KEMBAR78
Linux LPIC-1 Lab Guide 2020 | PDF | Superuser | Sudo
33% found this document useful (3 votes)
1K views131 pages

Linux LPIC-1 Lab Guide 2020

This document contains a table of contents for a Linux LPIC-1 Lab Guide but does not contain any other substantive information. The table of contents lists 12 topics and associated labs covering basic Linux tasks, user and group management, file permissions, storage management, file and directory management, kernel modules, boot processes, system components, devices, networking, package management, and Linux security. However, the document itself is blank other than the table of contents.

Uploaded by

GiàNam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
33% found this document useful (3 votes)
1K views131 pages

Linux LPIC-1 Lab Guide 2020

This document contains a table of contents for a Linux LPIC-1 Lab Guide but does not contain any other substantive information. The table of contents lists 12 topics and associated labs covering basic Linux tasks, user and group management, file permissions, storage management, file and directory management, kernel modules, boot processes, system components, devices, networking, package management, and Linux security. However, the document itself is blank other than the table of contents.

Uploaded by

GiàNam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 131

This page is blank.

Linux LPIC-1 Lab Guide

Table of Contents
Topic 1: Performing Basic Linux Tasks .......................................................................................... 5
Lab 1-1: Entering Shell Commands ........................................................................................................5
Lab 1-2: Accessing Help in Linux ............................................................................................................9
Topic 2: Managing Users and Groups......................................................................................... 11
Lab 2-1: Assuming Superuser Privileges ............................................................................................... 11
Lab 2–2: Creating User Accounts ......................................................................................................... 13
Lab 2-3: Modifying User Accounts ....................................................................................................... 14
Lab 2-4: Deleting a User Account ......................................................................................................... 16
Lab 2-5: Creating, Modifying, and Deleting Groups .............................................................................. 17
Lab 2-6: Querying Users and Groups.................................................................................................... 19
Lab 2-7: Configuring Account Profiles .................................................................................................. 20
Topic 3: Managing Permissions and Ownership ......................................................................... 21
Lab 3-1: Modifying File and Directory Permissions .............................................................................. 21
Lab 3-2: Modifying Default Permissions .............................................................................................. 23
Lab 3-3: Modifying File and Directory Ownership ................................................................................ 24
Lab 3-4: Configuring SGID Permissions and Sticky Bits ......................................................................... 25
Lab 3-5: Setting the Immutable Flag on a File ...................................................................................... 26
Lab 3-6: Configuring ACLs .................................................................................................................... 27
Topic 4: Managing Storage ........................................................................................................ 28
Lab 4-1: Creating Partitions ................................................................................................................. 28
Lab 4-2: Managing Logical Volumes ..................................................................................................... 30
Lab 4-3: Mounting File Systems ........................................................................................................... 32
Lab 4-4: Managing File Systems ........................................................................................................... 34
Lab 4-5: Navigating the Linux Directory Structure ................................................................................ 36
Lab 4-6: Tracking Storage Space Usage ................................................................................................ 37
Lab 4-7: Configuring Storage Quotas ................................................................................................... 38
Topic 5: Managing Files and Directories .................................................................................... 40
Lab 5-1: Creating Text Files .................................................................................................................. 40
Lab 5-2: Editing Text Files .................................................................................................................... 41
Lab 5-3: Searching for Files .................................................................................................................. 43
Lab 5-4: Reading Files .......................................................................................................................... 44
Lab 5-5: Manipulating Files and Directories ......................................................................................... 46
Lab 5-6: Processing Text Files .............................................................................................................. 48

@2020 version 1.0 1


Linux LPIC-1 Lab Guide

Lab 5-7: Linking Files ........................................................................................................................... 50


Lab 5-8: Manipulating File Output ....................................................................................................... 52
Topic 6: Managing Kernel Modules............................................................................................ 55
Lab 6-1: Exploring the Linux Kernel...................................................................................................... 55
Lab 6-2: Installing and Configuring Kernel Modules ............................................................................. 57
Lab 6-3: Monitoring Kernel Modules ................................................................................................... 59
Topic 7: Managing the Linux Boot Process ................................................................................. 61
Lab 7-1: Creating an initrd Image ......................................................................................................... 61
Lab 7-2: Configuring GRUB 2................................................................................................................ 62
Topic 8: Managing System Components .................................................................................... 64
Lab 8-1: Configuring Localization Options ............................................................................................ 64
Lab 8-2: Configuring GUIs .................................................................................................................... 66
Lab 8-3: Managing Services ................................................................................................................. 69
Lab 8-4: Troubleshooting Process Issues .............................................................................................. 71
Lab 8-5: Prioritizing Processes ............................................................................................................. 73
Lab 8-6:Troubleshooting CPU and Memory Issues ............................................................................... 74
Topic 9: Managing Devices ........................................................................................................ 75
Lab 9-1: (Optional) Using udev to Manage a Hotpluggable Device ....................................................... 75
Lab 9-2: Configuring a Virtual (PDF) Printer ......................................................................................... 77
Lab 9-3: Monitoring Devices ................................................................................................................ 78
Topic 10: Managing Networking................................................................................................ 80
Lab 10-1: Configuring the Server's Network Identity............................................................................ 80
Lab 10-2: Verifying Network Configurations ........................................................................................ 83
Lab 10-3: Configuring a DNS Client ...................................................................................................... 84
........................................................................................................................................................... 84
Lab 10-4: Configuring Virtualization .................................................................................................... 85
Lab 10-5: Testing the Network Environment........................................................................................ 88
Topic 11: Managing Packages and Software.............................................................................. 90
Lab 11-1: Managing Software with RPM and YUM .............................................................................. 90
Lab 11-2: Managing Software with dpkg and APT ................................................................................ 91
Lab 11-3: Configuring Repositories ...................................................................................................... 93
Lab 11-4: Acquiring Software .............................................................................................................. 95
Lab 11-5: Compiling and Installing an Application................................................................................ 96
Topic 12: Securing Linux Systems ............................................................................................... 97
Lab 12-1: Encrypting a Volume ............................................................................................................ 97

@2020 version 1.0 2


Linux LPIC-1 Lab Guide

Lab 12-2: Configuring SSH Authentication Using a Key Pair .................................................................. 99


Lab 12-3: Configuring SELinux............................................................................................................ 101
Lab 12-4: Configuring a Firewall ........................................................................................................ 103
Lab 12-5: Configuring rsyslog for Local and Remote Logging .............................................................. 105
Lab 12-6: Examining Log Files ............................................................................................................ 107
Lab 12-7: Archiving and Restoring Files ............................................................................................. 108
Lab 12-8: Synchronizing Files ............................................................................................................. 109
Lab 12-9: Compressing Files .............................................................................................................. 110
Lab 12-10: Performing Integrity Checks on Files ................................................................................ 112
Topic 13: Working with Bash Scripts ........................................................................................ 113
Lab 13-1: Customizing the Bash Shell Environment ............................................................................ 113
Lab 13-2: Writing and Executing a Simple Bash Script ........................................................................ 115
Lab 13-3: Incorporating Conditional Statements in Bash Scripts ........................................................ 118
Lab 13-4: Incorporating Loops in Bash Scripts .................................................................................... 120
Topic 14: Automating Tasks ..................................................................................................... 122
Lab 14-1: Scheduling a Single Task ..................................................................................................... 122
Lab 14-2: Scheduling Repeated Tasks ................................................................................................ 123
Lab 14-3: Implementing Version Control Using Git ............................................................................ 124
Topic 15: Installing Linux ......................................................................................................... 126
Lab 15-1: Installing Linux ................................................................................................................... 126

@2020 version 1.0 3


Linux LPIC-1 Lab Guide

This page is blank.

@2020 version 1.0 4


Linux LPIC-1 Lab Guide

Topic 1: Performing Basic Linux Tasks

Lab 1-1: Entering Shell Commands

BEFORE YOU BEGIN


You have a CentOS 7 system that has already been installed for you, as well as a user account. The
system is presenting you with a CLI.

SCENARIO
As a result of your earlier discussion with the IT team at Develetech, your CTO is becoming more
and more convinced of the viability of switching the company's server infrastructure to Linux. The
CTO wants you to become more familiar with using Linux, and he suggests doing so by booting up a
test machine and trying it out. So, you'll start by entering some basic commands at the Bash shell to
get a feel for the Linux environment.
________________________________________________________________________________

1. Log in to the CLI.


a) At the localhost login prompt, enter student## where ## is your student number.
For example, if your number is 03, you'd enter student03
b) At the Password prompt, enter Pa22w0rd
c) Verify that you are presented with a [student##@localhost ~]$ prompt, indicating that
you have successfully logged in.
2. Enter your first command.
a) At the prompt, enter echo 'Hello, World!'
b) Verify that the console printed the string "Hello, World!" back to you.
3. Retrieve information about your current working directory.
a) Enter pwd
b) Verify that your current working directory is /home/student##
c) Enter ls and note the contents of your current working directory.
At the moment, there doesn't seem to be anything in your home directory.
d) Enter ls -a to display hidden items.
Now, you can see that there are files and folders in this directory, but they are hidden from
a standard directory listing.
e) Enter ls -al and note that you are given more information about each item in the
directory.

@2020 version 1.0 5


Linux LPIC-1 Lab Guide

The name of the file or folder is on the right. The last modified date and time is to the left of
the name, and to the left of that is the size of the file or folder (in bytes). Most of the other
fields relate to permissions and ownership.

4. Change your current working directory.


a) Enter cd /etc
b) Verify that the prompt has changed to [student##@localhost etc]$
c) Enter pwd to further verify that your current working directory is now /etc
d) Enter cd /var/log to move to the directory where system log files are stored.
e) Enter ls -al to see all of the files and folders that exist in this directory.
f) Enter cd /home/student## where ## refers to your student number to move back to your
home directory.

5. Create a file in your home directory.


a) Enter touch myfile to create an empty file in your home directory.
b) Enter ls and verify that myfile is listed in the directory.

6. View some files using the cat command.


a) Enter cat /etc/hostname
b) Verify that the contents of the /etc/hostname file are printed at the CLI.
c) Enter cat /var/log/dmesg
d) Verify that this log file is so long that much of its contents scroll past the screen.
The cat command has no navigational options, so you'll need to use a more advanced
command to view all of the log file.

7. View lengthy files using the less command.

@2020 version 1.0 6


Linux LPIC-1 Lab Guide

a) Enter less /var/log/dmesg


Instead of scrolling, the less command printed only the beginning contents of the file that fit
on the screen. Your prompt has also changed to the name of the file, highlighted.
b) Press Enter or Down Arrow to scroll down one line.
c) Scroll down a few more lines.
d) Press y or Up Arrow to scroll up one line.
e) Scroll up a few more lines.
f) Press Spacebar or Page Down to scroll down an entire screen.
g) Press b or Page Up to scroll up an entire screen.
h) Press q to quit viewing the file and return to your regular prompt.

8. Edit a text file with Vim.


a) Enter vim myfile to open the file you created earlier in the Vim text editor.
b) Press i to switch to insert mode.
c) Type Hello, this is <your name> and replace <your name> with your first name.
d) Press Esc to switch back to command mode.
e) Enter :wq to save the file and quit.
f) Enter cat myfile and verify that the contents of the file are printed to the CLI.

9. Create and edit a text file with GNU nano.


a) Enter nano myfile2 to create and begin editing a new file.
b) Type Hello, this is <your name> and replace <your name> with your first name.
c) Press Ctrl+O, then press Enter to save the file.
d) Press Ctrl+X to quit.
e) Enter cat myfile2 and verify that the contents of the file are printed to the CLI.
f) Enter clear to clear the screen

10. Assume superuser privileges.


a) Enter cat /var/log/boot.log
b) Verify that you are given a "Permission denied" error.
As a regular user, you do not have permission to read this log file. You need to elevate your
privileges to do so.

@2020 version 1.0 7


Linux LPIC-1 Lab Guide

c) Enter su - root
d) At the Password prompt, enter Pa22w0rd
e) Verify that your prompt has changed to [root@localhost ~]#
You are now logged in as the root user, the user with the highest level of privileges
(superuser).
f) Enter cat /var/log/boot.log and verify that you can now read the file.
g) Enter exit to log out as root and log back in to your regular student account.

11. Leverage tab completion to make typing commands more efficient.


a) Enter touch thisisalongfilename.txt
b) Type ls -l th and then press Tab.
c) Verify that the rest of the file name is filled at the command-line.
d) Press Enter to execute the command.

12. View the command history.


a) Type his and press Tab.
b) Verify that the history command is populated at the command-line.
Tab completion works on file, directory, and even command names.
c) Press Enter to execute the command.
d) Verify that a list of the commands you recently entered is printed on the screen.

13. Restart the computer.


a) Enter reboot
b) Verify that the computer restarts, and then prompts you to log in.
c) Log in as student## with Pa22w0rd as the password.

@2020 version 1.0 8


Linux LPIC-1 Lab Guide

Lab 1-2: Accessing Help in Linux

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
In order to be useful, Linux must have tools with certain capabilities that will be useful to the
business. One of these capabilities is searching the contents of text files. This will come in handy for
administrators who need to efficiently analyze text files like system logs, automated scripts, etc., for
specific patterns. You'll need to find one or more Linux tools that can accomplish this and learn how
to use them. So, you'll consult various help resources to get acquainted with the appropriate tool(s).
________________________________________________________________________________

1. If necessary, log in as student## with a password of Pa22w0rd

2. Look for a command that could help you search the contents of a text file.
a) Enter apropos search
b) Verify that multiple commands are listed in the output, each of which includes the
c) term "search" in its name or brief description.
d) You could try to pick out the appropriate command from these results, but changing your
search might narrow them down.
e) Enter clear to clear the screen.
f) Enter apropos pattern
g) Verify that you receive fewer results

3. Looking at these results, which command(s) do you think would best fulfill the capabilities
that you're looking for?
Answers may vary, but one of the grep variants is likely the most appropriate command. The
awk command and its variants could be helpful, but appear to be more advanced.

4. Read the manual page for a command that could be what you're looking for.
a) Enter man grep
b) Verify that you see the manual page for the grep command.
c) Read the SYNOPSIS section to understand how to use the command.
d) Read the DESCRIPTION section to understand what the command does.
e) Navigate up and down the man page using the same keys as the less command.
f) Enter /case to search the man page for the term "case".
g) Press n to navigate to the next instance of the search term.
h) When you're at the end of the man page, press Shift+N to navigate to the previous instance
of the search term.
i) Read the description for the command option that has to do with case.

5. Given what you've read in the man page for grep so far, answer what youthink the
following command does: grep -i hello myfile
This command will return any lines in the file myfile that contain the text "hello", no matter
what case the text is in (case insensitive).

@2020 version 1.0 9


Linux LPIC-1 Lab Guide

6. Search for more information about the grep command.


a) Press q to quit the man page.
b) Enter cd /usr/share/doc
c) Enter ls
d) Verify that there are many subdirectories in this directory, each of which corresponds to a
software package.
e) Type cd grep and press Tab.
f) Verify that the path to the specific version of grep is completed, then press Enter.
g) Enter ls
h) Enter less NEWS
i) Briefly skim the change notes for the grep command.
j) Press q to quit.

7. How confident are you that this command fulfills what you're looking for?
Answers may vary, but the grep command does generally meet your requirements.
However, this doesn't mean it's the only command, or the best command, for the job.

8. You still want to learn more about other commands that your team could use to search
the contents of a text file. Aside from the help options built into Linux, what other sources
can you consult in your research?
Answers may vary, but there is a wide variety of useful sources on the Internet that could
help you find what you're looking for. You could pose specific answers to Q&A sites like Stack
Exchange; ask discussion questions on newsgroups, mailing lists, and forums dedicated to
Linux support; consult supplementary and/or advanced documentation through a resource
like the Linux Documentation Project; or consult distro-specific documentation on the
relevant distro's website.

@2020 version 1.0 10


Linux LPIC-1 Lab Guide

Topic 2: Managing Users and Groups

Lab 2-1: Assuming Superuser Privileges

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
While investigating Linux on behalf of Develetech, you have found multiple warnings about the
danger of using the root user administrative account. You are already familiar with the principle of
least privilege, which states that users should be granted only the level of access they need and no
more. You also know that this applies to administrators as well as to end users. The Develetech
security policy states that administrative privileges must be carefully controlled. You need to report
on how this requirement can be satisfied.
________________________________________________________________________________

1. If necessary, enter cd ~ to return to your home directory.

2. Use the su root command to elevate your credentials to those of root.


a) Enter id to verify that you are currently signed in as student##
b) Enter su root to change to root.
c) Enter the Pa22w0rd password.
d) Enter id to verify the root user login.
e) Enter pwd to confirm the present working directory.
Note that while your credentials are those of the root user, your location and context are
those of the student## user.

f) Enter exit to return to the student## user login.

3. Use the su - root command to elevate your credentials and context to those of root.
a) Enter su - root to change to root.
Caution: There is a space on each side of the hyphen.
b) Enter the Pa22w0rd password.
c) Enter pwd to confirm the present working directory.
Note that both your credentials and your context are those of the root user.

Note: If you use the su command without an argument, the system will default to the root
user. Example: su - assumes su - root

4. Delegate administrative privileges to the student account.


a) Enter visudo to start editing the sudoers file.
b) Press Page Down several times to move the cursor to the bottom of the file.
c) Press End to move to the end of the last line.
d) Press o to enter insert mode and start a new blank line below the current line.
e) Add the following text on a new line:
student## ALL=(ALL) NOPASSWD:ALL

@2020 version 1.0 11


Linux LPIC-1 Lab Guide

Caution: Remember to replace ## with your student number.

This grants the student account the ability to execute all commands without you having to
switch to the root user every time. It also prevents you from having to input your password.
This is for classroom convenience and is not suggested on a production environment.

f) Press Esc to exit insert mode.


g) Enter :wq to save and close the file.

5. Test your student account's ability to shut down the machine.


a) Enter exit to return to your student account.
b) Enter id to verify that you are signed in to your student account.
c) Enter exit again to log out of the system.
d) Log back in as student##
e) Enter sudo /sbin/shutdown -r 15
This command tells the system to reboot after a fifteen minute delay. It requires
administrative privileges. You are executing the command with sudo in order to temporarily
leverage those privileges.

Note: If you ever forget to add sudo to a privileged command, enter sudo !! to re-issue the
most recent command with superuser privileges.

f) Press Ctrl+C, and then enter the sudo shutdown -c command to interrupt the reboot.

@2020 version 1.0 12


Linux LPIC-1 Lab Guide

Lab 2–2: Creating User Accounts

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
Managing user and group accounts in Linux will be a key administrative responsibility at Develetech.
Now that you have become comfortable with some basic Linux commands, you need to become
proficient at managing users. You'll start by creating some user accounts and viewing their defaults.
________________________________________________________________________________

1. View the current default settings for new users.


a) Enter sudo useradd -D to view the default settings for newly created users.
b) Enter less /etc/login.defs to view the default settings for newly created users.
c) Press q to quit.
d) Enter ls -a /etc/skel to view files that will be copied to the home directories of newly created
user accounts.

2. Create a user account for Michael Anderson named manderson.


a) Enter sudo useradd manderson to create a new user.
b) Enter cat /etc/passwd to view the new user account in the /etc/passwd file.

Note: Newly created user accounts are appended to the bottom of this file.

3. Create a new user account for Chris Mason named cmason.


a) Enter sudo useradd -c "Chris Mason" cmason
This creates the cmason account and populates the comments field of the account with the
user's full name.
b) Enter cat /etc/passwd
Verify that the newly created user account at the bottom of the screen also includes a
"comment" consisting of the user's full name.

4. Create new user accounts for Andrew Riley and Rachel Alexander named ariley and
ralexander, respectively.
a) Enter sudo useradd ariley
b) Enter sudo useradd ralexander

5. Create a new temporary user account for Rose Stanley named rstanley whose contract will
end on December 31, 2025.
a) Enter sudo useradd -e 2025/12/31 rstanley
b) Enter cat /etc/passwd and note the newly created account.

@2020 version 1.0 13


Linux LPIC-1 Lab Guide

Lab 2-3: Modifying User Accounts

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created several new user
accounts.

SCENARIO
Now that you have configured a few standard user accounts, you want to ensure the accounts exist.
You also need to set password requirements. In addition, you will investigate whether password
expirations can be configured and whether user accounts can be locked if users take a leave of
absence.
________________________________________________________________________________

1. Display the contents of the /etc/passwd file.


a) Enter cat /etc/passwd
b) Verify that, for each user account, the password field shows an x character.

This indicates that the password hash is actually stored elsewhere.

2. Display the contents of the /etc/shadow file.


a) Enter sudo cat /etc/shadow
b) Verify that you can see various information about each user account, including their
password hash value and any expiration information.

Note: The !! symbols indicate that the account has a blank password and that users are not
allowed to log in as that account.

3. Configure passwords for the user accounts.


a) Enter sudo passwd manderson
b) When prompted for the password, enter Pa22w0rd
Note: You can ignore the warning about this password failing a dictionary check. In a
production environment, you'd choose a much stronger password.

c) When prompted to retype the password, enter Pa22w0rd again.


d) Repeat these steps to add the password for cmason, rstanley, ariley, and ralexander
e) Enter sudo cat /etc/shadow and note that the password hash fields are now populated for
these users.

@2020 version 1.0 14


Linux LPIC-1 Lab Guide

4. Attach a real name to each user account.


a) Enter sudo usermod -c "Rose Stanley" rstanley to modify the existing rstanley account.
b) Repeat the previous step for each user account:
• manderson — Michael Anderson
• ariley — Andrew Riley
• ralexander — Rachel Alexander
c) Enter cat /etc/passwd to view the modifications.

5. Configure account expiration information.


a) Enter sudo chage -l manderson to list the manderson account password information.
b) Enter sudo chage -E 2026/12/31 manderson to set the account expiration for the user to
12/31/2026.
c) Enter sudo chage -l manderson to view the new expiration information.

6. Configure user account lockouts.


a) Enter sudo passwd -l cmason to lock the cmason account.
b) Enter sudo passwd -u cmason to unlock the cmason account. Note the warning message.
c) Enter sudo usermod -L cmason to lock the cmason account.
d) Enter sudo usermod -U cmason to unlock the cmason account.

@2020 version 1.0 15


Linux LPIC-1 Lab Guide

Lab 2-4: Deleting a User Account

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created the ralexander account.

SCENARIO
You recognize that part of the user account lifecycle is the deletion of accounts that are no longer
needed on the system. You will use the userdel command to delete a test account.
________________________________________________________________________________

Delete Rachel Alexander's account.


a) Enter cat /etc/passwd and confirm the ralexander account exists.
b) Enter sudo userdel ralexander to delete the ralexander account.
c) Enter cat /etc/passwd and confirm the ralexander account has been deleted.
d) Enter ls /home and observe that the ralexander home directory still exists.

@2020 version 1.0 16


Linux LPIC-1 Lab Guide

Lab 2-5: Creating, Modifying, and Deleting Groups

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created several user accounts.

SCENARIO
You will need to associate several user accounts together into groups to make IT management at
Develetech easier. You will create several groups that correspond to different departments. At some
point, you'll need to rename the Graphics group to fit the naming scheme of the other groups. In
addition, you will add users to the groups.
Part of the user/group management lifecycle dictates that you'll occasionally need to delete groups.
So, you'll finish by deleting a group, but not the users that are part of that group.
________________________________________________________________________________

1. Create a new group called Graphics.


a) Enter cat /etc/group to view the current groups on the system.
b) Enter sudo groupadd Graphics to create a new group called "Graphics".
c) Repeat this step to create three additional groups with the following names:
• SalesDept
• MarketingDept
• FinanceDept
d) Enter cat /etc/group and note the presence of the four new groups.

2. Rename a group with the groupmod command.


a) Observe the current Graphics group name.
b) Enter sudo groupmod -n GraphicsDept Graphics to rename the Graphics group to
GraphicsDept
c) Enter cat /etc/group and view the new group name.

3. Add users to groups with the usermod command.


a) Enter sudo usermod -aG GraphicsDept rstanley to add the rstanley account to the
GraphicsDept group.
b) Repeat this step to add the following users to the following groups:
• FinanceDept — manderson
• SalesDept — cmason
• MarketingDept — ariley
c) Enter cat /etc/group and confirm that each user is a member of their assigned group.

@2020 version 1.0 17


Linux LPIC-1 Lab Guide

4. Delete a group with the groupdel command.


a) Confirm that the SalesDept group exists.
b) Enter sudo groupdel SalesDept to delete the SalesDept group.

5. Verify that you deleted the group, but not its users.
a) Enter cat /etc/group to view the existing groups.
b) Confirm that the SalesDept group has been deleted.
c) Enter cat /etc/passwd to view the existing users.
d) Confirm that deleting the SalesDept group did not delete the cmason user account, even
though it was a member of that group.

@2020 version 1.0 18


Linux LPIC-1 Lab Guide

Lab 2-6: Querying Users and Groups

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
There are several ways a user can gather information about their own account and group
memberships. In addition, there are multiple ways of identifying what users might currently be
logged on the system. You will explore these methods to ensure you can answer questions the users
you support might have. The Develetech security policy requires that a log file of user logins be kept
in case of an audit or security incident.
________________________________________________________________________________

1. Log in as the root user and verify your credentials.


a) Enter su - root and the password to switch to the root user.
b) Enter whoami to see your login name.
c) Enter id to see your login credentials and group membership.
d) Verify that the command prompt shows the root name and a # character.
This character also indicates that you are signed in as the root user. For standard users, the
prompt will show a $ character.
e) Enter exit to leave the root login and return to your student account.

2. Verify your student account credentials.


a) Enter whoami to see your login name.
b) Enter id to see your login credentials and group membership.
c) Verify that the command prompt shows the student## name and a $ icon.

3. Check for information about users that are or have been logged in to the system.
a) Enter who to see what users are currently logged in to the system.
b) Enter w to see what users are currently logged in.
c) Compare who and w for details, and then observe the idle time information.
d) Enter last to see a record of recent logins to the system.

@2020 version 1.0 19


Linux LPIC-1 Lab Guide

Lab 2-7: Configuring Account Profiles

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
You're concerned that a change to Linux systems may be difficult for users. You need to identify
what files can be used to make the user command-line environments customized and consistent. In
addition, you need to place a copy of the Develetech policies in each new user's home directory for
reference.
________________________________________________________________________________

1. View the user accounts' .bashrc files.


a) Enter cat .bashrc to view the configuration file for the student account. Notice that there
are no preconfigured alias settings for standard users in CentOS 7.
b) Enter sudo cat /root/.bashrc to view the configuration file for the root user.
Notice that the root user's profile includes alias settings for the copy, move, and delete
commands, setting them for interactive mode. These are default alias settings for the root
user in CentOS 7.

2. View the contents of the .bash_profile file.


a) Enter cat .bash_profile to view the contents of the configuration file.
b) The .bash_profile file is called when the user first logs in. Observe that the file contains the
PATH variable setting, which defines where Bash will search for command executables.

3. Add a file to the /etc/skel directory, create a new user, and then verify that the new file was
copied to the new user's home directory.
a) Enter ls -a /etc/skel to view the files currently in this directory.
b) Enter sudo touch /etc/skel/policies.txt to create a file in the directory.
c) Enter sudo useradd jrobinson to create a new user account for Jerry Robinson.
d) Enter sudo ls -a /home/jrobinson and note the presence of the policies.txt file.
This file was copied as part of the useradd tool.

4. Configure the jrobinson user account.


a) Enter sudo usermod -aG GraphicsDept jrobinson to add jrobinson to the GraphicsDept
group.
b) Enter sudo usermod -c "Jerry Robinson" jrobinsonto provide a full name in the comments
field.
c) Enter sudo passwd jrobinson to set a password for the account.
d) Enter Pa22w0rd as the password.

@2020 version 1.0 20


Linux LPIC-1 Lab Guide

Topic 3: Managing Permissions and Ownership

Lab 3-1: Modifying File and Directory Permissions

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
You're concerned about how to protect files and directories on a Linux server. You will interpret the
existing permissions of a few files, and then configure permissions for the file owner, the group, and
all others for files and directories.
________________________________________________________________________________

1. View the existing permissions for files and directories.


a) Enter ls -l to see the permissions string for files and directories in your home directory.
b) Review the permissions assigned, identifying which bits are configured for the owner, the
group, and all others.
c) Enter ls -l /etc/ssh/sshd_config to view the permissions for this configuration file.
d) Use the space below to write down the permissions for the owner, group, and others.
______________________________________________________________________
e) Enter ls -l /var/log/cron to view the permissions for this log file.
f) Use the space below to write down the permissions for the owner, group, and others.
______________________________________________________________________

2. Create a test directory and file you can configure the permissions for.
a) Enter mkdir permissions-demo to create a directory in your home directory.
b) Enter cd permissions-demo to move to that directory.
c) Enter mkdir DirA to create a permissions demonstration directory.
d) Enter touch file1 to create a permissions demonstration file.
e) Enter ls -l to view the current permissions on both objects.

3. Configure permissions for the test directory and file using absolute mode.
a) Enter chmod 755 DirA to set permissions on the directory.
b) Enter ls -l to see how the permissions have changed on the directory.
c) Enter chmod 660 file1 to set permissions on the file.
d) Enter ls -l to see how the permissions have changed on the file.
e) Enter chmod 750 DirA to set different permissions on the directory.
f) Enter ls -l to see how the permissions have changed on the directory.
g) Enter chmod 744 file1
h) Enter ls -l and note the permissions changes.

4. Configure permissions for the test directory and file using symbolic mode.
a) Enter chmod o+r DirA to set permissions on the directory.
b) Enter ls -l to see how the permissions have changed on the directory.
c) Enter chmod go+rw file1 to set different permissions on the file.
d) Enter ls -l to see how the permissions have changed on the file.
e) Enter chmod go-rwx DirA

@2020 version 1.0 21


Linux LPIC-1 Lab Guide

f) Enter ls -l and note the permissions changes.


g) Enter chmod go-w file1
h) Enter ls -l and note the permissions changes.
The final permissions state of the directory should be drwx------
The final permissions state of the file should be -rwxr--r--

@2020 version 1.0 22


Linux LPIC-1 Lab Guide

Lab 3-2: Modifying Default Permissions

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created a user account named
cmason.

SCENARIO
One of the Develetech employees, Chris Mason, wants to create files and directories with non-
default permissions so he can share them more easily with a co-worker. Since the requested change
does not violate the Develetech security policy, it has been approved. You will implement the
change for Chris.
________________________________________________________________________________

1. View the current default permissions settings for users that create new files and directories.
a) Enter umask
b) Verify that the default mask is 0002
For standard users, no advanced permissions are set by default (the first 0), owner and group
permissions aren't masked, and other user permissions are masked by 2

2. Configure Chris Mason's .bashrc with a non-standard umask value.


a) Enter sudo vim /home/cmason/.bashrc to open the file in a text editor.
b) Press Page Down to move the cursor to the bottom of the file.
c) Press i to enter insert mode.
d) Add the following text on a new line:
umask 022

a) Press Esc to exit insert mode.


b) Enter :wq to save and close the file.

3. Test the new default permissions.


a) Enter su - cmason to switch credentials.
b) Enter Pa22w0rd when prompted.
c) Enter umask to view the current permissions default.
You should see the 0022 value configured above.

d) Enter touch test-file to create a new file.


e) Enter ls -l and verify that the permissions for test-file match the newly configured umask
value.
The permissions should be -rw-r--r--
f) Enter exit to return to your student account.

@2020 version 1.0 23


Linux LPIC-1 Lab Guide

Lab 3-3: Modifying File and Directory Ownership

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
You will create a Graphics department directory where department members can store content.
You will investigate default ownership and group associations, and then create the /Graphics
directory. You will configure ownership and group associations of the directory and files.
________________________________________________________________________________

1. View the current ownership and group associations for files and directories.
a) Enter ls -l /var/log/cron to view ownership and group details about this log file.
The root user is the owner, and the root group is the group.
b) Enter ls -l /etc/ssh/sshd_config to view ownership and group details about this
configuration file.
The root user is the owner, and the root group is the group.
c) Enter sudo ls -l /home/cmason to view ownership and group details about the contents of
a user's home directory.
The cmason user is the owner, and the cmason group is the group.

2. Create a directory and populate the directory with files, then manage the ownership values.
a) Enter sudo mkdir /Graphics to create a directory at the root of the file system.
b) Enter sudo touch /Graphics/file1 to create content.
c) Repeat this command with file2 and file3 to create additional empty files inside the
directory.
d) Enter ls -l /Graphics to view the ownership information.
The owner is the creator; in this case that is the root account, due to the use of the sudo
command.
e) Enter sudo chmod -R 774 /Graphics to set permissions on the /Graphics directory and its
contents.
f) Enter sudo ls -l /Graphics to view the new permissions.

3. Change the owner and group values of the /Graphics directory and its contents.
a) Enter sudo chown -R :GraphicsDept /Graphics to set the group association as GraphicsDept
b) Enter sudo ls -ld /Graphics to view the changes.
c) Enter sudo chown rstanley /Graphics/file2 to change the ownership of file2 to Rose Stanley.
d) Enter sudo ls -l /Graphics to confirm rstanley is now the owner of file2

@2020 version 1.0 24


Linux LPIC-1 Lab Guide

Lab 3-4: Configuring SGID Permissions and Sticky Bits

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created a /Graphics directory
as well as the GraphicsDept group that includes several users.

SCENARIO
Some users have noted that the group associations for /Graphics are not applied to files created in
the directory. One user also complained that another user accidentally deleted one of her files. You
are asked to correct these concerns.
________________________________________________________________________________

1. Use SGID to automatically set group associations for newly created files in the /Graphics
directory.
a) Enter ls -ld /Graphics to see the default permissions on the / Graphics directory.
b) Enter sudo chmod g+s /Graphics to set the SGID on /Graphics so that newly created files
will get the group association.
c) Enter ls -ld /Graphics to view the new permissions.

d) Enter su - rstanley and enter Pa22w0rd to switch to Rose Stanley's credentials.


e) Enter cd /Graphics and then touch file4 to create a file.
f) Enter ls -l and confirm rstanley is the owner and the group is GraphicsDept for file4.
g) Enter exit to return to the student## login.

2. Use the sticky bit to better protect files from deletion by anyone but their owner.
a) Enter sudo chmod +t /Graphics to configure the sticky bit on the /Graphics directory.
b) Enter su - jrobinson and enter Pa22w0rd to switch to Jerry Robinson's credentials.
c) Enter cd /Graphics to move to the /Graphics directory.
d) Enter rm file4 to attempt to delete the file owned by rstanley.
Note that you receive an "Operation not permitted" response. If this were a permissions
issue, you would receive an "access denied" response instead. Even though jrobinson is a
member of the GraphicsDept group, and that group has the permissions to delete a file in
this directory, the sticky bit is preventing file deletion from a non-owner.
e) Enter exit to return to the student## login.

@2020 version 1.0 25


Linux LPIC-1 Lab Guide

Lab 3-5: Setting the Immutable Flag on a File

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
You have written a README text file to be stored in the /Graphics directory to help guide users on
the proper use of the content. You want to ensure that no one, not even the root user, can
accidentally delete the file. You will use the immutable attribute to accomplish this task.
________________________________________________________________________________

1. Configure the immutable flag on the /Graphics/README file.


a) Enter sudo touch /Graphics/README to create a document in the /Graphics directory.
b) Enter sudo ls –l /Graphics to view the current permissions settings for the README file.
c) Verify the README file is owned by root, and that the owner would normally be able to
delete the file.

d) Enter sudo chattr +i /Graphics/README to set the immutable attribute on the README file.
e) Enter sudo ls -l /Graphics to view the current permissions and verify that they haven't
changed.
f) Enter sudo lsattr /Graphics/README to confirm the immutable attribute is set.

2. Verify that the flag works by attempting to delete the file.


a) Enter sudo rm /Graphics/README to attempt to delete the README file from the /Graphics
directory.
b) Verify that this fails.
This is due to the immutable attribute. Note the "Operation not permitted" response rather
than the "access denied" response that indicates a permissions issue.

@2020 version 1.0 26


Linux LPIC-1 Lab Guide

Lab 3-6: Configuring ACLs

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
The Graphics department has requested that the Marketing department be given read- only access
to the /Graphics directory. With standard permissions, only one group association can exist. You
will use access control lists (ACLs) to ensure that both the Graphics and Marketing departments
have access.
________________________________________________________________________________

Set an ACL for the Marketing department.


a) Enter sudo getfacl /Graphics to view the current ACL on the directory.
b) Enter sudo setfacl -R -m g:MarketingDept:r /Graphics to grant read-only permissions to the
MarketingDept to the /Graphics directory and its contents.

Note: You can ignore the "Operation not permitted" warning about the README file; the ACL
settings will still apply to all other objects.

c) Enter sudo getfacl /Graphics to view the new level of access for the MarketingDept.

@2020 version 1.0 27


Linux LPIC-1 Lab Guide

Topic 4: Managing Storage

Lab 4-1: Creating Partitions

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
Develetech is concerned about losing data in the event of storage drive corruption. You'll create a
couple of partitions where the team can store backups for the time being. In the event that the main
storage partition fails, these backups may remain unaffected and can be used for recovery.
So, you'll create two new partitions:
• A partition that will hold system data in an XFS file system.
• A partition that will hold critical business files and other user data in an ext4 file system.
You'll just create the partitions for now; you'll make them available for use later.
________________________________________________________________________________

1. Create the first new logical partition.


a) Enter sudo fdisk /dev/sda to begin partitioning the main drive.
If your computer has multiple physical drives, they will likely be named /dev/sdb, /dev/sdc,
etc.
b) Enter m to view the command menu options.
c) Enter p to print the partition table.
d) Enter n to begin creating a new partition.
e) Press Enter to accept the default partition number.
Several partitions were automatically created during the installation of CentOS, so this is the
next available partition number.
f) Write this partition number down: ________ You'll need to reference the number later.
g) Press Enter to accept the default first sector.
This is the first part of the drive that currently has no partition (i.e., free space).
h) Enter +4096M to create a partition 4 GB in size.
i) Enter p to print the partition table.
j) Verify that the new partition was created.

k) Enter w to write your changes to the partition table and exit.


l) Enter sudo partprobe to update the Linux kernel with the partition table changes.

2. Create an XFS file system on the new partition.


a) Enter sudo mkfs.xfs /dev/sda# where # corresponds to the number of the partition you just
created.
b) Verify that you are presented with various statistics about the new file system.

3. Create the second new partition with an ext4 file system.

@2020 version 1.0 28


Linux LPIC-1 Lab Guide

a) Enter sudo parted /dev/sda


b) Enter print to see the list of partitions on this device.
c) Enter mkpart to start the partition creation process.
d) Press Enter to select a blank name for now.
e) Enter ext4 as the file system type.

Note: This associates the partition with the ext4 file system type; it doesn't actually format
the partition with an ext4 file system.

f) Examine the list of partitions you just printed and identify the End value for the last partition
(i.e., the XFS partition you created with fdisk).
g) Enter this value at the Start? prompt.
For example, if the end value is 121GB, then enter 121GB at the prompt.
h) At the End? prompt, add 8 GB to the start value and enter that.
For example, if the end value is 121GB, then you'd enter 129GB at the prompt.
i) Enter print and verify that both of your new partitions appear.

j) Write down the partition number of the partition you just created: _________________
k) Enter q to quit GNU Parted.

4. Create an ext4 file system on the new partition.


a) Enter sudo mkfs.ext4 /dev/sda# where # corresponds to the number of the partition you
just created.
b) Verify that you are presented with various statistics about the new file system.

5. Apply labels to the new partitions.


a) Enter sudo xfs_admin -l /dev/sda# where # corresponds to the partition number of the XFS
partition.
b) Verify that the partition currently has no label.
c) Enter sudo xfs_admin -L SysBackup /dev/sda# to set the label.
d) Enter sudo e2label /dev/sda# where # corresponds to the partition number of the ext4
partition.
e) Verify that the partition currently has no label.
f) Enter sudo e2label /dev/sda# DataBackup to set the label.
g) Repeat steps 6a and 6d and verify that both partitions have the labels you set.

@2020 version 1.0 29


Linux LPIC-1 Lab Guide

Lab 4-2: Managing Logical Volumes

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created two backup partitions.

SCENARIO
The two backup partitions you created are acceptable, but you know there are more efficient ways
of managing separate storage devices. So, you've decided to consolidate the space in both of these
partitions to create a physical volume using the Logical Volume Manager (LVM). You'll create a single
volume group for backups that extends across these physical volumes. Then, you'll create logical
volumes for both system files and business data files.
As you create these volumes, a colleague tells you that the backup system will need to keep its own
set of logs that other members of the team can audit to ensure the backup process is running as
expected. He suggests creating another partition for these log files, with the understanding that the
size of this partition (and of the other partitions) might need to change over time. You offer to create
a logical volume instead, explaining that it'll be much easier to manage than a physical partition. He
agrees, so you'll get to work.
________________________________________________________________________________

1. Identify the current logical volumes on the system.


a) Enter ls /dev/mapper
b) Verify that there are several mapped logical volumes on the system already. CentOS creates
these logical volumes during installation, including centos-home, centos-root, and centos-
swap.

2. Scan the system for physical volumes, volume groups, and logical volumes.
a) Enter sudo pvscan
b) Verify that at least one physical device is supporting the logical volumes.

c) Enter sudo pvdisplay to see more details about the physical volume.
The physical volume has a name in the format /dev/sda# as well as a volume group name
(centos) and size.
d) Enter sudo vgscan and verify that the centos volume group was found.
e) Enter sudo vgdisplay centos to see more information about this volume group.
f) Enter sudo lvscan and verify that the three CentOS logical volumes were identified.
g) Enter sudo lvdisplay /dev/centos/home to see more informationabout this particular logical
volume.

3. Create physical volumes from the backup partitions you created earlier.
a) Enter sudo pvcreate /dev/sda# /dev/sda# where # corresponds to each new partition you
created previously.
For example: sudo pvcreate /dev/sda4 /dev/sda5
This creates a physical volume for each partition.

@2020 version 1.0 30


Linux LPIC-1 Lab Guide

b) Enter y to clear any file system signatures.


c) Enter sudo pvdisplay and verify that your new physical volumes appear.

4. Create a volume group from these new physical volumes.


a) Enter sudo vgcreate backup /dev/sda# /dev/sda# where # corresponds to each new
partition you created previously.
For example: sudo vgcreate backup /dev/sda4 /dev/sda5
This creates a new volume group named backup that extends across both physical volumes.

b) Enter sudo vgdisplay backup and verify that you can see details about your new volume
group.
The total size of the group should be around 11 GB.

5. Create three logical volumes in the new volume group.


a) Enter sudo lvcreate --name sysbk --size 1GB backup
b) Verify that the logical volume was created.
This also places the logical volume within the backup volume group you just created.

c) Enter sudo lvcreate --name databk --size 2GB backup


d) Enter sudo lvcreate --name logbk --size 3GB backup
e) Enter sudo lvdisplay backup and verify that your new logical volumes are listed.

6. Extend the data backup volume and reduce the log volume.
a) Enter sudo lvextend -L5G /dev/backup/databk
This extends the databk volume from 2 GB to 5 GB in size.

b) Enter sudo lvreduce -L1G /dev/backup/logbk


c) Enter y to accept the warning.
This reduces the logbk volume from 3 GB to 1 GB in size.

d) Enter sudo vgdisplay backup and verify that the volume group has approximately 4 GB of
free space left.

Note: It's a good idea to leave free space in a volume group in case you later need to extend
a volume.

7. Create file systems on the logical volumes.


a) Enter sudo mkfs.xfs /dev/backup/sysbk
Although you created file systems on the partitions earlier, you'll need to create them on
the logical volumes as well.
b) Enter sudo mkfs.ext4 /dev/backup/databk
c) Enter sudo mkfs.ext4 /dev/backup/logbk

@2020 version 1.0 31


Linux LPIC-1 Lab Guide

Lab 4-3: Mounting File Systems

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created several logical volumes
in the backup volume group.

SCENARIO
Your volumes are all in place, but they aren't usable yet. You need to mount them first so that users
and applications can access their file systems. You decide to mount each of the three volumes in the
/backup directory, like this:
• /backup/sys/
• /backup/data/
• /backup/log/
In addition, these volumes need to be mounted automatically in case the system needs to reboot.
________________________________________________________________________________

1. Create mount points for the logical volumes.


a) Enter sudo mkdir -p /backup/sys /backup/data / backup/log
b) Enter ls /backup and verify that the new directories were created. These will serve as the
mount points for your logical volumes.

2. Mount the logical volumes.


a) Enter sudo mount /dev/backup/sysbk /backup/sys
This mounts the system backup logical volume onto the mount point you just created.
b) Enter sudo mount /dev/backup/databk /backup/data
c) Enter sudo mount /dev/backup/logbk /backup/log
d) Enter mount and verify your backup volumes are mounted.
They'll likely be at the bottom of the list as /dev/mapper/backup-<LV name>

3. Unmount a volume.
a) Enter sudo umount /backup/log to unmount the volume.
b) Enter mount and verify that the log volume is no longer mounted.
In this state, the volume is not currently usable. You may need to unmount a volume/
partition if you'd like to move its mount point. Also, some operations require the file system
to be unmounted before they can work with it.

4. Ensure the logical volumes are mounted on boot.


a) Enter sudo vim /etc/fstab
b) Press i to switch to insert mode.
c) Use the arrow keys to move down to the end of the last line.
d) Press Enter to start a new line.
e) On the next three lines, type the following:
/dev/backup/sysbk /backup/sys xfs defaults 0 0
/dev/backup/databk /backup/data ext4 defaults 0 0
/dev/backup/logbk /backup/log ext4 defaults 0 0

Note: It's OK if the lines don't align exactly.

@2020 version 1.0 32


Linux LPIC-1 Lab Guide

f) Press Esc, then enter :wq to save the file and quit.
g) Enter sudo mount -a and verify that there are no errors.
This tests the fstab file to ensure it can mount all of the volumes that are listed in it. A
misconfigured fstab file may prevent the system from booting.

@2020 version 1.0 33


Linux LPIC-1 Lab Guide

Lab 4-4: Managing File Systems

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
So far, your new volumes have been working great. However, because backups are critical to the
business, you want to perform scheduled maintenance on each file system to spot any errors that
could corrupt data or make it inaccessible.
Also, as expected, the scope of your backup operations has changed, and it's become necessary to
expand the size of your data backup and log backup volumes to accommodate these changes. You'll
need to ensure that you resize their file systems as well, or users and apps won't be able to avail
themselves of the newly added space.
________________________________________________________________________________

1. Query the system for information about block storage devices.


a) Enter lsblk -f
b) Verify that each device, partition, and volume is listed, along with file system information.

2. Examine the tree structure. What can you identify about your storage devices?
Answers may vary depending on the underlying hardware, but generally, the system
reserves sda1 and sda2 as boot file systems. The sda3 device is typically a logical volume
group created by the system to house the root file system, the home file system, and swap
space. Below that should be the two physical volumes that you created, and under each
should be one or more logical volumes. Some of the logical volumes might extend across
both physical volumes.

3. Scan two of the logical volumes for errors.


a) Enter sudo umount /dev/backup/databk
A volume must be unmounted before it can be checked for errors.
b) Enter sudo fsck /dev/backup/databk
c) Verify that the utility is reporting the volume as clean, indicating there are no detected
errors. If any were to be detected, you could run sudo fsck -r to repair them.
d) Enter sudo umount /dev/backup/sysbk to unmount the XFS file system.
e) Enter sudo xfs_repair /dev/backup/sysbk
f) Verify that the utility attempted to identify and repair any errors.
If any were to be identified, they would be fixed automatically.

4. Increase the size of an ext4 file system on a volume.


a) Enter sudo e2fsck -f /dev/backup/databk and make note of the total amount of blocks on
the file system:
_______________________
b) Enter sudo lvextend -L6G /dev/backup/databk
This extends the databk volume from 5 GB to 6 GB in size.
c) Enter sudo e2fsck -f /dev/backup/databk
Despite increasing the size of the volume, the file system did not increase in size with it.
d) Enter sudo resize2fs /dev/backup/databk

@2020 version 1.0 34


Linux LPIC-1 Lab Guide

e) Verify that the file system was resized, and that there are more total blocks than before.
f) Enter sudo mount /dev/backup/databk /backup/datato remount the ext4 file system.

5. Increase the size of an XFS file system on a volume.


a) Enter sudo lvextend -L2G /dev/backup/sysbk
b) Enter sudo mount /dev/backup/sysbk /backup/systo remount the XFS file system.
The following command requires the file system to be mounted.
c) Enter sudo xfs_growfs /dev/backup/sysbk
Verify that the total number of data blocks increased on the file system

@2020 version 1.0 35


Linux LPIC-1 Lab Guide

Lab 4-5: Navigating the Linux Directory Structure

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
You need to become more familiar with the structure and design of a typical Linux file system from
a user perspective. That way, you'll be able to easily navigate the file system and find the data and
system files that you're looking for at any given time. You'll walk through several of the main
directories that were created during installation.
________________________________________________________________________________

1. Navigate to a couple of home directories.


a) Enter cd ~
The ~ symbol is a shortcut to the current user's home directory.
b) Enter pwd and verify that the current working directory is /home/student##
c) Enter su - root
d) Enter the password.
e) Verify that you're logged in as the root account.
f) Enter pwd and verify that the current working directory is /root
Each user has their own home directory within /home except for the root user.
g) Enter exit to log out of the root account and return to your student account.

2. Navigate through /etc using relative paths.


a) Enter cd /etc to change your current working directory.
b) Enter ls -l and verify that there are several files and subdirectories in this directory.
The /etc directory contains configuration files for many services and applications.
c) Enter cd ssh
d) Enter pwd and verify that you are now in /etc/ssh
You referenced a relative path, as the ssh directory is within /etc rather than at the root of
the file system.
e) Enter cd etc and verify that no such file or directory was found.

3. Why was no file or directory found, when you were just in a directory with this name?
This is because you referenced a relative path, which means Linux tried to open a directory
called etc within /etc/ssh

4. Perform some additional navigation using relative and absolute paths.


a) Enter cd ..
b) Enter pwd and verify that you are back in /etc
c) Enter cd /etc/ssh
This time, you used an absolute path to return to the /etc/ssh directory.

5. Get an overview of the system file structure.


a) Enter cd / to return to the root of the file system.
b) Enter ls -l to get an overview of all of the main directories in the Linux file structure.

@2020 version 1.0 36


Linux LPIC-1 Lab Guide

Lab 4-6: Tracking Storage Space Usage

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created the /backup/data
volume and file system.

SCENARIO
Lately, users have been complaining about poor performance and latency when they read files or
write files to storage. Some users have also run into errors that say the storage device is full when
they attempt to write to it. You spoke to some of these users to get more information, and a few of
them mentioned that they were trying to back up data from their home directories when they ran
into these errors. Using this information, you'll attempt to diagnose the storage issues on the Linux
system.
________________________________________________________________________________

1. Identify storage space usage.


a) Enter df -h
b) Verify that all of the file systems on the computer are listed, along with their usage data.
c) Enter df -h /backup/data to filter the results by the data backup volume.
d) Observe the total size of the volume, the number of bytes used, and the percentage of the
volume that is used

2. Identify the read/write statistics for the data backup volume.


a) Enter iostat -d /dev/backup/databk
b) Observe the I/O statistics for this drive.

3. Configure the I/O scheduler on the storage device.


a) Enter sudo bash -c "echo scheduler > /sys/block/sda/queue/scheduler" where scheduler
is the scheduler you chose from the previous question.
Note: The bash -c portion tells Bash to run the entire command in a new shell as sudo

b) Enter cat /sys/block/sda/queue/scheduler and verify that your scheduler was set.
The scheduler enclosed in brackets is the active one

@2020 version 1.0 37


Linux LPIC-1 Lab Guide

Lab 4-7: Configuring Storage Quotas

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you created the /backup/data
volume and file system.

SCENARIO
After identifying excessive storage consumption on the data backup volume, you realize that most
of these files were created by the ariley user. You decide to limit storage space usage for ariley on
the data backup volume according to the following details:
• Block soft limit=10000
• Block hard limit=15000
• Inode soft limit=500
• Inode hard limit=700
These limitations will help prevent the performance and space consumption issues that users were
experiencing.
________________________________________________________________________________

1. Enable quotas for the data backup volume.


a) Enter sudo vim /etc/fstab
b) You'll need to edit the fstab file to configure the appropriate volume for quotas.
c) Press i to enter insert mode and scroll to the line that maps the /dev/backup/databk
volume.
d) Edit this line so that it reads as follows (the change is in bold):
/dev/backup/databk /backup/data ext4 defaults,usrquota 0 0

e) Press Esc, then enter :wq to save and quit.


f) Enter sudo mount -o remount /backup/data to remount the file system.

2. Configure the user quotas for the data backup file system.
a) Enter sudo quotacheck -cugm /backup/data
This creates the necessary quota files for the file system.
b) Enter sudo quotaon -a to turn on quotas for the file system.

3. Limit the ability for ariley to create data on the backup file system.
a) Enter sudo edquota -u ariley
b) Edit the configuration file to specify the following limitations:
/dev/mapper/backup-databk 0 10000 15000 0 500 700

c) Save and quit the file.

4. Start writing to the file system as the ariley user.


a) Enter sudo chmod 777 /backup/* to give ariley the appropriate permissions.
b) Enter su - ariley to switch to the user.
c) Enter the password.
d) Enter dd if=/dev/zero of=/backup/data/myfile bs=1M count=5
This writes a 5 MB dummy file name myfile to the data backup directory.

@2020 version 1.0 38


Linux LPIC-1 Lab Guide

5. Generate a quota report.


a) Enter exit to return to your student account.
b) Enter sudo repquota /backup/data
c) Verify that the report indicates how many blocks and inodes ariley is using, as well as the
user's hard and soft limits.

6. Exceed the soft limit quota.


a) Switch back to the ariley account.
b) Enter dd if=/dev/zero of=/backup/data/myfile2 bs=1M count=7
c) Verify that the results indicate that the user block quota has been exceeded.

7. The user has reached the soft limit for storage blocks. What does this mean as far as the
user's ability to write data to this file system?
The user will be able to continue to exceed this soft limit for a default of seven days. If they
go below the soft limit, the timer will reset. If they don't go below the soft limit within the
grace period, or if they exceed the hard limit within the grace period, then they will be unable
to write to the file system.

8. Exceed the hard limit quota.


a) Enter dd if=/dev/zero of=/backup/data/myfile3 bs=1M count=10
b) Verify that you were unable to write all of the data to the file system because you exceeded
the hard limit quota.

9. Log out as ariley and return to your student account.

@2020 version 1.0 39


Linux LPIC-1 Lab Guide

Topic 5: Managing Files and Directories

Lab 5-1: Creating Text Files

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
As one of the Linux server administrators, you've been asked to start a list of software that is
installed or should be installed on the system. So, you'll create a text file and begin entering the
names of software packages into it. You'll then save your work and pick up with the file later.
________________________________________________________________________________

1. Create the software list file.


a) Enter cd ~ to return to your home directory.
b) Enter vim software_list.txt to start editing a new file in Vim.

2. Enter text into the file.


a) Press i to switch to insert mode.
b) Verify that the text "INSERT" is displayed at the bottom-left of the screen.
c) On the first line, enter Apache HTTP Server
d) Enter MySQL on the second line.
e) Enter Eclipse on the third line.
f) Type OpenVAS as the fourth and final entry.

3. Save and view the text file.


a) Press Esc to return to command mode.
b) Enter :wq to save the file and quit Vim.
c) Enter cat software_list.txt to view the file.

@2020 version 1.0 40


Linux LPIC-1 Lab Guide

Lab 5-2: Editing Text Files

DATA FILE
/opt/linuxplus/managing_files_and_directories/software_list.txt

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
A colleague has taken your initial software list file and started filling it out. After he's done, you look
it over to see if there are any mistakes that need correcting. You'll edit this file in both Vim and GNU
nano to become more familiar with both text editors.
________________________________________________________________________________

1. Copy the latest version of the software list.


a) Enter the following:
cp -a /opt/linuxplus/managing_files_and_directories/ software_list.txt ~/

Note: Remember, you can use tab completion to speed up the process.

b) Enter ls and verify that software_list.txt is listed.

2. Open the file in Vim and fix a spelling error.


a) Enter vim software_list.txt
b) Use the arrow keys to move the cursor down to the first instance of the text "Friefox".
c) Position the cursor under the "i" in "Friefox".
d) Press x to cut the letter "i".
e) Move the cursor under the letter "F" and press p to paste the cut letter.
f) Verify that the line now correctly says "Firefox".

3. Use the search functionality to find and fix the other instance of the spelling error.
a) Enter /Frie to search for the next occurrence of the misspelled name.
b) Correct the name so that it says "Firefox".

4. Fix the casing of one of the software names.


a) Press k to go up line-by-line until you reach the line that says "openVAS" (note the lowercase
"o").
b) Press ^ (Shift+6) to go to the beginning of the line.
c) Press x to delete the first letter.
d) Press i to enter insert mode, then type a capital O
e) Press Esc to exit insert mode.

5. Delete a duplicate line and save the file.


a) Press j to go down line-by-line until you reach the second line that mentions "Apache".
b) Press d twice to delete the entire line.
c) Enter :wq to save and close the file.

@2020 version 1.0 41


Linux LPIC-1 Lab Guide

6. Open the file in GNU nano and make a correction.


a) Enter nano software_list.txt
b) Use the arrow keys to move to the "Y" under the "Configured?" column for "Eclipse".
c) Press Delete.
d) Type N

7. Remove a duplicate line.


a) Navigate down to the second instance of "LibreOffice".
b) Press Ctrl+K to cut the duplicate line.

8. Add another entry to the file.


a) Navigate to the beginning of a new line at the bottom of the file.
b) Type Apache-Tomcat
c) Press Tab until the cursor is under the "Version" column.

Note: You can also use the spacebar for more precise alignment.

d) Type 9.0.12
e) Place the cursor under the "Installed?" column and type N
f) Type N under the "Configured?" column.

9. Save the file and close GNU nano.


a) Press Ctrl+O.
b) Press Enter to save the file.
c) Press Ctrl+X to exit GNU nano.
d) Enter cat software_list.txt to view the file.

@2020 version 1.0 42


Linux LPIC-1 Lab Guide

Lab 5-3: Searching for Files

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
One of your duties as a Linux administrator is to ensure your system logs are functioning as
expected. These logs are crucial to diagnosing issues and identifying other unwanted behavior. So,
to start, you'll search for where the log files are stored on your system. Then, you'll begin to search
for logs that meet specific size requirements and have been recently updated. That way you'll be
able to confirm which logs are continuously recording a significant amount of information, as
expected.
________________________________________________________________________________

1. Search for the location of system log files.


a) Enter sudo find / -type d -name 'log'
b) Verify that there are several locations on the root volume that contain the world "log".
c) Enter sudo find / -type f -name 'messages'
d) Verify that the location of the messages log is identified as /var/log/messages

2. Search for log files that are above 100 KB in size.


a) Enter sudo find /var/log -type f -size +100k
b) Note one of the files in the results and enter ls -lh /var/log/<file name> to verify that it is
indeed above 100 KB in size.

3. Search for log files that have been updated within the last 30 minutes.
a) Enter sudo find /var/log -type f -mmin -30
b) Verify that one of the files in the results has a timestamp within the last 30 minutes.

Note: You can use ls -l on the file to do this.

4. Search for log files that are either empty or above 100 KB, and have been updated in the last
30 minutes.
a) Enter sudo find /var/log -type f -size 0 -or -size +100k -mmin -30
b) Verify that these conditions are accurate for at least one of the files.

5. What are some advantages of using the find command over using the locate command?
The locate command requires that a database be updated in order to perform accurate
searches, whereas find does not. Also, locate cannot filter its search by specific directories,
whereas find can. However, locate may be able to perform searches more quickly in certain
cases.

@2020 version 1.0 43


Linux LPIC-1 Lab Guide

Lab 5-4: Reading Files

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
Another one of your duties is, naturally, to review the system's log files. But before you dive into log
analysis, you need to determine the best way to display text files for reading. So, you'll use
commands like cat and less to see where each one can come in handy.
________________________________________________________________________________

1. Open the messages log for reading.


a) Enter sudo cat /var/log/messages
b) Notice that the file's contents scroll past the screen many times, indicating that the file is too
large to read from a single screen.
c) Enter sudo less /var/log/messages
d) Verify that only the first page of the file printed to the screen, and at the bottom of the
screen, the name of the file is highlighted.
e) Press the Down Arrow to scroll down a single line.
f) Press the Up Arrow to scroll back up a single line.
g) Press Spacebar to scroll down an entire page.
h) Press Page Up to scroll up and entire page.

2. Search for a specific string in the log.


a) Enter /SELinux
b) Verify that the file jumps to the first instance of this text string, and that it is highlighted on
the top line.

c) Press n to view the next instance of this text string in the file.
d) Press N (note the capitalization) to navigate to the previous instance of the search term in
the file.
e) Press q to quit reading the file.

3. Print only the first and last lines of the log.


a) Enter sudo head /var/log/messages
b) Verify that the first 10 lines of the log were printed to the screen.
c) Enter sudo tail /var/log/messages
d) Verify that the last 10 lines of the log were printed to the screen.

@2020 version 1.0 44


Linux LPIC-1 Lab Guide

4. Why might printing only the first or last few lines be preferable to reading the entire file?
Answers may vary, as it depends on the purpose and format of the text file. For logs, reading
the last 10 lines is a much quicker way to see the latest events on a system than using less
would be. Printing the first 10 lines might be useful in situations where entries are repeated
or otherwise superfluous, and you only need to see a few examples to grasp the idea.

@2020 version 1.0 45


Linux LPIC-1 Lab Guide

Lab 5-5: Manipulating Files and Directories

DATA FILE
All files in: /opt/linuxplus/managing_files_and_directories/aups

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
You've been asked to move some corporate policy documents from the HR lead's workstation to a
Linux server. The policies should be more centrally available and not dependent on one particular
person's system. The HR lead admits that she didn't do a great job organizing the policy documents,
as several older versions of acceptable use policies (AUPs) are mixed in with more current, active
versions, and the old policies were written before she implemented a consistent naming
convention. All of the documents are in a single directory named aups.
First, you'll need to copy the documents to your home directory as a temporary staging area. You'll
then organize these policy documents by retaining only the most recent ones and deleting older
ones that no longer apply. You've also been told that more types of policies will need to be located
on the server, other than AUPs. So, you'll effectively rename the aups folder to the more general
policies and create some placeholder files. Later, when you receive more policies to add, you'll be
able to deploy the directory where other authorized users can reach it.
________________________________________________________________________________

1. Copy the policy files.


a) Enter the following:
cp -r /opt/linuxplus/managing_files_and_directories/aups ~/
This copies the aups directory to your home directory, leaving its original location intact.
b) Enter cd aups
c) Enter ls -l and verify there are five files, three of which are marked as "OLD" and have
inconsistent file names.

2. Create a new directory and move the most recent policy files into it.
a) Enter mkdir ../policies to create a new directory.
b) Enter mv aup_v1.txt ../policies
c) Enter mv aup_v2.txt ../policies
d) Enter ls -l and verify that these two files are no longer in this directory.

3. Verify that the recent policies were moved to the new folder.
a) Enter cd ../policies
b) Enter ls -l and verify that the two recent files are in this directory.

4. Create placeholder files for future policies.

@2020 version 1.0 46


Linux LPIC-1 Lab Guide

a) Enter touch user_sec_policy.txt


b) Enter ls -l and verify that a blank file with this name was created.
c) Use touch to create three more blank files in ~/policies with the following names:
• server_sec_policy.txt
• email_policy.txt
• clean_desk_policy.txt

d) Enter ls -l and verify that the files exist.

5. Delete the aups folder and its contents as they're no longer needed.
a) Enter rmdir ../aups
b) Verify that you cannot remove this object because it is a directory.
You need to specify the -R (recursivoption with rm in order to delete non-empty directories.
c) Enter rm -R ../aups
d) Enter ls .. and verify that the aups directory is gone, as are the old policy files.

@2020 version 1.0 47


Linux LPIC-1 Lab Guide

Lab 5-6: Processing Text Files

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. You have a directory at ~/ policies that includes
two text files, as well as the software_list.txt file in the home directory.

SCENARIO
Now that the software list and policy documents are all set and in the right locations, you can begin
to analyze them more closely. In particular, you want to sort the software list so you can more
quickly identify what software packages still need to be installed and/or configured. Likewise, you
want to ensure that you know exactly what was changed from the first version of the AUP to the
second version, so you don't have to read the entire thing from the beginning.
You also want to switch gears to your log analysis duties. You want to identify instances where users
enter an incorrect password and fail to log in. This could point to users that are trying to access
resources they are not authorized for. However, the authentication log can be very large, so you'll
need to process it in order to extract only the relevant information.
________________________________________________________________________________

1. Sort the software list file by name, then by which packages need to be installed and/or
configured.
a) Enter cd ~ to return to your home directory.
b) Enter cat software_list.txt to review the column structure of this file.
c) Enter sort -k1 software_list.txt
d) Verify that the list was sorted by the first column, which is the name of each software
package.
However, the sort operation was not perfect, as the column headers were included. There
are several ways to stop this from happening, one of which you'll perform in a later topic.
e) Enter sort -k3 software_list.txt to sort by the "Installed?" column.
f) Sort by the "Configured?" column.

2. Retrieve the word count of the AUP files.


a) Enter cd policies
b) Enter wc -w aup_v1.txt
c) Verify that you can see the word count of version 1 of the AUP policy file.
d) Enter wc -w aup_v1.txt aup_v2.txt
e) Verify that you can see the word counts of both versions of the file, as well as a combined
total.

3. Examine the differences between the AUP files.


a) Enter diff aup_v1.txt aup_v2.txt
b) Verify that you are presented with the differences between each file, as well as suggested
actions.
The differences are as follows:
• 33a34,41 means that after line 33 in the first file (version 1), lines 34–41 from the second
file (version 2) need to be added in order for that chunk of text to be the same.
• The multiple > symbols indicate each line that must be added to the first file in order to
be the same as the second file.

@2020 version 1.0 48


Linux LPIC-1 Lab Guide

• In other words, the HR lead added this entire new section to version 2 of the policy.
• 35a44 means that after line 35 in the first file, line 44 from the second file needs to be
added in order for the text to be the same.
• In other words, the HR lead added an entry to the revision history explaining her changes.

4. Search the authentication log for failed login attempts.


a) Enter sudo cat /var/log/secure
b) Verify that there are many entries in the authentication log.
Rather than read the entire log or search term-by-term for failure entries, you can use grep
to bring all of the relevant information to the forefront in one command.
c) Enter su - ariley and provide an incorrect password to simulate an authentication failure.

Caution: Don't actually sign in

d) Enter sudo grep failed /var/log/secure


e) Verify that you are presented with all lines in the log containing the text string "failed".

@2020 version 1.0 49


Linux LPIC-1 Lab Guide

Lab 5-7: Linking Files

BEFORE YOU BEGIN


You are logged into the CLI as your student account. You have a /backup/log directory that you
created earlier.

SCENARIO
You've decided to start organizing your backup directory, particularly with regard to log files. You
want to create several subdirectories, each one a category that can pertain to the backed up logs.
For example, you want to organize logs by type (e.g., authentication logs vs. app logs vs. kernel logs)
and the year that they were generated. However, most logs can apply to multiple categories. Rather
than have two or more distinct copies of each log, you decide to link these files together so that
they're easier to manage.
You also want to be able to quickly access log backups from your home directory. So, you'll create a
link in your home directory to a log in the backup directory.
________________________________________________________________________________

1. Create new log backup directories and move the authentication log to one of them.
a) Enter mkdir /backup/log/auth /backup/log/<year> where <year> refers to the current
year.
b) Enter sudo cp /var/log/secure /backup/log/auth/secure
c) Enter cd /backup/log

2. Create a hard link between the log files.


a) Enter sudo ln auth/secure <year>/secure
This creates a hard link to the file in the auth directory.
b) Enter ls -l <year> and verify that a file was created in the year directory.
c) Enter sudo cat <year>/secure and verify that its contents are the same as the authentication
log.

Note: You can run diff auth/secure <year>/secure if you want to be sure.

3. Make a change in one file and see it reflected in the hard link file.
a) Enter sudo nano auth/secure
b) Press Enter to start a new line at the top.
c) Type **BEGIN LOG ##-####** where ##-#### is the current month and year.
For example: **BEGIN LOG 01-2019**

d) Press Ctrl+O then Enter to save.


e) Press Ctrl+X to quit.
f) Enter sudo head <year>/secure and verify that the header you just added was also added
to the hard link file.

@2020 version 1.0 50


Linux LPIC-1 Lab Guide

4. Remove one file and verify that the hard link file is still intact.
a) Enter sudo rm auth/secure
b) Enter sudo cat <year>/secure and verify that the hard link file's contents are still intact.

5. Attempt to create a link from your home directory to a log file in the backup directory.
a) Enter cd ~ to return to your home directory.
b) Enter sudo ln /backup/log/<year>/secure auth-log
c) Verify that the operation failed.

6. Why did the system fail to create the link? What can you do to still create a link?
You cannot create hard links across different file systems, and the home directory and the
backup log directory are on different file systems. To get around this, you must create a soft
(symbolic) link.

7. Create a symbolic link to the log file.


a) Enter ln -s /backup/log/<year>/secure auth-log
b) Enter sudo cat auth-log and verify that your link has the expected log contents.

8. Delete the original log file and verify that the symbolic link was affected.
a) Enter sudo rm /backup/log/<year>/secure
b) Enter sudo cat auth-log and verify that no such file exists.
c) Enter ls -l and verify that the file is a broken link.

The red text pointing to text with a black background indicates that the link is broken.
d) Enter rm auth-log to delete the symbolic link.

@2020 version 1.0 51


Linux LPIC-1 Lab Guide

Lab 5-8: Manipulating File Output

DATA FILE
/opt/linuxplus/managing_files_and_directories/laptop_inv.txt

BEFORE YOU BEGIN


You are signed in to the CLI as your student account. You have a /backup directory.

SCENARIO
In the past, the IT team has kept an inventory of all laptops issued to employees. As part of the new
roll-out, you'll need to copy this information to a document that will be stored on a Linux server.
The source information isn't formatted very well, and isn't in any kind of useful order. So, you decide
to create a new file from scratch. Afterward, you realize that the person who recorded the
information made a mistake with the format of certain serial numbers. Instead of editing the file to
replace every mistake individually, you'll leverage input and output redirection to fix the mistakes.
Then, you'll output a sorted version that will be more useful for reference.
You also want to regularly check the contents of the backup directory and place the results in a
continually updated file. You want to be able to see the results in real-time at the CLI as well, so
you'll use the tee command to accomplish both.
Lastly, you'll use piping with grep to further hone your log analysis skills
________________________________________________________________________________

1. Use output redirection to start adding text to the laptop inventory file.
a) Enter touch laptop_inv.txt to create a blank file.
b) Enter echo "User Make Serial No." > laptop_inv.txt

Note: Separate each column by four spaces.

c) Enter cat laptop_inv.txt and verify that the text output to the file.

2. Use output redirection to append text to the file.


a) Enter echo "jsmith Asus S489124" > laptop_inv.txt
b) Enter cat laptop_inv.txt and verify that the header was replaced by this new row.
This is because the > operator replaces any existing text with the provided string. You need
to append that text.
c) Reenter echo "User Make Serial No." > laptop_inv.txt

Note: Remember, you can press the Up Arrow to return to a command you previously
entered.

d) Enter echo "jsmith Asus S489124" >> laptop_inv.txt


This time, you're using the append operator (>>).

Note: Again, separate each column by four spaces.

e) Verify that the file has both the header and the first row.

@2020 version 1.0 52


Linux LPIC-1 Lab Guide

3. Use input redirection to replace all instances of a mistyped character in the file.
a) Enter the following:
cp /opt/linuxplus/managing_files_and_directories/ laptop_inv.txt laptop_inv.txt
This will update your copy with a filled-in one.

b) Examine the file and verify that the Asus serial numbers incorrectly start with the capital
letter "S".
c) Enter tr S 5 < laptop_inv.txt
d) Verify that the instances of "S" were replaced with "5" and that the file was printed to the
CLI.

4. Use both input and output redirection at the same time to create a new file with the
corrections.
a) Enter tr S 5 < laptop_inv.txt > laptop_inv_fix.txt
b) Examine the corrected file and verify that the appropriate correction was made.

5. Use piping to sort the inventory list without the header.


a) Enter sort -k1 laptop_inv_fix.txt
b) Verify that, just like sorting the software list earlier, the header is included in the sort when
it shouldn't be.
c) Enter tail -n +3 laptop_inv_fix.txt | sort -k1
The tail -n +3 command outputs everything after and including the third line, which is when
the header ends. You are piping the output of this command to the sort command, which
takes it as input.
d) Verify that the inventory is now sorted by user name, but does not include the header.

@2020 version 1.0 53


Linux LPIC-1 Lab Guide

6. Use the tee command to redirect output to both the CLI and a file at the same time.
a) Enter sudo ls -lR /backup > backup_report
b) Verify that ls didn't print its results to the CLI.
c) Enter sudo ls -lR /backup | tee backup_report
d) Verify that ls did print its results to the CLI.
This is because piping the ls command to tee instead of doing a stdout redirect ensures that
the results will appear at both the CLI and the specified file.
e) Examine the backup_report file and verify that it also lists directory information.

7. Use grep and cut together to make log analysis easier.


a) Enter sudo grep 'password check failed' /var/log/secure
This prints all instances of the text "password check failed" from the authentication log.
However, it also prints every single part of the line, much of which isn't relevant and just
adds to the noise.
b) Enter sudo cut /var/log/secure -d " " -f5-12
The cut command, using the -d option, trims each line using a space as a delimiter. The -f5-
12 option specifies the range of the delimiter to extract. So, you're only extracting
approximately the middle chunk of each line. However, you're still seeing every line of the
log.
c) Enter sudo grep 'password check failed' /var/log/ secure | cut -d " " -f5-12
d) Verify that you extracted all lines matching the provided string, as well as only the portion
of the line that is relevant to your needs.
The results show the system function that was called, an explanation of the event, as well as
the user the event applies to.

@2020 version 1.0 54


Linux LPIC-1 Lab Guide

Topic 6: Managing Kernel Modules

Lab 6-1: Exploring the Linux Kernel

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
As a system administrator, you may need to troubleshoot issues related to the kernel. So, you want
to explore kernel concepts to refresh your knowledge.
________________________________________________________________________________

1. View version information about the currently running kernel.


a) Enter uname -a to view information related to the currently running Linux kernel.

2. What is the base version of your currently running kernel according to the uname command?
o 2.4
o 2.6
o 3.4
o 3.10
o 4.18

3. True or false? According to the uname command, you are running a 32-bit hardware
platform.
o True
o False

4. Which function is associated with the SCI layer of the kernel?


o Passing requests to device drivers.
o Sending service requests to the kernel.
o Allocating processor time for functions.
o Processing scheduling functions.
o Organizing files on the file system.

5. What are the major functions performed by the kernel? (Choose two.)
Kernel initialization
Process management
Memory management
Module installation
Dependency management

6. Which of the following accurately describe the user space? (Choose two.)
It is the area of the memory where the kernel executes its services.
It is the area of memory in which most high-level software runs.
It is the part of the system that only logged in users can access.
It is the area of memory in which background processes and low-level system libraries run.

@2020 version 1.0 55


Linux LPIC-1 Lab Guide

7. What is one disadvantage of a monolithic kernel compared to a microkernel?


o Monolithic kernels are slower to access devices.
o Monolithic kernels are larger and consume more RAM.
o Monolithic kernels have a smaller kernel space and are less extensible.
o Monolithic kernels can only run the bare minimum software to qualify as a fully functional
OS.

8. True or false? The Linux kernel is modular, enabling users to extend its functionality.
o True
o False

@2020 version 1.0 56


Linux LPIC-1 Lab Guide

Lab 6-2: Installing and Configuring Kernel Modules

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
You want to be able to wirelessly transfer files from the Linux server to your mobile device. So, you
purchase a USB Bluetooth adapter and plug it into an available port on the server. However, you
can't get the adapter to work properly. After examining the system, you discover that the driver for
USB Bluetooth is not available. So, you'll inspect the kernel and see if you can identify and load the
module that enables this functionality.
________________________________________________________________________________

1. Examine what modules are currently running.


a) Enter lsmod | less
b) Briefly scan through the list of installed kernel modules.
c) Press q to quit.
d) Enter lsmod | grep bluetooth
e) Verify that there are no results.
You don't yet know the name of the relevant module, so this isn't necessarily definitive proof
that it isn't loaded.

2. Search for the appropriate module.


a) Enter uname -r to retrieve the kernel version of the system.
b) Enter cd /lib/modules/<kernel version>/kernel/drivers

Note: Remember to use tab completion to fill the kernel version automatically.

c) Enter ls | grep bluetooth and verify that there is a bluetooth directory.


d) Enter cd bluetooth
e) Enter ls to see the available Bluetooth driver modules.

3. Do any of these look like they could be a driver for a USB device that can send and receive
Bluetooth signals?
Answers may vary, but btusb.ko.xz is the most likely candidate.

4. Learn more about this module.


a) Enter modinfo btusb.ko.xz | less
b) Read the information about this module, noting the following:
• The description indicates that this is a generic Bluetooth USB driver.
• It has many different aliases that aren't very user friendly.

@2020 version 1.0 57


Linux LPIC-1 Lab Guide

• It depends on several other modules.


c) Press q to quit.

5. Configure an alias for the Bluetooth USB module.


a) Enter cd /etc/modprobe.d
b) Enter sudo vim btusb.conf to create a configuration file for the module.
c) Using Vim, type alias blue btusb as the first line.
d) Save and close the file.

6. Insert the Bluetooth USB module into the running kernel.


a) Enter sudo depmod to update the dependencies database.
b) Enter sudo modprobe -a blue
c) Enter lsmod | grep btusb
d) Verify that the btusb module is listed, indicating that it is inserted into the kernel.

7. Notice that there are other modules that begin with bt, as well as a module called
bluetooth. Why were these added to the kernel as well?
These are modules that btusb depends on in order to function. The modprobe command
automatically installs dependent modules when necessary.

@2020 version 1.0 58


Linux LPIC-1 Lab Guide

Lab 6-3: Monitoring Kernel Modules

BEFORE YOU BEGIN


You are logged in to the CLI as your student account. Previously, you installed a USB Bluetooth driver
module in the kernel.

SCENARIO
Now that you installed the USB Bluetooth module, you want to make sure it was successfully loaded
by the kernel and that there are no errors. You also want to identify your kernel version details in
case you need to reference it during troubleshooting.
________________________________________________________________________________

1. Enter cat /proc/version and use the result to answer the following questions.
When was the kernel last compiled?
Answers may vary, but the version used to develop this course was compiled on April 20 of
2018.
What version of the GCC is your kernel running?
Answers may vary depending on when the kernel was compiled. For the kernel version used
to develop this course, the GCC version is 4.8.5.
Why might this information be useful?
Answers may vary, but validating the kernel version and related information can help you
diagnose issues that apply to specific versions, such as incompatible software.

2. Examine the kernel message buffer.


a) Enter dmesg -h
b) Note the different facilities and log levels available. Examples include warn, err, notice, etc.
c) Enter dmesg -H
d) Verify that you can navigate through many pages of kernel messages.
Not all of the information here will be useful to you, so you'll need to filter what you're
looking for.
e) Press q.

3. Filter the kernel message buffer for more useful messages.


a) Enter dmesg -H -l warn
b) Verify that the results have been filtered.
All of these messages are marked as warning conditions. These don't necessarily indicate
errors, but call attention to behavior that might be worth checking.
c) If necessary, press q.
d) Enter dmesg -H -l err
These messages do indicate errors. You might not have any results, which means the kernel
hasn't recorded any errors thus far.
e) If necessary, press q.

4. Search the kernel message buffer for evidence of USB drivers being loaded.
a) Enter dmesg -H | grep usb
b) Examine the results.

@2020 version 1.0 59


Linux LPIC-1 Lab Guide

The kernel records when USB storage devices are found and when drivers are registered. It
also identifies when input devices that use USB are found—like a mouse, keyboard, webcam,
etc.
c) Enter dmesg -H | grep btusb
d) Verify that the kernel is reporting that a new interface driver was registered for the btusb
module you installed earlier.

@2020 version 1.0 60


Linux LPIC-1 Lab Guide

Topic 7: Managing the Linux Boot Process

Lab 7-1: Creating an initrd Image

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
As part of your server infrastructure, you plan on having some systems boot from an NFS share. The
kernel in the deployed systems doesn't have an NFS module. Without this, your systems cannot
mount an NFS share as the root file system. So, you need to create a new initrd image so that the
kernel can successfully mount the share. First, however, you'll establish a baseline image that other
images can build off of.
________________________________________________________________________________

1. Create a new initrd image.


a) Enter uname -r to identify the current kernel.
b) Enter sudo mkinitrd -v /boot/initrd-$(uname -r).img $(uname -r)
$(uname -r) substitutes the name of the kernel in this command.
c) Examine the verbose output from mkinitrd noting the various kernel modules that are
included in the initrd image by default.
d) Enter ls -l /boot and verify that your new initrd image was created.
The image should be named initrd-<kernel version>.img and should have been last modified
on today's date.

2. Create an initrd image with an NFS module installed.


a) Enter sudo mkinitrd -v --with=nfsv4 /boot/initrd-$ (uname -r)-nfs.img $(uname -r)
b) Enter ls -l /boot and verify your new NFS image was created.
c) Examine the file sizes for both initrd images (the base image and the NFS image) and verify
that the NFS image is larger.
This suggests that the additional NFS module was loaded into the image, as intended.

@2020 version 1.0 61


Linux LPIC-1 Lab Guide

Lab 7-2: Configuring GRUB 2

BEFORE YOU BEGIN


You are logged in to the CLI as your student account.

SCENARIO
Some of your fellow administrators are claiming that their Linux servers aren't booting properly.
You are assigned to the task of troubleshooting these issues. You find that someone has modified
the settings in the boot loader because there is no password protection. After correcting the boot
configuration, you decide to protect GRUB 2 with a password so that only authorized users can
modify it.
________________________________________________________________________________

1. Verify that GRUB 2 is installed.


a) Enter sudo ls -l /boot/efi/EFI/centos
b) Verify that grub.cfg exists in this directory.
The presence of this file usually indicates that GRUB 2 is successfully installed on the EFI
system partition.
c) Enter sudo cat /boot/efi/EFI/centos/grub.cfg and verify that the configuration file is
populated.

2. Create a password to lock the GRUB 2 configuration with.


a) Enter sudo grub2-mkpasswd-pbkdf2 | sudo tee -a /etc/grub.d/40_custom
You're redirecting the output to the custom configuration file. You'll clean up this file shortly.
b) Enter Pa22w0rd as the password.
c) Reenter the same password.
d) Verify that the PBKDF2 password is generated.
PBKDF2 uses a cryptographic technique called hashing to protect the password in storage.

3. Adjust the custom GRUB 2 configuration file to require your password.


a) Using sudo, open /etc/grub.d/40_custom in the text editor of your choice.
b) Move the cursor to the line that says "Enter password:" and cut this entire line.
c) Cut the line after it that shows the reenter password prompt.
d) From the "PBKDF2" line, delete the string of text that says "PBKDF2 hash of your password
is".
e) On the same line, replace the text you deleted with password_pbkdf2 student## where ##
refers to your student number.

@2020 version 1.0 62


Linux LPIC-1 Lab Guide

f) Insert a new line above this that says:


set superusers="student##"

g) Save and close the file.

4. Update the main GRUB 2 configuration file to apply your changes.


a) Enter sudo grub2-mkconfig -o /boot/efi/EFI/centos/ grub.cfg
b) Verify that no errors are returned and that the "done" message is displayed.
This indicates that the new GRUB 2 configuration file has been generated successfully.

5. Test the password from the GRUB 2 boot menu.


a) Enter reboot
b) On the GRUB 2 boot menu screen, press Esc to stop the default selection timer.
c) Press e to edit the GRUB 2 configuration.
d) At the Enter username prompt, enter your student account name.

Caution: Input your user name and password very carefully, as you will be unable to edit any
mistakes.

e) At the Enter password prompt, enter Pa22w0rd


f) Verify that you can see the GRUB 2 configuration on the screen.
g) Press Esc to exit editing mode.
h) Press Enter to boot back into the default selection.
i) Log back in as your student account

@2020 version 1.0 63


Linux LPIC-1 Lab Guide

Topic 8: Managing System Components

Lab 8-1: Configuring Localization Options

BEFORE YOU BEGIN


You are signed in to the CLI as your student account.

SCENARIO
One of your colleagues is located remotely—in London, England. Just like you, he needs to be able
to log in to Develetech's Linux servers in order to administrate them. The server he needs to
remotely administrate is located in the US, even though it primarily services users in Great Britain.
So, you'll set this server to use the time zone in London, as well as change the language and keyboard
layout settings to those of Great Britain. This will make it easier for your English colleague to work
within the environment and for the server to operate within the correct time zone.
________________________________________________________________________________

1. Retrieve your system's current date and time information.


a) Enter timedatectl
b) Verify that you are given information such as:
• The local time.
• The universal time.
• The real-time clock (RTtime (i.e., hardware clock).
• The time zone.
• Network Time Protocol (NTP) information.
• Daylight savings time (DST) information.

2. Find the time zone for London.


a) Enter timedatectl list-timezones
b) Verify that there are several pages of time zones available.
Time zones are categorized by global region, then typically by city or small nation. This
information is pulled from the time zone files and directories in /usr/share/zoneinfo
c) Press q to quit and return to the prompt.
d) Enter timedatectl list-timezones | grep London to filter the results.
The relevant time zone is in the format Europe/London.

3. Change the time zone to London's current time zone.


a) Enter sudo timedatectl set-timezone Europe/London
b) Enter timedatectl
c) Verify that the time zone has changed and that the local time reflects this change.
The time zone that is set will depend on the time of year. From the last Sunday in March to
the last Sunday in October, the time zone will be British Summer Time (BST). The rest of the
year, London is on Greenwich Mean Time (GMT), otherwise referred to as UTC.

d) Verify that the universal time is either the same as the local time or is one hour behind,
depending on the time of year.

@2020 version 1.0 64


Linux LPIC-1 Lab Guide

The universal time is synonymous with GMT/UTC and is used as a global reference point.
e) Examine the RTC time.
This is the hardware clock, and it is set by the OS. Many Linux distros set this to UTC by
default, including CentOS. You'll leave this as-is.
f) Enter date to confirm the date and time on the system.

4. Find the appropriate locale settings for Great Britain.


a) Enter localectl status and note your system's current language locale and keyboard layout.

Caution: Take note of these values if your locale and keyboard layout are not US. You will
need to revert to these values at the end of the activity.

b) Enter localectl list-locales


c) Page through the list of available locales until you get to the locales that start with en_
(English language).
d) Find the en_GB.utf8 locale.
This is a locale for Great Britain that uses UTF-8 encoding.
e) Press q to quit.
f) Enter localectl list-keymaps
g) Verify that you can find a keyboard layout named gb indicating Great Britain.

5. Configure the appropriate locale settings for Great Britain.


a) Enter sudo localectl set-locale "LANG=en_GB.utf8"
b) Enter sudo localectl set-keymap gb
c) Enter localectl status and verify that the language locale and keyboard layout are both set
to Great Britain.
d) On your keyboard, press the Backslash key and verify that it types a number symbol (#).
This is due to layout differences between US and GB/UK keyboards.

Note: This will, of course, only work if you're using a US keyboard.

6. For classroom purposes, revert the locale settings.


a) Enter sudo localectl set-locale "LANG=en_US.utf8"

Note: Press the Up Arrow until you retrieve the command you used to set the locale to Great
Britain. Then you can just replace the text.

Caution: If your original language and keyboard layout are something other than US, you will
need to enter your original values instead.

b) Enter sudo localectl set-keymap us


c) Enter localectl status and verify that the original locale options are set.

@2020 version 1.0 65


Linux LPIC-1 Lab Guide

Lab 8-2: Configuring GUIs

BEFORE YOU BEGIN


You are signed in to the CLI as your student account. The CentOS system was already installed with
two GUI desktop environments: GNOME and KDE.

SCENARIO
The CLI has been adequate so far, but many of your colleagues would be more comfortable working
in a visual environment. A GUI is also necessary for easily browsing the web and viewing media like
images and video. Most of your colleagues prefer to work with GNOME, the default desktop
environment, whereas others prefer a customized version of KDE. So, you'll start by configuring
KDE's layout options to align with those users' preferences. Then, you'll get accustomed to
navigating through GNOME, the environment you yourself will be using. You also need to configure
some accessibility options in GNOME for users who have visual and manual dexterity impairments.
________________________________________________________________________________

1. Switch to the GUI, then log in to KDE.


a) Enter sudo systemctl isolate graphical.target
b) Verify that you are presented with a graphical login screen.

c) Select student##.
d) To the left of the Sign In button, select the Settings gear icon.
e) Select KDE Plasma Workspace.
f) Enter your password and select Sign In.

2. Configure desktop settings for KDE.


a) On the desktop, right-click and select Default Desktop Settings.
b) In the Desktop Settings - Plasma Desktop Shell window, in the left pane, verify that View is
selected.
c) From the Layout drop-down list, select Search and Launch.

@2020 version 1.0 66


Linux LPIC-1 Lab Guide

d) In the images section, select 7lines-bottom from the thumbnails list

e) Select OK to apply the settings and close the Desktop Settings - Plasma Desktop Shell
window.
f) Examine the new layout of the desktop environment.

3. Switch to GNOME.
a) From the top-right of the desktop, select the Desktop menu, then select Leave.

b) Select Logout.
c) Select student##.
d) To the left of the Sign In button, select the Settings icon.
e) Select GNOME Classic.
f) Sign in using your password.

4. Go through the preliminary setup options.


a) On the Welcome screen, select Next.
b) On the Typing screen, select Next.
c) On the Network screen, select Skip.
d) On the Privacy screen, select Next.
e) In the dialog box, select Deny Access.
f) On the Online Accounts screen, select Skip.
g) On the Ready to Go screen, select Start using CentOS Linux.
h) Close the Getting Started window.

@2020 version 1.0 67


Linux LPIC-1 Lab Guide

i) Examine the desktop and note that GNOME has a different look and feel than KDE.

5. Navigate the desktop and open an application.


a) From the desktop menu, select Applications→Favorites→Files.
b) Verify that you are in your home directory.
c) Double-click the backup_report file to open it in the default GUI text editor.
d) Make a change to the file, then select Save.
e) Close the text editor.
f) Close the file browser.

6. Enable accessibility settings in GNOME for users with visual and manual dexterity
impairments.
a) Select Applications→System Tools→Settings.
b) From the navigation pane on the left, select Universal Access.
c) In the Seeing section, slide the High Contrast slider to On.
d) In the Typing section, slide the Screen Keyboard slider to On.
e) Close the Settings window.

7. Open a terminal, then revert the accessibility changes.


a) From the desktop menu, select Applications→Favorites→Terminal.
b) Verify that the on-screen keyboard was automatically opened.
c) From the top-right of the desktop taskbar, select the Universal Access icon slide Screen
Keyboard to Off.
d) Do the same for High Contrast.

8. Keep the terminal window open.

@2020 version 1.0 68


Linux LPIC-1 Lab Guide

Lab 8-3: Managing Services

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. A terminal window is open. If at any time your
system is locked and shows an empty black screen, press Spacebar and then enter your password
to log back into the GUI.

SCENARIO
As a Linux administrator at Develetech, you know that you will be implementing, managing, and
reconfiguring different services. You'll be leveraging systemd, and in particular, the systemctl
command and its associated subcommands, to manage these services. You decide to start by
switching targets from CLI to GUI, and then making the default target GUI so that users will always
boot into that environment by default. Then, you'll practice managing the SSH and firewall services
by putting them through the service management lifecycle of starting, stopping, enabling, and
disabling them.
________________________________________________________________________________

1. Verify that your system is using systemd and not the older SysVinit method.
a) In the terminal window, enter ps -e | grep -i init to check for the init process.
b) Verify that the init process was not found.
c) Enter ps -e | grep -i systemd to check for the systemd process.
d) Verify that the systemd process was found and has a process ID of 1

2. View the target files that specify the services that will start when the system starts.
a) Enter cat /usr/lib/systemd/system/multi-user.target
Observe that the multi-user.target requires the basic.target— i.e., the target files build upon
each other.
b) Enter cat /usr/lib/systemd/system/graphical.target
Observe that the graphical.target requires the multi-user.target—this further illustrates
how the target files build on each other. In addition, the graphical.target calls or "wants"
the display-manager.service, which initiates the GUI.
c) Enter systemctl --type=service to view the current target's services.
d) Press q when you're finished.

3. Switch between the CLI target and the GUI target, then set the GUI target as the default.
a) Enter sudo systemctl isolate multi-user.target to switch back to the command-line
interface.
b) Sign in as student##
c) Enter sudo systemctl isolate graphical.target to switch to the graphical user interface.
d) Sign in as student## and open a terminal.
e) Enter sudo systemctl set-default graphical.target to set the GUI as the default environment.

@2020 version 1.0 69


Linux LPIC-1 Lab Guide

4. Examine the systemctl subcommands.


a) Type systemctl and then type a space, and then press Tab twice.
You can use this trick with some commands to list all of their available subcommands.

Caution: Be sure to add a space after the command and before pressing Tab.

b) Note the stop, start, restart, status, enable, and disable subcommands in particular.

5. Manage the SSH service on your server.


a) Enter sudo systemctl status sshd.service
b) Verify that the sshd service is running

c) Enter sudo systemctl stop sshd.service


d) Verify that the sshd service is stopped.

e) Enter sudo systemctl start sshd.service to start the sshd service again, then check its status
to ensure it is running.

6. Disable, and then re-enable, the firewalld service.


a) Enter sudo systemctl status firewalld.service
b) Verify that the firewalld service is running.
c) Enter sudo systemctl disable firewalld.service
d) Verify that the firewalld service is still running.
The enable and disable subcommands do not affect the current status of the service, but
rather the startup status.
e) Reboot the server, log back in to the GUI with your student## account, and verify that the
firewalld service is not running.
f) Start the firewalld service again.
g) Use the systemctl command to enable the firewalld service.

@2020 version 1.0 70


Linux LPIC-1 Lab Guide

Lab 8-4: Troubleshooting Process Issues

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
Some users have complained that processes on the Linux server are taking longer than normal to
complete. You discover several processes that are not needed are still running and were never
successfully terminated. You need to manage the system processes and the processes issued by
other users. In addition, you'll see if there are any problem processes that are consuming too many
resources or are causing delays in the boot process.
________________________________________________________________________________

1. View the current running processes and all other running processes.
a) Enter ps to list only the processes running on the current terminal.
b) Verify that only the processes started by your account are listed.
c) Enter ps -e to list all the processes running on the system.
d) Verify that more processes are listed as compared to the output of the standard ps
command.

2. Discover the process ID number of a process for which you know the name.
a) Enter pgrep sshd
b) Note the process ID number of the sshd service.

3. Issue a background command.


a) Enter sleep 300 & to pause the system for 300 seconds.
b) Make note of the PID of the sleep 300 & command:
__________________________
c) Enter ps
d) Verify that the sleep command is in the list of running processes.

4. Terminate the command.


a) Enter kill <PID> where <PID> is the sleep process ID that you noted earlier.
b) Enter ps
c) Verify that the sleep command is not in the list of running processes.

5. Explore more process information with the top command.


a) Enter top to open the process management tool.
b) Press M to reorganize the output by memory usage.
c) Press P to reorganize the output by CPU usage.
d) Press q to exit the top program.

6. Discover what files are open, and which processes opened them.
a) Enter lsof
b) Enter lsof -u student## to see files opened by a specific user.

7. View boot performance information.

@2020 version 1.0 71


Linux LPIC-1 Lab Guide

a) Enter systemd-analyze
The results of the systemd-analyze command break the startup process into three parts:
how long it took the kernel to start, how long it took the initrd image to load, and how long
user startup applications and services took to start. The command also shows the total
amount of time the startup took. This information can be used in troubleshooting long
startup times.
b) Enter systemd-analyze blame to see which processes take the longest to start during boot.
c) Press q.

@2020 version 1.0 72


Linux LPIC-1 Lab Guide

Lab 8-5: Prioritizing Processes

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
You want to back up the local copy of the /etc/ configuration directory. You expect the copying
process to be time-consuming and to continue after you log out of your system. You decide to
increase the priority of the process to ensure that it is completed on time.
________________________________________________________________________________

1. View the nice values of running processes.


a) Enter ps xl | less to view all processes run by users.
b) Examine the processes that have the highest nice value.
c) Press Page Down until you reach the end of the entire list.
d) Press q to exit the list.

2. Issue the command to copy files as a background process.


a) Enter the following to begin the copy process:
for i in {1..100}; do sudo cp -R /etc /backup/sys; done &
b) This issues the copy command 100 times to simulate a long-running task.
c) Verify that the PID and the job number are displayed.
d) Make note of the PID:
__________________________

3. Renice the copy process by using the top command.


a) Enter sudo top to open the process management tool.
b) Press r.
c) Enter the process ID of the copy operation you noted previously.
d) Enter -15 to specify the nice value.
e) Press q to exit the process list.
f) Enter ls /backup/sys
g) Verify that the files from the /etc directory are listed, indicating that the copy process is
successful.

@2020 version 1.0 73


Linux LPIC-1 Lab Guide

Lab 8-6:Troubleshooting CPU and Memory Issues

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
You want to identify some basic tools to help manage system components. Specifically, you'll review
processor and memory usage to see if the results match expected performance.
________________________________________________________________________________

1. Gather information on the CPU.


a) Enter less /proc/cpuinfo to display processor information.
b) Press q to quit.
c) Enter uptime to see how long the system has been up and view basic performance
information on the CPU.

2. Use sar to gather system information.


a) Enter sar -u to retrieve basic performance information.
b) Enter sar 2 6 to retrieve information every two seconds, for a total of six queries.
c) Enter sar -S to retrieve swap space usage information.

3. Gather information on system memory.


a) Enter less /proc/meminfo to display memory information.
b) Press q to quit.
c) Enter free to gather basic memory usage information.
d) Enter free -m to see the memory usage measured in megabytes.
e) Enter free -h to see memory usage in human-readable format.

4. Use the vmstat command to gather virtual memory usage information.


a) Enter vmstat 5 3 and wait for the report to finish.
b) Enter vmstat -d 5 3 to see the information organized on a per-storage device basis.

@2020 version 1.0 74


Linux LPIC-1 Lab Guide

Topic 9: Managing Devices

Lab 9-1: (Optional) Using udev to Manage a Hotpluggable Device

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have a USB thumb drive.

SCENARIO
One of your colleagues uses a Linux system to prep OS installation media on a USB thumb drive.
However, every time she plugs her USB drive into the system, it automatically assigns the drive a
non-descriptive name like /dev/sdb. She'd like to be able to reference the drive with a more helpful
name every time she plugs it in. So, you'll use udev to create a symbolic link to the drive based on
its unique attributes.
________________________________________________________________________________

1. Gather information unique to your USB thumb drive.


a) Plug your USB thumb drive into your computer.
b) In a terminal, enter lsblk and note the device name of your USB drive:
_______________________
It'll likely be something similar to sdb. Use the column that displays maximum storage size if
you need help identifying the device.
c) Enter udevadm info /dev/<device name> where <device name> is the name of the device
you just noted.
For example: udevadm info /dev/sdb
d) Verify that you can see various identifying information about the device.
e) Enter udevadm info -a /dev/<device name> | less to retrieve device attributes.
f) Enter /serial to search for the device's serial number, then make note of it:
_______________________
g) Look at the rest of the attributes of this parent device.
The idVendor and idProduct attributes are particularly useful because they tend to be
unique to each device.
h) Note the idVendor and idProduct attributes:
idVendor: _______________________
idProduct: _______________________
i) Keep this window open.

2. Create a udev rule that will automatically link a custom device name to the USB drive when
it's plugged in.
a) Right-click within the terminal and select Open Terminal to open a new window.
b) In the new terminal window, change to the /etc/udev/rules.d directory.
c) Using sudo, create a text file named 10-local.rules with the text editor of your choice.
d) In this text file, enter the following all on one line:
KERNEL=="<device name>", ATTRS{serial}=="<value>",
ATTRS{idVendor}=="<value>", ATTRS{idProduct}=="<value>",
SYMLINK+="install"

@2020 version 1.0 75


Linux LPIC-1 Lab Guide

Fill in the replacement values with the values identified in your other terminal. Make sure
the values are from the same parent device that you identified as having the serial number.
Also, <device name> should be in the format sdb and not /dev/sdb
e) Save and close the file.

3. Ensure the new rule is reloaded and triggered.


a) Enter sudo udevadm control --reload-rules
udev usually reloads rules automatically, but you can issue this command to make sure.
b) Enter udevadm trigger
c) This will trigger the rules for any devices currently connected. Otherwise, you'll need to
disconnect and then reconnect the device for the rule to trigger, which you'll do in the next
step.

4. Test the rule to see if it successfully creates the symbolic link.


a) From the desktop menu, select Applications→Favorites→Files.
b) On the navigation pane, select the Unmount button next to your USB thumb drive.
c) Unplug your USB drive from the computer.
d) Plug your USB drive back in.
e) At a terminal, enter lsblk /dev/install
f) Verify that the USB drive is displayed, indicating that the symbolic link was activated
automatically when you connected the drive.
g) Unmount and unplug your USB drive.
h) Close the file browser window

@2020 version 1.0 76


Linux LPIC-1 Lab Guide

Lab 9-2: Configuring a Virtual (PDF) Printer

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have a ~/policies/ aup_v2.txt file.

SCENARIO
HR wants to distribute the acceptable use policy (AUP) to employees at Develetech in both hardcopy
and electronic form. Right now, you don't have an actual printer connected to your Linux system,
but you can still print the AUP text file to a PDF, which is more suitable than a raw text file for
distribution purposes. Before you can create the PDF, you'll need to set up a virtual printer.
________________________________________________________________________________

1. Examine the current list of printers.


a) From the desktop menu, select Applications→System Tools→Settings.
b) From the navigation menu, select Devices.
c) Select Printers.
d) Verify that no printers are currently listed.
e) Keep this window open.

2. Install the Cups-PDF package.


a) In a terminal, enter sudo yum -y install epel-release cups-pdf

Note: You may need to issue this command twice in order to successfully download the
package.

3. Make the Cups-PDF printer your default printer.


a) Return to the Settings window and verify that Cups-PDF is listed in the printers list.

b) Select Unlock, then enter the root password.


c) Next to the Cups-PDF printer, select the options gear icon, then select Use Printer by
Default.
d) Close the Settings window.

4. Print a text file to PDF.


a) Open a terminal window and verify that you are in your home directory.
b) Enter lpr policies/aup_v2.txt
c) Verify that a printing notification pops up from the desktop.
d) On the desktop, double-click aup_v2.pdf to open it.
e) Close the PDF viewer when you're done.

@2020 version 1.0 77


Linux LPIC-1 Lab Guide

Lab 9-3: Monitoring Devices

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
As part of your routine system administration tasks, you need to track the devices used on all the
computers on the network and maintain a list of hardware resources that are in use.

1. Monitor any PCI devices that are connected to the system.


a) In a terminal window, enter lspci
b) Examine the brief list of hardware devices that are connected to PCI buses.
c) Each line lists the PCI slot a device is connected to, as well as the vendor and product model
of the device.
d) Enter sudo lspci -v to view more information about each device. Verify that you can see
attributes of each device, such as:
• Its vendor and product model.
• Its I/O ports.
• Its various capabilities.
• The kernel modules and drivers it uses.

2. Monitor any USB devices that are connected to the system.


a) Enter lsusb
b) Examine the brief list of hardware devices that are connected to USB buses.
c) Each line lists the USB bus a device is connected to, as well as the vendor and product model
of the device.
d) Enter sudo lsusb -v to view more information about each device. Verify that you can see
attributes of each device, such as:
• Its vendor and product model.
• The specification version it supports (bcdUSB).
• The maximum power the device can drain from the bus (bMaxPower).
• The class of device supported, e.g., mass storage vs. communications (bInterfaceClass).

3. Monitor a print job.


a) Enter base64 /dev/urandom | head -c 10000000 > printfile.txt
Note: There are 7 zeros.
This will create a text file 10 MB in size using random data encoded in readable text (Base64).
This file is large enough to take some time to print, so you'll have a chance to monitor it in
the queue.
b) Enter lpr printfile.txt to start a print job.
c) Enter lpq and note that you can see the print job in the queue, including information such
as:
• Its rank (status).
• Who owns the print job.
• The number of the job.

@2020 version 1.0 78


Linux LPIC-1 Lab Guide

• What file(s) are being printed.


• The total size of the request.
d) Allow the print job to finish.

@2020 version 1.0 79


Linux LPIC-1 Lab Guide

Topic 10: Managing Networking

Lab 10-1: Configuring the Server's Network Identity

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
You need to ensure the system's hostname and IP address configuration is correct. You also need
to be able to configure network settings whether or not a GUI is installed. You will configure the
system with both a static IP address and a dynamic IP address.
________________________________________________________________________________

1. Set the server's hostname.


a) In a terminal window, enter hostname to view the system's current hostname.
b) Enter nmcli general hostname to use a different command to view the system's current
hostname.
c) Enter sudo hostnamectl set-hostname server## to configure a new hostname.
Replace ## with your student number. For example: server01
d) Enter sudo systemctl restart systemd-hostnamed to restart the service, making the change
persistent.
e) Verify that your system's hostname has changed.

2. Verify the current IP address configuration of the server.


a) Enter man ifconfig and note the man page entry that indicates the tool is deprecated
(retired).
b) Press q to quit.
c) Type ip (don't press Enter), add a space, then press Tab twice to see a list of available
subcommands.

Note: Be sure to include a space before pressing Tab twice.

d) Enter ip addr to display information about available network interfaces.


e) On CentOS 7, the main Ethernet device you should use will usually be named in the format
enp#s#
For the following steps, make sure you're using this, and not the loopback adapter or a
wireless LAN adapter.
f) Enter ip addr show <device ID> to display the information for a specific NIC.

@2020 version 1.0 80


Linux LPIC-1 Lab Guide

Use the NIC <device ID> from the output of the previous step. For example, the device ID
value might be enp0s3

Note: One of the first steps in networking troubleshooting is to verify the current IP address
configuration. Therefore, the ip command will be essential to your network troubleshooting
process.

3. Display network information by using nmcli


a) Enter nmcli general status to view the current network connectivity status according to
NetworkManager.
b) Enter nmcli connection show to see the name, UUID, type, and device ID for each NIC.

4. Disable and enable a NIC using nmcli


a) Enter nmcli con down <device ID> to stop the NIC, making it inactive.
b) Enter nmcli device status to view the current status.
c) Enter nmcli con up <device ID> to re-enable the NIC, making it active.
d) Enter nmcli device status to view the current status.

5. Configure the system with a static IP address using nmcli


a) Enter ip addr show <device ID> to view the current IP address.
b) Enter nmcli con edit <device ID> to edit the NIC's configuration.
c) Enter set ipv4.addresses 10.50.1.1##/24 to set the static IP address at the nmcli prompt.
Replace ## with your student number. For example: 10.50.1.101

Note: Your instructor may provide you with different IP addressing information.

d) Press Enter to set ipv4.method to manual


e) Enter save at the nmcli prompt.
f) Enter quit at the nmcli prompt.
g) Enter nmcli con down <device ID>
h) Enter nmcli con up <device ID> to reset the device.
i) Enter ip addr show <device ID> to confirm the static IP address is configured.

6. Configure the system as a DHCP client.


a) Enter nmtui at the prompt to open a new interface.

Note: Use the Tab key and the arrow keys to navigate text-based user interfaces. Use the
Spacebar to check/uncheck settings. Use the Enter key to accept a configuration.

b) Make sure Edit a connection is highlighted, and then press Enter.


c) With your device ID highlighted from the Ethernet menu, press the Right Arrow key once
then the Down Arrow key to highlight <Edit...> and then press Enter.
d) Notice the static IP address, as configured in the previous task.

@2020 version 1.0 81


Linux LPIC-1 Lab Guide

e) Press the Tab key three times to move to the IPv4 CONFIGURATION line.
That line currently displays <Manual>.
f) Press Enter and select Automatic from the menu.
g) Press the Tab key multiple times until you reach the bottom of the interface and <OK> is
highlighted.
h) Press Enter to save your changes to the network configuration.
i) Use the Tab key to highlight <Back> and then press Enter.
j) In the NetworkManager TUI interface, use the Down Arrow key to highlight Quit and then
press Enter.
k) Enter ip addr show <device ID> and notice that the old statically assigned IP address is still
in place.
This is because you need to restart the network service for changes to take effect.
l) Enter sudo systemctl restart network
m) Enter ip addr show <device ID> and notice a new IP address is configured, leased from a
DHCP server.

7. Using the GUI, reconfigure the NIC to use a static IP address.


a) From the desktop menu, select Applications→System Tools→Settings.
b) In the Settings menu, select Network.
Notice the NIC is displayed as Connected and On.
c) Select the Configuration gear button

Note: The NIC details may still show the static IP address.

d) Select the Apply button in the upper-right corner of the interface.


e) Select the slider to turn the NIC Off, then turn it back On.
f) Select the Configuration gear button again and note the leased IP address.
g) Select the IPv4 tab.
h) Observe that the Automatic (DHCP) button is selected, as configured in the previous nmtui
task.
i) Select the Manual radio button, and then fill in the Address, Netmask, and Gateway fields:
• IP address: 10.50.1.1##
• Subnet mask: 255.255.255.0 or /24
• Gateway: 10.50.1.1

Note: Your instructor may provide you with different IP addressing information.

j) In the DNS field, enter 8.8.8.8


This is one of Google's DNS servers.
k) Select Apply.
l) Select the slider to turn the NIC Off, then turn it back On.
m) Close the Settings window.
n) Test the network configuration by opening Applications→Favorites→Firefox Web Browser
and browsing to the https://www.lpi.org website.
o) When you're done, close the browser.

@2020 version 1.0 82


Linux LPIC-1 Lab Guide

Lab 10-2: Verifying Network Configurations

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. Previously, you configured networking
information on your server.

SCENARIO
Now that you've configured a NIC, you need to verify that those configurations are active and
accurate. So, you'll use ethtool and the device's configuration file to confirm the networking details.
________________________________________________________________________________

1. Gather information with ethtool


a) If necessary, enter ip a to recall your Ethernet device ID.
b) Enter ethtool <device ID>
c) Verify that you can see information about the NIC's capabilities and configurations.
You should be able to see the NIC's maximum bandwidth speed, its duplex capabilities, its
supported link modes, and more.

2. View network configuration files.


a) Enter ls /etc/sysconfig/network-scripts to display the contents.
b) Verify that there is a ifcfg-<device ID> file.
c) Enter cat /etc/sysconfig/network-scripts/ifcfg-<device ID> to view the contents.
d) Verify that you can see device information as well as IP addressing information for this NIC.

@2020 version 1.0 83


Linux LPIC-1 Lab Guide

Lab 10-3: Configuring a DNS Client


BEFORE YOU BEGIN
You are logged in to the GUI as your student account. You will work with a partner in this activity.
SCENARIO
In addition to setting up machine-friendly IP addressing, you also need to account for the fact that
humans aren't good at remembering long strings of numbers. So, you'll configure name resolution
to relate a hostname with an IP address so that users can easily refer to a specific computer on the
network.
________________________________________________________________________________
1. Review the IP address and hostname identities of your system.
a) Enter hostname to view the system's user-friendly name.
b) Enter ip addr show <device ID> to view the system's IP address.
Humans don't tend to be good at remembering long strings of numbers. Name resolution is
used to relate the hostname and the IP address values displayed above.
c) If the leased IP address is still visible, use nmcli con down <device ID> and then up to reset
the interface.

2. Configure name resolution for your system.


a) Enter cat /etc/resolv.conf to display the DNS server(s) the system is configured to query.
b) Enter cat /etc/hosts to display the static text file that can be used for name resolution.
c) Ask your partner for the hostname and IP address of their system. Provide the same
information to them about your system.
d) Enter ping <partner hostname> and verify that it fails.
e) Enter ping <partner IP address> and verify that it succeeds.
f) Press Ctrl+C to interrupt the process.
g) Using sudo, open the text editor of your choice to add your partner's hostname and IP
address information into the/etc/hosts file in the format <partner IP address> <partner
hostname>
For example: 10.50.1.101 server01
h) Save and close the file.
i) Ping your partner's hostname and IP address again and verify that, this time, both succeed.

3. Ensure name resolution for Internet identities is functioning correctly.


a) Enter host www.google.com
b) Enter nslookup www.google.com
c) Verify that you receive IP addressing results for google.com with each command.

@2020 version 1.0 84


Linux LPIC-1 Lab Guide

Lab 10-4: Configuring Virtualization

DATA FILE
/opt/linuxplus/managing_networking/yum-script.sh
/opt/linuxplus/managing_networking/CentOS-7-x86_64-DVD-1804.iso
/opt/linuxplus/managing_networking/ubuntu-vm.qcow2

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
One of the developers at Develetech has asked for your help. She needs Linux test environments to
test that her application functions as designed. She'd like to manage the environments herself and
be able to revert back to their original configuration for each test. You will install a KVM
virtualization solution for her.
________________________________________________________________________________

1. What are some of the potential benefits of virtualization?


Answers will vary. Virtualization can enable easy-to-revert environments; enable more
efficient use of hardware; support on-demand availability; support quick starting and
stopping of environments; offer better support for disaster recovery; and more.

2. Install the KVM virtualization software.


a) Enter cat /proc/cpuinfo | grep vmx and then enter cat / proc/cpuinfo | grep svm to check
the processor.
If either term is found, the processor should support virtualization.
b) Enter sudo yum -y install qemu-kvm qemu-img virt- manager libvirt libvirt-python libvirt-
client virt-install virt-viewer bridge-utils librbd1 librbd1 librbd1-devel libsolv
This installs KVM and dependent software.
c) Wait for KVM to finish installing.

3. Start the KVM service.


a) Enter sudo systemctl start libvirtd to start the service.
b) Enter sudo systemctl enable libvirtd to make the service persist.
c) Enter lsmod | grep kvm and verify that the KVM kernel module is loaded.

4. Create a VM at the CLI.


a) Enter sudo virt-install --name=devtech-install --vcpus=1 --memory=2048 --
cdrom=/opt/linuxplus/managing_networking/CentOS-7-x86_64-DVD-1804.iso --disk
size=12 --os-variant=rhel7
This defines the hardware specifications of the virtual machine to create. The VM will use
one virtual CPU, have access to 2 GB of RAM, use the provided system image to boot from,
and have access to a 12 GB storage drive.
b) Close the VM window that pops up.
c) Enter sudo virsh save devtech-install saved-vm to stop the VM and save its state for later.

5. Import a VM image using the GUI Virtual Machine Manager.

@2020 version 1.0 85


Linux LPIC-1 Lab Guide

a) From the desktop menu, select Applications→System Tools→Virtual Machine Manager.


b) Enter the root password to continue.
c) In the Virtual Machine Manager, select File→New Virtual Machine.
d) In the New VM wizard, for the first step, select Import existing disk image, then select
Forward.
e) For the second step, select Browse and then select Browse Local.
f) From the navigation menu, select + Other Locations.
g) Select Computer.
h) Navigate to /opt/linuxplus/managing_networking and open ubuntu-vm.qcow2.
i) Select Forward.
j) For the third step, change the Memory (RAM) to 2048 and ensure CPUs is set at 1.
k) Select Forward.
l) For the fourth step, name the VM ubuntu-vm and select Finish.

6. Get acquainted with Ubuntu, a different distribution of Linux.


a) Verify that a virtual machine window automatically pops up.
b) On the authentication screen, log in to the Ubuntu virtual machine using student as the
account and Pa22w0rd as the password.
c) Verify that you successfully signed in to the Ubuntu desktop.

Note: If you receive an error that there is no space left on the device, reboot CentOS and try
again.

d) From the bottom-left corner, select the Show Applications button need to scroll the VM
window down to locate this button.

Note: If at any time you're prompted by the Software Updater dialog box, select Remind Me
Later.

e) Select the Settings icon.


f) In the Settings window, from the navigation menu, select Network.
g) Select the configuration gear icon for the Wired connection to view the Ubuntu VM's
networking information.
h) Close the Wired window, then close the Settings window.
i) From the Show Applications menu, select the Utilities icon.
j) Select the Logs icon.
k) Observe the log files that are displayed, then close the Logs window when you're done.
l) From the dock on the left side of the desktop, select the Ubuntu Software icon.
m) At the top of the window, select the Installed tab.
n) Scroll down and verify that Vim is installed, then close the window when you're done.

7. Shut down the virtual machine.


a) Close the virtual machine window.
b) Right-click the ubuntu-vm VM and select Shut Down→Shut Down.

Note: You may need to issue the shut down command twice.

@2020 version 1.0 86


Linux LPIC-1 Lab Guide

c) Wait for the VM's state to change to Shutoff.


d) Close Virtual Machine Manager.

@2020 version 1.0 87


Linux LPIC-1 Lab Guide

Lab 10-5: Testing the Network Environment

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You will work with a partner in this activity.

SCENARIO
You want to use some of the Linux network troubleshooting utilities so that you can better
understand the Develetech network environment. These will help you diagnose and solve issues
related to latency, lack of hostname resolution, inability to connect to other hosts, and more.
________________________________________________________________________________

1. View network services that are currently listening on the hosts in your network.
a) Enter ip addr to verify the system has a correct IP address configuration.

Note: When troubleshooting, an IP address that begins with 169.254 indicates the client
could not lease an IP address from a DHCP server.

b) Enter ss -l | less to see what TCP ports your system is currently listening on, then press q to
return to the prompt.
c) Enter nc localhost 21
d) You should receive a "Connection refused" error, indicating that your system is not listening
on port 21 (FTP).
e) Enter nc <partner hostname> 22 to verify that your partner's host is listening on port 22
(SSH).
f) Press Ctrl+C to disconnect.
g) You can use a tool like nc to identify network services that aren't listening on the local or
remote host.

2. Test public name resolution.


a) Enter host www.lpi.org
b) Verify that you resolved the public LPI hostname to a specific IP address.
c) You can use a name resolution tool like host to ensure that you can establish a connection
to hosts using human-friendly hostnames.

3. Capture network traffic.


a) Enter sudo tcpdump -i <device ID>where<device ID> is your Ethernet device name.
b) Verify that the tool is listening on the device.
c) Right-click the desktop and select Open Terminal to open another terminal.
d) In this new terminal, enter ping <partner hostname> -c 4
e) In the other terminal window, verify that tcpdump captured the ICMP echo traffic.

@2020 version 1.0 88


Linux LPIC-1 Lab Guide

You can use a network capture tool like tcpdump to learn more about the traffic that is
transmitted and received over your network.
f) Close the terminal window running the tcpdump capture.

@2020 version 1.0 89


Linux LPIC-1 Lab Guide

Topic 11: Managing Packages and Software

Lab 11-1: Managing Software with RPM and YUM

DATA FILES
/Packages/ksh-20120801-137.el7.x86_64.rpm
/Packages/vsftpd-3.0.2-22.el7.x86_64.rpm

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
One of the other Develetech administrators has asked you to demonstrate the software
management lifecycle on a CentOS server. You will use the KornShell (ksh) as an example of how to
use the rpm command, and then the Very Secure FTP daemon (vsftpd) to demonstrate the yum
command.
________________________________________________________________________________

1. Use the rpm command to manage the software lifecycle.


a) If necessary, open a terminal.
b) Enter sudo rpm -ivh /Packages/ksh-20120801-137.el7.x86_64.rpm to install the ksh
package in verbose mode and with a hash progress bar.
c) Enter rpm -qi ksh to view information on the ksh package.
d) Enter sudo rpm -Vv ksh to verify the ksh installation.
e) Enter sudo rpm -ql ksh to list the files in the ksh package.
f) Enter sudo rpm -e ksh to "erase" or uninstall the ksh package.

2. Use the yum command to manage the software lifecycle.


a) Enter yum info vsftpd to discover information about the vsftpd package.
b) Enter sudo yum localinstall /Packages/vsftpd-3.0.2-22.el7.x86_64.rpm to install the vsftpd
package.
c) Enter y when prompted to complete the installation.

Note: If you include a -y option with yum, it will automatically answer yes to this prompt and
not pause the installation.

d) Enter yum info vsftpd to view information on the vsftpd package.


e) Enter yum provides /etc/vsftpd/vsftpd.conf to discover what package the configuration file
belongs to.
f) Enter sudo yum -y remove vsftpd to uninstall the vsftpd package.

@2020 version 1.0 90


Linux LPIC-1 Lab Guide

Lab 11-2: Managing Software with dpkg and APT

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. An Ubuntu VM has been prepared for you to
use.

SCENARIO
Some Linux systems in Develetech run Ubuntu and other versions of Debian. Just like your Red Hat-
based systems, these need to undergo network troubleshooting from time-to-time. So, you'll
download and install the nmap package on these machines to ensure you have the right toolset for
the job. You'll use dpkg and APT.
________________________________________________________________________________

1. Load the Ubuntu VM.


a) From the desktop menu, select Applications→System Tools→Virtual Machine Manager.
b) Enter the root password.
c) Right-click ubuntu-vm and select Run.
d) Right-click ubuntu-vm and select Open.
e) Wait for the VM to load.
f) Select the student account, then enter Pa22w0rd as the password.

2. Update the APT database with current package version information.


a) Right-click the desktop and select Open Terminal.
b) Enter sudo apt update
c) Enter the password when prompted.

Note: If the Ubuntu VM has no Internet connectivity, you may need to restart your CentOS
host and then reload the VM.

d) Verify that the database update operation completed.


You're presented with the number of packages that can be upgraded. If you wanted to
upgrade an existing package, you could use the apt upgrade {package name} command. For
now, you'll install a new package.

3. Download and install the nmap package.


a) Enter sudo apt install nmap

Note: If you receive a "Could not get lock..." error, it means the APT package manager is
automatically checking for updates. You could wait a few moments or kill the process
manually.

b) Enter y to confirm the operation.

Note: You might need to maximize the VM window or scroll to see the prompt asking you to
confirm the operation.

c) Wait for the installation to complete.

@2020 version 1.0 91


Linux LPIC-1 Lab Guide

d) Enter apt show nmap to discover information about the nmap package.
e) Enter nmap localhost to test the utility, confirming that it executes and checks the VM's
basic network functionality.

4. Shut down the VM.


a) From the Virtual Machine Manager (VMM) interface, select Virtual Machine→Shut
Down→Shut Down.
b) Close the VM window.
c) Close the Virtual Machine Manager window.

@2020 version 1.0 92


Linux LPIC-1 Lab Guide

Lab 11-3: Configuring Repositories

BEFORE YOU BEGIN


You are logged in to the CentOS GUI as your student account.

SCENARIO
While the Linux vendors tend to provide online repositories, one of the concerns with using these
is version control of applications. Develetech has decided to manage an internal repository of
software packages, making version control much easier. You will configure a local YUM repository
on the CentOS server. You will then make a YUM repository available using Apache HTTP Server.
________________________________________________________________________________

1. Configure a local YUM repository.


a) If necessary, open a terminal.
b) Browse to /Packages and view the available .rpm files.
c) Enter sudo createrepo /Packages to designate that directory as a YUM repository.
d) This may take a few minutes.
e) Using sudo, create a file named /etc/yum.repos.d/local-repo.repo with the text editor of
your choice.
f) Edit this file by providing the following values:
[local-repo]
name=Local Repository
baseurl=file:///Packages
enabled=1
gpgcheck=0
g) Save and close the file.

2. Verify the location is recognized as a YUM repository.


a) Enter yum clean all
b) Enter yum repolist and verify the local-repo is displayed.
c) Enter sudo yum -y --enablerepo=local-repo install ksh to install the KornShell package from
the repository.

3. Install Apache HTTP Server to use as a repository.


a) Enter sudo yum -y install httpd
b) Enter sudo systemctl start httpd to start the Apache service.
c) Enter systemctl status httpd and verify that Apache is active (running).

4. Designate Apache as a repository.


a) Enter sudo ln -s /Packages /var/www/html/packages to link the /Packages directory to
Apache.
b) Enter sudo createrepo /var/www/html/packages to designate the location as a YUM
repository.

5. Create the repository reference file.


a) Using sudo, create a file named /etc/yum.repos.d/internal- repo.repo with the text editor
of your choice.

@2020 version 1.0 93


Linux LPIC-1 Lab Guide

b) Edit this file by providing the following values:


[internal-repo]
name=Internal Repository
baseurl=http://localhost/packages
enabled=1
gpgcheck=0
c) Save and close the file.

6. Verify the location is recognized as a YUM repository.


a) Enter yum clean all
b) Enter yum repolist and verify the internal-repo is displayed.
c) Enter sudo setenforce 0
This disables SELinux, an access control mechanism that would otherwise prevent access to
the web-hosted packages.
d) Enter firefox http://localhost/packages to see a list of packages from the Apache web
server.

e) Close Firefox when you're done.


f) Enter sudo setenforce 1 to re-enable SELinux.
g) Enter cd ~ to return to your home directory.

@2020 version 1.0 94


Linux LPIC-1 Lab Guide

Lab 11-4: Acquiring Software

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
You are investigating ways of downloading software from the web. Specifically, you are considering
writing a script to automate the download process. You will use wget and curl to try the downloads
manually.
________________________________________________________________________________

1. Use the wget utility to download a file from the web.


a) At a terminal, ensure you're in your home directory.
b) Enter wget https://download.samba.org/pub/samba/samba-latest.tar.gz to download the
most recent source code file for the Samba service.
c) Check your home directory for a file named samba-latest.tar.gz

2. Use curl to download a file from the web.


a) Enter curl -o nmap-7.70.tar.bz2 https://nmap.org/ dist/nmap-7.70.tar.bz2 to download
version 7.70 of the Nmap utility.
b) Check your home directory for a file named nmap-7.70.tar.bz2

3. Expand a source code tarball so that it is ready to be compiled in a later activity.


a) Enter tar -xvjf nmap-7.70.tar.bz2 to extract the files.
b) Verify that the source code files were extracted in the ~/nmap-7.70/ directory.

Note: You will compile the Nmap utility source files in a later activity. Your current objective
is just to acquire and unpackage it.

@2020 version 1.0 95


Linux LPIC-1 Lab Guide

Lab 11-5: Compiling and Installing an Application

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. Previously, you downloaded source files for
Nmap.

SCENARIO
Develetech will be relying on Nmap to troubleshoot its networked systems and perform
vulnerability assessments. You know that compiling Nmap from source code enables greater
flexibility and control. You will do a basic software compile of Nmap.
________________________________________________________________________________

1. Confirm that Nmap is not currently installed.


a) Enter rpm -qi nmap
b) Verify that nmap is not installed.

2. Install the necessary GCC compiler for Nmap on CentOS 7.


a) Enter the following:
sudo yum -y install gcc-c++ --disablerepo=internal-repo
b) Wait for the package to finish installing.

3. Compile the Nmap source code.


a) Change to the ~/nmap-7.70 directory.
b) Enter ./configure to generate a makefile based on your system's configuration.
This may take a few minutes.
c) Enter make to compile the software based on the makefile instructions.
d) Enter sudo make install to install the binaries on the system.
e) Enter /usr/local/bin/nmap and verify that it is installed.

@2020 version 1.0 96


Linux LPIC-1 Lab Guide

Topic 12: Securing Linux Systems

Lab 12-1: Encrypting a Volume

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have a /backup/data volume.

SCENARIO
The data you'll be backing up to your various logical volumes is sensitive in nature and should not
be readable if it were to fall into the wrong hands. To protect the confidentiality of your backed up
data, you'll encrypt the volumes that hold this data. You'll start with the databk volume. Without
the correct key (e.g., a passphrase), a user will only see the scrambled ciphertext of this volume, and
will be unable to read the plaintext data of individual files.
________________________________________________________________________________

1. Prepare the data backup volume for encryption.


a) Enter sudo umount /backup/data
b) Enter sudo shred -v --iterations=1 /dev/backup/databk
This will overwrite the contents of the volume to securely wipe any existing data. This is a
good practice to ensure that no sensitive data remains before you prepare the encrypted
volume.
c) Verify that the shred command finishes successfully.

2. Encrypt the data backup volume with a passphrase.


a) Enter the following:
sudo cryptsetup -v --verify-passphrase luksFormat /dev/ backup/databk
b) Enter YES when prompted to confirm.
c) When prompted for a passphrase, enter lpic-1
d) Verify the passphrase.
e) Verify that the command was successful.

3. Open the encrypted volume and verify that it is listed.


a) Enter the following:
sudo cryptsetup luksOpen /dev/backup/databk databk
b) Enter lpic-1 as the passphrase.
c) Verify that you are returned to a prompt without errors.
d) Enter ls -l /dev/mapper | grep databk
e) Verify that the encrypted volume is listed.

4. Format the volume, mount it, and create a file.


a) Enter sudo mkfs.ext4 /dev/mapper/databk
b) Verify that the file system was written.
c) Enter sudo mount /dev/mapper/databk /backup/data
d) Enter echo "Encrypted" | sudo tee /backup/data/encrypt.txt

5. Add the encrypted volume to the /etc/crypttab and /etc/fstab files.


a) Enter sudo bash -c "echo databk /dev/backup/databk none >> /etc/crypttab"

@2020 version 1.0 97


Linux LPIC-1 Lab Guide

b) Enter sudo cat /etc/crypttab and confirm that the line was added.

This file is similar to /etc/fstab and initializes encrypted storage devices at boot.
c) Using sudo, open the /etc/fstab file in your text editor of choice.
d) Edit the line that mounts the /dev/backup/databk volume to say the following:
/dev/mapper/databk /backup/data ext4 nofail 0 0
This will mount the encrypted volume after it has been unlocked. The nofail option indicates
that the system should not report any errors if the volume is not detected.
e) Save and close the file.

6. Reboot the machine and unlock the encrypted volume.


a) Enter reboot
b) Verify that, rather than the normal sign in screen, you are prompted to unlock the encrypted
volume with your passphrase.
c) Enter lpic-1
d) Sign in as your student account.
e) Using your preferred method, open the /backup/data/encrypt.txt file and verify you can
read its plaintext contents.
f) Enter sudo bash -c "echo > /etc/crypttab"
You're clearing this file so you won't be prompted to unlock the volume every time you
reboot. You can still unlock the volume manually after you've booted into the OS.

Note: Encrypting a volume in this way requires physical access to the computer in order to
unlock it and complete the boot process. You won't be able to SSH into the system to unlock
it.

@2020 version 1.0 98


Linux LPIC-1 Lab Guide

Lab 12-2: Configuring SSH Authentication Using a Key Pair

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You will work with a partner in this activity.

SCENARIO
You want to enable your fellow administrators to remotely access servers that are physically located
elsewhere. By default, the servers are already set up to accept encrypted SSH connections. Recently,
however, Develetech has been the victim of several brute force password cracking attempts.
Attackers have tried to gain remote access by running through various combinations of passwords.
To minimize the risk of these attacks, you decide to change the authentication method that
administrators will use to connect remotely. You'll have them each generate a cryptographic key
pair that they'll use to prove their identities. Anyone without the key will be denied access. You'll
also disable password authentication on the servers to mitigate brute force attacks.
________________________________________________________________________________

1. Generate a public and private key pair to use with SSH authentication.
a) Enter ssh-keygen
b) Press Enter to accept the default path in which to save the key.
c) Enter lpic-1 as the passphrase.
You don't need to protect a private key with a passphrase, but doing so adds a second factor
to the authentication process, and is recommended. The passphrase will decrypt the private
key before it is used to solve the server's encrypted challenge.
d) Enter the passphrase again.
e) Verify that the keys were generated and saved to the home directory.

f) Enter cat .ssh/id_rsa and examine the (encrypteprivate key. This is the key you'll use to
validate the SSH server's encrypted challenge.
g) Enter cat .ssh/id_rsa.pub and examine the public key.
The server needs to install this public key once. The server will use this public key to verify
the authenticity of the private key.

2. Copy your public key to your partner's server.


a) Enter ssh-copy-id student##@<partner's IP address or hostname>

Caution: The student## number should be your partner's number, not yours. This is because
they don't have your specific student account on their system, so you have to use theirs.

For example: ssh-copy-id student01@10.50.1.101


b) Enter yes to accept the authenticity of your partner's host machine.
c) When prompted for a password, enter Pa22w0rd
d) Verify that the key was added.

3. Verify that your partner's public key was added to your server.

@2020 version 1.0 99


Linux LPIC-1 Lab Guide

a) Wait for your partner to finish copying their key to your server.
b) Enter cat .ssh/authorized_keys and verify that your partner's key was added.

Any public keys added to this file are considered authorized and will be used in SSH
authentication. If you wanted to authenticate other users, you could have them generate a
unique key pair and then add their public key to this file as well.

4. Authenticate with your partner's SSH server using your private key.
a) Enter ssh student##@<partner IP address or hostname>

Caution: Remember, use your partner's student number.

b) When prompted, type (but don't press Enter) lpic-1 as the passphrase to unlock your private
key.
c) Check the Automatically unlock this key whenever I'm logged in check box.
d) Select Unlock.
e) Verify that you are signed in to your partner's server as their student account.

Note: If you get an "Authentication failed" message, enter the ssh command again.

You've successfully authenticated with your partner's SSH server.

5. For added security, disable password authentication.


a) Enter exit to close your SSH session and return to your local login.
b) Using sudo, open the /etc/ssh/sshd_config file in your desired text editor.
c) Scroll down until you get to the PasswordAuthentication yes line.
d) Change yes to no and then save and quit the file.
e) Enter sudo systemctl restart sshd
f) Wait for your partner to disable password authentication on their server.
g) Enter ssh ariley@<partner IP address or hostname>
h) Verify that permission is denied.
You have no private key for this account, and the server isn't accepting passwords.

@2020 version 1.0 100


Linux LPIC-1 Lab Guide

Lab 12-3: Configuring SELinux

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. Previously, you installed Apache HTTP Server.

SCENARIO
The Apache web server you installed is serving its purpose, but the team would like to organize the
server's files in a more descriptive way than the default /var/www/ html directory. Also, the system
will eventually run multiple web apps, each in a different path. For now, you need to place all of the
web server files in a new /var/develweb directory. Even though you apply the correct standard
permissions and configure Apache to allow access, SELinux will prevent the httpd service from
reading files in this new directory. So, you'll configure SELinux as needed to make sure the web
server is operational.
________________________________________________________________________________

1. Check the status of SELinux.


a) Enter sestatus
b) Verify that SELinux is enabled and in enforcing mode.

2. Create a new directory to hold the web server files.


a) Enter sudo mkdir /var/develweb
b) Enter sudo bash -c "echo This is a test > /var/develweb/test.html"
c) Enter ls -al /var/develweb
d) Verify that all users have read and execute permissions to this directory, and that all users
have read permissions to the file you just created.

3. Configure Apache settings to use the new path as the document root and enable access.
a) Using sudo, open the /etc/httpd/conf/httpd.conf in the text editor of your choice.
b) Enter /DocumentRoot to search for the appropriate field.
c) Change this field to the following:
DocumentRoot "/var/develweb"
d) Below this, look for the <Directory "/var/www"> line and change it to the following:
<Directory "/var/develweb">
e) Save and quit the file.
f) Enter sudo systemctl restart httpd

4. Attempt to view the web page, and troubleshoot any issues.


a) From the desktop menu, select Applications→Favorites→Firefox Web Browser.
b) Navigate to http://127.0.0.1/test.html.
c) Verify that you are presented with a Forbidden message.
The message elaborates by saying you don't have permission to access the HTML file. An
SELinux alert will also pop up on the desktop, but will be minimized after a few seconds.
d) If the SELinux alert is still open, hover over it and select Show. If the alert disappears, select
the icon to the left of the clock to open the same SELinux Alert Browser dialog box.
e) Select Troubleshoot.
f) Under If you were trying to, select the first option.

@2020 version 1.0 101


Linux LPIC-1 Lab Guide

g) Verify that the proposed solution involves changing the context label on the new directory
path.
The troubleshooter mentions many possible file types, but there is a way to narrow down
which one you need to use.
h) Close this dialog box.

5. Verify the required SELinux context and the current one applied to the new path.
a) At a terminal, enter ls -Z /var/www
Retrieving SELinux context information from the default document root should provide you
with what you need.
b) Verify that the "type" context for the html directory is httpd_sys_content_t
This is the context you need to apply to your new directory to allow Apache to access the
files.
c) Enter ls -aZ /var/develweb and verify that the "type" context for your new directory is var_t
This new directory inherited the default context of its container directory (/var).

6. Apply the appropriate context to the new web server directory.


a) Enter the following:
sudo semanage fcontext -a -t httpd_sys_content_t "/var/develweb(/.*)?"
This adds the provided context for the /var/develweb directory. The symbols at the end use
a regular expression to apply this context to all subdirectories and files within this directory.
b) Enter ls -aZ /var/develweb and verify that the directory still doesn't have the correct
context.
c) Enter sudo restorecon -Rv /var/develweb
d) Check the directory's contexts again and verify that it now shows httpd_sys_content_t

7. Confirm that you can now access the web page.


a) Switch back to Firefox and refresh the page.
b) Verify that the test page is displayed.
c) Close the browser.

@2020 version 1.0 102


Linux LPIC-1 Lab Guide

Lab 12-4: Configuring a Firewall

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You will work with a partner in this activity.
Earlier, you compiled and installed the Nmap utility.

SCENARIO
Your fellow network administrators have designed a DMZ in which you'll need to place several
public-facing Linux systems. For the most part, these systems function as web servers, and need to
allow users to connect using the HTTP and HTTPS protocols. The servers are also running a custom
app that the development team has programmed to accept connections on port 7743.
So, your job is to tighten the network security of the servers without denying access to the necessary
services. You'll do this by configuring the firewalld service, the default and preferred firewall service
on CentOS 7.
________________________________________________________________________________

1. Test the firewall to see if it's blocking a well-known port.


a) Enter systemctl status firewalld
b) Confirm that the service is currently active and running.

Note: If it isn't, enter sudo systemctl start firewalld

c) Enter sudo /usr/local/bin/nmap -sV <partner IP address or hostname> -p 80


d) Verify that port 80 is listed as "filtered", meaning that a firewall is likely blocking traffic on
this port.

2. Get more information about a specific zone.


a) Enter firewall-cmd --get-zones to get a list of all default zones.
b) Enter sudo firewall-cmd --zone=dmz --list-all
c) Verify that you see several details about this zone, including:
• Its target. The target defines the behavior for incoming connections (i.e., accept, reject, or
drop traffic). The default setting is to reject traffic not matching any rules.
• What network interfaces this zone is currently applied to.
• What services, ports, and protocols are applied to this zone. In this case, SSH is the only
service that will accept incoming connections on interfaces that use this zone.
• Additional rules for port forwarding, blocking ICMP (ping), and more.
d) Enter sudo firewall-cmd --get-active-zones
e) Verify that, currently, your main Ethernet interface is using the public zone.

3. Set the dmz zone for your primary network interface.


a) Enter ip a and note the device name of your primary Ethernet interface. This is the interface
that you configured in the networking lesson.
b) Enter sudo firewall-cmd --zone=dmz --change- interface=<device ID> --permanent
c) Verify that the change was a success.

4. Add services and a custom port to the zone.


a) Enter the following:

@2020 version 1.0 103


Linux LPIC-1 Lab Guide

sudo firewall-cmd --zone=dmz --add-service=http --permanent


b) Enter the following:
sudo firewall-cmd --zone=dmz --add-service=https --permanent
You've just added HTTP and HTTPS as services that will apply to the dmz zone. In other
words, traffic bound for these services will be allowed.

c) Enter the following:


sudo firewall-cmd --zone=dmz --add-port=7743/tcp --permanent
This adds a specific port instead of a defined service to the zone.

5. Verify that your configurations were applied to the zone.


a) Enter sudo firewall-cmd --reload
b) Enter sudo firewall-cmd --zone=dmz --list-all
c) Verify the following about this zone:
• It is being used by your main network interface.
• The HTTP and HTTPS services are active in the zone.
• TCP port 7743 is also active in the zone.

6. Test the firewall to see if your configurations are working as intended.


a) Wait for your partner to complete the previous steps.
b) Enter sudo /usr/local/bin/nmap -sV <partner IP address or hostname> -p 80
c) Verify that the port is now open, indicating that the firewall is allowing traffic on this port.
d) Use the same nmap command to scan for port 21 (FTP).
e) Verify that it is filtered, indicating that the firewall is blocking traffic on this port as expected.
f) Enter ssh student##@<partner's IP address or hostname>

Caution: Remember, use your partner's student number.

g) Verify that you are able to make a connection, indicating that SSH traffic is allowed.
h) Enter exit to close the SSH session.

@2020 version 1.0 104


Linux LPIC-1 Lab Guide

Lab 12-5: Configuring rsyslog for Local and Remote Logging

BEFORE YOU BEGIN


You are logged in to GUI as your student account. You will work with a partner in this activity.

SCENARIO
You want to ensure that your system is logging only messages that are useful to you and other
analysts. So, you'll configure the local logging behavior to be more fine- tuned and less noisy. In
addition, each system should be sending its authentication logs to a remote, centralized server for
easy analysis and storage. So, you'll configure rsyslog to send these messages to a remote host over
the network.
________________________________________________________________________________

1. Examine the default rules in the rsyslog configuration.


a) Using sudo, open the /etc/rsyslog.conf file in the text editor of your choice.
b) Scroll down to the RULES section.
c) Verify that, in the left column, each line lists one or more severities and/or facilities.

For example, the authpriv.* facility refers to private authentication messages, such as login
and logout events. The asterisk (*) indicates that all severities should be logged.
d) Verify that each line has a corresponding action in the right column.
For example, the authpriv.* facility will log its messages in the /var/log/ secure file.

2. Filter the messages log to reduce the number of events it records.


a) Locate the line that logs events to the /var/log/messages file.
This line tells rsyslogd to log all events that are of info level (6) severity and above (lower
number is more severe). It makes exceptions for mail messages, private authentication
messages, and cron messages (scheduler).
b) On this line, replace the *.info text with *.notice
The notice severity (level 5) logs normal but significant conditions. Now, the messages log
will not record informational messages (level 6), but start with level 5 messages.

3. Configure your server to receive remote rsyslog messages over TCP.


a) Scroll up to the MODULES section.
b) Find the line that says # Provides TCP syslog reception

@2020 version 1.0 105


Linux LPIC-1 Lab Guide

c) Change the two lines below so that they read as follows:


$ModLoad imtcp
$InputTCPServerRun 601

Note: Ensure there are no # symbols at the beginning of these lines.

4. Configure the client to send rsyslog traffic to your partner's server.


a) Scroll to the bottom of the file, and on a new line, type the following:
authpriv.* @@<IP address>:601
Replace <IP address> with your partner's IP address.
For example: authpriv.* @@10.50.1.101:601

Note: Ensure there are no leading # symbols on this line.

The @@ symbols indicate a TCP connection, whereas a single @ indicates UDP.


b) Save and close the file.
c) Enter sudo systemctl restart rsyslog

5. Add an allow rule to the firewall for the rsyslog traffic.


a) Enter the following: sudo firewall-cmd --zone=dmz --add-port=601/tcp --permanent
b) Enter sudo systemctl restart firewalld

6. Generate an authentication failure message and confirm it was sent to your partner's server.
a) Enter su - ariley
b) Provide an incorrect password and verify that you failed to log in as this user.
c) Wait for your partner to finish performing all of the previous steps.
d) Enter sudo tail /var/log/secure | grep ariley
e) Verify that you see an authentication failure message that was sent from your partner.

7. Turn off remote logging for classroom purposes.


a) Using sudo, open the /etc/rsyslog.conf file in the text editor of your choice.
b) Scroll to the bottom of the file and remove the entire authpriv line.
c) Save and close the file.

@2020 version 1.0 106


Linux LPIC-1 Lab Guide

Lab 12-6: Examining Log Files

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
Up until now, you've examined a few logs using standard tools like cat and less, and also filtered
those logs using a tool like grep. However, you can also use journalctl to more efficiently shape
those log messages in order to extract the specific information you're looking for. You'll also use last
and its associated commands to get an overview of login events, such as when a user last logged in.
________________________________________________________________________________

1. Use journalctl to retrieve and filter messages.


a) Enter sudo journalctl and verify that you can page through many lines.
b) Press q to quit.
c) Enter sudo journalctl -p notice and verify that the log was filtered.
Only messages matching severity level 5 appear.
d) Press q to quit.
e) Enter sudo journalctl -p notice | grep kernel
f) Verify that kernel messages are displayed.
These messages are similar to those in the /var/log/messages file.
g) Enter sudo journalctl -f to retrieve the most recent entries.
h) Press Ctrl+C to terminate the process.
i) Enter sudo journalctl --since "2 hours ago" --until "30 minutes ago"
j) Page through the results and verify that the first entry was two hours ago and the last entry
was 30 minutes ago.
k) Press q to quit.
l) Enter sudo journalctl -u httpd.service
m) Verify that the log is filtered by Apache service messages.
n) Press q to quit.

2. Use last and related commands to examine account login events.


a) Enter last
b) Verify that you can see the login and logout events for various users.
c) Enter sudo lastb
d) Verify that you can see a list of user accounts and the times that an authentication attempt
with that account failed.
e) Enter lastlog
f) Verify that you can see the last time that each user logged in.

@2020 version 1.0 107


Linux LPIC-1 Lab Guide

Lab 12-7: Archiving and Restoring Files

DATA FILES
All files in: /opt/linuxplus/securing_linux_systems/employee_data

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have an encrypted /backup/data volume.

SCENARIO
On a yearly basis, HR has been compiling information about Develetech employees and putting
them in a spreadsheet. These spreadsheets contain personal information such as names, addresses,
and phone numbers. You need to ensure that past years' reports are stored in backup should they
ever need to be retrieved in the future. Because you won't need to regularly update these files, you
decide to place them in a single archive. You also want to test the process of recovering the files
from this archive if it's ever necessary.
________________________________________________________________________________

1. If necessary, unlock the encrypted volume

Note: Open the Files app, then select + Other Locations, then select the encrypted volume
and input lpic-1 as the passphrase.

2. Copy the employee data files to your home directory.


a) Ensure you are in your home directory.
b) Enter the following:
cp -r /opt/linuxplus/securing_linux_systems/employee_data employee_data
c) Enter ls -l and verify that the directory was copied.

3. Archive the employee data files and then copy the archive to the data backup volume.
a) Enter tar -cvf employee_data.tar employee_data/*
This creates a new archive with the specified name. The asterisk (*) indicates that all files
within the employee_data directory should be added to the archive.
b) Enter ls -l and verify that the .tar file is present.
c) Enter tar -tf employee_data.tar to list the contents of the archive.
d) Enter sudo cp employee_data.tar /backup/data/employee_data.tar
e) Enter ls -l /backup/data and verify that the archive file is now on the data backup volume.

4. Restore all files from the archive, then restore a single file.
a) Enter cd /backup/data to change your current working directory.
b) Enter sudo tar -xf /backup/data/employee_data.tar
c) Enter ls -l employee_data and verify that all of the files were extracted to the directory.
d) Enter sudo rm -r employee_data to delete the directory.
e) Enter sudo tar -xf employee_data.tar employee_data/emp_2018.csv
f) Enter ls -l employee_data and verify that only the one file was extracted.
g) Enter sudo rm -r employee_data to delete the directory.

@2020 version 1.0 108


Linux LPIC-1 Lab Guide

Lab 12-8: Synchronizing Files

DATA FILES
All files in: /opt/linuxplus/securing_linux_systems/prototypes

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have an encrypted /backup/data volume.

SCENARIO
The Research and Development (R&D) department also has sensitive data that they need backed
up: data on product prototypes, including model numbers, pricing, and release dates. Unlike the
employee data, these files are likely to be updated regularly. So, you want to make sure the backup
copies consistently align with the source copies. You'll use rsync to synchronize both copies,
ensuring that the backup copies will only need to be updated if the source files have changed.
________________________________________________________________________________

1. Copy the prototype product files to your home directory.


a) Enter cd ~ to return to your home directory.
b) Enter the following:
cp -r /opt/linuxplus/securing_linux_systems/prototypes prototypes

c) Enter ls -l and verify that the directory was copied.

2. Synchronize the prototype files with a directory on the backup volume.


a) Enter sudo rsync -av prototypes /backup/data
b) In the output, verify that each file in the folder was copied, and that the command sent a
specific number of bytes.
c) Enter ls -l /backup/data/prototypes and verify that all files were copied.

3. Make a change to a file and resynchronize with the backup directory.


a) Enter echo -e "\nSW950,749.99,12/5" >> prototypes/swatch.csv to make a change to one
of the files.
b) Enter sudo rsync -av prototypes /backup/data
c) In the output, verify that the only file that was sent was the one that you changed.

d) Enter cat /backup/data/prototypes/swatch.csv and verify that your change was added to
the backup version of the file.

@2020 version 1.0 109


Linux LPIC-1 Lab Guide

Lab 12-9: Compressing Files

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have created a .tar archive of employee
data files.

SCENARIO
As you archive more and more data, you realize that the archives take up just as much space as the
files they hold. This is a waste of space, especially if you're not working with the archives' contents
regularly. So, you'll compress the archives so that they take up significantly less space without losing
any data. You'll also try several different compression algorithms and compare their performance.
________________________________________________________________________________

1. Note the size of the employee data archive on the backup volume.
a) Enter cd /backup/data
b) Enter ls -lh and note the size of employee_data.tar that you created earlier.

2. Compress the archive with gzip


a) Enter sudo bash -c "gzip -cv employee_data.tar > employee_data.tar.gz"
b) By default, gzip replaces the file with the compressed version. With this command, you are
using the -c option with output redirection to keep the original .tar file intact.
c) Verify that the output indicates that the file was reduced by over 90% of its original size.
d) Enter ls -lh and confirm that employee_data.tar.gz is much smaller in size.

3. Decompress the archive.


a) Enter sudo tar -xzf employee_data.tar.gz
b) Enter ls -l employee_data and verify that the individual files were extracted.
c) With the -z option, the tar command has the ability to use gzip to compress and decompress
archives. You could use gzip to decompress the file and then tar to unarchive it, but this is
faster.
d) Enter sudo rm -r employee_data to delete the directory.

4. Compress and decompress the archive with xz


a) Enter sudo xz -kv employee_data.tar
The -k option keeps the original file intact.
b) Verify that the output indicates that the compressed file is less than 5% the size of the
original (expressed in decimal).

c) Enter ls -lh and verify that the employee_data.tar.xz file is even smaller than the .gz file.
d) Enter sudo tar -xJf employee_data.tar.xz
The tar command can also work with .xz files through the -J option. As before, this
decompresses and unarchives the .tar archive all in one command.
e) Enter ls -l employee_data and verify that all of the files are there.
f) Enter sudo rm -r employee_data to delete the directory.

@2020 version 1.0 110


Linux LPIC-1 Lab Guide

5. Compress and decompress the archive with bzip2


a) Enter sudo bzip2 -kv employee_data.tar
b) Verify that the output indicates that the file was reduced by over 90% of its original size.
c) Enter ls -lh and confirm that employee_data.tar.bz2 is slightly larger than the .gz equivalent.
d) Enter sudo tar -xjf employee_data.tar.bz2
The tar command can also work with .bz2 files through the -j option. As before, this
decompresses and unarchives the .tar archive all in one command.
e) Enter ls -l employee_data and verify that all of the files are there.
f) Enter sudo rm -r employee_data to delete the directory

@2020 version 1.0 111


Linux LPIC-1 Lab Guide

Lab 12-10: Performing Integrity Checks on Files

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have synchronized individual prototype
data files from your home directory to the data backup volume.

SCENARIO
The R&D team is concerned about unauthorized users tampering with the prototype data. There's
also the possibility that the data will become corrupted in a non-obvious way, which will
compromise the integrity of the data. So, in order to be confident that the data hasn't changed,
you'll run the files through a hash function and compare those hashes to hashes captured at a
different time. If the hash values are the same, you can be assured of the data's integrity. If not,
you'll know something went wrong.
________________________________________________________________________________

1. Create hashes of the prototype files.


a) Enter sudo bash -c "sha256sum prototypes/* > hashes.txt"
b) Enter sudo cat hashes.txt
c) Verify that the text file lists five different hash values, each one corresponding to a specific
.csv file.

2. Compare the captured hashes to the hashes of the current files.


a) Enter sudo sha256sum -c hashes.txt
b) Verify that the output indicates that all of the files are "OK".
In other words, sha256sum hashed the files, then compared those hashes to the list of
hashes you generated in the previous step. The hashes are all identical, implying that the
files haven't changed. In a production environment, you'd compare these hashes after some
time had passed, after some potentially disruptive event, or right before resynchronizing.

3. Make changes to the files and verify that they fail the integrity check.
a) Enter sudo bash -c "echo GPU999 >> prototypes/gpu.csv"
b) Enter sudo rm prototypes/hmd.csv
c) Enter sudo sha256sum -c hashes.txt
d) Verify that, this time, the integrity check failed on the file you modified, and that it could not
find the file you deleted.

@2020 version 1.0 112


Linux LPIC-1 Lab Guide

Topic 13: Working with Bash Scripts

Lab 13-1: Customizing the Bash Shell Environment

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
In order to enhance your productivity at the CLI, you decide to customize your Bash shell
environment. For security reasons, you want to minimize the number of commands that are kept in
the shell history, so you'll adjust the appropriate environment variable. You also plan on creating a
directory to hold your future scripts, and in order to easily execute the scripts in that directory, you'll
need to add it to your search paths. Lastly, as part of your auditing duties, you find yourself entering
a rather lengthy command at the CLI every so often; this can get tedious, so you'll create a short
alias for that command to make things easier.
________________________________________________________________________________

1. Display the current environment variables.


a) Enter env
b) Verify that the current environment variables and their values appear on the screen.
c) Verify that the HISTSIZE variable has a value of 1000, indicating that a maximum of 1,000 of
the most recently entered commands are stored in memory.

2. Reduce the maximum size of the command history by exporting its environment variable.
a) Enter echo $HISTSIZE and verify that the variable has the expected value.
b) Enter export HISTSIZE=5

Note: This is value is intentionally low to make it easier to demonstrate.

c) Enter more than five unique commands, one after another. For example, you could enter
echo 1, echo 2, etc.
d) Press the Up Arrow and verify that you can only return, at most, to the fifth-most recent
command.

Note: You can revert the history size if you prefer, or you can log out and it will revert
automatically.

3. Create a directory that will hold scripts.


a) Enter sudo mkdir /scripts
b) Enter the following:
sudo cp /opt/linuxplus/working_with_bash_scripts/testscript.sh /scripts/testscript.sh

c) Enter testscript.sh
d) Verify that the command was not found.

4. Add /scripts as a search path to persist for the student account.


a) Enter echo $PATH

@2020 version 1.0 113


Linux LPIC-1 Lab Guide

b) Verify the current search paths that are set in this environment variable.
c) Ensure you are in your home directory.
d) Open .bash_profile in the text editor of your choice.
e) Scroll to the last line of the file and change it to say the following:
export PATH=$PATH:/scripts

Caution: Ensure you are appending /scripts to the $PATH variable, or you will overwrite the
existing paths and be unable to easily enter many commands.

f) Save and close the file.

5. Test that the path works as intended.


a) Enter source .bash_profile to reload your Bash profile and its variables.
b) Open a terminal and enter echo $PATH and verify that the new path was added to the end
of the variable.

c) Enter testscript.sh and verify that the script executed successfully.

6. Create an alias for a lengthy command.


a) Enter lastlog | tail -n +2 | sort -k1
b) Verify that the list is sorted by user name, rather than the default of last login time.
This is a somewhat cumbersome command to type over and over, so you'll create an alias to
save time.
c) Open .bashrc in the text editor of your choice.
d) At the bottom of the file, on a new line, type the following:
alias ulog='lastlog | tail -n +2 | sort -k1'
e) Save and close the file.
f) Enter source .bashrc
g) Enter ulog and verify that it produced the expected results.

@2020 version 1.0 114


Linux LPIC-1 Lab Guide

Lab 13-2: Writing and Executing a Simple Bash Script

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. Previously, you created a / scripts directory
and added it to your PATH variable.

SCENARIO
As part of managing the many storage partitions and volumes on your Linux servers, you routinely
run a command like df to see if any devices are getting close to full. By monitoring the storage space
being used by each device, you can avoid problems before they happen. However, entering this
command over and over again is somewhat tedious, and it doesn't immediately retrieve the most
relevant information in the most useful format. You want to be able to generate a more readable
"dashboard" report of what storage devices are getting close to full, and which are fine. So, you
decide to automate the process by writing a script to do the work for you.
________________________________________________________________________________

1. Create the script file and give yourself the necessary permissions to execute it.
a) Enter sudo touch /scripts/check_storage.sh
b) Enter sudo chown student## /scripts/check_storage.sh

Note: Remember to replace ##with your student number.

c) Enter chmod 755 /scripts/check_storage.sh


You're giving yourself full access and everyone else read and execute permissions.

2. Set up your script editing environment.


a) From the desktop menu, select Applications→Accessories→Text Editor.
You can write source code at the CLI, but it's often easier to write it in a visual editor,
especially if you're new to programming/script writing.
b) Select Open→Other Documents.
c) Navigate to /scripts and open check_storage.sh.
d) On the bottom-right of the window, select the Ln 1, Col 1 drop-down list.
e) Check the Display line numbers check box.

3. Begin the script by writing some contextual echo statements.


a) On line 1, type #!/bin/bash
b) Press Enter twice to skip to line 3.
c) Type echo "Beginning storage check..."
d) On new lines 5 and 6, type the following:

echo "Date: $(date)"


echo "------------------"

The first line will simply echo the current date and time. It does this by leveraging the date
command using command substitution. The second line just makes the formatting a little
more visually pleasing; you don't need type an exact number of hyphens.

@2020 version 1.0 115


Linux LPIC-1 Lab Guide

4. Assign the main variables the script will use.


a) On a new line 8, type part=/dev/sda1
You're defining this variable so you can use it later as the name of the partition to check.
b) On a new line 9, type the following:
checkper=$(df -h | grep $part | awk '{print $5}' | cut -d '%' -f1)

There's quite a bit being assigned to this variable. The following is a breakdown:
• First, the entire value is a command, so it uses the command substitution format, i.e.,
$(...)
• The first subcommand uses df to get drive information.
• This is piped to the grep command, which searches the results for anything matching the
$part variable you just defined (in this case, /dev/sda1).
• The awk command extracts the data in the fifth column of these results. If you issue df -
h by itself, you can see that the fifth column details the percentage of the storage device
that is being used.
• Lastly, the cut command simply strips the percent sign (%) from the value so that the
script can perform arithmetic on it.
• The ultimate result is just a single number that represents the percentage of storage
being used by the /dev/sda1 partition.

5. Write echo statements that report storage usage and indicate the check is complete.
a) On a new line 11, type the following:
echo "$part is $checkper% full."

b) On a new line 13, type the following:


echo "Storage check complete."

c) Select Save.

6. Test the script.


a) Switch to a terminal, but keep the text editor open.
b) At the terminal, enter check_storage.sh
c) Verify that the output displays the date and time, the percentage full message, and the
completion message.

7. Redirect the pertinent output to a file instead of the CLI.


a) Return to the text editor.
b) Place your cursor at the end of line 3 and press Enter twice.
c) On a new line 5, type the following:
exec >> ~/storage_report.txt

@2020 version 1.0 116


Linux LPIC-1 Lab Guide

Now, all output in this script will be redirected to a file, unless otherwise specified.
d) Change the echo statement on line 15 so that it reads:
echo "Storage check complete. Report saved to storage_report.txt." >&2
This will redirect the message to the CLI (through stderr) in order to bypass the exec
command.
e) Save the script.

8. Test the script again.


a) From a terminal, run the script again.
b) Verify that the only messages printed to the CLI are the beginning and completion messages.
c) Enter cat storage_report.txt and verify that everything else was sent to this file.

@2020 version 1.0 117


Linux LPIC-1 Lab Guide

Lab 13-3: Incorporating Conditional Statements in Bash Scripts

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have check_storage.sh open in a text
editor.

SCENARIO
You want to make your script more useful to the administrators who will be receiving the reports.
You can do this by enabling the script to make decisions based on various conditions. So, you'll use
various if statements to output a different message for when the storage device meets certain
thresholds of percentage full. Devices that are very close to full will trigger an urgent message,
whereas those that are less full will trigger less urgent messages.
________________________________________________________________________________

1. Return to check_storage.sh in the text editor.

2. Start writing the first conditional branch.


a) Place your cursor on the blank line 12.
b) Press Enter.
c) On a new line 13, type the following:
if [ $checkper -ge 95 ] && [ $checkper -le 100 ]
d) Press Enter.
e) On a new line 14, type then
f) Place your cursor at the beginning of line 15 and press Spacebar four times.
You're not required to indent or create whitespace, but it helps make the code more
readable.
g) Modify the echo statement on line 15 to read like the following:
echo "ALERT: $part is $checkper% full! Recommend immediate action!"
You've just created the first if branch. This code checks to see if the percentage full value is
greater than or equal to 95 and less than 100. If it is, then the script will echo an alert to the
storage_report.txt file. However, you still need to write more branches to handle other
conditions.

3. Write the next conditional branch.


a) Place the cursor at the end of line 15 and press Enter.
b) On a new line 16, type the following:
elif [ $checkper -ge 50 ] && [ $checkper -lt 95 ]
c) Press Enter.
d) On a new line 17, type then
e) Press Enter.
f) On a new line 18, indent and then type the following:
echo "CAUTION: $part is $checkper% full! Consider freeing up some space."
If the previous condition is not met, the script will move on to evaluating the condition in
this elif branch. The condition here checks to see if the percentage full is greater than or
equal to 50 and less than 95. If it is, then a different message will be echoed to the report
file.

@2020 version 1.0 118


Linux LPIC-1 Lab Guide

4. Finish writing the remaining conditional branches.


a) Press Enter.
b) Starting on a new line 19, type the following code:
elif [ $checkper -lt 50 ]
then
echo "$part is $checkper% full. No action needed."
else
echo "Encountered an error. Status code: $?" >&2
exit $?
fi
The next branch will output another message if the percentage full is less than 50. If none of
these conditions are met (i.e., the percentage value is above 100 or it isn't a number), then
the last else branch will throw an error. That exit code will be printed to the CLI and the script
will terminate with this code.
c) Save the script.

5. Test the script to see if the conditions work as expected.


a) From a terminal, enter check_storage.sh
b) Enter cat storage_report.txt and verify that, because /dev/sda1 is not very full, the report
indicates that no action is needed.

In other words, the script chose the correct action to take based on the conditions you set.

Note: You'll test some of the other conditions in the next activity.

@2020 version 1.0 119


Linux LPIC-1 Lab Guide

Lab 13-4: Incorporating Loops in Bash Scripts

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. You have check_storage.sh open in a text
editor. You also have a 2 GB volume that is mounted on /backup/sys

SCENARIO
Your script is coming along, but it still needs improvement. You want to be able to output the status
of all relevant storage partitions/volumes on the system, not just one or a few. You need a way to
programmatically test your conditions for each device, rather than hardcode device names in your
script—especially if the storage devices are likely to change. So, you'll leverage a for loop to iterate
over each recognized storage device to perform the necessary checks.
________________________________________________________________________________

1. Adjust the part variable so that it holds an array of device names.


a) Place your cursor on line 10 where the part variable is defined.
b) Change this line to the following:
part=$(df -h | awk '{print $1}' | grep '/dev')
This is similar to the checkper variable. The difference is, it will extract all text that is in the
first column (device name), and then filter by devices that start with /dev to exclude
temporary file systems. The part variable therefore becomes an array that holds all
permanent storage device names on the system.

2. Insert a for loop that will iterate through the part array.
a) Place your cursor at the end of line 10, then press Enter twice.
b) On a new line 12, type the following:
for i in ${part[*]}
This begins the for loop. The i variable is the iterator. The part variable is being referenced
as an array, with the asterisk (*) indicating all values in that array. For every index in the
array (i.e., every device name), the script will execute what follows.
c) Press Enter, and on line 13, type do
This begins the code that the loop will execute on each iteration.
d) Place your cursor at the end of line 28 and press Enter.
e) On line 29, type done
This terminates the for loop. The conditional statements within this loop will be executed
for each iteration.

3. Change $part references to use the iterator instead.


a) On line 14, change the grep $part portion of the command to grep $i
You need to get the information for each device individually. This means you need to
reference the iterator, not the entire array.
b) On line 18, change the $part reference to $i
c) Do the same for lines 21 and 24.

4. Clean up the source code.


a) Highlight all of lines 14 through 28.
b) Press Tab to indent the selected lines.

@2020 version 1.0 120


Linux LPIC-1 Lab Guide

Again, this makes the code more readable.


c) Save the file.

5. Test the script.


a) From a terminal, enter check_storage.sh
b) Enter cat storage_report.txt
c) Verify that the report lists all storage devices and their appropriate warning messages.

6. Simulate a volume becoming full, then test the script again.


a) At a terminal, enter the following:
sudo dd if=/dev/zero of=/backup/sys/test bs=1M count=1100
b) Verify that roughly 1.2 GB was copied to the volume.
c) Run your script again and read the report.
d) Verify that, this time, you receive a caution warning because the volume is past 50% full.
e) Enter the following:
sudo dd if=/dev/zero of=/backup/sys/test2 bs=1M count=800

Caution: The output file name and count have both changed.

f) Run the script again and view the report.


g) Verify that you received the most urgent message for the volume.

7. Close the text editor, but keep the terminal open.

@2020 version 1.0 121


Linux LPIC-1 Lab Guide

Topic 14: Automating Tasks

Lab 14-1: Scheduling a Single Task

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
Periodically, the developers at Develetech need to execute a task after hours. The schedule is not
predictable and they need to be able to manage these tasks themselves. You will use the at
command to satisfy this requirement.
________________________________________________________________________________

Schedule a task to run for two minutes into the future from your current time.
a) In your home directory, use the touch command to create a file named fileA
b) Check the current time on your system.
c) Enter at now + 2 minutes to access the interactive mode of the command.
d) Enter rm -f ~/fileA and then press Ctrl+D to return to Bash.
e) Enter atq to view the scheduled job.
f) After two minutes, ensure that the command executed by checking the contents of your
home directory to see if fileA was removed.

@2020 version 1.0 122


Linux LPIC-1 Lab Guide

Lab 14-2: Scheduling Repeated Tasks

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
Develetech adopted a new policy that requires all users to fill in their time sheets every day. You'll
create a daily reminder for all user systems.
________________________________________________________________________________

1. Schedule a cron job to email a reminder every day at a specified time.


a) Enter sudo crontab -u cmason -e to specify a cron job for Chris Mason.
b) Verify that Vim opens a temporary file automatically.
c) Type the following line in the file:
<MM> <HH> * * * /bin/echo "Please fill in your time sheet."
Replace <MM> and <HH> with the appropriate minute and hour time values in 24- hour time
format. Ensure that the time you enter is three minutes ahead of the current system time.
This way, you'll be able to see the message in class.
For example, if the time is 2:30 P.M., you'd type:
33 14 * * * /bin/echo "Please fill in your time sheet."
d) Save and close the file.
e) From the desktop menu, select the icons at the top-right, then select student##→Log Out.
f) Select Log Out.

2. Verify that Chris Mason received the reminder for the scheduled job.
a) Log in as Chris Mason.

Note: You can ignore the Welcome screen, or you can step through the wizard to dismiss it.

b) Open a terminal.
c) Wait for the time to pass for the cron job to execute.
Remember, you can use date to check the time. You can also check the time from the
desktop menu in the GUI.
d) Enter mail
e) Enter 1 to read the contents of the first email message.
f) Verify that the mail contains a reminder to fill in the time sheet.
g) Press q to quit the mail service.
h) Log out as Chris Mason and log back in as your student account.

@2020 version 1.0 123


Linux LPIC-1 Lab Guide

Lab 14-3: Implementing Version Control Using Git

BEFORE YOU BEGIN


You are logged in to the GUI as your student account.

SCENARIO
The development team needs a way to easily manage the different versions of the code they write.
Multiple developers will be working in conjunction on the same project, so they need to a way to
minimize conflicts while being able to revert to older versions of code, if necessary. So, you'll set up
a Git repository for the developers so that they have a distributed version control system to work
from.
________________________________________________________________________________

1. Install and configure a Git repository.


a) Enter the following and then wait for the installation process to complete:
sudo yum -y install git --disablerepo=internal-repo
b) Enter git config --global user.name 'Student User'
c) Enter the following:
git config --global user.email 'student##@develetech.com'
d) Create a directory in your home directory called dev-project and use the cd command to
enter the directory.
e) Enter git init to designate the dev-project directory as a Git repository.
A message is returned from Git indicating the repository is initialized.
f) Enter ls -a to view the .git directory created by the initialization process.

2. Create and manage a project using Git.


a) Use a text editor to create a file named HelloWorld.txt
b) Enter the following text in the HelloWorld.txt file:
Hello, World! From Student##
c) Save your changes and close the editor.
d) Enter git status to check the status of the HelloWorld.txt file.
The file is marked as "Untracked", meaning it is not yet managed by Git.
e) Enter git add HelloWorld.txt to enable Git to manage the file.
f) Enter git commit -m "Initial Commit"
This updates Git with the version information for the HelloWorld.txt file.
g) Enter git status to check the status of the HelloWorld.txt file.
The output indicates that there is nothing to commit because the HelloWorld.txt file version
is now managed by Git.

3. Commit a change to the Git repository.


a) Use a text editor to open the HelloWorld.txt document, and add the following on a new line:
Git version control test
b) Save your changes and close the editor.
c) Enter git status and observe that Git reports the HelloWorld.txt file as modified, but that
the changes are not yet committed to the repository.
d) Enter git add HelloWorld.txt to stage the changes.
e) Enter git commit -m "Revision 1" to commit the changes to the master copy of the file.

@2020 version 1.0 124


Linux LPIC-1 Lab Guide

f) Enter git status and notice that there are now no changes to commit to the repository.
g) Enter git log to view the revision history of the repository.
Times and dates for the initial commit and the revision have been logged

@2020 version 1.0 125


Linux LPIC-1 Lab Guide

Topic 15: Installing Linux

Lab 15-1: Installing Linux

BEFORE YOU BEGIN


You are logged in to the GUI as your student account. Previously, you created and saved a virtual
machine with a CentOS 7 installation image.

SCENARIO
Now that your preparations are complete, you're ready to install Linux on the various systems you
selected. You'll start by installing CentOS 7 on the VM you created earlier. As you go through the
installation, you'll configure various options so that the base environment will be automatically set
up to your specifications.
________________________________________________________________________________

1. Load the previously created VM.


a) At a terminal, enter sudo virsh restore saved-vm This restores the VM you created earlier
from its saved state.
b) From the desktop menu, select Applications→System Tools→Virtual Machine Manager.
c) Enter the root password.
d) Right-click the devtech-install VM and select Open. Wait for the installation media to finish
its check.
e) You can press Esc to skip the check, but it's wise to check the media at least once when
setting up production systems.

2. Start by configuring localization settings.


a) If necessary, expand the virtual machine window so it's easier to see.

Note: You can also select the Switch to fullscreen view button.

b) On the WELCOME TO CENTOS 7 page, select Continue to accept the default language
settings.
c) On the INSTALLATION SUMMARY page, under the LOCALIZATION section, select DATE &
TIME.
d) Select your time zone, then select Done.

3. Select the software components and base environment to install.


a) Under the SOFTWARE section, select SOFTWARE SELECTION.
b) From the Base Environment list, select Server with GUI.
c) From the Add-Ons for Selected Environment list, check the KDE check box.
d) By default, the Server with GUI selection will install most tools necessary for the
configuration and maintenance of general server infrastructure, along with GNOME as the
default GUI. You're also installing KDE alongside that for users to have a choice of desktop
environment.
e) Select Done.

4. Wipe the storage device to start fresh.

@2020 version 1.0 126


Linux LPIC-1 Lab Guide

a) Under the SYSTEM section, select INSTALLATION DESTINATION.


b) On the Device Selection page, observe the Virtio Block Device.
This is the 12 GB virtual storage device that was created when you first installed the VM.
c) Under Other Storage Options, ensure Automatically configure partitioning is selected.
d) Check the I would like to make additional space available check box.
e) Select Done.
f) In the RECLAIM DISK SPACE dialog box, verify that the vda device is selected, and that it has
12 GB of free space.
This is because the virtual storage device you created is currently empty. Still, it's useful to
practice wiping a storage device in order to start fresh.
g) Select Delete all.
h) Select Reclaim space.

5. Configure the partitioning scheme to use.


a) On the INSTALLATION SUMMARY page, select INSTALLATION DESTINATION again.
b) Under Other Storage Options, select I will configure partitioning.
c) Select Done.
d) Under New CentOS 7 Installation, verify that no mount points have been created yet, and
that the default partitioning scheme will use LVM.
e) Select Click here to create them automatically.
f) Verify that three partitions/volumes were created: /boot, / (root), and swap.
Notice that there is no separate /home volume. This is because the CentOS 7 installer only
creates a separate /home volume by default when the storage device is 50 GB or more. In
this case, the /home directory will be located within the root volume.
g) Select the /boot partition and note its default capacity, device type (partitioning scheme),
and file system type.
h) Select the / (root) volume and the swap volume and note their defaults as well. These will
be created as logical volumes within the centos volume group.
i) At the bottom-left of the page, note the total space of the storage device as well its available
space.
This reflects the intended partitioning scheme; no changes will be made to the drive until
installation begins in earnest.
j) Select Done.
k) In the SUMMARY OF CHANGES dialog box, select Accept Changes.

6. Configure networking.
a) On the INSTALLATION SUMMARY page, select NETWORK & HOST NAME.
b) In the Host name text box at the bottom-left, type devtech-vm## where ## refers to your
student number, then select Apply.
c) In the list of devices on the left, verify that Ethernet (eth0) is selected.
This is the virtual network interface that was created for the VM to use.
d) Select Configure at the bottom-right of the page.
e) In the Editing eth0 dialog box, select the IPv4 Settings tab.
f) From the Method drop-down list, select Manual.
g) To the right of the Addresses list, select the Add button.
h) For the Address, type 10.50.1.2## where ## is your student number.
For example, the IP address for student 01's VM would be 10.50.1.201

@2020 version 1.0 127


Linux LPIC-1 Lab Guide

Note: Your instructor might provide you with different addresses than those listed in these
steps.

i) Press Tab, then for the Netmask, type 255.255.255.0


j) Press Tab, then for the Gateway, type 10.50.1.1 and press Enter.
k) In the DNS Servers text box, type 8.8.8.8
l) Select Save.
m) Select the slider at the top-right to turn the interface On.
n) Verify that the interface details are as you expect, then select Done.

7. Begin installation and configure user accounts.


a) Select Begin Installation.
b) Observe the progress bar at the bottom, indicating that CentOS is in the process of being
installed.

c) Under USER SETTINGS, select ROOT PASSWORD.


d) In the Root Password text box, type Pa22w0rd
e) In the Confirm text box, type Pa22w0rd
f) Select Done, then, at the bottom of the screen, verify that CentOS points out that this
password is weak because it's based on a dictionary word.
In a production environment, you'd want to choose a much stronger password.
g) Select Done again to agree to use the password.
h) Select USER CREATION.
i) In the User name text box, type student## where ## refers to your student number.
j) Check the Make this user administrator check box.
k) In the Password and Confirm password text boxes, type Pa22w0rd
l) Select Done twice to confirm the password.
In addition to creating a stronger password, you'd also want to make your user password
different than the root password in a production environment.
m) Wait for the system to finish installing.

Note: The remainder of the installation process may take up to 30 minutes.

8. Complete the installation process.


a) When installation finishes, select Reboot.
b) From the VM window, select Virtual Machine→Run to restart the VM.
c) On the INITIAL SETUP page, select LICENSING INFORMATION.
d) Check I accept the license agreement and select Done.
e) Select FINISH CONFIGURATION.
f) Verify that you are greeted with the sign in screen, indicating that CentOS 7 was successfully
installed.

@2020 version 1.0 128


Linux LPIC-1 Lab Guide

9. Verify your new system's configurations.


a) Sign in as your student account.
b) Using what you've learned, check the VM for the following:
• Storage partition and logical volume configurations.
• User accounts.
• Networking configurations.
• Connectivity with other classroom computers.
• Internet connectivity.
• Additional software packages.
c) When you're done, from the VM window, select Virtual Machine→Shut Down→ShutDown.
d) Close the VM window.

@2020 version 1.0 129

You might also like