exploration in rhel

nov 2023

Last updated 2 months ago

exploration in rhel

nov 2023

As some of you may know, I'm starting to prepare for my RHEL 9 exam (my first ever cybersecurity certification) I really, really hope I can pass and do well to get the certification. (Then after that I'll go for CEH)

I'm going to document my studies of rhel here, as I've started working 9-5, which adds on to the challenge of even studying up for this exam. Without further ado, let's dive into this!

Step 1: Get a practice lab machine to try out labs

Most users who are setting up their practice labs seem to be Linux users. Unfortunately I'm on Windows OS, which is to say, a very, very big rip. Nevertheless some quick osint on youtube saved me. Check it out.

Step 2: Practice!

Remember that any sort of configuration should persist.

Below is a

Graphical Target Switch on Boot

// Requires Root!
systemctl get-default  //multi-user.target
systemctl set-default graphical.target
systemctl get-default //graphical.target
reboot

Set SELinux enforcing mode

// Requires Root!
getenforce // Permissive
setenforce 1
getenforce //Enforcing
! -- above this is not persistent!

vim /etc/selinux/config
>> SELINUX=Enforcing
reboot

Change current hostname

// Requires Root!
hostname //current hostname
hostnamectl set-hostname (newhostname)
hostname //newhostname
OR
nmtui-hostname (newhostname)
hostname //newhostname
OR ! -- below method works only after reboot/restart of network manager
vim /etc/hostname
>> (newhostname)
hostname //current hostname
systemctl restart NetworkManager
hostname //newhostname

Configure Network

// Requires Root!
nmtui 
// Edit connection > Manual IPv4 Connection > Show > Add 
// Addresses: ip address/subnet mask
// Remember to Deactivate, then activate it
// To verify, ifconfig

// nmcli connection add type ethernet con-name th0 ifname enp1s0 ipv4.addresses 192.168.122.11/24 ipv4.gateway 192.168.122.1 ipv4.dns 192.168.100.1 method manual connection.autoconnect yes
// At this juncture, ifconfig will not show the change. We need to bring the connection up first.
// nmcli connection show
// nmcli connection up eth0
// To verify, ifconfig

Configure Yum/DNF client-side repository using URL

// Requires Root
// Change hostname 
// nmtui-hostname server.example.com
// To verify, hostname
// Install HTTPd server
// dnf install httpd -y
// mkdir /var/www/html/rhel9
// lsblk
// umount /mnt/disc_rhel9
// vim /etc/fstab
// add in /var/www/html
// mount -a
// lsblk to verify correct mount
// vim /etc/yum.repos.d/rhel9_local.repo
// Change baseurl part to http://192.168.122.1/rhel9/BaseOS and http:192.168.122.1/rhel9/AppStream
// yum clean all
// yum repolist
// systemctl status firewalld.service
// firewall-cmd --list-all
// firewall-cmd --get-active-zones
// firewall-cmd --set-default-zone=libvirt
// firewall-cmd --permanent --add-service=http
// firewall-cmd --reload
// firewall-cmd --list-all
// fht-vmctl_view_desktop
// scp /etc/yum.repos.d/rhel9_local.repo root@192.168.122.10:/etc/yum.repos.d/station1.repo
// systemctl start httpd.service
// systemctl enable httpd.service
// systemctl status httpd.service
// systemctl status firewalld.services
// goto firefox to access 192.168.122.1/rhel9/

Ne

// Some code

Previouszeek Nextdevops pain

Last updated 2 months ago

I'm going to document my studies of rhel here, as I've started working 9-5, which adds on to the challenge of even studying up for this exam. Without further ado, let's dive into this!

Step 1: Get a practice lab machine to try out labs

Step 2: Practice!

Remember that any sort of configuration should persist.

Below is a

Graphical Target Switch on Boot

// Requires Root!
systemctl get-default  //multi-user.target
systemctl set-default graphical.target
systemctl get-default //graphical.target
reboot

Set SELinux enforcing mode

// Requires Root!
getenforce // Permissive
setenforce 1
getenforce //Enforcing
! -- above this is not persistent!

vim /etc/selinux/config
>> SELINUX=Enforcing
reboot

Change current hostname

// Requires Root!
hostname //current hostname
hostnamectl set-hostname (newhostname)
hostname //newhostname
OR
nmtui-hostname (newhostname)
hostname //newhostname
OR ! -- below method works only after reboot/restart of network manager
vim /etc/hostname
>> (newhostname)
hostname //current hostname
systemctl restart NetworkManager
hostname //newhostname

Configure Network

// Requires Root!
nmtui 
// Edit connection > Manual IPv4 Connection > Show > Add 
// Addresses: ip address/subnet mask
// Remember to Deactivate, then activate it
// To verify, ifconfig

// nmcli connection add type ethernet con-name th0 ifname enp1s0 ipv4.addresses 192.168.122.11/24 ipv4.gateway 192.168.122.1 ipv4.dns 192.168.100.1 method manual connection.autoconnect yes
// At this juncture, ifconfig will not show the change. We need to bring the connection up first.
// nmcli connection show
// nmcli connection up eth0
// To verify, ifconfig

Configure Yum/DNF client-side repository using URL

// Requires Root
// Change hostname 
// nmtui-hostname server.example.com
// To verify, hostname
// Install HTTPd server
// dnf install httpd -y
// mkdir /var/www/html/rhel9
// lsblk
// umount /mnt/disc_rhel9
// vim /etc/fstab
// add in /var/www/html
// mount -a
// lsblk to verify correct mount
// vim /etc/yum.repos.d/rhel9_local.repo
// Change baseurl part to http://192.168.122.1/rhel9/BaseOS and http:192.168.122.1/rhel9/AppStream
// yum clean all
// yum repolist
// systemctl status firewalld.service
// firewall-cmd --list-all
// firewall-cmd --get-active-zones
// firewall-cmd --set-default-zone=libvirt
// firewall-cmd --permanent --add-service=http
// firewall-cmd --reload
// firewall-cmd --list-all
// fht-vmctl_view_desktop
// scp /etc/yum.repos.d/rhel9_local.repo root@192.168.122.10:/etc/yum.repos.d/station1.repo
// systemctl start httpd.service
// systemctl enable httpd.service
// systemctl status httpd.service
// systemctl status firewalld.services
// goto firefox to access 192.168.122.1/rhel9/

Ne

// Some code