When working with services in RHEL 7, you can check if a service is currently running with the is-active option or enabled at boot time with the is-enabled option. But it is more difficult to know if the unit file is located in /usr/lib/systemd/system or /etc/systemd/system in the case of a custom service. It is also not obvious to know when the service was started or to get some CGroup information.
The systemctl status command brings all this information and even more.
Let’s take the httpd example and run the following command:

# systemctl status httpd
httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled)
Active: active (running) since Tue 2015-04-21 11:48:23 CEST; 24h ago
Main PID: 2446 (httpd)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
CGroup: /system.slice/httpd.service
└─2446 /usr/sbin/httpd -DFOREGROUND
└─2447 /usr/sbin/httpd -DFOREGROUND
└─2448 /usr/sbin/httpd -DFOREGROUND
└─2449 /usr/sbin/httpd -DFOREGROUND
└─2450 /usr/sbin/httpd -DFOREGROUND
└─2451 /usr/sbin/httpd -DFOREGROUND
└─2452 /usr/sbin/httpd -DFOREGROUND

Apr 21 11:48:23 server1.example.com systemd[1]: Starting The Apache HTTP Ser....
Apr 21 11:48:23 server1.example.com systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.

The first line gives you a description of the service. You then learn that Systemd loaded the unit file from /usr/lib/systemd/system/httpd.service and the service is not enabled at boot time (disabled).
You next learn that the service has been running (active) for 24 hours and when was exactly the launch date.
The following line provides the Process ID.
In the case of the httpd service, you even get a quick activity report.
Then, the CGroup information is shown with the list of the child processes.
Finally, an extract from the journal is displayed with the most useful events.

Even though at first sight the systemctl status command seems to display too many lines, when you look at it, everything is there!

ISCSI configuration is a very tricky topic of the RHCE 7 exam.

If a RHCE candidate takes the exam without previous iScsi experience, he will fail!
Man pages are not enough to understand the intricacy of this subject and there is too much to read in a so limited time.

With iScsi configuration, you have to choose among several backstores, mainly fileio and block. Then, you have to set authentication, basic or CHAP (Challenge Handshake Authentication Protocol).

Also, you have to understand what is a target (the server side), an initiator (the client side), a LUN (Logical Unit Number), a portal (an entry point consisting of an ip address and a port), a TPG (Target Portal Group) and an ACL (Access Control List).

To get comfortable with this topic, you will have to practice iSCSI configuration at least 8 times: with each kind of backstores, with each kind of main authentication mechanisms and at least twice to get it memorized!

Good luck!

Today, Centos 7 (1503) aka CentOS 7.1 has just been released.
The distribution can now be downloaded from the CentOS website.

The Release Notes explain the major changes:

• As of March 2015 ABRT (>= 2.1.11-19.el7.centos.0.1) can report bugs directly to bugs.centos.org.
• Support for new processors (Intel Broadwell) and graphics (AMD Hawaii)
• Full support for LVM cache
• Ability to mount ceph block devices
• Updated Hyper-V network drivers
• New libguestfs features
• Full support for OpenJDK-1.8.0
• Improved clock stability (for PTP and NTP)
• Updated Networkmanager packages to version 1.0
• Updated docker to 1.4.1
• Updated OpenSSH to 6.6.1
• New package: Mozilla Thunderbird
• Update to numerous storage, network and graphics drivers
• Technology Preview: Support of the Btrfs file system, OverlayFS and the Cisco VIC kernel driver.

Reminder: This version is mandatory for RHCE candidates. It brings fixes for the Samba + Kerberos objective.

Happy download!

If you have to migrate a HTTPD server from RHEL 6/CentOS 6 to RHEL 7/CentOS 7, you should be careful.

The default HTTPD SELinux policy has changed and very limited information has been provided about it: many free tutorials available on the Internet won’t work because of SELinux!

In RHEL 6/CentOS 6, you didn’t need to define precisely what directories or files you were allowed to read, write and execute. You could assign the httpd_sys_content_t SELinux context to all the directories and files under the /var/www/html directory or any path of your choice and, as the httpd_unified SELinux boolean was set to on by default, you could get read, write, and execution access rights everywhere within this path. Things were pretty simple!

With RHEL 7/CentOS 7, the httpd_unified SELinux boolean is now set to off by default, meaning that the httpd_sys_content_t SELinux context allows only read access.

You’ve got now three cases:

• you agree with the previous relaxed SELinux policy: set the httpd_unified SELinux boolean to on and you are done,
• you accept the new restricted policy and your webserver uses the /var/www/html path: apply the restorecon -R /var/www/html command and test your webserver behaviour,
• you accept the new restricted policy but your server doesn’t use the standard /var/www/html path: you have to define precisely all the SELinux rules to get read, write or execution access rights.

With WordPress websites for example, a symptom of a wrong SELinux configuration can be the inability to upload anything or when updating a plugin getting a message asking for the ftp account!

At the end of the day, there is nothing complicated. But you need to be aware!

Additional information is available in the HTTPD SELinux policy page.

Although keeping a system tidy is not an exam objective, it’s a nice skill to have.

Three tutorials can help you to progress in this domain:

• How to keep your system clean: this tutorial teaches you how to better manage regular package additions and removals,
• How to set the number of old kernels kept: this tutorial shows you how to restrict the number of kernels to keep in your system,
• How to configure automatic updates: this tutorial explains how to automate package updates according to your needs.

Through these various pages you will learn that yum is your friend.

Today, Red Hat announces the official release of RHEL 7.1. To know more about this new version you can read a summary of the RHEL 7.1 changes or the RHEL 7.1 Release Notes.

In addition, Red Hat is also releasing its RHEL 7 Atomic Host, an operating system optimized for running the next generation of applications with Linux containers.

Finally, for the RHCE certification candidate it’s an interesting day: Red Hat today delivers a bunch of software updates. One of them fixes some embarassing bugs preventing Samba+Kerberos configurations from working. Hopefully, these updates will be available soon in CentOS 7.

In order to make mobile connection easier the website theme has been changed.
It should now be handier to access pages during a trip.

In addition, there are two new quiz: one for the RHCSA 7 exam and one for the RHCE 7 exam.

Braindumps are a pretty stupid way to get prepared for the hands-on RHCSA/RHCE exams, they don’t teach you anything about understanding or reasoning. However, learning by heart specific command syntax or tricks can be very useful to remember key points not only during the exams, but also after.

Each of this quiz contains more than 30 questions and more will be added in the future.

Enjoy!

Every day I can hear someone saying: the ifconfig command has been removed from the RHEL 7/CentOS 7 distribution and nobody told me anything!
Invariably, it’s about a RHEL/CentOS minimal installation.
To alleviate this unpleasant situation, there is now a minimal image survival guide.
Next time you happen to hear someone ranting about minimal installation, forward him this survival guide, it will be your good deed of the day!

Just to remind you that you have until February 28 to buy your voucher for the RHCSA 6 or RHCE 6 exams. Then, you will have 1 year from the purchase date to take the exams.
After February 28, you will have to learn RHEL 7.

Note: If you’ve got a valid RHCSA 6 certification, you can already take the RHCE 7 exam.

Source: https://www.facebook.com/RedHatCertified.

The Linux Foundation is making some adjustments to its LFCS and LFCE exams starting on March 1, 2015:

• in the LFCS exam objectives, RAID is replaced with LVM,
• in the LFCS exam, the pass mark becomes 74% (instead of 65%),
• in the LFCE exam, the pass mark is now 72% (instead of 65%),
• some updates to security protocols occur,
• the exam interface’s got some improvements.

Perhaps in response to the Red Hat RHCE 7 exam hardening, the Linux Foundation makes its exams more difficult to get by raising their pass mark: an exam too easy to pass doesn’t get good publicity nor doesn’t trigger good training sales.

Sources: Linux Foundation LFCS & LFCE pages.