RHEL 7 – RHCSA Notes (Cheat Sheets) SELinux modes SELinux gives that extra layer of security to the resources in the system. It provides the MAC (mandatory access control) as contrary to the DAC (Discretionary access control). Before we dive into setting the SELinux modes, let us see what are the different SELinux modes of operation and how do they work. SELinux can operate in any of the 3 modes : 1. Enforced : Actions contrary to the policy are blocked and a corresponding event is logged … [Read more...] about RHEL 7 – RHCSA Notes – Set enforcing and permissive modes for SELinux
RHEL 7 – RHCSA Notes (Cheat Sheets) The file access control lists (FACLs) or simply ACLs are the list of additional user/groups and their permission to the file. Although the default file permissions does their jobs perfectly, it does not allow you to give permissions to more than one user or one group on the same file. How to know when a file has ACL attached to it ls -l command would produce a output as show below. Note the + sign at the end of the permissions. This confirms that the … [Read more...] about RHEL 7 – RHCSA Notes – Create and manage Access Control Lists (ACLs)
RHEL 7 – RHCSA Notes (Cheat Sheets) Password configuration password aging requires users to change their password periodically. Use the chage to configure password expiration. The syntax is : # chage [options] user_name - When you fire the command chage, the currently set options are displayed as well. # chage oracle Changing the aging information for oracle Enter the new value, or press ENTER for the default Minimum Password Age : Maximum Password Age : Last Password … [Read more...] about RHEL 7 – RHCSA Notes : Change passwords and adjust password aging for local user accounts
RHEL 7 – RHCSA Notes (Cheat Sheets) Group administration - Use the groupadd command to add a new group : # groupadd [options] group_name - Use the groupmod command to modify an existing group : # groupmod [options] group_name - Use groupdel to delete the group. You can remove a group even if there are users in the group. But you can not remove the primary group of an existing user. You must remove the user before removing the group. # groupdel group_name - Use the gpasswd command to … [Read more...] about RHEL 7 – RHCSA Notes : Create, delete, and modify local groups and group memberships.
RHEL 7 – RHCSA Notes (Cheat Sheets) Adding a user account Use the useradd command to add new user : # useradd [options] [username] The default settings for new user can viewed and modified using the -D option : # useradd -D GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel CREATE_MAIL_SPOOL=yes For example, to change the default user shell for new user to /bin/ksh : # useradd -D -s /bin/ksh Examples To simple add a user with all default options : # … [Read more...] about RHEL 7 – RHCSA Notes : Create, delete, and modify local user accounts
RHEL 7 – RHCSA Notes (Cheat Sheets) RHEL 7 has 3 command-line utilities to configure the system date and time: 1. date 2. hwclock 3. timedatectl date command Use the date command to display or set the system date and time. Run the date command with no arguments to display the current date and time: # date Mon Sep 12 19:41:40 IST 2016 The date command provides a variety of output formatting options. You can also time and date in future or past. Few examples are given below. 1. … [Read more...] about RHEL 7 – RHCSA Notes : Configure a system to use time services