RHCSA preparation

Practice questions grouped by exam objective. Each question includes a scenario and solution.

Networking

Question 1: Configure a static network connection.

You have been provided a virtual box named serverX.example.com (X is your domain number). Password for the virtual machine is redhat123.

  • serverX.example.com has IP: 172.25.X.11/255.255.255.0

  • Gateway: 172.25.254.254

  • DNS domain: example.com with IP 172.25.254.254

$ hostname                          # check domain number to determine X
$ nmcli dev status                  # verify which device to configure
$ nmcli con add con-name lab \
    ifname eth0 type ethernet \
    ip4 172.25.X.11/24 \
    gw4 172.25.254.254
$ nmcli con mod lab ipv4.dns 172.25.254.254
$ nmcli con up lab

Alternatively, use the TUI:

$ nmtui

Users and groups

Question 2: Create users with specific group memberships.

Create a group sysadmins. Create users alice and bob, both members of sysadmins as a supplementary group. Set alice’s account to expire on 2026-12-31.

$ groupadd sysadmins
$ useradd -G sysadmins alice
$ useradd -G sysadmins bob
$ chage -E 2026-12-31 alice
$ chage -l alice                    # verify expiry date

Question 3: Set a user’s default shell and password policy.

Set bob’s default shell to /bin/zsh. Require bob to change his password every 90 days with a 7-day warning.

$ usermod -s /bin/zsh bob
$ chage -M 90 -W 7 bob
$ chage -l bob

Permissions and ACLs

Question 4: Configure group-shared directory with sticky bit.

Create /shared/engineering. The sysadmins group should own it. New files inside must inherit the group. Users should not be able to delete each other’s files.

$ mkdir -p /shared/engineering
$ chown :sysadmins /shared/engineering
$ chmod 2770 /shared/engineering    # setgid ensures group inheritance
$ chmod +t /shared/engineering      # sticky bit prevents deletion by others
$ ls -ld /shared/engineering        # verify: drwxrws--T

Question 5: Use ACLs to grant specific user access.

Grant user bob read-only access to /data/reports without changing the base permissions.

$ setfacl -m u:bob:rx /data/reports
$ getfacl /data/reports             # verify ACL entry

SELinux

Question 6: Fix a web server serving content from a non-default directory.

Apache is configured to serve from /custom/www but returns 403 Forbidden.

$ ls -Z /custom/www                 # check current context
$ semanage fcontext -a -t httpd_sys_content_t "/custom/www(/.*)?"
$ restorecon -Rv /custom/www
$ curl http://localhost               # verify it works

Question 7: Diagnose and fix an SELinux boolean issue.

httpd cannot connect to a database on another host.

$ sealert -a /var/log/audit/audit.log   # check for AVC denials
$ getsebool httpd_can_network_connect_db
$ setsebool -P httpd_can_network_connect_db on

Storage and LVM

Question 8: Create a logical volume and mount it persistently.

Create a 500M logical volume named data-lv in volume group data-vg using /dev/sdb. Format as XFS and mount at /mnt/data.

$ pvcreate /dev/sdb
$ vgcreate data-vg /dev/sdb
$ lvcreate -n data-lv -L 500M data-vg
$ mkfs.xfs /dev/data-vg/data-lv
$ mkdir /mnt/data
$ echo "/dev/data-vg/data-lv /mnt/data xfs defaults 0 0" >> /etc/fstab
$ mount -a
$ df -h /mnt/data                   # verify

Question 9: Extend a logical volume while mounted.

Grow data-lv by 200M.

$ lvextend -L +200M /dev/data-vg/data-lv
$ xfs_growfs /mnt/data              # XFS: grow the filesystem
$ df -h /mnt/data                   # verify new size

For ext4, use resize2fs /dev/data-vg/data-lv instead of xfs_growfs.

Scheduling tasks

Question 10: Schedule a recurring job with cron and a one-time job with at.

Run /usr/local/bin/cleanup.sh every weekday at 2:30 AM as root. Also schedule a one-time reboot at 23:00 tonight.

$ crontab -e
# add: 30 2 * * 1-5 /usr/local/bin/cleanup.sh

$ echo "systemctl reboot" | at 23:00

Containers (podman)

Question 11: Run a container as a systemd service using quadlets.

Run an nginx container publishing port 8080, configured to start on boot as a rootless user service.

$ mkdir -p ~/.config/containers/systemd
$ cat > ~/.config/containers/systemd/nginx.container << 'EOF'
[Unit]
Description=Nginx web server

[Container]
Image=docker.io/library/nginx
PublishPort=8080:80

[Service]
Restart=always

[Install]
WantedBy=default.target
EOF

$ systemctl --user daemon-reload
$ systemctl --user start nginx
$ systemctl --user enable nginx
$ curl http://localhost:8080

Troubleshooting boot

Question 12: Reset the root password from the boot loader.

1. Reboot and interrupt GRUB by pressing 'e'
2. Find the line starting with 'linux' and append: rd.break
3. Press Ctrl+X to boot
4. At the switch_root prompt:
$ mount -o remount,rw /sysroot
$ chroot /sysroot
$ passwd root
$ touch /.autorelabel              # required for SELinux
$ exit
$ exit                             # system reboots