Appendix A. Answers to the “Do I Know This Already?” Quizzes and Review Questions
Answers to the “Do I Know This Already” Quizzes
Chapter 1
1. A. Fedora is an experimental/enthusiast version containing many components that may or may not make it into the RHEL distribution tree and onto the RHCSA exam.
2. D. All RHEL software updates are made available in CentOS as well.
3. A. In particular, when working with virtual machines, you’ll be happy to have a GUI at your disposal.
4. C. XFS is used as the default file system. When Red Hat decided which file system to use as the default file system, Btrfs was not stable enough yet.
5. A. The size of an XFS file system cannot be reduced.
6. C. The Fedora project tries to make a stable distribution as well. There are many Fedora users around the globe who use it as a production distribution.
7. D. The Troubleshoot an Existing Installation option is available when booting from disk, not on the Installation Summary screen.
8. D. You are allowed to use an unsecure password; you just have to confirm it twice.
9. D. Language settings can be changed after installation. This is done easily through the Settings option in the graphical interface.
10. B. Even if it makes sense having /var on a dedicated partition, this is not part of a default installation.
Chapter 2
1. B. You first must redirect the standard output to a file, and then 2>&1 is used to specify that errors are to be treated the same way.
2. A and C. /etc/profile is the file that is processed for all users who are starting a login shell. A user-specific version exists as well, with the name ~/.bash_profile.
3. C. On Linux, the current directory is not set in the PATH variable.
4. D. A pipe is used to process the output of the first command and use it as input of the second command.
5. A. The command history -c removes the in-memory state from the history file of current history. Remove ~/.bash_history also to make sure that all history is removed. As an alternative to removing the .bash_history file, the user can type history -c, followed by history -w.
6. D. Ctrl-X is not a valid history command.
7. D. Bash completion works for commands, files, variables and other names if configuration for that has been added (like hostnames for the SSH command).
8. A. You need the command :%s/old/new/g to replace all instances of old with new. % means that it must be applied on the entire file. s stands for substitute. The g option is used to apply the command to not only the first occurrence in a line (which is the default behavior) but all occurrences in the line.
9. B. The /etc/motd file contains messages that are displayed after user login on a terminal session. If you want to show a message before users log in, edit the /etc/issue file.
10. C. The man -k command uses a database to find the keywords you are looking for. On RHEL 8, this database is updated with the mandb command. On older versions of RHEL (prior to RHEL 7), the makewhatis command was used instead.
Chapter 3
1. D. Program files that are not required to boot a system are typically stored in a subdirectory below the /usr directory. In old versions of RHEL, essential binaries and system binaries were stored in /bin and /sbin, but on modern versions of RHEL, these directories are a symbolic link to /usr/bin and /usr/sbin.
2. C. The /var directory is used on Linux to store files that may grow unexpectedly.
3. A. The /etc/ directory contains configuration files that are needed while your server boots. Putting /etc on a dedicated device would make your server unbootable.
4. C. The df -h command shows mounted devices and the amount of disk space currently in use on these devices. The -T option helps in recognizing real file systems (as opposed to kernel interfaces) because it shows the file system type as well.
5. C. The option -a shows hidden files, -l gives a long listing, -t sorts on modification time, which by default shows newest files first, and -r reverts the sorting so that newest files are shown last.
6. C. To copy hidden files as well as regular files, you need to put a . after the name of the directory the files are in. Answer A copies hidden files as well, but it creates a subdirectory $USER in the current directory.
7. A. The mv command enables you to move files and rename files.
8. D. In hard links, no difference exists between the first hard link and subsequent hard links.
9. C. The option -s is used to create a symbolic link. While creating a link, you first have to specify the source, and next you specify the destination.
10. C. Use the option -r to add one single file to an archive you have created with tar.
Chapter 4
1. A. The head command by default shows the first ten lines in a text file.
2. D. The wc command shows the number of lines, words, and characters in a file.
3. D. When using less, the G key brings you to the end of the current file.
4. A. The -d option is used to specify the field delimiter that needs to be used to distinguish different fields in files while using cut.
5. A. The sort command can sort files or command output based on specific keys. If no specific key is mentioned, sorting happens based on fields. The option -k3 will therefore sort the third field in the output of the ps aux command.
6. D. When used in a regular expression, the ^ sign in front of the text you are looking for indicates that the text has to be at the beginning of the line.
7. A. The ? regular expression is used to refer to zero or one of the previous characters. This makes the previous character optional, which can be useful. If the regular expression is colou?r, for example, you would get a match on color as well as colour.
8. B. The . is used as a regular expression to refer to any single character.
9. D. The awk command first needs to know which field separator should be used. This is specified with the -F : option. Then, it needs to specify a string that it should look for, which is /user/. To indicate that the fourth field of a matching file should be printed, you need to include the { print $4 } command.
10. B. Use grep -v to exclude from the results lines containing the regular expression.
Chapter 5
1. B. The console is the screen you are working from. On the console, a terminal is started as the working environment. In the terminal, a shell is operational to interpret the commands you are typing.
2. A. The console is the screen you are working from. On the console, a terminal is started as the working environment. In the terminal, a shell is operational to interpret the commands you are typing.
3. C. The console is the screen you are working from. On the console, a terminal is started as the working environment. In the terminal, a shell is operational to interpret the commands you are typing.
4. B. The six virtual consoles that are available on Linux by default are numbered /dev/tty1 through /dev/tty6. The device /dev/pts/6 is used to refer to the sixth pseudo terminal, which is created by opening six terminal windows in a graphical environment.
5. A and C. A pseudo terminal device is created when opening new terminals using SSH or from the graphical interface.
6. D. Typically, a server reboot is only necessary after making changes to the kernel and kernel modules that are in use. Changing the network configuration does not normally require a reboot, because it is possible to just restart the network service.
7. C. Windows has no native support for SSH. You need to install PuTTY or similar software to remotely connect to Linux using SSH.
8. D. Key fingerprints of hosts that you have previously connected to are stored in your home directory, in the subdirectory .ssh in a file with the name known_hosts.
9. C. The ForwardX11 option in the /etc/ssh/ssh_config file enables support for graphical applications through SSH.
10. C. To initiate key-based remote authentication, you should copy the public key to the remote server. The most convenient way to do so is using the ssh-copy-id command.
Chapter 6
1. C. Privileged users are the opposite of unprivileged users. A privileged user can execute tasks in kernel space, without further restriction. By default, only the user root exists as a privileged user.
2. D. In the sudo configuration file, all members of the group wheel by default get access to all administrator tasks.
3. B. The runas command does not exist on Linux.
4. B. The hashed user passwords are stored in /etc/shadow.
5. C. The file /etc/default/useradd is read for default settings when new user accounts are created.
6. A. The chage -l command enables you to manage password properties.
7. B. There is no file /etc/.profile.
8. A. The vigr command creates a copy of the /etc/group file so that changes can be applied safely.
9. C and D. The id and groups commands show a list of all groups a user is a member of.
10. D. When a file with the name /etc/nologin.txt is created, only the root user is allowed to log in, and nobody else. In this file you can specify a message that will be shown to users who are trying to log in.
Chapter 7
1. C. The newgrp command is used to set the effective primary group, which will affect default group ownership on new files until the current shell session is ended. The chgrp command is used to set the group owner of an existing file; chgrp is not related to any user account, and it affects newly created files only.
2. A. The find / -user linda command searches all files that are owned by user linda. Notice that find also has a -uid option that allows you to locate files based on a specific UID setting. This does not allow you to search files based on a username, but it will let you find files based on the UID of a specific user.
3. C. chgrp myfile sales does not set group ownership for the file myfile. The order in this command is wrong; chgrp first needs the name of the group, followed by the name of the owner that needs to be set.
4. C. When used in relative mode, the three digits are used to specify user, group, and others permissions. The value 6 is used to apply read and write.
5. C. The chmod g+s /dir command adds (+) the SGID permission to /dir. chmod u+s /dir adds SUID to the directory, chmod g-s /dir removes the SGID permission, and the 1 in chmod 1770 /dir would set sticky bit and not SGID.
6. D. ACL support is not offered by default on all file systems. If you get an “operation not supported” error message, make sure to add the acl mount option and remount the file system. Note that this is not required on RHEL 8 XFS, where ACL support is set by default.
7. B. Although answers A and B will both set default ACLs, answer B is better because it adds x to the permissions. Without x, members of the group sales will have no way to enter the directory using the cd command.
8. A. The umask is a system-wide setting and cannot be used to apply to specific directories only. Use a default ACL as shown in answer A to perform this task.
9. C. In a umask, 0 in the first position gives all permissions to the file owner, 2 in the second position ensures that members of the group owner can read files, and 7 in the third position takes away all permissions for others.
10. C. The lsattr command shows current attribute settings to files. The ls command is not capable of showing file attributes, and the other commands that are listed do not exist.
Chapter 8
1. D. Based on the /26 subnet mask, the networks are 192.168.4.0, 192.168.4.64, 192.168.4.128, and 192.168.4.192. That means that IP addresses II, III, and IV belong to the same network.
2. B. The 169.254.0.0 network address does not belong to the private address ranges, which are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. The address 169.254.0.0 is from the APIPA range. This is a range of IP addresses that can be automatically self-assigned by a client that is trying to reach an unreachable DHCP server.
3. C. By default, the network device names are based on the device type, location, and identification. You’ll find the legacy name eth0 only if the driver of the network card is not capable of revealing information about its physical location.
4. D. Use of the ifconfig command is deprecated; use the ip command instead. The ip addr show command shows information about the state of the interface as well as the current IP address assignment.
5. A. The network service no longer exists in RHEL 8.
6. B. The nmcli-examples man page was created to make working with the long commands in nmcli a bit easier. Note that nmcli also has excellent command-line completion features.
7. C. On RHEL 8, nmtui is the default utility to set and modify the network interface. Note that RHEL 8 no longer has the system-config utilities for configuring networking that were available in older versions of RHEL.
8. D. When the connection is added, you use ip4 and gw4 (without a v).
9. A. You should not set the DNS servers directly in /etc/resolv.conf, because that file is automatically written by the NetworkManager service.
10. C. The name of the configuration file that contains the hostname is /etc/hostname. You should use hostnamectl to change its contents.
Chapter 9
1. D. The gpgcheck= line indicates whether to check the integrity of packages in the repository using a GPG key. Although useful, this is not mandatory.
2. B. If a RHEL system is not registered with RHEL, no repositories are available. This is important to realize for the RHCSA exam, because it means that you need to connect to a repository before you can install anything.
3. C. Use baseurl to specify which URL to use. If the URL is based on the local file system, it uses the URI file:// followed by the path on the local file system, which in this case is /repo. This explains why there are three slashes in the baseurl.
4. D. GPG package signing is used to set a checksum on packages, so that altered packages can easily be recognized. The main purpose of signing packages is to make it easy to protect packages on Internet repositories. For internal repositories that cannot be accessed by Internet users, the need to add GPG package signatures is less urgent.
5. D. Both the commands yum provides and yum whatprovides can be used to search for files within a specific package. The file pattern must be specified as */filename or as a full path, which is why answer D is the only correct answer. Without the */ in front of the filename, you may get a match that is based on the package description, not on the filename.
6. B. The yum module application stream allows for working with different versions of user space software side by side.
7. C. To install a specific profile from a yum module application stream, add the profile name to the application stream version using a /.
8. A. The yum install command installs individually downloaded RPM files while looking for package dependencies in the current repositories. This is better than using rpm -ivh, which does not consider the yum repositories. In earlier versions of RHEL, the yum localinstall command was used to install packages that were downloaded to the local file system, but this command is now deprecated.
9. C. Use the rpm -qf command to find which RPM package a specific file comes from.
10. C. The --scripts option checks whether there are scripts in an RPM package. If you want to query the package file and not the database of installed RPMs, you need to add the -p option to the -q option, which is used to perform RPM queries.
Chapter 10
1. B and D. There are two different types of processes that each request a different management approach. These are shell jobs and daemons. A cron job and a thread are subdivisions of these generic categories.
2. B. The Ctrl-Z command temporarily freezes a current job, after which the bg command can be used to resume that job in the background.
3. A. The Ctrl-C command cancels the current job. Ctrl-D sends the EOF character to the current job, which can result in a stop if this allows the job to complete properly. The difference with Ctrl-C is that the job is canceled with no regard to what it was doing. The Ctrl-Z keystroke freezes the job.
4. A and B. Individual threads cannot be managed by an administrator. Using threads makes working in a multi-CPU environment more efficient because one process cannot be running on multiple CPUs simultaneously, unless the process is using threads.
5. A. The ps ef command shows all processes, including the exact command that was used to start them.
6. C. To increase process priority, you need a negative nice value. -20 is the lowest value that can be used.
7. C. Use the renice command to change priority for currently running processes. To refer to the process you want to renice, use the -p option.
8. B. mkill is not a current command to send signals to processes.
9. A. To change the process priority from top, use r for renice.
10. B. To set the tuned performance profile, use tuned-adm profile, followed by the name of the profile you want to set.
Chapter 11
1. A. The --type=service argument shows all currently loaded services only.
2. C. Wants are specific to a particular system and for that reason are managed through /etc/systemd/system (not /usr/lib/systemd/system).
3. D. Masking a service makes it impossible to enable it.
4. D. Running(dead) is not a valid status for systemd services. You see (dead) for units that currently are not active.
5. D. Socket units monitor socket activity, which may consist of a file being accessed or a network port being accessed. They do not monitor PATH activity. This is done by the path unit type.
6. B. udev is not a valid systemd unit type. All others are.
7. B. Answers A and B are very similar, but answer A uses the wrong command. You have to use the systemctl command, not the systemd command.
8. D. The SYSTEMD_EDITOR variable defines which editor to use. You need to set a full path name for this editor.
9. D. The Wants dependency type defines that a specific unit is wanted, without setting a hard requirement.
10. A. The word order is wrong. It should be systemctl start unit, not systemctl unit start.
Chapter 12
1. B. The systemctl command on RHEL 8 is used to manage services. If used with the status option, the current state of the service is checked, and recent log messages about the service are displayed as well. The name of the service to check in this case is crond.
2. C. The fields in cron timing are minute, hour, day of month, month, and day of week. Answer C matches this pattern to run the task on the seventh day of the week at 11 a.m.
3. A. To launch a job from Monday through Friday, you should use 1-5 in the last part of the time indicator. The minute indicator */5 will launch the job every five minutes.
4. A and D. You cannot modify user cron files directly, but have to go through the crontab editor. This editor is started with the crontab -e command.
5. B. The /etc/cron.d directory is used to store cron files for individual services that need tasks to be executed through cron. This directory is mostly filled by installing RPM files that contain cron jobs.
6. A. Although cron jobs that are added to /etc/crontab will be executed, the /etc/crontab file is considered a system file that should not be modified directly.
7. D. anacron is a service that takes care of executing jobs on a regular basis where it is not necessary to specify a specific time.
8. D. By default, the cron.allow file does not exist. If it exists, a user must be listed in it in order to program cron jobs.
9. B. The Ctrl-D key sequence sends the end-of-file (EOF) character to the at shell and closes it.
10. C. The atq command queries the at service and provides an overview of jobs currently scheduled for execution.
Chapter 13
1. C. journald is not a replacement of rsyslogd. It is an additional service that logs information to the journal. In RHEL 8, they are integrated to work together to provide you with the logging information you need.
2. D. Most messages are written to the /var/log/messages file, but authentication-related messages are written to /var/log/secure. Check the contents of /etc/rsyslog.conf and look for authpriv to find out what exactly is happening for this facility.
3. C. SELinux events are logged through the audit service, which maintains its log in /var/log/audit/audit.log.
4. A. The rsyslogd configuration file is /etc/rsyslog.conf.
5. D. The /etc/sysconfig/rsyslog file is the default location to change rsyslogd startup parameters by editing the SYSLOGD_OPTIONS parameter.
6. C. rsyslogd destinations often are files. For further processing, however, log information can be sent to an rsyslogd module. If this is the case, the name of the module is referred to as :modulename:.
7. D. The local facilities local0 through local7 can be used to configure services that do not use rsyslog by default to send messages to a specific rsyslog destination, which needs to be further configured in the rsyslog.conf file.
8. A. The logrotate service can rotate files based on the maximal file size. To configure this, the recommended way is to drop a file in /etc/logrotate.d containing parameters for this specific file.
9. D. If systemd-journald has been configured for persistent storage of the journal, the journal is stored in /run/log/journal. Note that by default the systemd journal is not stored persistently.
10. A. To make the journald journal persistent, you have to create a directory /var/log/journal and set the appropriate permissions to that directory.
Chapter 14
1. A. In GPT, there is no longer a need to differentiate between primary, extended, and logical partitions; in fact, it is not even possible. Using logical partitions is not an advantage due to the limited number of primary partitions available on MBR disks.
2. B. 1 pebibyte (PiB) is 1024 × 1024 × 1024 × 1024 × 1024 bytes.
3. C. Partition type 83 is normally used to create Linux partitions.
4. C. KVM virtual machines use the virtio driver to address hard disks. This driver generates the device /dev/vda as the first disk device.
5. C. A disk can have one partition table only. For that reason, it is not possible to have MBR and GPT partitions on the same disk.
6. B. XFS is used as the default file system; partitions can still be formatted with other file systems, like Ext4.
7. D. The blkid command shows all file systems, their UUID, and if applicable, their label.
8. D. To mount a file system based on its UUID, use UUID=nnnn in the /etc/fstab device column.
9. B and D. To check a file system upon boot, but only after the root file system has been checked successfully, put a 2 in the sixth column in /etc/fstab.
10. B. The _netdev mount option is used to specify that the file system depends on the network to be present before it can be mounted.
Chapter 15
1. B. It is common to create a file system on top of a logical volume, but this is not a requirement. For instance, a logical volume can be used as a device that is presented as a disk device for a virtual machine.
2. C. Copy on write is a feature that is offered by modern file systems, such as Btrfs. It copies the original blocks a file was using before creating a new file, which allows users to easily revert to a previous state of the file. Copy on write is not an LVM feature.
3. D. On a GPT disk, LVM partitions must be flagged with the partition type 8e00.
4. C. The lvcreate command is used to create logical volumes. Use -n name to specify the name. The option -l 50%FREE will assign 50% of available disk space, and vgdata is the volume group it will be assigned from.
5. B and C. The pvdisplay command is used to show extensive information about physical volumes. The pvs command shows a summary of essential physical volume properties only.
6. C. You can increase the size of an XFS file system, but it cannot be decreased.
7. A. To write metadata, each Stratis volume requires 527 MiB of storage.
8. C. You need to mount Stratis volumes using the UUID and not the device name. Also, the option x-systemd.requires=stratisd.service needs to be included to ensure that the stratisd.service is loaded before systemd tries to mount the Stratis volume.
9. A, C, D. Because of its data deduplication features, VDO is doing very well in environments where redundant data is written. This particularly applies to cloud storage, containers, and virtualization.
10. B. The -K option is used with the mkfs.xfs command to ensure that empty data blocks are not discarded immediately.
Chapter 16
1. A. A tainted kernel is caused by drivers that are not available as open source drivers. Using these may have an impact on the stability of the Linux operating system, which is why it is good to have an option to recognize them easily.
2. B. The dmesg utility shows the contents of the kernel ring buffer. This is the area of memory where the Linux kernel logs information to, so it gives a clear overview of recent kernel events.
3. A. The uname -r command shows the current kernel version. The uname -v command gives information about the hardware in your computer, and the procinfo command does not exist.
4. C. The /etc/redhat-release version contains information about the current version of RHEL you are using, including the update level.
5. A. On a systemd-based operating system such as RHEL 8, the systemd-udevd process takes care of initializing new hardware devices.
6. B. Default rules for hardware initialization are in the directory /usr/lib/udev/rules.d; custom rules should be stored in /etc/udev/rules.d.
7. C. The modprobe command is the only command that should be used for managing kernel modules, as it considers kernel module dependencies as well. Use modprobe to load a kernel module and modprobe -r to unload it from memory.
8. C. The lspci -k command lists devices that are detected on the PCI bus and supporting kernel modules that have been loaded for those devices. Alternatively, lspci -v shows more verbose information about modules that are currently loaded.
9. C. The /etc/modprobe.d directory is used for files that create custom configurations. The files /etc/modules.conf and modprobe.conf were used for this purpose in the past. On RHEL 8, kernel module parameters are passed through /usr/lib/modprobe.d if they are used for operating system–managed permanent parameters.
10. C and D. Kernels are not updated; they are installed. You can use either yum update kernel or yum install kernel to do so. There are no additional requirements, which makes answers C and D false.
Chapter 17
1. A. The systemctl enable command creates a want for the current unit in the target that is listed in the [Install] section in the service unit file.
2. C. Servers typically don’t run a graphical interface and will start the multi-user.target.
3. B. There is no restart.target.
4. D. Unit files contain an [Install] section that is used to specify in which target the unit should be started.
5. A. The required statement is AllowIsolate. All other statements mentioned here are invalid.
6. A. To switch from a target with more unit files to a target with fewer unit files, use systemctl isolate.
7. B. The multi-user.target corresponds roughly to runlevel 3 as used in a System V environment.
8. D. Changes to GRUB 2 need to be applied to /etc/default/grub, not to /boot/grub2/grub.cfg. The /boot/grub2/grub.cfg file cannot be edited directly; you have to apply changes to /etc/default/grub and run the grub2-mkconfig command to write them to the appropriate configuration file.
9. B. The grub2-mkconfig command enables you to regenerate the GRUB 2 configuration. The result, by default, is echoed to the screen. Use redirection to write it to a file.
10. B. The /boot/efi/EFI/redhat/grub.cfg file is used to store the GRUB 2 bootloader on a UEFI system.
Chapter 18
1. C. During the boot procedure, the GRUB 2 boot loader gets loaded first. From here, the kernel with the associated initramfs is loaded. Once that has completed, systemd can be loaded.
2. B. The Ctrl-X key sequence leaves the GRUB 2 shell and continues booting.
3. B. The /etc/dracut.conf file is used for managing the initramfs file system.
4. D. The rd.break boot option enters at the end of the initrd phase. The root file system has not been mounted on / yet, which allows for easy troubleshooting.
5. A and C. The rhgb and quiet boot options make it impossible to see what is happening while booting.
6. B. The emergency.target systemd target gives just a root shell and not much more than that. All other options that are mentioned also include the loading of several systemd unit files.
7. C. If you do not get to a GRUB 2 boot prompt, you cannot select an alternate startup mechanism. This situation requires you to use a rescue disk so that GRUB can be reinstalled. If the kernel or initramfs cannot load successfully, you might need to use a rescue disk also, but in many cases an alternate kernel is provided by default.
8. C. The mount -o remount,rw / option remounts the / file system in read/write mode.
9. A. Because the error occurs before the GRUB 2 menu is loaded, the only option to fix this is to use a rescue disk.
10. C. The rd.break method is applied before SELinux is active, which removes the SELinux context label. You’ll have to set this label again before rebooting.
Chapter 19
1. B. The first line of a Bash shell script contains the shebang, which defines the subshell that should be used for executing the script code.
2. A. The exit 0 statement at the end of a script is an optional one to inform the parent shell that the script code was executed successfully.
3. C. The read statement stops a script, which allows a user to provide input. If read is used with a variable name as its argument, the user input is stored in this variable.
4. D. The first argument is referred to as $1. To store $1 in a variable with the name NAME, use the command NAME=$1. Make sure that no spaces are included, which is why answer A is incorrect.
5. D. Both $@ and $* can be used to refer to all arguments that were provided when starting a script, but $@ is the preferred method because it enables the script to distinguish between the different individual arguments, whereas $* refers to all the provided arguments as one entity.
6. D. A conditional loop that is started with if is closed with fi.
7. C. If within an if loop a new conditional check is opened, this conditional check is started with elif.
8. B. After stating the condition in a for loop, do is used to start the commands that need to be started when the condition is true.
9. D. The mail command needs its subject specified with the -s option. The mail command normally waits until a dot is entered on an empty line to start sending the message. This dot can be fed to the mail command using STDIN redirection, using <.
10. A. In a case statement, the different options are proposed with a ) behind them. *) refers to all other options (not specifically specified in the script).
Chapter 20
1. A. X11 forwarding applies to sessions that have already been authorized. Disabling it does not protect against brute-force attacks.
2. C. The AllowUsers parameter can be used to restrict SSH access to specific users only.
3. D. To change the port on which SSH is listening in SELinux, the port must be allowed as well. To do so, use semanage port. The context type needs to be set to ssh_port_t.
4. B. The MaxAuthTries setting starts logging failed login attempts after half the number of attempts specified here.
5. D. Login-related settings are logged to /var/log/secure.
6. C. SSH is trying to do a reversed lookup of the DNS name belonging to a target IP address. If faulty DNS configuration is used, this will take a long time.
7. D. The UseDNS option has nothing to do with SSH session keepalive.
8. A. SSH client settings that apply to a specific user only can be stored in ~/.ssh/ssh_config.
9. C. The ssh-agent command adds an SSH credentials cache to a shell. Next, you need to run ssh-add to add a specific key to the cache.
10. A. By default, an SSH server can support ten sessions only.
Chapter 21
1. A. The httpd package contains the core components of the Apache web server. It can be installed using yum install httpd.
2. A. The default Apache configuration file is /etc/httpd/conf/httpd.conf.
3. C. The DocumentRoot parameter specifies where the Apache web server will look for its contents.
4. A. The ServerRoot parameter defines where Apache will look for its configuration files. All file references in the httpd.conf configuration file are relative to this directory.
5. B. The /etc/http/conf directory contains the main Apache configuration file httpd.conf.
6. D. The /etc/httpd/modules.d directory contains configuration files that are used by specific Apache modules.
7. C. The /etc/httpd/conf.d directory is used by RPMs that can drop files in that directory without changing the contents of the main Apache configuration file.
8. A. The name-based virtual host is used as the default virtual host type. It allows multiple virtual hosts to be hosted on the same IP address.
9. A. The VirtualHost parameter is used to open a virtual host definition. * refers to all IP addresses, and :80 defines the port it should listen on.
10. C. No additional packages need to be installed to enable virtual hosts. Virtual hosts are supported through the default httpd RPM package.
Chapter 22
1. D. Enabled is not a valid mode that can be set using setenforce or the /etc/sysconfig/selinux configuration file.
2. A and D. The getenforce command is used to request the current SELinux mode. The sestatus command can be used also. It shows the current mode, and some additional security-related information as well.
3. A. For basic SELinux configuration, you need to make sure that the appropriate context type is set. User and role are for advanced use only.
4. D. SELinux security can be applied to users, files, and ports.
5. C. The -Z option displays SELinux-related information and can be used with many commands.
6. D. This is the only command that provides correct usage information about semanage. Remember that chcon should be avoided at all times.
7. B. When moving a file, the original file context is moved with the file. To ensure that the file has the context that is appropriate for the new file location, you should use restorecon on it.
8. B. To change Booleans, use setsebool; to make the change persistent, use -P.
9. A. SELinux messages are logged by auditd, which writes the log messages to /var/log/audit/audit.log. Only if sealert is installed are messages written to /var/log/messages as well, but that does not happen by default.
10. D. SELinux log messages always contain the text avc, which stands for access vector cache.
Chapter 23
1. A. On a default configuration, there is no untrusted zone in firewalld.
2. C. Netfilter is the name of the firewall implementation in the Linux kernel. Different toolsets exist to manage netfilter firewalls. Iptables has been the default management interface for a long time, and in Red Hat Enterprise Linux 7, firewalld was added as an alternative solution to manage firewalls.
3. D. Firewalld and iptables are mutually exclusive.
4. C. The firewall-cmd --get-services command shows all services that are available in firewalld.
5. C. The name of the GUI tool that can be used to manage firewall configurations is firewall-config.
6. B. Answer B shows the correct syntax.
7. A. The trusted zone is provided for interfaces that need minimal protection.
8. D. Configuration that is added with the --permanent option is not activated immediately and needs either a restart of the firewalld service or the command firewall-cmd --reload.
9. B. The --list-all command without further options shows all configurations for all zones.
10. A. When working with firewall-config, you need to choose between the runtime configuration and the persistent configuration.
Chapter 24
1. B. In the default configuration, NFS share access is based on UID matching between the client and server. To enable anonymous user access, you need to specify the sec=none mount option.
2. A. NFSv4 does not offer straight integration with Active Directory. Similar functionality is provided by the option to use Kerberized security.
3. D. The nfs-utils package contains all that is needed to mount NFS shares.
4. D. showmount is using the NFS portmapper, which is using random UDP ports to make the connection. Portmapper traffic is not automatically allowed when the nfs service is added to the firewall because RPC ports that are needed by showmount are blocked by the firewall. Ensure that the rpc-bind and mountd services are added to the firewall to enable the showmount command to work as it should.
5. A. To authenticate to a Samba share, you need to use the -o username=sambauser option to specify the username.
6. D. To avoid having to put a username and password in clear text in the /etc/fstab file, you can use a credentials file while mounting the share.
7. D. You do not have to set permissions on the local file system for automount to be effective.
8. B. Each automounted directory should have a configuration file that has a name that matches the name of the automounted directory. For /myfiles, that would be /etc/auto.myfiles.
9. C. The first element is *, which refers to all directories that may be accessed in the local directory. The & matches this directory on the NFS share. The -rw option is used to specify NFS mount options.
10. A. Automount uses the autofs service.
Chapter 25
1. C. When booting, a server reads the hardware clock and sets the local time according to hardware time.
2. D. Hardware time on Linux servers typically is set to UTC, but local administrators may choose to make an exception to that general habit.
3. D. The timedatectl command, introduced as a new solution in RHEL 7, allows you to manage many aspects of time.
4. C. Atomic clocks can be used as a very accurate alternative to the normal hardware clock.
5. D. The /etc/chrony.conf file contains the default list of NTP servers that should be contacted on RHEL 8.
6. C. The -s option is used to set the current time, and to do so, military time format is the default.
7. A. To translate epoch time into human time, you need to put @ in front of the epoch time string.
8. C. The hwclock -c command opens an interface that is refreshed every 10 seconds and shows the current hardware time, the system time, and the difference between the two of them.
9. D. When used without arguments, timedatectl gives a complete overview of current time settings on your server.
10. B. The chronyc sources command will show all current synchronization sources, as well as the stratum that was obtained from these sources.
Answers to the Review Questions
Chapter 1
1. Use CentOS to create an environment to practice for the exam without purchasing a RHEL license.
2. 32-bit RHEL does not support virtualization.
3. You need 512 MB of RAM to install a minimal system.
4. By default, updates and installation of additional software packages require Internet connectivity.
5. Use an ISO image to install a virtual machine on the computer.
6. To manage virtualization in an easy way, you need virt-manager, which is a GUI utility.
7. XFS is the default file system on RHEL 8.
8. You can install RHEL if you do not have Internet access. But you cannot register with RHN, so you will not have access to repositories after the installation has finished.
9. Repository access is the most important feature offered through RHN.
10. Use the Minimal Install pattern if you have a very limited amount of disk space available.
Chapter 2
1. A variable is a placeholder that contains a specific value and that can be used in scripts to work with dynamic contents.
2. man -k enables you to find the correct man page based on keyword usage.
3. Change /etc/bashrc to ensure a variable is set for every shell that is started.
4. Use pinfo to read the information.
5. Bash stores its history in ~/.bash_history.
6. mandb updates the database that contains man keywords.
7. Use u to undo the last modification you have applied in vim.
8. Add 2> /dev/null to a command to ensure that it doesn’t show an error message.
9. Use echo $PATH to read the current contents of the $PATH variable.
10. Press Ctrl-r and type dog.
Chapter 3
1. /etc contains configuration files.
2. ls -alt displays a list of current directory contents, with the newest files listed first. (-a also shows files that have a name that starts with a dot.)
3. mv myfile yourfile renames myfile to yourfile.
4. rm -rf /directory wipes an entire directory structure, including all of its contents.
5. ln -s /tmp ~ creates in your home directory a link to /tmp.
6. cp /etc/[abc]* . copies all files that have a name that starts with a, b, or c from the directory /etc to your current directory.
7. ln -s /etc ~ creates in your home directory a link to /etc.
8. Use rm symlink to safely remove a symbolic link to a directory. If rm is aliased to rm -i and you do not want to answer yes for every individual file, use m instead.
9. tar zcvf /tmp/etchome.tgz /etc /home creates a compressed archive of /etc and /home and writes it to /tmp/etchome.tgz.
10. tar xvf /tmp/etchome.tgz /etc/passwd extracts /etc/passwd from /tmp/etchome.tgz.
Chapter 4
1. ps aux | less shows the results of ps aux in a way that is easily browsable.
2. tail -n 5 ~/samplefile shows the last five lines from ~/samplefile.
3. wc ~/samplefile. You might use -w to show only the number of words.
4. Press Ctrl-C to stop showing output.
5. grep -v -e '^#' -e '^;' filename excludes all lines that start with either a # or a ;.
6. Use ? to match one or more of the preceding characters.
7. grep -i text file finds both text and TEXT in a file.
8. grep -A5 '^PATH' filename shows all lines starting with PATH as well as the preceding five lines.
9. sed -n 9p ~/samplefile shows line 9 from ~/samplefile.
10. sed -i 's/user/users/g' ~/samplefile replaces the word user with the word users in ~/samplefile.
Chapter 5
1. Typically, the console is the main screen on a Linux server.
2. Press Ctrl-Alt-F2 to switch back from a text-based login prompt to current work on the GUI.
3. w or who shows all users who currently have a terminal session open to a Linux server.
4. /dev/pts/0 is the device name that is used by the first SSH session that is opened to a server where no GUI is operational.
5. ssh -v shows detailed information on what SSH is doing while logging in.
6. ssh -X initiates an SSH session with support for graphical applications.
7. ~/.ssh/ssh_config needs to be edited to modify SSH client settings.
8. scp /etc/hosts lisa@server2:/tmp copies the /etc/hosts file to the directory /tmp on server2 using the username lisa.
9. ~/.ssh/authorized_keys stores public keys for remote users who want to log in using key-based authentication.
10. ssh-keygen generates an SSH public/private key pair.
Chapter 6
1. 0 is the UID of user root.
2. sudo is defined in /etc/sudoers.
3. Use visudo to modify a sudo configuration.
4. /etc/default/useradd and /etc/login.defs can be used to define settings that will be used when creating users.
5. None, because groups are created in /etc/group.
6. Making a user a member of the wheel group grants the user access to all admin commands through sudo.
7. Use vigr to modify the /etc/group file manually.
8. passwd and chage can be used to change user password information.
9. /etc/shadow stores user passwords.
10. /etc/group stores group accounts.
Chapter 7
1. chown :groupname filename or chown .groupname filename sets the group owner to a file.
2. find / -user username finds all files owned by a specific user.
3. chmod -R 770 /data applies read, write, and execute permissions to all files in /data for the user and group owners while setting no permissions for others.
4. In relative permission mode, use chmod +x file to add the execute permission to a file that you want to make executable.
5. Using chmod g+s /directory ensures that group ownership of all new files created in a directory is set to the group owner of that directory.
6. chmod +t /directory ensures that users can only delete files of which they are the owner or files that are in a directory of which they are the owner.
7. setfacl -m g:sales:r * adds an ACL that grants members of the group sales read permissions to all existing files in the current directory.
8. Using the commands setfacl -R -m g:sales:rx /dir and setfacl -m d:g:sales:rx /dir ensures that members of sales get read permissions to all files in the current directory and all of its subdirectories, as well as all files created in this directory in the future.
9. Make sure that the last digit in the umask is a 7.
10. chattr +i myfile ensures that nobody can delete myfile by accident.
Chapter 8
1. 213.214.215.96 is the network address in 213.214.215.99/29.
2. ip link show shows link status and not the IP address.
3. NetworkManager manages network configuration in RHEL 8.
4. /etc/hostname contains the hostname in RHEL 8.
5. hostnamectl enables you to set the hostname easily.
6. Run nmcli con up after manually changing the contents of the /etc/sysconfig/ifcfg files.
7. Change /etc/hosts to enable hostname resolution for a specific IP address.
8. ip route show shows the current routing configuration.
9. systemctl status NetworkManager verifies the service’s current status.
10. nmcli con mod "static" ipv4.addresses "10.0.0.20/24" 10.0.0.100 changes the current IP address and default gateway on your network connection.
Chapter 9
1. createrepo enables you to make a directory containing a collection of RPM packages a repository.
2. The line [some-label] name=some-name baseurl=http://server.example.com/repo needs to be in the repository file.
3. yum repolist verifies that a repository is available.
4. yum provides */useradd enables you to search the RPM package containing the file useradd.
5. Using yum group list followed by yum group info "Security Tools" shows the name and contents of the yum group that contains security tools.
6. yum module enable php:5.1 ensures that all PHP-related packages are going to be installed using the older version 5.1, without actually installing anything yet.
7. rpm -q --scripts packagename enables you to ensure that a downloaded RPM package does not contain dangerous script code.
8. rpm -qd name-of.rpm shows all documentation in an RPM package.
9. rpm -qf /path/to/file shows which RPM package a file comes from.
10. repoquery enables you to query software from the repository.
Chapter 10
1. jobs gives an overview of all current shell jobs.
2. Press Ctrl-Z and type bg to stop the current shell job to continue running it in the background.
3. Press Ctrl-C to cancel the current shell job.
4. Use process management tools such as ps and kill to cancel the job.
5. ps fax shows parent-child relationships between processes.
6. Use renice -nn -p PID, where nn is a value between –1 and –20. Notice that you need to be root in order to increase process priority.
7. killall dd stops all running processes.
8. pkill mycommand stops mycommand.
9. k is used to kill a process.
10. The tuned service must be running to select a performance profile.
Chapter 11
1. A unit is a thing that is started by systemd. There are different types of units, such as services, mounts, sockets, and many more.
2. Use systemctl list-units to show all service units that are currently loaded.
3. You create a want for a service by using the systemctl enable command.
4. Set the SYSTEMD_EDITOR variable in /etc/profile to change the default editor for systemctl.
5. /etc/systemd/system/ contains custom systemd unit files.
6. Include Requires to ensure that a unit file will automatically load another unit file.
7. systemctl show httpd shows available configuration options for the httpd.service unit.
8. systemctl list-dependencies --reverse shows all dependencies for a specific unit.
9. systemctl status output indicating that a unit is dead is nothing serious; it simply means the service is currently not running.
10. Using systemctl edit on the unit that you want to modify creates a systemd override file.
Chapter 12
1. A cron job that needs to be executed once every 2 weeks is configured as a specific cron file in /etc/cron.d, or tied to a user account using crontab -e -u username.
2. 0 14 1,15 * * specifies the execution time in a cron job that needs to be executed twice every month, on the 1st and the 15th of the month at 2 p.m.
3. */2 * * * * specifies the cron execution time for a job to run every 2 minutes every day.
4. 0 0 19 9 4 specifies a job that needs to be executed on September 19 and every Thursday in September.
5. sun, 0, and 7 all specify that a cron job needs to be executed on Sunday.
6. crontab -e -u lisa enables you to schedule a cron job for user lisa.
7. Create the file /etc/cron.deny and make sure that it includes username boris.
8. Specify the job in /etc/anacrontab and make sure that the anacron service is operational.
9. The atd service must be running to schedule at jobs; use systemctl status atd to verify.
10. Use atq to find out whether any current at jobs are scheduled for execution.
Chapter 13
1. /etc/rsyslog.conf is used to configure rsyslogd.
2. /var/log/secure contains messages related to authentication.
3. Log files are rotated away by default after five weeks (one week for the current file, and four weeks for old files).
4. logger -p user.notice "some text" logs a message from the command line to the user facility, using the notice priority.
5. Create a file in /etc/rsyslog.d. The name does not really matter. Give it the following contents: *.=info /var/log/messages.info.
6. You can configure the journal to grow beyond its default size restrictions in /etc/systemd/journald.conf.
7. journalctl -f shows new messages in the journal scroll by in real time.
8. journalctl _PID=1 --since 9:00:00 --until 15:00:00 shows all journald messages that have been written for PID 1 between 9:00 a.m. and 3:00 p.m.
9. On a system where a persistent journal has been configured, journalctl -b shows journald messages since the last reboot.
10. Making the journald journal persistent requires the following four commands, in order: mkdir /var/log/journal; chown root:systemd-journal /var/log/journal; chmod 2755 /var/log/journal; killall -USR1 systemd-journald.
Chapter 14
1. gdisk is used to create GUID partitions.
2. fdisk is used to create MBR partitions.
3. XFS is the default file system on RHEL 8.
4. /etc/fstab is used to automatically mount partitions while booting.
5. The noauto mount option is used to specify a file system should not be mounted automatically while booting.
6. mkswap enables you to format a partition that has type 82 with the appropriate file system.
7. mount -a enables you to test, without actually rebooting, whether automatic mounting of the partitions while booting is going to work.
8. Ext2 is created if you use the mkfs command without specifying a file system.
9. Use either mkfs.ext4 or mkfs -t ext4 to format an Ext4 partition.
10. Use blkid to find UUIDs for all devices on your computer.
Chapter 15
1. The 8e00 partition type is used on a GUID partition that needs to be used in LVM.
2. vgcreate vggroup -s 4MiB /dev/sdb3 creates the specified volume group.
3. pvs shows a short summary of the physical volumes on your system as well as the volume group to which these belong.
4. Just type vgextend vggroup /dev/sdd. You do not have to do anything on the disk device itself.
5. Use lvcreate -L 6M -n lvvol1 vgname. Notice that this works only if you have created the volume group with a 2-MiB physical extent size.
6. lvextend -L +100M /dev/vgname/lvvol1 adds 100 MB to the logical volume lvvol1.
7. UUID=xxx /stratis1. Xfs. defaults,x-systemd.requires=stratisd.service 0 0
8. stratis pool create mypool /dev/sdd creates a Stratis pool that is based on the block device /dev/sdd.
9. vdo create --name=vdo1 --device=/dev/sde --vdoLogicalSize=1T creates a VDO device with a virtual size of 1 TiB.
10. Use the discard option -k with mkfs.xfs to create an XFS file system on top of a VDO thin-provisioned volume.
Chapter 16
1. uname -r shows the current version of the kernel on a computer.
2. Current version information about your RHEL 8 installation is found in /etc/redhat-release.
3. lsmod shows a list of currently loaded kernel modules.
4. modinfo modulename displays kernel module parameters.
5. modprobe -r unloads a kernel module.
6. Use lsmod to find out which other kernel modules currently need this kernel module and unload these kernel modules first. Note that this will not always work, especially if the considered hardware currently is in use.
7. Use modinfo to find which kernel module parameters are supported.
8. Create a file in /etc/modprobe.d and include the parameters using an options statement.
9. Include options cdrom debug=1 in the file that will automatically load the cdrom module.
10. yum upgrade kernel installs a new version of the kernel.
Chapter 17
1. A unit is a thing that is started by systemd. There are different types of units, such as services, mounts, sockets, and many more.
2. Use systemctl mask to make sure that a target is no longer eligible for automatic start on system boot.
3. Modify /etc/default/grub to apply common changes to GRUB 2.
4. systemctl --type=service shows all service units that are currently loaded.
5. Create a want for a service by using systemctl enable on that service.
6. systemctl isolate rescue.target switches the current operational target to the rescue target.
7. There are two types of targets: targets that can run independently and targets that cannot. Check the target unit file to find out more about this and ensure the target is isolatable (which means it can run independently).
8. systemctl list-dependencies --reverse shows which other units have dependencies to a systemd service.
9. Apply changes to GRUB 2 in /etc/default/grub.
10. Run grub2-mkconfig > /boot/grub2/grub.cfg after applying changes to the GRUB 2 configuration.
Chapter 18
1. Press e to enter the GRUB boot menu editor mode.
2. An error in /etc/fstab prevents the fsck command on that file system from finishing successfully.
3. Pass systemd.unit=rescue.target to the kernel to enter a mode that provides access to most of the machine’s functionality.
4. Start from a rescue system.
5. systemctl list-units shows which units are available in a specific troubleshooting environment.
6. Pass rd.break to the GRUB 2 boot loader to start troubleshooting a lost root password.
7. load_policy -i loads the SELinux policy.
8. chcon -t shadow_t /etc/shadow ensures that the SELinux labels are set correctly.
9. grub2-mkconfig -o /boot/grub2/grub.cfg saves changes applied to the GRUB 2 boot loader.
10. systemd.unit=emergency.target enters the most minimal troubleshooting mode.
Chapter 19
1. The script will be interpreted by the same shell as the parent shell.
2. test -z $VAR or [ -z $VAR ] can be used to check whether a variable VAR has no value.
3. Use $# to count the number of arguments that have been used.
4. Use $@ to refer to all arguments that have been used when starting the script.
5. Use read SOMEVAR to process user input in a script.
6. [ -f filename ] || echo file does not exist determines whether the file exists and, if not, executes the specified command.
7. [ -e filename ] can be used to determine whether an item is a file or a directory.
8. A for statement is typically used to evaluate a range of items.
9. You do not; it is a part of the if statement that is closed with fi.
10. Using ;; after the last command closes the specific item.
Chapter 20
1. Use ssh-agent and ssh-add to cache the passphrase that is set on your private key.
2. Use AllowUsers lisa to disallow root login and only allow user lisa to log in to your server.
3. Specify the Port line twice to configure your SSH server to listen on two different ports.
4. The main SSH configuration file is /etc/ssh/sshd_config.
5. The passphrase will be stored in a protected area in memory.
6. /etc/ssh/ssh_config contains SSH client settings for all users.
7. The MaxSessions parameter that manages this feature is already set to 10 as a default, so you don’t need to change anything.
8. semanage port -a -t ssh_port_t -p tcp 2022 configures SELinux to allow SSH to bind to port 2022.
9. firewall-cmd –add-port 2022/tcp --permanent; firewall-cmd --reload configure the firewall on the SSH server to allow incoming connections to port 2022.
10. Try UseDNS. This option, which is active by default, uses DNS to get the name of the target host for verification purposes.
Chapter 21
1. The Basic Web Server group contains useful Apache packages.
2. systemctl enable --now httpd starts the httpd service automatically when booting.
3. /etc/httpd/conf.d is the default location where RPMs can drop plug-in configuration files that should be considered by the Apache server.
4. curl enables you to test a web server from a server that does not offer a graphical interface.
5. /etc/httpd/conf/httpd.conf is the default Apache configuration file.
6. /var/www/html is used as the default Apache document root.
7. The Apache process looks for index.html.
8. Use either systemctl status httpd or ps aux| grep http to check whether the Apache web server is currently running.
9. /etc/httpd/conf.d is the preferred location for storing virtual host configuration files.
10. The ServerRoot is set by default to /etc/httpd.
Chapter 22
1. setenforce 0 puts SELinux in permissive mode temporarily.
2. getenforce -a or semanage boolean -l provides a list of all available Booleans.
3. Use the sepolicy manpage command to see the service-specific SELinux man page.
4. Install setroubleshoot-server to get easy-to-read SELinux log messages in the audit log.
5. Use semanage fcontext -a -t httpd_sys_content_t "/web(/.*)?" followed by restorecon to apply the httpd_sys_content_t context type to the directory /web.
6. Never!
7. Change /etc/sysconfig/selinux to completely disable SELinux.
8. SELinux logs all of its messages in /var/log/audit/audit.log.
9. man -k _selinux | grep ftp shows which context types are available for the ftp service.
10. Use setenforce 0 to temporarily switch SELinux to permissive mode and try again.
Chapter 23
1. firewalld should be running before you try to create a firewall configuration with firewall-config.
2. firewall-cmd --add-port=2345/udp adds UDP port 2345 to the firewall configuration in the default zone.
3. firewall-cmd --list-all-zones lists all firewall configuration in all zones.
4. firewall-cmd --remove-service=vnc-server removes the vnc-server service from the current firewall configuration.
5. --reload activates a new configuration added with the --permanent option.
6. --list-all enables you to verify that a new configuration has been added to the current zone and is now active.
7. firewall-cmd --add-interface=eno1 --zone=public adds the interface eno1 to the public zone.
8. The new interface will be added to the default zone.
9. firewall-cmd --permanent --add-source=192.168.0.0/24 adds the source IP address 192.168.0.0/24 to the default zone.
10. firewall-cmd --get-services lists all services that are currently available in firewalld.
Chapter 24
1. The showmount command needs the mountd and rpc.bind services to be opened in the firewall as well.
2. showmount -e server1 shows available NFS mounts on server1. Note that the showmount command does not get through a firewall.
3. mount [-t nfs] server1:/share /somewhere mounts an NFS share that is available on server1:/share.
4. smbclient -L shows SMB mounts on a specific server.
5. cifs-utils must be installed on an SMB client before you can make an SMB mount.
6. mount -t cifs -o guest //server1/data /mnt mounts the Samba share data on server1 with guest access on the local directory /mnt.
7. Use a credentials file that contains at least the username and password that need to be used. Specify all mount options and use creds=/somewhere/credentials.file in the mount options column.
8. auto.master is the main automount configuration file.
9. autofs implements automount.
10. None. You’ll have to open ports on the server, not on the client.
Chapter 25
1. date -s 16:24 sets the system time to 4:24 p.m.
2. hwclock --systohc sets the hardware time to the current system time.
3. date -d '@nnnnnnn' shows epoch time as human-readable time.
4. hwclock --hctosys synchronizes the system clock with the hardware time.
5. chronyd is used to manage NTP time on RHEL 8.
6. timedatectl set-ntp 1 enables you to use NTP time on your server.
7. /etc/chrony.conf contains the list of NTP servers to be used.
8. Either timedatectl list-timezones or tzselect can be used to list time zones.
9. timedatectl set-timezone ZONE is used to set the current time zone.
10. timedatectl set-time TIME is used to set the system time.