(c)We Want to Hear from You



Red Hat RHCSA/RHCE 7 Cert guide

First Edition

Copyright © 2016 Pearson Certification

ISBN-10: 0-7897-5405-3

ISBN-13: 978-0-7897-5405-9

Warning and Disclaimer

Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an "as is" basis. The author and the publisher shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD or programs accompanying it.

When reviewing corrections, always check the print number of your book. Corrections are made to printed books with each subsequent printing.

First Printing: August 2015

Corrections for October 30, 2017

|Pg |Error – Third Printing |Correction |

|303 |Chapter 13, Understanding rsyslogd Configuration Files, Second Sentence |Should read: |

| |Reads: | |

| |The /etc/rsyslogd.conf file is the central location where rsyslogd is configured.|The /etc/rsyslog.conf file is the central location where rsyslogd is configured. |

Corrections for January 17, 2017

|Pg |Error – Third Printing |Correction |

|273 |Chapter 11, Querying RPM Package Files, First Paragraph, Second Sentence |Should read: |

| |Reads: | |

| |It sometimes makes sense to install an RPM before it is actually installed. |It sometimes makes sense to query an RPM before it is actually installed. |

Corrections for November 8, 2016

|Pg |Error – Second Printing |Correction |

|219 |Chapter 9, Table 9.3, Fourth Line, First Column |Should read: |

| |Reads: | |

| |Stopped (S) |Stopped (T) |

|220 |Chapter 9, Second Paragraph, Last Sentence |Should read: |

| |Reads: | |

| |Enter a positive value to increase process priority or a negative value to |Enter a positive value to decrease process priority or a negative value to increase process priority.|

| |decrease process priority. | |

Corrections for February 3, 2016

|Pg |Error – Second Printing |Correction |

|77 |Chapter 3, Creating Archives with tar, Second Paragraph, Last Sentence |Should read: |

| |Reads: | |

| |For a complete overview of relevant options used, see Table 3.4. |For a complete overview of relevant options used, see Table 3.6. |

Corrections for January 20, 2016

|Pg |Error – Second Printing |Correction |

|139 |3. Type id linda to verify that user linda has correctly been added to the group |3. Type id linda to verify that user linda has correctly been added to the group sales. In the |

| |sales. In the results of this command, you see that linda is assigned to the |results of this command, you see that linda is assigned to a group with the name linda. This is her |

| |group with gid=100(users). This is her primary group. With the groups parameter, |primary group. The groups parameter mentions linda, as well as, the group that she is currently a |

| |all groups she is a member of as secondary group are mentioned: |member of: |

|145 |Remove step 3 of the exercise | Delete and renumber steps. |

| | |3. Type scp labipa.:/etc/ipa/ca.crt/etc/openldap/cacerts. |

|145 |Remove step 3 of the exercise | 5. You now see a message indicating that you need to copy the certificate of the CA that has signed |

| |6. You now see a message indicating that you need to copy the certificate of |the public key certificate of the LDAP server to /etc/openldap/cacerts. Open a terminal window and |

| |the CA that has signed the public key certificate of the LDAP server to |from this terminal, type |

| |/etc/openldap/cacerts. You have already done this in step 3 of this exercise, so |scp labipa.:/etc/ipa/ca.crt /etc/openldap/cacerts. |

| |no action is required here. | |

|308 |Step 4: change "-/var/log/httpd-error.log" to "/var/log/httpd-error.log” |fixed |

| |* Step 5: change “systemctl restart rsyslogd” to “systemctl restart rsyslog” | |

| |* Step 7: From the firefox browser, go to . As no index.html page| |

| |exists yet, this will be written to the error log.  | |

| |* Step 9: change “systemctl restart rsyslogd” to “systemctl restart rsyslog” | |

Corrections for January 6, 2016

|Pg |Error – Second Printing |Correction |

|10 |Answer b reads "/home" |Change to "/var" |

|41 |In exercise, at the beginning of step 12 |Add "Type rm -rf ~/.bash_history |

|58 |4c reads "df -T" |Change to "df -hT" |

|72 |Step 11 reads "... cp -a newfiles/* .. Type ls -l ... |Change to "cp -a ../newfiles/* .. Type ls -al to see... (NOTE: the cp -a command ends with a dot!) |

|73 |Step 12 reads "... cp -a newfiles/.." |Change to "cp -a ../newfiles/. .."(NOTE: the command itself has two dots in the end) |

|95 |In the last paragraph, "... match red as well as reed." |Replace with "match reed, but not red" |

|131 |The first bullet ends with " You can create a file with the name ...." From here,|Replace with: "A file /etc/nologin can be created. If this file exists, only root will be able to log|

| |until "... shell tries to log in", remove all and replace |in. Other users will see the contents of this file and logins will be denied. |

|131 |"Typical for /etc/shadow ... for connecting to a system." |Replace with: Only the user root and processes running as root have access to /etc/shadow. |

|165 |Step 8 of the exercise reads "Use su - linda" |Change to "Use su - linda and type cd /data/sales." |

|166 |Replace the paragraph "The tar utility ... settings as well" |Change to: "Previous versions of the tar utility did not support working with ACLs, which is why the |

| | |star utility was introduced. You won't need this utility anymore because current versions of tar do |

| | |support working with ACLs. The star utility however is still listed in the exam objectives. |

|192 |Exercise 8.4, step 2 |Change DHCP to DNS |

|193 |Exercise, step 4 reads "10.0.0.20/24" 10.0.0.100 |change to "10.0.0.20/24, 10.0.0.100/24" |

|218 |Step 5 includes "You will see ... processes also" |Replace with. "As the dd processes were started as background processes, they are not killed when |

| | |their parent shell was killed. Instead, they have been moved upwards and are now a child of the |

| | |systemd process." |

|221 |Question 6 - answer |Change the answer to "Renice -nn -p PID, where nn is a negative value between -1 and -20. Notice that|

| | |you need to be root in order to increase process priority. |

|253 |THe middle of the page reads "...that ends in .repo" |Change to "... that ends in .repo in the directory /etc/yum.repos.d" |

|285 |The last line on the page reads "Every hour on weekdays on the hour." |Replace with "Every hour between 7 AM and 6 PM on weekdays on the hour" |

|292 |Review question 3 |The answer should read "*/2 * * * *" |

|303 |reads "SYSLOGD_OTIONS" |Change to "SYSLOGD_OPTIONS" |

|317 |The answer to question 10 reads "killella" |Replace with "killall" |

|355 |The fifth line from below reads "use the partition type 8300" |Change to "use the partition type 8e00" |

|439 |The first bullet reads " ... your current working environment." |Change to "... your current working environment, using chroot as described before." |

|447 |Question 9 |The answer should read "grub2-mkconfig -o /boot/grub2/grub.cfg" |

|447 |Question 10 |The answer should read "systemd.unit=emergency.target" |

|474 |Question 2 |In the solutions, answer A is listed as the correct answer. This should be answer D. The explanation|

| | |is correct |

|500 |Question 3, answer D |Change to "It can be used to manage the iptables service." |

|500 |Question 6 |Answer B is the correct answer |

|552 |Review question 1 |The answer should be "date -s 16:24" |

|552 |Review question 2 |Rephrase to "Which command sets hardware time to the current system time?" |

Corrections for December 16, 2015

|Pg |Error – Second Printing |Correction |

|145 |Chapter 6, Exercise 6.4, Last line in Step 1 |Should read: |

| |Reads: | |

| |192.168.122.200 ipa. |192.168.122.200 labipa. |

|145 |Chapter 6, Exercise 6.4, Step Three |Should read: |

| |Reads: | |

| |3. Type scp ipa.:/root/cacert.p12/etc/openldap/cacerts. |3. Type scp labipa.:/etc/ipa/ca.crt /etc/openldap/cacerts. |

|507 |Chapter 22, Exercise 22.1, Number 10, First Sentence |Should read: |

| |Reads: | |

| |Type firewall-cmd --addport=2022/tcp --permanent, followed by firewall-cmd |Type firewall-cmd --add-port=2022/tcp --permanent, followed by firewall-cmd --reload. |

| |--reload. | |

|532 |Chapter 23, Exercise 23.3, Step 8, Second Sentence |Should read: |

| |Reads: | |

| |Type cd /shares. |Type cd /shares/data. |

|534 |Chapter 23, Exercise 23.4, Step 3, Remove Line |Line to remove: |

| | |anon_mask = 077 |

|534 |Chapter 23, Exercise 23.4, Step 7, Add Third Sentence |Sentence to add: |

| | |Type cd uploads. |

|534 |Chapter 23, Exercise 23.4, Step 9, First Sentence |Should read: |

| |Reads: | |

| |Type grep AVC /var/log/audit/audit.log. |From server2, type grep AVC /var/log/audit/audit.log. |

Corrections for December 11, 2015

|Pg |Error – Second Printing |Correction |

|250 |Chapter 11, Question 6, Answer C |Should read: |

| |Reads: | |

| |c. yum list |c. yum list installed |

Corrections for November 30, 2015

|Pg |Error – Second Printing |Correction |

|80 |Chapter 3, Exercise 3.5, Number 10, First Sentence |Should read: |

| |Reads: | |

| |10. Type rm –f*gz *tar /home. |10. Type tar cjvf homes.tar /home. |

Corrections for November 16, 2015

|Pg |Error – First Printing |Correction |

|81 |Chapter 3, Table 3.7, First Key Topic Element, First Description |Should read: |

| |Reads: | |

| |FHS overview |FSH overview |

|323 |Chapter 14, Third Paragraph, Last Sentence |Should read: |

| |Reads: | |

| |Also older computer systems that are using BIOS instead of GPT can be configured |Also older computer systems that are using BIOS instead of UEFI can be configured with GUID |

| |with GUID partitions. |partitions. |

|397 |Chapter 17, Last Paragraph, Second Sentence |Should read: |

| |Reads: | |

| |This is done by the line Include conf.modules.d/*.conf in the httpd.conf file. |This is done by the line Include conf.d/*.conf in the httpd.conf file. |

|432 |Chapter 19, Key Topic, Number 2 |Should read: |

| |Reads: | |

| |2. Selecting the bootable device: Either from the UEFI boot firmware or from the |2. Selecting the bootable device: Either from the UEFI boot firmware or from the BIOS, a bootable |

| |Master Boot Record, a bootable device is located. |device is located. |

|443 |Chapter 19, First Paragraph, Last Sentence |Should read: |

| |Reads: | |

| |If the problem is file system oriented, type mount –o remount,rw / to make sure |If the problem is file system oriented, type mount –o remount,rw / to make sure the root file system |

| |the root file system is mounted read-only and analyze what is wrong in the |is mounted read/write and analyze what is wrong in the /etc/fstab file and fix it. |

| |/etc/fstab file and fix it. | |

Corrections for October 22, 2015

|Pg |Error – First Printing |Correction |

|liv |Table 2, Chapter Titles for Second and Third Objectives |Should read: |

| |Reads: | |

| |Sander please insert chapter names and numbers |Configuring external authentication and authorization. |

|72 |Chapter 3, Exercise 3.2 |Should read: |

| |Reads: | |

| |Exercise 3.2 Working with Files |Exercise 3.3 Working with Files |

|136 |Chapter 6, Exercise 6.2, Step 1, Second Sentence |Should read: |

| |Reads: | |

| |Also set the parameter USERGROUPS_ENAB to “no”, which makes that a new user is | |

| |added to a group with the same name as the user and nothing else. |Also set the parameter USERGROUPS_ENAB to “yes”, which makes that a new user being added to a group |

| | |with the same name as the user and nothing else. |

|142 |Chapter 6, TIP |Should read: |

| |Reads: | |

| |TIP If you install the sshd package before you configure anything, you should be|TIP In some conditions the nslcd service is used as the backend service for authentication, in other|

| |able to deal with authentication through the sssd service and not using the nslcd|services the sssd service is used. To make sure that sssd is used and nothing else, before starting |

| |service. It is easy to find yourself in a situation where nslcd is used instead |to work in the authconfig tools, use yum groups install “Directory Client”. |

| |of sssd, which is why you learn about both of them in the following sections. | |

|143 |Chapter 6, Managing nslcd, First Sentence |Should read: |

| |Reads: | |

| |When you use authconfig-tui, the nslcd service is configured on your server to |In some conditions the nslcd service is configured as the authentication backend to connect to an |

| |connect to the LDAP service. |LDAP server. |

|145 |Chapter 6, Exercise 6.4, Step 1, IP address and hosts file name |Should read: |

| |Reads: | |

| |192.168.122.200 ipa. |192.168.122.200 labipa. |

|145 |Chapter 6, Exercise 6.4, Step 3 |Should read: |

| |Reads: | |

| |3. Type scp ipa.:/root/cacert.p12/etc/openldap/cacerts. |3. Type scp labipa.:/root/cacert.p12/etc/openldap/cacerts. |

|145 |Chapter 6, Exercise 6.4, Step 5, Second Sentence |Should read: |

| |Reads: | |

| |Select Use TLS, and then enter the server URL ldap://ipa.. |Select Use TLS, and then enter the server URL ldap://labipa.. |

|145 |Chapter 6, Exercise 6.4, Step 7 |Remove Step 7 |

|161 |Chapter 7, Exercise 7.1, Step 2 |Should read: |

| |Reads: | |

| |2. Before setting the permissions, change the owners of these directories using |2. Before setting the permissions, change the owners of these directories using chown linda.sales |

| |chown linda.sales /data/sales and chown linda.account /data/account. |/data/sales and chown linda.account /data/account. |

|165 |Chapter 7, Exercise 7.2, Step 9 |Should read: |

| |Reads: | |

| |9. Use rm –rf lisa*. Sticky bit prevents you from removing these files as user |9. Use rm –rd lisa*. Normally, Sticky bit would prevent you from doing so, but as you are the owner |

| |linda because you are not the owner of the files. Note that if user linda is |of the directory that contains the files, you are allowed to do it anyway. |

| |directory owner of /data/sales, she can remove the files in question anyway! | |

|169 |Chapter 7, Exercise 7.3, Step 4 |Should read: |

| |Reads: | |

| |4. Use setfacl –m d:g:account:rwx,g:sales:rx/data/sales to set the default ACL |4. Use setfacl –m d:g:account:rx,g:sales:rwx/data/sales to set the default ACL for the directory |

| |for the directory sales. |sales. |

|169 |Chapter 7, Exercise 7.3, Step 5 |Should reads: |

| |Reads: | |

| |5. Add the default ACL for the directory /data/account by using setfacl –m |5. Add the default ACL for the directory /data/account by using setfacl –m d:g:sales:rx,g:account:rwx|

| |d:g:sales:rwx,g:account:rx /data/account. |/data/account. |

|192 |Chapter 8, Exercise 8.4, First Step |Should read: |

| |Reads: | |

| |Make sure that the static connection does not connect automatically by using |Make sure that the static connection does not connect automatically by using nmcli con mod “static” |

| |nmcli con mod “static” connection autoconnect no. |connection.autoconnect no. |

|193 |Chapter 8, Step 3, Second Sentence |Should read: |

| |Reads: | |

| |Test this by adding a second DNS server, using nmcli con mod “static” + ipv4.dns |Test this by adding a second DNS server, using nmcli con mod “static” +ipv4.dns 8.8.8.8. |

| |8.8.8.8. | |

|208 |Chapter 9, Foundation Topics, Second Paragraph, Third Sentence |Should read: |

| |Reads: | |

| |The Linux shell offers tools to manage individual threads. |The Linux shell does not offer tools to manage individual threads. |

|259 |Chapter 11, Exercise 11.1, Step 1, Second Sentence |Should read: |

| |Reads: | |

| |This mounts it on the directory /run/media/user/CentOS 7 x86_64. |This mounts it on the directory /var/run/media/$USER/CentOS 7 x86_64. |

|259 |Chapter 11, Exercise 11.1, Step 6, Add Code at the End of Code Listing |Code to Add: |

| | |gpgcheck=0 |

|381 |Chapter 16, Exercise 16.1, Step 1, First Sentence |Should read: |

| |Reads: | |

| |Open a root shell and type lsmod | head. |Open a root shell and type lsmod | less. |

|384 |Chapter 16, Exercise 16.2, Step 7 |Should read: |

| |Reads: | |

| |7. Create a file with the name /etc/modprobe.d/cdrom and give it the following |7. Create a file with the name /etc/modprobe.d/cdrom.conf and give it the following contents: |

| |contents: | |

|569 |Chapter 25, Exercise 25.1, Step 2 |Should read: |

| |Reads: | |

| |Type yum install –y sssd sssd-tools nss-pam-ldapd. |2. Type yum groups install “Directory Client” –y. |

|569 |Chapter 25, Exercise 25.1, Step 4 |Should read: |

| |Reads: | |

| |4. Copy the certificate from the IPA server to your local server by using scp |4. Copy the certificate from the IPA server to your local server by using scp |

| |labipa.:/root/cacert.p12 /etc/openldap/cacerts. |labipa.:/etc/ipa/ca.crt /etc/openldap/cacerts. |

|569 |Chapter 25, Exercise 25.1, Step 8 |Should read: |

| |Reads: | |

| |8. Open the file /etc/sssd/sssd.conf and add the following line, which will still|8. Complete the setup procedure in authconfig-tui. Once the configuration is written to your system, |

| |use TLS encrypted sessions, but ease up the integrity checks of the certificate. |use cat /etc/sssd/sssd.conf to verify the configuration has been committed to your server. |

| |This proves useful in an environment where self-signed certificates are used, as | |

| |is the case in this setup, but should normally not be necessary while working | |

| |with certificates that have been obtained from external certificate authorities: | |

| |ldap_tls_reqcert = never | |

|585 |Chapter 26, Step 2 |Should read: |

| |Reads: | |

| |2. Create the IQN and default target portal group (TGP) |2. Create the IQN and default target portal group (TPG) |

|587 |Chapter 26, Step 9, First sentence |Should read: |

| |Reads: | |

| |Now that the block backstores are taken care of, you can start configuring the |Now that the block backstores are taken care of, you can start configuring the unique identifier for |

| |unique identifier for your iSCSI target, the iSCSI IQN, which will also create |your iSCSI target, the iSCSI IQN, which will also create the default TPG. |

| |the default TGP. | |

|587 |Chapter 26, Step 10, Second Sentence |Should read: |

| |Reads: | |

| |Notice that the name of the IQN starts with year-month (in YY-MM notation) and is|Notice that the name of the IQN starts with year-month (in YYYY-MM notation) and is followed by the |

| |followed by the inversed DNS domain name. |inversed DNS domain name. |

|598 |Chapter 26, Listing 26-4, Eight line |Should read: |

| |Reads: | |

| |Target: iqn.2014-.example.target1 |Target: iqn.2014-.example:target1 |

|612 |Chapter 27, Table 27.2, Explanation for st, Second Sentence |Should read: |

| |Reads: | |

| |This parameter shows in a virtualization environment, where virtual machines are |This parameter shows in a virtualization environment, where other virtual machines are “stealing” |

| |“stealing” processor time from the hypervisor. |processor time from the hypervisor. |

|760 |Chapter 35, Question 5 |Should read: |

| |Reads: | |

| |5. Which of the following shows correct syntax to add a user into the users |5. Which of the following shows correct syntax to add a user into the user table? |

| |table? | |

|761 |Chapter 35, Question 8, Answer ‘c’ |Should read: |

| |Reads: | |

| |c. To make a physical database, the database must be stopped temporarily. |c. To make a physical database backup, write activity to the database must be stopped temporarily. |

|771 |Chapter 35, Managing Users, Third Paragraph, First Sentence |Should read: |

| |Reads: | |

| |If you want to create a user lisa, for example, use CREATE USER lisa@localhost |If you want to create a user lisa, for example, use CREATE USER ‘lisa’@’localhost’ IDENTIFIED BY |

| |IDENTIFIED BY ‘password’;. |‘password’;. |

|771 |Chapter 35, Managing Users, Third Paragraph, Fifth and Sixth Sentences |Should read: |

| |Reads: | |

| |For instance, lisa@% refers to user lisa who can log in from any host. When the |For instance, ‘lisa’@’%’ refers to user lisa who can log in from any host. When the user is no longer|

| |user is no longer needed, use DROP USER user@host; to remove the user. |needed, use DROP USER ‘user’@’host’; to remove the user. |

|771 |Chapter 35, Managing Users, Fourth Paragraph, Fourth Sentence |Should reads: |

| |Reads: | |

| |As root, for instance, use GRANT SELECT, UPDATE, DELETE, INSERT on |As root, for instance, use GRANT SELECT, UPDATE, DELETE, INSERT on addressbook.names to |

| |addressbook.names to lisa@localhost; to grant user lisa the basic permissions to |‘lisa’@’localhost’; to grant user lisa the basic permissions to the names table in the addressbook |

| |the names table in the addressbook database. |database. |

|771 |Chapter 35, Managing Users, First Bullet Point |Should read: |

| |Reads: | |

| |GRANT SELECT ON database.table TO user@host; Gives SELECT privilege on a | |

| |specific table in a specific database |GRANT SELECT ON database.table TO ‘user’@’host’; Gives SELECT privilege on a specific table in a |

| | |specific database |

|772 |Chapter 35, Managing Users, Four Bullet Points |Should read: |

| |Reads: | |

| |GRANT SELECT ON database.* TO user@host; Gives SELECT to all tables in | |

| |database |GRANT SELECT ON database.* TO ‘user’@’host’; Gives SELECT to all tables in database |

| |GRANT SELECT ON*.*TO user@host; Gives privileges to all tables in all |GRANT SELECT ON*.*TO ‘user’@’host’; Gives privileges to all tables in all databases |

| |databases |GRANT CREATE, ALTER, DROP ON database.* to ‘user’@’host’; Gives privilege to create, alter, and |

| |GRANT CREATE, ALTER, DROP ON database.* to user@host; Gives privilege to |drop databases |

| |create, alter, and drop databases |GRANT ALL PRIVILEGES ON*.* to ‘user’@’host’; Creates a superuser |

| |GRANT ALL PRIVILEGES ON*.* to user@host; Creates a superuser | |

|772 |Chapter 35, Managing Users, First Paragraph, Last Sentence |Should read: |

| |Reads: | |

| |To show privileges assigned to a specific user, you can use SHOW GRANTS FOR | |

| |user@host;. |To show privileges assigned to a specific user, you can use SHOW GRANTS FOR ‘user’@’host’;. |

|773 |Chapter 35, Exercise 35.2, Step 8 |Should read: |

| |Reads: | |

| |8. Create a user using CREATE USER julia@’%’ IDENTIFIED BY ‘secret’;. |8. Create a user using CREATE USER ‘julia’@’%’ IDENTIFIED BY ‘secret’;. |

|773 |Chapter 35, Exercise 35.2, Step 9 |Should read: |

| |Reads: | |

| |9. Grant permissions to user julia using GRANT SELECT,INSERT,UPDATE,DELETE ON |9. Grant permissions to user julia using GRANT SELECT, INSERT, UPDATE, DELETE ON videos.* TO |

| |videos.* TO julia@’%’;. |‘julia’@’%’;. |

|861 |Chapter 40, Question 7, Answer ‘a’ |Should read: |

| |Reads: | |

| |# |* |

|DVD |Appendix A, Page 8, Chapter 8, Answer 2 |Should read: |

| |Reads: | |

| |2. B. Explanation: The 169.254.0.0 network address does not belong to the private|2. B. Explanation: The 169.254.0.0 network address does not belong to the private address ranges, |

| |address ranges, which are 10.0.0.0/8, 172.168.0.0/12, and 192.168.0.0/16. |which are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. |

|DVD |Appendix A, Page 33, Chapter 40, Answer 7 |Should read: |

| |Reads: | |

| |7. A. Explanation: The clock that chrony currently is synchronized with is |7. A. Explanation: The server that chronyd is currently synchronized with, is indicated with a *. ? |

| |indicated with a # is used for a source to which connectivity has been list, + is|is used for a source to which connectivity has been lost. + is for another acceptable source and x is|

| |another acceptable source, and x is used for an unreliable clock. |a source that has an unreliable clock. |

|DVD |Appendix D, Page 3, Third Bullet Point |Should read: |

| |Reads: | |

| |Name set to ipa.. |Name set to labipa.. |

|DVD |Appendix D, Page 4, Step 5, First and Second Sentence |Should read: |

| |Reads: | |

| |At this point, the installer should detect the hostname that has been set and | |

| |prompt for the hostname, which according to the earlier instructions should be |At this point, the installer should detect the hostname that has been set and prompt for the |

| |set to ipa.. If the installer shows anything else, stop the |hostname, which according to the earlier instructions should be set to labipa.. If the |

| |installation now, using Ctrl+C and use hostnamectl set-hostname ipa. |installer shows anything else, stop the installation now, using Ctrl+C and use hostnamectl |

| |to set the hostname. |set-hostname labipa. to set the hostname. |

|DVD |Appendix D, Page 7, First Step, Second Sentence |Should read: |

| |Reads: | |

| |From ipa., start Firefox and enter httpd://labipa.. |From labipa., start Firefox and enter httpd://labipa.. |

|DVD |Appendix D, Page 7, Step 6 First Sentence |Should read: |

| |Reads: | |

| |Still on ipa., create the service principals for the NFS server that |Still on labipa., create the service principals for the NFS server that you are going to |

| |you are going to install on server1. |install on server1. |

|DVD |Appendix D, Page 8, Step 8 |Should read: |

| |Reads: | |

| |8. On server1, type ipa-getkeytab –s ipa. –p nfs/server1. |8. On server1, type ipa-getkeytab –s labipa. –p nfs/server1. –k |

| |–k /etc/krb5.keytab. |/etc/krb5.keytab. |

|DVD |Appendix D, Page 8, Step 10, Second and Third Sentences |Should read: |

| |Reads: | |

| |Next, from the client, type ipa-getkeytab -s ipa. –k /etc/krb5.keytab | |

| |–p host/server2.@. Copy the keytab from server2 to the IPA |Next, from the client, type ipa-getkeytab -s labipa. –k /etc/krb5.keytab –p |

| |server by using scp /etc/krb5.keytab ipa.:/var/ftp/pub/server2.keytab.|host/server2.@. Copy the keytab from server2 to the IPA server by using scp |

| | |/etc/krb5.keytab labipa.:/var/ftp/pub/server2.keytab |

Corrections for October 6, 2015

|Pg |Error – First Printing |Correction |

|41 |In Step 6: “…the previous ssh command…” |“…the previous ls command…” |

|308 |Exercise 13.2 |Should read: |

| |Step 4 local1:error | |

| |Step 5 systemctl restart httpd |Step 4 local1.error |

| |Step 8 “*.debug/var/log/messages/messages-debug” > /etc/rsyslogd/debug.conf |Step 5 systemctl restart rsyslogd |

| | |Step 8 “*.debug/var/log/messages-debug” > /etc/rsyslog.d/debug.conf |

|362 |Exercise 15.2, Step 6: |Should read: |

| |At this point, you are ready to create a file system on top of the logical |6. At this point, you are ready to create a file system on top of the logical volume. Type mkfs.ext4 |

| |volume. Type mkfs.xfs /dev/vgdata/lvdata to create the file system. |/dev/vgdata/lvdata to create the file system. |

|365 |Exercise 15.3, Step 9: |Should read: |

| | | |

| |Type lvreduce -r -L -150M /dev/vgdata/lvdata. This shrinks the lvdata volume with|9. Type lvreduce -r -L -50M /dev/vgdata/lvdata. This shrinks the lvdata volume with 50MB. Notice that|

| |50MB. Notice that while doing this the volume is temporarily unmounted, which |while doing this the volume is temporarily unmounted, which happens automatically. |

| |happens automatically. | |

Corrections for September 25, 2015

|Pg |Error – First Printing |Correction |

|78 |Chapter 3, First Paragraph after TIP, First Sentence |Should read: |

| |Reads: | |

| |To extract the contents of an archive, use tar –cvf/archivename. |To extract the contents of an archive, use |

| | |tar -xvf/archivename. |

|DVD |Appendix A, Chapter 8, page 8 Explanation 1 |Should read: |

| |Reads: | |

| |1. D. Explanation: Based on the /27 subnet mask, the networks are 192.168.4.0, |1. D. Explanation: Based on the /26 subnet mask, the networks are 192.168.4.0, 192.168.4.64, |

| |192.168.4.64, 192.168.4.128, and 192.168.4.192. That means that IP addresses |192.168.4.128, and 192.168.4.192. That means that IP addresses II, III, and IV belong to the same |

| |II, III, and IV belong to the same network. |network. |

|DVD |Appendix D, Page 3, Last Bullet Point |Should read: |

| |Reads: | |

| | | |

| |♣ Add an entry to /etc/hosts to enable hostname resolution for the hostname. |♣ Add an entry to /etc/hosts to enable hostname resolution for the hostname. The line should read as |

| |The line should read as follows: |follows: |

| |192.168.122.200 ipa. ipa |192.168.122.200 labipa. |

Corrections for September 15, 2015

|Pg |Error |Correction |

|18 |Chapter 1, Figure 1.1 Select the appropriate keyboard setting before continuing. |Figure 1.1 Select the appropriate language and keyboard setting before continuing. |

|20 |Figure 1.3 wrong figure |Correct Figure |

| | | |

| | |[pic] |

|21 |Figure 1.4 Selecting additional keyboard layout |Figure 1.4 Selecting the installation source. |

|22 |Figure 1.5 Selecting the installation source |Figure 1.5 Make sure you select Server with GUI for every server you are going to use for the |

| | |exercises in this book. |

|22 |Figure 1.6 Make sure you select Server with GUI for every server you are going to|Figure 1.6 Select I Will Configure Partitioning and click Done to proceed |

| |use for the exercises in this book. | |

|24 |Figure 1.7 Select I Will Configure Partitioning and click Done to proceed. |Figure 1.7 Configuring Advanced disk layout. |

|24 |Figure 1.8 Configuring Advanced disk layout. |Figure 1.8 Specifying details for the mount point you just created. |

|25 |Figure 1.9 Specifying details for the mount point you just created. |Figure 1.9 If the configuration looks like this, you can write it to disk. |

|26 |Figure 1.10 If the configuration looks like this, you can write it to disk. |Figure 1.10 In the Network and Hostname screen, you must set the network card to on. |

|27 |Figure 1.11 If the configuration looks like this, you can write it to disk. |Figure 1.11 Setting the root password. |

|72 |Chapter 3, Exercise 3.2, Step 8 |Should read: |

| |Reads: | |

| |8. Use the command cp –a newfiles/.. |8. Use the command cp ../newfiles |

This errata sheet is intended to provide updated technical information. Spelling and grammar misprints are updated during the reprint process, but are not listed on this errata sheet.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download