Set up a RHCE exam private server

I used to assign a private server to the rhct Model Tester. Haha, that's good. Now I have taken the CE test again. In fact, it is almost the same. I have already completed the configuration. Now I have time to summarize it.

A few days ago, I tried to copy the private server with Chong GE. It was too big. No copies.

In fact, the most important thing in the server is DHCP, DNS and an NIS server. Nothing else. It's quite simple to just meet functional requirements. I just need to configure it.

DHCP:

Copy example. The/etc/DHCPD. conf file has been directly built, and there is nothing in it.

Ddns-update-style interim;
Ignore client-updates;

Subnet 172.24.0.0 netmask 255.255.255.0.0 {

# --- Default Gateway
Option routers 172.24.254.254;
# Option subnet-mask 255.255.0.0;
#
# Option Nis-domain "domain.org ";
Option domain-name "example.com ";
Option domain-name-servers 172.24.254.254;
#
Option time-offset-18000; # Eastern Standard Time
# Option NTP-servers 192.168.1.1;
# Option NetBIOS-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- You understand NetBIOS very well
# Option netbios-node-type 2;
#
Range dynamic-bootp 172.24.254.18 172.24.254.254;
Default-lease-time 21600;
Max-lease-time 43200;

# We want the nameserver to appear at a fixed address
Host station18 {
Hardware ethernet 00: 0C: 29: C0: E8: 9E;
# This is a mac I have bound.
Fixed-address 172.24.254.18;
Option host-name "station18 ";
}
}

It's done.

DNS:

Copy named. conf. A comment

//
// Sample named. conf bind dns server 'named' configuration file
// For the Red Hat BIND distribution.
//
// See the BIND Administrator's Reference Manual (ARM) for details, in:
// File: // usr/share/doc/bind-*/arm/Bv9ARM.html
// Also see the BIND Configuration GUI:/usr/bin/system-config-bind and
// Its manual.
//
Options
{
/* Make named use port 53 for the source of all queries, to allow
* Firewallto block all ports before t 53:
*/
Query-source port 53;
Query-source-v6 port 53;

// Put files that named is allowed to write in the data/directory:
Directory "/var/named"; // the default
Dump-file "data/cache_dump.db ";
Statistics-file "data/named_stats.txt ";
Memstatistics-file "data/named_mem_stats.txt ";

};
Zone "example.com "{
Type master;
File "example.com ";
};
Logging
{
/* If you want to enable debugging, eg. using the 'rndc track' command,
* Named will try to write the 'named. run' file in the $ directory (/var/named ).
* By default, SELinux policy does not allow named to modify the/var/named directory,
* So put the default debug log file in data /:
*/
Channel default_debug {
File "data/named. run ";
Severity dynamic;
};
};
//
// All BIND 9 zones are in a "view", which allow different zones to be served
// To different types of client addresses, and for options to be set for groups
// Of zones.
//
// By default, if named. conf contains no "view" clses, all zones are in
// "Default" view, which matches all clients.
//
// If named. conf contains any "view" clause, then all zones MUST be in a view;
// So it is recommended to start off using views to avoid having to restructure
// Your configuration files in the future.
//
// View "localhost_resolver"
//{
/* This view sets up named to be a localhost resolver (caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view:
*/
// Match-clients {localhost ;};
// Match-destinations {localhost ;};
// Recursion yes;
# All views must contain the root hints zone:
// Include "/etc/named. root. hints ";

/* These are zones that contain definitions for all the localhost
* Names and addresses, as recommended in RFC1912-these names shold
* ONLY be served to localhost clients:
*/
// Include "/etc/named. rfc1912.zones ";
//};
// View "internal"
//{
/* This view will contain zones you want to serve only to "internal" clients
That connect via your directly attached LAN interfaces-"localnets ".
*/
// Match-clients {localnets ;};
// Match-destinations {localnets ;};
// Recursion yes;
// All views must contain the root hints zone:
// Include "/etc/named. root. hints ";

// Include "named. rfc1912.zones ";
// You shoshould not serve your rfc1912 names to non-localhost clients.

// These are your "authoritative" internal zones, and wowould probably
// Also be encoded in the "localhost_resolver" view above:

// Zone "my. internal. zone "{
// Type master;
// File "my. internal. zone. db ";
//};
// Zone "my. slave. internal. zone "{
// Type slave;
// File "slaves/my. slave. internal. zone. db ";
// Masters {/* put master nameserver IPs here */127.0.0.1 ;};
// Put slave zones in the slaves/directory so named can update them
//};
// Zone "my. ddns. internal. zone "{
// Type master;
// Allow-update {key ddns_key ;};
// File "slaves/my. ddns. internal. zone. db ";
// Put dynamically updateable zones in the slaves/directory so named can update them
//};
//};
// Key ddns_key
//{
// Algorithm hmac-md5;
// Secret "use/usr/sbin/dns-keygen to generate TSIG keys ";
//};
// View "external"
//{
/* This view will contain zones you want to serve only to "external" clients
* That have addresses that are not on your directly attached LAN interface subnets:
*/
// Match-clients {! Localnets ;! Localhost ;};
// Match-destinations {! Localnets ;! Localhost ;};

// Recursion no;
// You 'd probably want to deny recursion to external clients, so you don't
// End up providing free DNS service to all takers

// All views must contain the root hints zone:
// Include "/etc/named. root. hints ";

// These are your "authoritative" external zones, and wowould probably
// Contain entries for just your web and mail servers:

// Zone "my. external. zone "{
// Type master;
// File "my. external. zone. db ";
//};
//};

Configure another zone file example.com

$ TTL 86400
@ In soa @ root. ns (
42;
3 H;
15 M;
1 W;
1D );
In ns ns
Ns in a 172.24.254.254
Server1 in a 172.24.254.254
Station18 in a 172.24.254.18
Www18 in cname station18

NIS:

# Useradd-d/rhome/station18/nisuser18
# Vi/etc/passwd

Change/rhome/staion18/nisuser18 to/rhome/nisuser18 (this step aims to enable the client autofs time to display the home directory)

# Vi/etc/ypserv. conf

Remove the comment from the last line.

All right, let alone anything else. Let's simply talk about the power outage today. I believe that students with basic knowledge can understand what is important and worth attention.