RedHat Red Hat Certified Engineer (RHCE) exam for Red Hat Enterprise Linux 8 EX294 Exam Practice Test

Page: 1 / 14
Total 35 questions

Want more questions? Get Premium Access.
()

Question 1

Create user accounts

------------------------

--> A list of users to be created can be found in the file called user_list.yml

which you should download from http://classroom.example.com/user_list.yml and

save to /home/admin/ansible/

--> Using the password vault created elsewhere in this exam, create a playbook called

create_user.yml

that creates user accounts as follows:

--> Users with a job description of developer should be:

--> created on managed nodes in the "dev" and "test" host groups assigned the

password from the "dev_pass"

variable and these user should be member of supplementary group "devops".

--> Users with a job description of manager should be:

--> created on managed nodes in the "prod" host group assigned the password from

the "mgr_pass" variable

and these user should be member of supplementary group "opsmgr"

--> Passwords should use the "SHA512" hash format. Your playbook should work using

the vault password file

created elsewhere in this exam.

while practising you to create these file hear. But in exam have to download as per

questation.

user_list.yml file consist:

---

user:

- name: user1

job: developer

- name: user2

job: manager

AExplanation:
Solution as:
# pwd
/home/admin/ansible
# wget http://classroom.example.com/user_list.yml
# cat user_list.yml
# vim create_user.yml
---
- name:
hosts: all
vars_files:
- ./user_list.yml
- ./vault.yml
tasks:
- name: creating groups
group:
name: '{{ item }}'
state: present
loop:
- devops
- opsmgr
- name: creating user
user:
name: '{{ item.name }}'
state: present
groups: devops
password: '{{ dev_pass|password_hash ('sha512') }}'
loop: '{{ user }}'
when: (inventory_hostname in groups['dev'] or inventory_hostname in
groups['test']) and item.job == 'developer'
- name: creating user
user:
name: '{{ item.name }}'
state: present
groups: opsmgr
password: '{{ mgr_pass|password_hash ('sha512') }}'
loop: '{{ user }}'
when: inventory_hostname in groups['prod'] and item.job == 'manager'
:wq!
# ansible-playbook create_user.yml ---vault-password-file=password.txt ---syntax-check
# ansible-playbook create_user.yml ---vault-password-file=password.txt

Answer : A

Question 2

Create a file called packages.yml in /home/sandy/ansible to install some packages for the following hosts. On dev, prod and webservers install packages httpd, mod_ssl, and mariadb. On dev only install the development tools package. Also, on dev host update all the packages to the latest.

AExplanation:
Solution as:

** NOTE 1 a more acceptable answer is likely 'present' since it's not asking to install the latest
state: present
** NOTE 2 need to update the development node
- name: update all packages on development node
yum:
name: '*'
state: latest

Answer : A

Question 3

Create an ansible vault password file called lock.yml with the password reallysafepw in the /home/sandy/ansible directory. In the lock.yml file define two variables. One is pw_dev and the password is 'dev' and the other is pw_mgr and the password is 'mgr' Create a regular file called secret.txt which contains the password for lock.yml.

AExplanation:
ansible-vault create lock.yml
New Vault Password: reallysafepw
Confirm: reallysafepw

Answer : A

Question 4

Create a file called adhoc.sh in /home/sandy/ansible which will use adhoc commands to set up a new repository. The name of the repo will be 'EPEL' the description 'RHEL8' the baseurl is 'https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rmp' there is no gpgcheck, but you should enable the repo.

* You should be able to use an bash script using adhoc commands to enable repos. Depending on your lab setup, you may need to make this repo "state=absent" after you pass this task.

AExplanation:
chmod 0777 adhoc.sh
vim adhoc.sh
#I/bin/bash
ansible all -m yum_repository -a 'name=EPEL description=RHEL8
baseurl=https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rmp
gpgcheck=no enabled=yes'

Answer : A

Question 5

Create an Ansible vault to store user passwords as follows:

* The name of the vault is valut.yml

* The vault contains two variables as follows:

- dev_pass with value wakennym

- mgr_pass with value rocky

* The password to encrypt and decrypt the vault is atenorth

* The password is stored in the file /home/admin/ansible/password.txt

AExplanation:
Solution as:
# pwd
/home/admin/ansible
# echo 'atenorth' >password.txt
# chmod 0600 password.txt
# ansible-vault create vault.yml --vault-password-file=password.txt
---
- dev_pass: wakennym
- mgr_pass: rocky
:wq
# cat vault.yml
$ANSIBLE_VAULT;1.1;AES256
36383862376164316436353665343765643331393433373564613762666531313034336438353662
3464346331346461306337633632393563643531376139610a343531326130663266613533633562
38623439316631306463623761343939373263333134353264333834353264343934373765643737
3535303630626666370a643663366634383863393338616661666632353139306436316430616334
65386134393363643133363738656130636532346431376265613066326162643437643064313863
6633333537303334333437646163343666666132316639376531
# ansible-vault view vault.yml
password:******
---
- dev_pass: wakennym
- mgr_pass: rocky

Answer : A

Question 6

Create a playbook called issue.yml in /home/sandy/ansible which changes the file /etc/issue on all managed nodes: If host is a member of (lev then write "Development" If host is a member of test then write "Test" If host is a member of prod then write "Production"

AExplanation:
Solution as:

Answer : A

Question 7

Create a playbook called web.yml as follows:

* The playbook runs on managed nodes in the "dev" host group

* Create the directory /webdev with the following requirements:

--> membership in the apache group

--> regular permissions: owner=r+w+execute, group=r+w+execute, other=r+execute

s.p=set group-id

* Symbolically link /var/www/html/webdev to /webdev

* Create the file /webdev/index.html with a single line of text that reads:

''Development''

--> it should be available on http://servera.lab.example.com/webdev/index.html

AExplanation:
Solution as:
# pwd
/home/admin/ansible/
# vim web.yml
---
- name:
hosts: dev
tasks:
- name: create group
yum:
name: httpd
state: latest
- name: create group
group:
name: apache
state: present
- name: creating directiory
file:
path: /webdev
state: directory
mode: '2775'
group: apache
- sefcontext:
target: '/webdev/index.html'
setype: httpd_sys_content_t
state: present
- name: Apply new SELinux file context to filesystem
command: restorecon -irv
- name: creating symbolic link
file:
src: /webdev
dest: /var/www/html/webdev
state: link
force: yes
- name: creating file
file:
path: /webdev/index.html
sate: touch
- name: Adding content to index.html file
copy:
dest: /webdev/index.html
content: 'Development'
- name: add service to the firewall
firewalld:
service: http
permanent: yes
state: enabled
immediate: yes
- name: active http service
service:
name: httpd
state: restarted
enabled: yes
:wq
# ansible-playbook web.yml ---syntax-check
# ansible-playbook web.yml

Answer : A