RHCE Certification Articles (continued)…

I mentioned in my previous post on this subject that I had 5 more objectives yet to cover. The articles for those objectives have now been added to the website.

That completes the set!

The articles for both exams are available here. I also have a page listing the objectives for both exams, with links to each of my articles that cover them.

Now I just have to find the time to prepare for and sit the exams… πŸ™‚

Cheers

Tim…

Linux Firewall and SELinux (RHCSA)…

I’ve put the last two articles in the RHSCA certification series live.

These took a little bit of time because I was in denial (and ill for a couple of weeks). When I put the previous batch of articles live, I mentioned these objectives were the ones I knew least about. That’s mostly because my standard operating procedure for Oracle servers is to disable SELinux and turn off the firewall. I reached out to the OakTable to see what Oracle do on their engineered solutions (Exadata and ODA) and it seems the answer depends on which part of the solution you are discussing (RAC nodes or storage cells) and the age/patch level of the kit software you have.

In the early releases it was very much SELinux and firewall disabled. Later release have SELinux in permissive mode on some components and the firewall enabled on some components.

Running SELinux in permissive mode seems a bit pointless to me, unless you are investigating what policies need to be changed in order to switch to enforcing it at a later date. I’m still not convinced about the relevance of SELinux for a database server at this point, but my opinion may change as I get more familiar with it. It is quite literally an uneducated opinion at this point. πŸ™‚

Now I’ve completed the revision notes for the RHCSA exam I guess I should think about taking the exam.Β I’ve just checked the Red Hat website and the earliest I could sit the exam in Birmingham is July. Unfortunately I’m out of the country for much of July, so it would appear the middle of August is probably going to be the first real opportunity. Most other cities have a couple of dates a month, but not here. Once again Birmingham proves itself to be at the arse-end of British I.T.Β πŸ™

Cheers

Tim…

Another batch of Linux articles (RHCSA)…

I’ve just put another batch of Linux articles live.

As before, they are focussing on the RHCSA exam objectives, so a lot of it is pretty basic information.

The Firewall and SELinux objectives are the only ones left now. These two objectives were the main reasons I decided to start this process. I left them until last because I figured if I started with them, I might never get round to doing the other articles. πŸ™‚

As far as the Linux firewall goes, if it can’t be done with the point and click GUI (or TUI), I don’t do it, so taking a look at iptables from the command line has been on my list for a very long time. The RHCSA objective suggests using the GUI/TUI interface should be sufficient, since it says, “using system-config-firewall or iptables”. In contrast, the RHCE objectives explicitly mention iptables, possibly suggesting tasks that may not be possible from the GUI? The question is, how much do I trust my own judgement on this matter? I would prefer go in to the RHCSA exam with too much information, rather than not enough, so I guess I’ll take a look at iptables from the command line before attempting the RHCSA exam.

I know even less about SELinux than I do about the firewall. For Oracle installations I typically disable it. πŸ™‚ So I guess this objective is going to be a magical mystery tour. πŸ™‚

If anyone has sat the RHCSA exam for RHEL6, I would be interested to hear your thoughts on the Firewall and SELinux objectives. I think I’ve got a pretty good handle on the other objectives, but I’m kinda shooting in the dark with these two. It would be a shame to waste Β£400 on a failed exam. πŸ™‚

Cheers

Tim…