How would you set up the permissions on the project directory to ensure that only the team
members have access?
Goal 02: What command would you use to set the permissions so that all team members have full
access (read, write, execute) to the project directory?
Goal 03: How can you configure the project directory so that new files and directories created within
it inherit the group ownership?
Goal 04: Which special permission would you set to ensure that only the project manager can delete
files and directories?
Goal 05: What command would you use to change the ownership of the project directory so that the
project manager is the owner and the team members are in the group?

Assignment Evaluation

0: Not Done [] 1: Incomplete[] 2: Late Complete [ ]

3: Need Improvement [] 4: Complete [] 5: Well Done []

Signature of Instructor

31
 Assignment 6
Installation and Configuration
Aim :

 Choose a different Linux distribution than in Question 2.
 Perform an advanced partitioning scheme, including separate partitions for /, /home, and swap.

Apparatus (Components):

Theory:

Creating an advanced partitioning scheme with separate partitions for the root (/), home (/home), and
swap areas is a common practice in Linux system administration, especially for RHEL (Red Hat
Enterprise Linux). This approach provides better organization, security, and flexibility for managing disk
space.

1. Root (/) Partition: This is the main partition where the operating system files, system libraries,
and application binaries reside.
2. Home (/home) Partition: This partition contains user data and personal files. Separating it from
the root partition ensures that user data remains safe even if the operating system needs to be
reinstalled.
3. Swap Partition: Swap space is used as virtual memory when the physical RAM is fully utilized.
This helps in maintaining system performance.

Steps for Advanced Partitioning

1. Determine Disk Size and Plan Partition Sizes: Before creating partitions, decide how much
space to allocate to each. A typical setup might be:
o Root (/): 20-50 GB (depending on the number of applications and system logs)
o Home (/home): Rest of the space (user files and data)
o Swap: 2-4 GB or more (depending on the system's RAM, typically 1.5x RAM size for
systems with less than 4 GB of RAM; equal to RAM for larger RAM sizes
2. Partitioning Tool: You can use tools like fdisk, gdisk (for GPT disks), or parted to create the
partitions. If using a graphical installer, such as the RHEL installation wizard, these options are
typically presented in a user-friendly manner

Example Using fdisk (For MBR Partitioning)

1. List the Disks:

fdisk –l

32
 2. Select the Disk: Start fdisk on the desired disk (e.g., /dev/sda):

fdisk /dev/sda

3. Create a New Partition Table (optional, if starting from scratch):
o Press o to create a new DOS partition table (MBR).
4. Create Partitions:
o Root Partition (/):
 Press n to create a new partition.
 Choose p for primary.
 Select a partition number (usually 1).
 Specify the starting and ending sectors (e.g., +20G for a 20 GB root).
o Swap Partition:
 Press n to create a new partition.
 Choose p for primary.
 Select a partition number (usually 2).
 Specify the size (e.g., +4G for a 4 GB swap).
 Press t to change the partition type, and enter 82 for Linux swap.
o Home Partition (/home):
 Press n to create a new partition.
 Choose p for primary.
 Select a partition number (usually 3).
 Use the rest of the available space for /home.
5. Write Changes to Disk:
o Press w to write the partition table to the disk and exit fdisk.

Format the Partitions

1. Format the Root and Home Partitions as ext4:

mkfs.ext4 /dev/sda1 # Format root
mkfs.ext4 /dev/sda3 # Format home

2. Initialize the Swap Partition:

mkswap /dev/sda2

3. Enable Swap:

swapon /dev/sda2
Mount the Partitions

1. Mount the Root Partition:

mount /dev/sda1 /mnt

33
 2. Create and Mount the Home Directory:

mkdir /mnt/home
mount /dev/sda3 /mnt/home

3. Add Swap to /etc/fstab (optional but recommended):

echo '/dev/sda2 none swap sw 0 0' >> /mnt/etc/fstab

Adjusting the /etc/fstab File

After the system installation, you need to ensure that the new partitions are correctly referenced in the
/etc/fstab file:

/dev/sda1 / ext4 defaults 0 1
/dev/sda3 /home ext4 defaults 0 2
/dev/sda2 swap swap defaults 0 0

Goals:

Goal 01: How can you check the current partitioning scheme on an installed Linux system
Goal 02: What commands would you use to add a swap partition after the system is already installed?
Goal 03: Create Swap Partition of 725 MB
Goal 04 : Create 3 Primary and 1 extended partition
Goal 05: Explain how to check the existing partition layout on a Linux system. What tools or commands
would you use

Assignment Evaluation

0:NotDone[] 1:Incomplete [] 2:LateComplete[ ]

3:NeedImprovement[ ] 4:Complete[ ] 5:WellDone []

Signature of Instructor

34
 Assignment 7

System Maintenance and Updates

Aim:
 Explore and demonstrate the process of upgrading the Linux kernel.
 Analyze logs to identify and troubleshoot issues related to kernel updates.

Practical 1 : Explore and demonstrate the process of upgrading the Linux kernel.

Theory:

Upgrading the Linux kernel can provide enhanced features, improved hardware support, better
performance, and security patches. For RHEL (Red Hat Enterprise Linux) systems, this process is
managed using the package management system and specific tools designed for kernel management.
Here’s a step-by-step guide to upgrading the Linux kernel in RHEL:

Step 1: Check the Current Kernel Version

Before upgrading, it's good to know the current kernel version:

uname -r

This command will output the version number of the currently running kernel.

Step 2: Update System Repositories and Packages

Ensure that your system's repositories are up to date. This can include updates for other system packages,
which is a good practice before making significant changes like a kernel upgrade:

sudo yum update

Step 3: Install the Latest Kernel

On RHEL, kernels are installed as separate packages, allowing multiple versions to coexist. This is
beneficial for testing a new kernel version while having the ability to boot into the old one if needed.

1. Search for Available Kernel Versions:

yum --showduplicates list kernel

35
 This command will list available kernel versions that you can install.

2. Install the Latest Kernel:

sudo yum install kernel

By default, this command installs the latest version of the kernel available in your enabled
repositories.

Step 4: Update GRUB Configuration

After installing a new kernel, you need to update the GRUB bootloader to include the new kernel in the
boot menu:

sudo grub2-mkconfig -o /boot/grub2/grub.cfg

For UEFI systems, the path might be slightly different:

sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg

Step 5: Reboot and Select the New Kernel

Reboot your system to start using the newly installed kernel:

sudo reboot

During the reboot, you can choose the kernel version from the GRUB menu. By default, the latest
installed kernel will be selected. You can manually select an older kernel if needed by choosing it from
the GRUB menu.

Step 6: Verify the Kernel Upgrade

After rebooting, check the running kernel version to ensure that the upgrade was successful:

uname -r

The output should show the version number of the new kernel you installed.

Step 7: Remove Old Kernels (Optional)

RHEL keeps multiple versions of the kernel installed to allow fallback options. However, if you are
confident that the new kernel works well, you can remove old versions to free up space:

1. List Installed Kernels:

rpm -q kernel
36
 This command will list all installed kernel versions.

2. Remove an Old Kernel:

To remove a specific kernel version, use:

sudo yum remove kernel-[version]

Replace [version] with the specific version number you want to remove.

Practical 2 : Analyze logs to identify and troubleshoot issues related to kernel updates.

Theory :

Analyzing logs is crucial when troubleshooting issues related to kernel updates. Kernel updates can
lead to various problems, such as boot failures, hardware compatibility issues, or system instability. By
examining relevant log files, you can identify and resolve these issues efficiently.

Key Logs for Kernel Troubleshooting

1. /var/log/messages: This log contains general system messages, including those related to the
kernel, services, and other system components.
2. /var/log/dmesg: This log captures kernel ring buffer messages. It’s particularly useful for
checking messages that appear during the boot process.
3. /var/log/boot.log: This file logs the system boot messages. It can provide insights into what
happens during the system startup, including any failures.
4. /var/log/secure: This log records authentication and authorization messages, which might help
identify security-related issues after a kernel update.
5. /var/log/kern.log (if available): This log is specifically for kernel-related messages. Not all
distributions have this by default.

37
Steps to Analyze Logs for Kernel Issues

1. Check System Messages Log (/var/log/messages):

Start by examining the /var/log/messages file for any errors or warnings related to the kernel.
Look for keywords like kernel, error, warning, fail, or panic.sudo grep -i
'kernel\|error\|warning\|fail\|panic' /var/log/messages

Example of filtering messages related to the kernel:

sudo tail -n 50 /var/log/messages

Look for messages that indicate issues with modules, devices, or other kernel-related
components.

2. Examine Boot Messages (/var/log/boot.log):

Review the boot log for any messages that indicate problems during the startup process.

sudo less /var/log/boot.log

Look for entries marked as FAILED, ERROR, or other anomalies that indicate a failure in boot
services or modules.

3. Check Kernel Ring Buffer (/var/log/dmesg or dmesg command):

The dmesg command displays messages from the kernel ring buffer, which includes logs from
the boot process. This can show hardware-related messages, kernel panics, or driver issues.

dmesg | grep -i 'error\|warning\|fail\|panic'

You can also redirect the output of dmesg to a file and analyze it using less or grep.

dmesg > dmesg_output.txt
less dmesg_output.txt

4. Inspect Secure Logs (/var/log/secure):

If there are authentication or security-related issues after a kernel update, checking the secure log
can help.

sudo less /var/log/secure

38
 5. Kernel Logs (/var/log/kern.log):

If your distribution uses kern.log, it’s an excellent resource for kernel-specific messages. Review
it for errors, warnings, and other anomalies.

sudo less /var/log/kern.log

Common Issues and Their Indicators

1. Kernel Panics: Indicated by messages like kernel panic in the logs. These can be caused by
incompatible drivers, hardware issues, or bugs in the kernel itself.
2. Module Loading Issues: Look for Failed to load module messages. These indicate problems
with loading kernel modules, which could be due to missing dependencies or incompatible
modules.
3. Device Driver Failures: Errors related to specific devices, such as ata (disk issues), eth
(network), usb (USB devices), etc., suggest driver or hardware compatibility issues.
4. Boot Failures: Messages indicating FAILED services in the boot log. These can suggest
problems with systemd services, drivers, or filesystem mounting issues.
5. Security Warnings: Unauthorized access attempts or other security-related issues might be
logged in the secure log, indicating potential misconfigurations or security breaches post-update.

Advanced Troubleshooting Tips

 Compare Logs: Compare logs before and after the kernel update to identify new errors or
warnings. This can help pinpoint the source of new problems.
 Use journalctl: On systems with systemd, use journalctl to query logs more effectively. You can
filter by boot, priority, and services:

journalctl -k -b # View kernel logs from the current boot
journalctl -p err # View logs with error priority or higher

 Boot into Previous Kernel: If the new kernel causes issues, reboot the system and select the
previous kernel version from the GRUB menu to see if the issue persists. This can help determine
if the problem is related to the new kernel.
 Check Compatibility: Verify that third-party drivers or custom modules are compatible with the
new kernel version. Incompatible drivers can cause various system issues.
 Update Firmware: Ensure that system firmware (BIOS/UEFI) and hardware drivers are up to
date, as new kernel versions might rely on updated firmware for optimal compatibility.

39
Questions /Goals

Goal 01. What is the current kernel version running on the system, and how do you check it?

Goal 02. How do you list all available kernel versions that can be installed from the repositories?

Goal 03.How can you list all installed kernel versions on the system?

Goal 04. How can you automate kernel updates on RHEL, and what tools or services would you use?

Goal 05. How do you check the system's boot messages to identify issues that occurred during the
boot process?

Assignment Evaluation

0:NotDone[] 1:Incomplete [] 2:LateComplete[ ]

3:NeedImprovement[ ] 4:Complete[ ] 5:WellDone []

Signature of Instructor

40