NDG oluline Linuxist 2

Allikas: Teadmusbaas

Sisukord

Eksam 102 sisu

Teema 105: Shells and Shell Scripting

105.1 Customize and use the shell environment - Kaal: 4

Kirjeldus: Candidates should be able to customize shell environments to meet users' needs. Candidates should be able to modify global and user profiles.

Teadmusvaldkonnad:

Set environment variables (e.g. PATH) at login or when spawning a new shell. Write Bash functions for frequently used sequences of commands. Maintain skeleton directories for new user accounts. Set command search path with the proper directory.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:
  • .
  • source
  • /etc/bash.bashrc
  • /etc/profile
  • env
  • export
  • set
  • unset
  • ~/.bash_profile
  • ~/.bash_login
  • ~/.profile
  • ~/.bashrc
  • ~/.bash_logout
  • function
  • alias


105.2 Customize or write simple scripts - Kaal: 4

Kirjeldus: Candidates should be able to customize existing scripts, or write simple new Bash scripts.

Teadmusvaldkonnad:

Use standard sh syntax (loops, tests). Use command substitution. Test return values for success or failure or other information provided by a command. Execute chained commands. Perform conditional mailing to the superuser. Correctly select the script interpreter through the shebang (#!) line. Manage the location, ownership, execution and suid-rights of scripts.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:
  • for
  • while
  • test
  • if
  • read
  • seq
  • exec
  • ||
  • &&

Teema 106: User Interfaces and Desktops

106.1 Install and configure X11 - Kaal: 2

Kirjeldus: Candidates should be able to install and configure X11.

Teadmusvaldkonnad:

Understanding of the X11 architecture. Basic understanding and knowledge of the X Window configuration file. Overwrite specific aspects of Xorg configuration, such as keyboard layout. Understand the components of desktop environments, such as display managers and window managers. Manage access to the X server and display applications on remote X servers. Awareness of Wayland.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:
  • /etc/X11/xorg.conf
  • /etc/X11/xorg.conf.d/
  • ~/.xsession-errors
  • xhost
  • xauth
  • DISPLAY
  • X


106.2 Graphical Desktops - Kaal: 1

Kirjeldus: Candidates should be aware of major Linux desktops. Furthermore, candidates should be aware of protocols used to access remote desktop sessions.

Teadmusvaldkonnad:

Awareness of major desktop environments Awareness of protocols to access remote desktop sessions

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:
  • KDE
  • Gnome
  • Xfce
  • X11
  • XDMCP
  • VNC
  • Spice
  • RDP


106.3 Accessibility - Kaal: 1

Kirjeldus: Demonstrate knowledge and awareness of accessibility technologies.

Teadmusvaldkonnad:

Basic knowledge of visual settings and themes. Basic knowledge of assistive technology.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:
  • High Contrast/Large Print Desktop Themes.
  • Screen Reader.
  • Braille Display.
  • Screen Magnifier.
  • On-Screen Keyboard.
  • Sticky/Repeat keys.
  • Slow/Bounce/Toggle keys.
  • Mouse keys.
  • Gestures.
  • Voice recognition.

Teema 107: Administrative Tasks

107.1 Manage user and group accounts and related system files - Kaal: 5

Kirjeldus: Candidates should be able to add, remove, suspend and change user accounts.

Teadmusvaldkonnad:

Add, modify and remove users and groups. Manage user/group info in password/group databases. Create and manage special purpose and limited accounts.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/etc/passwd /etc/shadow /etc/group /etc/skel/ chage getent groupadd groupdel groupmod passwd useradd userdel usermod


107.2 Automate system administration tasks by scheduling jobs - Kaal: 4

Kirjeldus: Candidates should be able to use cron and systemd timers to run jobs at regular intervals and to use at to run jobs at a specific time.

Teadmusvaldkonnad:

Manage cron and at jobs. Configure user access to cron and at services. Understand systemd timer units.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/etc/cron.{d,daily,hourly,monthly,weekly}/ /etc/at.deny /etc/at.allow /etc/crontab /etc/cron.allow /etc/cron.deny /var/spool/cron/ crontab at atq atrm systemctl systemd-run


107.3 Localisation and internationalisation - Kaal: 3

Kirjeldus: Candidates should be able to localize a system in a different language than English. As well, an understanding of why LANG=C is useful when scripting.

Teadmusvaldkonnad:

Configure locale settings and environment variables. Configure timezone settings and environment variables.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/etc/timezone /etc/localtime /usr/share/zoneinfo/ LC_* LC_ALL LANG TZ /usr/bin/locale tzselect timedatectl date iconv UTF-8 ISO-8859 ASCII Unicode

Teema 108: Essential System Services

108.1 Maintain system time - Kaal: 3

Kirjeldus: Candidates should be able to properly maintain the system time and synchronize the clock via NTP.

Teadmusvaldkonnad:

Set the system date and time. Set the hardware clock to the correct time in UTC. Configure the correct timezone. Basic NTP configuration using ntpd and chrony. Knowledge of using the pool.ntp.org service. Awareness of the ntpq command.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/usr/share/zoneinfo/ /etc/timezone /etc/localtime /etc/ntp.conf /etc/chrony.conf date hwclock timedatectl ntpd ntpdate chronyc pool.ntp.org


108.2 System logging - Kaal: 4

Kirjeldus: Candidates should be able to configure rsyslog. This objective also includes configuring the logging daemon to send log output to a central log server or accept log output as a central log server. Use of the systemd journal subsystem is covered. Also, awareness of syslog and syslog-ng as alternative logging systems is included.

Teadmusvaldkonnad:

Basic configuration of rsyslog. Understanding of standard facilities, priorities and actions. Query the systemd journal. Filter systemd journal data by criteria such as date, service or priority. Configure persistent systemd journal storage and journal size. Delete old systemd journal data. Retrieve systemd journal data from a rescue system or file system copy. Understand interaction of rsyslog with systemd-journald. Configuration of logrotate. Awareness of syslog and syslog-ng.

Terms and Utilities:

/etc/rsyslog.conf /var/log/ logger logrotate /etc/logrotate.conf /etc/logrotate.d/ journalctl systemd-cat /etc/systemd/journald.conf /var/log/journal/

108.3 Mail Transfer Agent (MTA) basics - Kaal: 3

Kirjeldus: Candidates should be aware of the commonly available MTA programs and be able to perform basic forward and alias configuration on a client host. Other configuration files are not covered.

Teadmusvaldkonnad:

Create e-mail aliases. Configure e-mail forwarding. Knowledge of commonly available MTA programs (postfix, sendmail, exim) (no configuration). Terms and Utilities:

~/.forward sendmail emulation layer commands newaliases mail mailq postfix sendmail exim


108.4 Manage printers and printing - Kaal: 2

Kirjeldus: Candidates should be able to manage print queues and user print jobs using CUPS and the LPD compatibility interface.

Teadmusvaldkonnad:

Basic CUPS configuration (for local and remote printers). Manage user print queues. Troubleshoot general printing problems. Add and remove jobs from configured printer queues.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

CUPS configuration files, tools and utilities /etc/cups/ lpd legacy interface (lpr, lprm, lpq)

Teema 109: Networking Fundamentals

109.1 Fundamentals of internet protocols - Kaal: 4

Kirjeldus: Candidates should demonstrate a proper understanding of TCP/IP network fundamentals.

Teadmusvaldkonnad:

Demonstrate an understanding of network masks and CIDR notation. Knowledge of the differences between private and public "dotted quad" IP addresses. Knowledge about common TCP and UDP ports and services (20, 21, 22, 23, 25, 53, 80, 110, 123, 139, 143, 161, 162, 389, 443, 465, 514, 636, 993, 995). Knowledge about the differences and major features of UDP, TCP and ICMP. Knowledge of the major differences between IPv4 and IPv6. Knowledge of the basic features of IPv6.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/etc/services IPv4, IPv6 Subnetting TCP, UDP, ICMP

109.2 Persistent network configuration - Kaal: 4

Kirjeldus: Candidates should be able to manage the persistent network configuration of a Linux host.

Teadmusvaldkonnad:

Understand basic TCP/IP host configuration. Configure ethernet and wi-fi network configuration using NetworkManager. Awareness of systemd-networkd. Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/etc/hostname /etc/hosts /etc/nsswitch.conf /etc/resolv.conf nmcli hostnamectl ifup ifdown


109.3 Basic network troubleshooting - Kaal: 4

Kirjeldus: Candidates should be able to troubleshoot networking issues on client hosts.

Teadmusvaldkonnad:

Manually configure network interfaces, including viewing and changing the configuration of network interfaces using iproute2. Manually configure routing, including viewing and changing routing tables and setting the default route using iproute2. Debug problems associated with the network configuration. Awareness of legacy net-tools commands.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

ip hostname ss ping ping6 traceroute traceroute6 tracepath tracepath6 netcat ifconfig netstat route

109.4 Configure client side DNS - Kaal: 2

Kirjeldus: Candidates should be able to configure DNS on a client host.

Teadmusvaldkonnad:

Query remote DNS servers. Configure local name resolution and use remote DNS servers. Modify the order in which name resolution is done. Debug errors related to name resolution. Awareness of systemd-resolved.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/etc/hosts /etc/resolv.conf /etc/nsswitch.conf host dig getent

Teema 110: Security

110.1 Perform security administration tasks - Kaal: 3

Kirjeldus: Candidates should know how to review system configuration to ensure host security in accordance with local security policies.

Teadmusvaldkonnad:

Audit a system to find files with the suid/sgid bit set. Set or change user passwords and password aging information. Being able to use nmap and netstat to discover open ports on a system. Set up limits on user logins, processes and memory usage. Determine which users have logged in to the system or are currently logged in. Basic sudo configuration and usage.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

find passwd fuser lsof nmap chage netstat sudo /etc/sudoers su usermod ulimit who, w, last

110.2 Setup host security - Kaal: 3

Kirjeldus: Candidates should know how to set up a basic level of host security.

Teadmusvaldkonnad:

Awareness of shadow passwords and how they work. Turn off network services not in use. Understand the role of TCP wrappers.

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

/etc/nologin /etc/passwd /etc/shadow /etc/xinetd.d/ /etc/xinetd.conf systemd.socket /etc/inittab /etc/init.d/ /etc/hosts.allow /etc/hosts.deny

110.3 Securing data with encryption - Kaal: 4

Kirjeldus: The candidate should be able to use public key techniques to secure data and communication.

Teadmusvaldkonnad:

Perform basic OpenSSH 2 client configuration and usage. Understand the role of OpenSSH 2 server host keys. Perform basic GnuPG configuration, usage and revocation. Use GPG to encrypt, decrypt, sign and verify files. Understand SSH port tunnels (including X11 tunnels).

Alljärgnev on kasutatud failide, terminite ja rakenduste osaline loend:

ssh ssh-keygen ssh-agent ssh-add ~/.ssh/id_rsa and id_rsa.pub ~/.ssh/id_dsa and id_dsa.pub ~/.ssh/id_ecdsa and id_ecdsa.pub ~/.ssh/id_ed25519 and id_ed25519.pub /etc/ssh/ssh_host_rsa_key and ssh_host_rsa_key.pub /etc/ssh/ssh_host_dsa_key and ssh_host_dsa_key.pub /etc/ssh/ssh_host_ecdsa_key and ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_ed25519_key and ssh_host_ed25519_key.pub ~/.ssh/authorized_keys ssh_known_hosts gpg gpg-agent ~/.gnupg/

Future Change Considerations

Future changes to the objective will/may include:

Remove ifup/ifdown and legacy net-tools command Remove TCP wrappers


Allikad:

  1. Teemad 102 eksamil
  2. Privaatvõtmega sisenemine SSH proto
  3. Tiny Core Linux ruuter tulemüüri ja NAT-iga