Chapter 2

advertisement
SUSE Linux Enterprise Server Administration (Course 3037)
2-1
SUSE Linux Enterprise Server Administration (Course 3037)
1-4188-3731-8
Chapter 2 Answers
Review Questions
1. What command could you use to view your primary UID and GID? _____
ANSWER: id
2. Which of the following field are stored in the /etc/passwd file? (Choose all that apply.)
a. UID
b. Comments
c. Home directory
d. Standard shell
ANSWER: a,b,c,d
3. What is the default group scheme used in SLES? _____
ANSWER: Public scheme
4. Which UIDs are used for special system users?
a. 0-99
b. 100-499
c. 500-999
d. 1000-4999
ANSWER: b
5. You have added information to the /etc/passwd file. What command can be used to
create the appropriate lines in /etc/shadow? _____
ANSWER: pwconv
6. Which of the following files could you edit to create groups and add members to those
groups?
a. /etc/passwd
b. /etc/shadow
c. /etc/groups
d. /etc/group
ANSWER: c
SUSE Linux Enterprise Server Administration (Course 3037)
2-2
7. Which of the following files are used to obtain default user account settings when you
create a user with the useradd command? (Choose all that apply.)
a. /etc/default/useradd
b. /etc/skel
c. /etc/login.defs
d. /etc/useradd.default
ANSWER: a,c
8. Which command can be used to change the UID of the user dgrant to 1601? _____
ANSWER: usermod –u 1601 dgrant
9. What two commands below can be used to create the group research and add the user
dgrant to it?
a. groupmod –A dgrant research
b. groupadd –p research
c. groupadd research
d. groupmod –A research dgrant
ANSWER: a,c
10. Which of the following files contain login messages? (Choose all that apply).
a. /etc/issue
b. /etc/login.defs
c. /etc/login
d. /etc/motd
ANSWER: a,d
11. Which of the following lines in /etc/sudoers will give the user bob the right to run the
useradd command on all computers?
a. bob /sbin/useradd = all
b. /sbin/useradd all = bob
c. bob all = /sbin/useradd
d. /sbin/useradd bob = all
ANSWER: c
12. Which YaST security level is recommended for a network server?
a. Level 1
b. Level 2
c. Level 3
d. Level 4
ANSWER: c
13. What would you type at a command prompt to execute a program called prog1 in your
current directory if the current directory is not in your path statement? _____
SUSE Linux Enterprise Server Administration (Course 3037)
2-3
ANSWER: ./prog1
14. Which of the following directory permissions gives the owner the ability to list the
contents of the directory? (Choose all that apply).
a. rw-r-x-r-x
b. rw-r--r-x
c. r--rw-r-x
d. -w-rw-r-x
ANSWER: a,b,c
15. What command could you use change the owner to dgrant and the group owner to
research for the file /etc/config? _____
ANSWER: chown dgrant.research /etc/config
16. What command could you use change the permissions on the file /etc/config to rw-rw-r-using octal notation? _____
ANSWER: chmod 664 /etc/config
17. What permissions does the system give to new files and directories by default prior to
applying the umask?
a. Files receive 666 and directories receive 666
b. Files receive 666 and directories receive 777
c. Files receive 777 and directories receive 666
d. Files receive 777 and directories receive 777
ANSWER: b
18. What will the permission be on a new directory if the umask is set to 027? _____
ANSWER: 640 (rw-r-----)
19. Which of the following commands will set the Sticky bit special permission on the
directory /public?
a. chmod 1777 /public
b. chmod 2777 /public
c. chmod 4777 /public
d. chmod 7777 /public
ANSWER: a
20. What command will set the immutable attribute on the file /etc/config? _____
ANSWER: chattr +i /etc/config
21. What the four possible fields in a PAM configuration file?
SUSE Linux Enterprise Server Administration (Course 3037)
2-4
a. Session type, Control flag, Debug mode, Arguments
b. PAM control, Module, Arguments, Restrictions
c. Password, Module, Restrictions, Arguments
d. Module type, Control flag, Module, Arguments
ANSWER: d
22. Which of the following are good security practices? (Choose all that apply.)
a. Assigning only necessary filesystem permissions
b. Using passwords that are 4 characters long or longer
c. Disabling unused network services
d. Updating network software
ANSWER: a,c,d
23. What command can you use to display failed logins _____
ANSWER: faillog
Discovery Exercises
Using the Skeleton Directory
The contents of /etc/skel and /home/bozo should be identical.
Deleting Users
When a user is delete, the UID becomes the owner of any files or directories on the hard disk.
When a new user is added with the same UID, they inherit the ownership of these files and
directories. This can be useful when a new user replaces a user that has left the organization. If
the new user is given the same UID as the old user, the new user can manage all the data files in
the old user’s home directory, copy what they need to their own home directory and remove what
they don’t need.
Setting File Ownership and Permissions
a. umask 222
b. mkdir /public
chmod 1777 /public
c. touch /public/test
chown geeko.sys /public/test
chmod 640 /public/test
d. chattr +a /public/test
SUSE Linux Enterprise Server Administration (Course 3037)
Researching PAM Modules
Not available – answers may vary.
2-5
Download