Linux System Administration II (Based on RHEL8)

Schedule deferred tasks using the at daemon and its tools, executing one-time or recurring jobs with precise time specifications and controlled by /etc/at.allow and /etc/at.deny.

Schedule one-time tasks using the at command in Linux, review the job queue with atq, and remove scheduled jobs with atrm, illustrated through practical lab examples.

Schedule one-time tasks in Linux using the at command, running now or later by minutes, hours, days, or specific dates, and verify the queue with atq.

Learn to control access to the at command by editing /etc/at.deny and /etc/at.allow, understanding how deny and allow files govern user permissions without restart.

Learn to schedule recurring tasks with crontab using crontab -e to create, crontab -l to list, and the five fields minute, hour, day of month, month, and day of week.

Schedule a cron job to run daily at 1 p.m. and capture kernel messages with dmesg to a log file, illustrating crontab fields like minutes, hours, and week.

Create and schedule a backup script with crontab to run every Monday at 2:00 a.m., dumping a file server's department folders into a zip file in the backups directory.

Learn to configure crontab schedules for backups, reboot commands, and database checks, including Mondays at 2 a.m., the 15th of every month, and 15-minute intervals.

Learn to schedule recurring system jobs using system accounts and system-wide cron files. Manage cron entries in /etc/cron.d and the daily, weekly, and monthly directories to safeguard jobs during upgrades.

Create and edit a backup script, make it executable, and schedule it to run hourly using cron by placing the script in daily, weekly, or monthly folders.

Use systemd timer units to schedule recurring jobs by activating services, monitor activity via the systemd journal, and customize timing by copying timer and service files to /etc/systemd/system.

Learn how Linux creates and cleans up temporary files with systemd-tmpfiles, configuring run directories and /tmp, and ensuring correct ownership and permissions at boot and shutdown.

Learn how systemd timer and the systemd-tmpfiles-clean service purge stale temporary files using a tmpfiles.d configuration that defines what to delete and when.

Configure a /run directory and a daemon service to automatically delete temporary files every five seconds, triggered by the system startup reading the setup configuration.

Install and manage the tuned daemon on Red Hat based Linux, and optimize server performance by checking status, listing and switching profiles, and ensuring persistence after reboot.

Discover how Linux enables multitasking by managing process states—from new to ready, running, and waiting—through dispatch and scheduling decisions that use nice values and policies to assign priorities.

learn how to start and manage processes with different nice values in Linux, view current levels, and set process priority using the nice command to influence scheduling.

Change the nice level of an existing process using renice and top, adjusting process priority on Linux to influence scheduling.

Learn how ACLs provide granular file permissions by overriding standard owner and group rules, granting or denying access to specific users beyond traditional permissions.

Demonstrates securing a file with ACLs by granting Rama read, write, and execute using setfacl, and verifying with getfacl and mask-driven effective permissions.

Explain how a directory's default ACL sets permissions for all subdirectories and files by inheritance from the parent, and how to set and verify them with setfacl and getfacl.

Explore configuring ACL permissions to control file access for users and groups, using lab: ACL permissions, involving owner, groups, and others, and applying ACL for special-case access.

Learn how to set ACLs on a directory to grant a specific user read and execute access with setfacl, enabling controlled entry to the India directory.

Explore how SELinux enforces mandatory access control to protect servers, describe policy enforcement, runtime booleans, and troubleshooting AVC denials, while comparing DAC, MAC, RBAC, and ABAC concepts.

Explore how SELinux enforces file access with Linux file contexts and type labels, showing how Apache and web server content are controlled by policies and context-based rules.

Explore linux selinux modes—enforcing, permissive, and disabled—and learn how enforcing blocks access, permissive logs warnings, and disabled disables all; switch modes without reboot and set permanent changes via configuration.

Explore SELinux modes, switch between enforcing, permissive, and disabled with setenforce and getenforce, verify status with sestatus, and understand how the targeted policy affects application behavior and logging.

Learn to temporarily allow a website in a non-default directory by switching to permissive mode, then use chcon -R to copy the allowed context and restore access in enforcing mode.

Learn how to change a directory's SELinux context using chcon, then permanently apply it with semanage file context, and verify changes with restorecon and policy rebuild.

Explore SELinux context inheritance and how to apply Linux contexts to directories on a Red Hat Enterprise Linux 8 system in enforcing mode, and learn commands to audit context changes.

Explore how to create storage partitions, apply a filesystem, and mount them for use, while understanding disk partitioning concepts, partitions, and Linux disk naming such as /dev/sda and disk zero.

Explore how the GUID partition table improves disk partitioning with multiple copies, 64-bit logical addressing, CRC data integrity, and support for large disks and robust backups.

Learn how Linux uses swap space to supplement RAM by moving inactive pages to disk, and how the kernel reclaims memory when needed, with sizing guidelines.

Learn to enable and manage swap space by partitioning a disk, creating a swap partition, activating it, and configuring persistence via fstab with priority rules.

Discover how to implement logical volume management by converting partitions to physical volumes, forming a volume group, and creating logical volumes for flexible, resizable storage.

Convert raw disks into physical volumes, form a volume group, and create logical volumes to manage storage on a server, expanding space by adding disks as needed.

Walk through creating physical volumes from disks, forming a volume group, provisioning a logical volume, then format, mount, and configure persistence with fstab.

Remove a logical volume by unmounting it, then delete the lv, vg, and pv, with a data backup first.

Extend the Linux volume group by adding a new physical volume and verify the increased size, then safely reduce the volume group by moving data off and removing the PV.

Extend a logical volume by adding space from the volume group with lv extend, and then resize the ext4 filesystem to reflect the new size, verified with df -h.

Extend swap space by creating a manual swap area: add a new logical volume in vg1, allocate about 400 MB, format with mkswap, then activate with swapon and verify with free -m.

Manage multiple storage layers with Stratis, a linux local storage management solution. Learn provisioning, snapshot, pool-based management, and monitoring to optimize storage and deploy file systems across disks.

Install and start the Stratis storage service, and verify its status. Create a Stratis pool from disks, then create file systems on that pool and mount them to a directory.

Add a new disk to the existing Stratis pool, then create and manage snapshots for backups, mount them, and restore files when needed.

Explore network attached storage using NFS to share a directory across Linux and Unix servers, configure exports, and mount remotely via manual, permanent, or on-demand mounts.

Learn to use the NFS conf tool to manage server and client configuration, adjust interface conf settings, and set, get, or unset NFS daemon versions such as 4.0 and 4.2.

Configure the nfs daemon with the nfsconf tool by editing /etc/nfs.conf, enabling or disabling versions 4.0–4.2, and setting UDP, then verify status and apply changes via command-line checks.

Configure an nfs server and client on two vms, create and partition a disk, set up lvm and xfs, mount a share directory, and prepare the nfs share for export.

Create and export an nfs share on a rhel8 server, configure /exports, use exportfs and showmount, then mount the remote share on a client to access files.

Autofs automatically mounts an nfs share on the client on demand. Configure it on the client to enable direct or indirect mounting with on-demand access.

Configure an NFS share with indirect maps and AutoFS to automatically mount database/docs and promos across west, central, and east trees using wildcard mapping.

Select and switch Linux boot targets like graphical, multi-user, and rescue targets to control system initialization; use isolate to switch targets and set-default to permanently set a target.

Set the default Linux boot target by editing the Linux boot entry to graphical.target or multi-user.target, boot with Ctrl-X, and use isolate for temporary target changes.

Boot into rescue mode to access system files even when the system won’t boot, edit boot configuration line to enable rescue mode, and verify with mount before returning to normal.

Reset the root password on a SELinux-enabled RHEL 8 system by booting into emergency mode, remounting the filesystem, updating authentication tokens, and rebooting.