2. Title: Control file access to users
Objective: Interpret the effects of files & directory permissions on access by users and
groups. Change the permissions and ownership of files with command-line tools.
i) Create users with the name Harry, Sarah, Natasha
ii) Create a group called Developers. And add user Harry & Natasha to a group
Developers.
iii) Now Create a collaborative directory called /Project/Development and add app1 &
app2 files inside the directory /Project/Development.
iv) Now change the group ownership of the /Project directory and all its sub-directories
to Developers.
v) Now assign rwx permission to user/owner, rw permission to group owner, no
permission to others for /Project directory & and all it contents.
vi) The user Natasha should able to read, write & execute the files inside the
/Project/Development directory using sudo access.
Outcomes: Create a collaborative directory that all members of a group can access.
Project 1
3. Title: Manage Default Permission
Objective: Control the default permissions of user-created files & directories.
i) Create an user account with the name Potter and set password as RedHat.
ii) Now configure the user setting accordingly,
1) If the user creates any file that should have a default permission rw--r-----
2) If the user creates any directory it should have a default permission as drwxr-
x---
iii) Make sure that the configuration were made persistently !!
Outcomes: Adjust default permissions using umask for users.
Project 2
4. Title: Working with Special Permission in Linux
Objective: Special permissions are a fourth permission type in addition to the user,
group, and other types. As the name implies, special permissions provide additional
access-related features beyond what the basic permission types allow.
i) Create the following users John, Khan, Mohamed and group them together using the
group Sales.
ii) Now create a directory called /project. And change the group ownership of the
directory of to Sales.
iii) Now assign the special permission to the directory so that the files create should
have the group ownership to Sales.
iv) Now make sure that all files created or Stored under the directory should able to
edit or delete only by the owner.
v) Now assign the special permission to useradd command so that all users can able to
execute useradd command.
Outcomes: Create a shared directory where the Sales group automatically owns new
files. Manage special permissions to gain special access.
Project 3
5. Title: Configure SELinux Ports to Manage Custom Ports
Objective: Manage the SELinux policy rules that determine the default port for Linux
services with the semanage port command, and apply the custom ports defined by the
SELinux policy to services.
i) As a administrator, your task is to secure the organization.
ii) So your task is to configure the SSHD service to run in non-standard port 9091.
iii) Also you need to configure the SELinux to allow the sshd to access the port 9091.
iv) Then configure the firewall to allow the port 9091
Outcomes: Gain experience with SELinux port troubleshooting
Project 4
6. Title: Performance Tuning
Objective: Optimize system performance by selecting a tuning profile that the tuned
daemon manages.
i) Install tuned daemon package by software installation commands.
ii) Then optimize the system to better provide performance by setting up the
recommend tuned profile.
iii) Now create a script and execute using following information,
iv) Then verify the process which consume more CPU, Memory, Disk usage and kill that
process with the help of TOP monitor.
Outcomes: Manage process management in Real-time.
Project 5