RHCSA (8): Offering Administrative Utilities

Alphabetical List of the Abbreviations used in this article:

ACL = Access Control List
CPU = Central Processing Unit
DNS = Domain Name System
DHCP = Dynamic Host Configuration Protocol
FTP = File Transfer Protocol
HTTP = Hypertext Transfer Protocol
IP = Internet Protocol
LLM = Large Language Model
MAC = Mandatory Access Control
OSI = Open Systems Interconnection
PAM = Pluggable Authentication Module
RHCSA = Red Hat Certified System Administrator
SELinux = Security-Enhanced Linux
SSH = Secure Shell
TCP/IP = Transmission Control Protocol/Internet Protocol
VLAN = Virtual Local Area Network

How I Used Reference 1 in This Article:

Reference 1 cited many features that make up GNU/Linux and other computer operating systems. The seventh of these features is "offering administrative utilities". This seventh feature will be the 100% focus of this article.

Executive Summary

As a Red Hat Certified System Administrator, it is expected that one has a thorough and in-depth understanding of administrative utilities in the Red Hat Enterprise Linux environment. This includes a comprehensive knowledge of user and group management, where one can create, modify, and delete users and groups using various commands such as useradd, passwd, usermod, groupadd, and groupmod. Understanding the difference between system users, such as root, and regular users is also crucial, as well as knowing how to manage user accounts, including setting passwords, assigning shells, and configuring user-specific settings. Additionally, managing file permissions and ownership is vital, including the use of commands such as chmod and chown, as well as understanding concepts like umask, sticky bits, and SELinux contexts, including how to set them using tools like chcon or by editing the SELinux policy.

Effective system administration also requires a deep understanding of system services management, including the use of the system's service manager, which may include tools like systemd or SysVinit. This includes knowing how to start, stop, enable, and disable services, as well as understanding how to create and manage service files, including writing and managing init scripts and using the service command to manage services. Furthermore, package management is a critical aspect of system administration, where one can install, update, and remove software packages using tools like yum or dnf, and manage package repositories, including configuring new repositories, disabling or updating existing ones, and understanding how to use package managers to resolve dependencies and conflicts.

Basic system monitoring skills are also essential, including the use of tools like top, htop, vmstat, and iostat to monitor system performance, as well as understanding how to use system logs to troubleshoot issues and identify system problems. This includes knowing how to configure logging settings, including log rotation and log retention, and how to use tools like journalctl to manage and analyze system logs. Moreover, understanding how to use system monitoring tools to identify performance bottlenecks, such as CPU, memory, and disk usage, is critical, as well as knowing how to use tools like sar and sysstat to collect and analyze system performance data.

Other important aspects of system administration include backup and recovery, where one should have a comprehensive understanding of backups, including the use of tools like rsync, dump, and restore, as well as knowledge of disaster recovery strategies and procedures, including understanding how to create and manage backups, and how to restore systems from backups in case of a disaster. Networking knowledge is also vital, including understanding IP addresses, subnet masks, DNS, firewalls, and network interfaces, as well as familiarity with tools like ifconfig, ip, and netstat, and understanding how to configure network settings, including network interfaces, routing tables, and firewalls. Additionally, understanding how to configure and manage network services, such as DHCP, DNS, and HTTP, is critical, as well as knowing how to use tools like ssh and scp to securely access and manage remote systems.

Finally, basic security principles such as least privilege, defense in depth, and the principle of least surprise should be thoroughly understood, and one should be able to implement firewall rules using tools like Firewalld or iptables, and understand how to configure SSH for secure remote access, including understanding how to use public key authentication, and how to configure SSH to use secure protocols and ciphers. Understanding how to use tools like selinux to enforce mandatory access control, and how to use auditing tools to monitor and analyze system activity, is also essential, as well as knowing how to use security tools like openscap to scan and remediate security vulnerabilities. Overall, a Red Hat Certified System Administrator should have a broad and deep understanding of the administrative utilities and tools used in the Red Hat Enterprise Linux environment, and be able to apply this knowledge to manage and maintain secure, efficient, and reliable systems.

Credits

The folllowing research assistants were invaluable tools that allowed me to complete this article in a timely manner: Mistral (an open-source local large language model - LLM) and HuggingChat (an online portal to about a dozen open source LLMs).

User and Group Management in GNU/Linux

A Red Hat Certified System Administrator should have a thorough understanding of user and group management in GNU/Linux, including the ability to create, modify, and delete users and groups using commands such as `useradd`, `passwd`, `usermod`, `groupadd`, and `groupmod`. This includes understanding the difference between system users, such as root, and regular users, as well as knowing how to manage user accounts, including setting passwords, assigning shells, and configuring user-specific settings. Additionally, understanding the concept of user IDs and group IDs, and how they are used to identify users and groups, is essential.

Understanding the `/etc/passwd` and `/etc/group` files, which store user and group information, is also crucial for an RHCSA. This includes knowing the format of these files, and how to modify them using commands such as `useradd` and `groupadd`. Furthermore, understanding the concept of secondary groups, and how to add and remove users from secondary groups using the `usermod` command, is important. An RHCSA should also be familiar with the `id` command, which can be used to display user and group information, including user IDs, group IDs, and secondary groups.

In addition to creating and managing users and groups, an RHCSA should also understand how to configure user and group settings, such as passwords, shells, and home directories. This includes understanding the `chsh` command, which can be used to change a user's shell, and the `chfn` command, which can be used to change a user's finger information. An RHCSA should also be familiar with the `passwd` command, which can be used to change a user's password, and the `chage` command, which can be used to change a user's password expiration settings.

An RHCSA should also understand the concept of group permissions, and how to use the `chgrp` command to change the group ownership of a file or directory. Understanding the `newgrp` command, which can be used to change a user's primary group, is also important. Furthermore, an RHCSA should be familiar with the `groups` command, which can be used to display a user's primary and secondary groups. Understanding how to use the `getent` command to retrieve user and group information from the `/etc/passwd` and `/etc/group` files is also essential.

In a real-world scenario, an RHCSA may need to manage users and groups in a variety of contexts, such as creating new user accounts for employees, modifying existing user accounts to reflect changes in job responsibilities, or deleting user accounts for employees who have left the company. An RHCSA should be able to perform these tasks efficiently and effectively, using the commands and techniques described above. Additionally, an RHCSA should be able to troubleshoot common user and group management issues, such as password problems or permission errors, and take corrective action to resolve these issues. By having a thorough understanding of user and group management in GNU/Linux, an RHCSA can play a critical role in maintaining the security and integrity of a Linux system.

System Services Management in GNU/Linux

A Red Hat Certified System Administrator should have a thorough understanding of system services management in GNU/Linux, including the ability to start, stop, and restart system services using commands such as `systemctl` and `service`. This includes understanding the concept of system services, which are programs that run in the background and provide various functions, such as networking, printing, and file sharing. An RHCSA should be familiar with the different types of system services, including system services that start at boot time, system services that start on demand, and system services that run continuously in the background.

Understanding the system service manager, which is responsible for starting, stopping, and restarting system services, is also crucial for an RHCSA. In GNU/Linux, the system service manager is typically `systemd`, which provides a powerful and flexible way to manage system services. An RHCSA should be familiar with the `systemctl` command, which is used to manage system services, including starting, stopping, and restarting services, as well as enabling and disabling services to start at boot time. Additionally, an RHCSA should understand the concept of service units, which are configuration files that define the properties of a system service, including the command to start the service, the user and group to run the service as, and the dependencies required by the service.

In addition to managing system services, an RHCSA should also understand how to configure system services to start at boot time, which is typically done by enabling the service using the `systemctl enable` command. An RHCSA should also be familiar with the `systemctl status` command, which can be used to display the status of a system service, including whether the service is running, stopped, or failed. Furthermore, an RHCSA should understand how to use the `systemctl` command to manage system services in a targeted manner, such as starting or stopping a specific service, or restarting all system services.

An RHCSA should also be familiar with the concept of dependencies, which are used to specify the order in which system services are started. This includes understanding how to use the `After` and `Before` directives in service units to specify dependencies, as well as how to use the `Requires` and `Wants` directives to specify dependencies that are required or desired. Additionally, an RHCSA should understand how to use the `systemctl list-dependencies` command to display the dependencies of a system service.

In a real-world scenario, an RHCSA may need to manage system services in a variety of contexts, such as starting or stopping services to perform maintenance, configuring services to start at boot time, or troubleshooting service failures. An RHCSA should be able to perform these tasks efficiently and effectively, using the commands and techniques described above. By having a thorough understanding of system services management in GNU/Linux, an RHCSA can play a critical role in maintaining the stability and security of a Linux system. This includes understanding how to use system services to provide various functions, such as networking, printing, and file sharing, as well as how to manage system services to ensure that they are running efficiently and securely.

System Monitoring in GNU/Linux

A Red Hat Certified System Administrator should have a thorough understanding of system monitoring in GNU/Linux, including the ability to monitor system resources, such as CPU, memory, and disk usage, as well as network and file system activity. This includes understanding the various tools and commands used to monitor system performance, such as `top`, `htop`, `vmstat`, and `iostat`. An RHCSA should be familiar with the `top` command, which displays real-time information about running processes, including CPU and memory usage, as well as the `htop` command, which provides a more detailed and interactive view of system processes.

Understanding the `vmstat` command, which displays information about virtual memory, disk, and CPU usage, is also crucial for an RHCSA. This includes understanding the different fields displayed by `vmstat`, such as the number of processes waiting for CPU time, the amount of free memory, and the number of disk reads and writes. Additionally, an RHCSA should be familiar with the `iostat` command, which displays information about disk I/O activity, including the number of reads and writes, the amount of data transferred, and the average wait time for disk I/O operations.

In addition to monitoring system resources, an RHCSA should also understand how to monitor system logs, which provide valuable information about system events, errors, and warnings. This includes understanding the `syslog` system, which collects and stores log messages from various system services, as well as the `journalctl` command, which displays log messages from the systemd journal. An RHCSA should be familiar with the different log levels, such as `debug`, `info`, `warning`, and `error`, and understand how to filter log messages based on log level, facility, and priority.

An RHCSA should also be familiar with the `sar` command, which collects and displays system activity information, including CPU, memory, and disk usage, as well as network and file system activity. This includes understanding the different options and flags used with `sar`, such as `-u` for CPU usage, `-r` for memory usage, and `-d` for disk usage. Additionally, an RHCSA should understand how to use the `sysstat` package, which provides a set of tools for monitoring system performance, including `sar`, `iostat`, and `vmstat`.

In a real-world scenario, an RHCSA may need to monitor system performance to troubleshoot issues, optimize system resources, or identify trends and patterns in system activity. An RHCSA should be able to use the tools and commands described above to monitor system performance, identify bottlenecks and areas for improvement, and take corrective action to optimize system resources. By having a thorough understanding of system monitoring in GNU/Linux, an RHCSA can play a critical role in maintaining the stability, security, and performance of a Linux system.

Furthermore, an RHCSA should also understand how to use monitoring tools to identify and troubleshoot common system issues, such as high CPU usage, memory leaks, and disk I/O bottlenecks. This includes understanding how to use tools like `strace` and `lsof` to analyze system calls and open files, as well as how to use tools like `tcpdump` and `netstat` to analyze network traffic and socket activity. By having a thorough understanding of system monitoring and troubleshooting tools, an RHCSA can quickly and effectively identify and resolve system issues, minimizing downtime and optimizing system performance.

Backup and Recovery in GNU/Linux

A Red Hat Certified System Administrator should have a thorough understanding of backup and recovery in GNU/Linux, including the ability to create and manage backups of critical system data, as well as restore systems from backups in the event of a disaster. This includes understanding the different types of backups, such as full, incremental, and differential backups, as well as the tools and commands used to create and manage backups, such as `tar`, `dump`, and `rsync`. An RHCSA should be familiar with the `tar` command, which is used to create and extract archives of files and directories, as well as the `dump` command, which is used to create backups of entire file systems.

Understanding the `rsync` command, which is used to synchronize files and directories between systems, is also crucial for an RHCSA. This includes understanding the different options and flags used with `rsync`, such as `-a` for archive mode, `-v` for verbose mode, and `-z` for compression. Additionally, an RHCSA should be familiar with the `cp` and `scp` commands, which are used to copy files and directories between systems, as well as the `mv` command, which is used to move or rename files and directories.

In addition to creating and managing backups, an RHCSA should also understand how to restore systems from backups, including how to use the `tar` and `dump` commands to extract and restore backed-up data. This includes understanding the different options and flags used with these commands, such as `-x` for extract mode and `-r` for restore mode. An RHCSA should also be familiar with the `restore` command, which is used to restore backups created with the `dump` command.

An RHCSA should also understand the importance of backup scheduling and automation, including how to use tools like `cron` and `anacron` to schedule backups to run automatically at regular intervals. This includes understanding how to create and manage cron jobs, as well as how to use anacron to run jobs that were missed due to system downtime. Additionally, an RHCSA should be familiar with the concept of backup rotation, including how to use tools like `tape` and `disk` to rotate backups between different media and locations.

In a real-world scenario, an RHCSA may need to create and manage backups of critical system data, such as configuration files, user data, and database files. An RHCSA should be able to use the tools and commands described above to create and manage backups, as well as restore systems from backups in the event of a disaster. By having a thorough understanding of backup and recovery in GNU/Linux, an RHCSA can play a critical role in maintaining the integrity and availability of critical system data.

Furthermore, an RHCSA should also understand the importance of testing and verifying backups, including how to use tools like `md5sum` and `sha256sum` to verify the integrity of backed-up data. This includes understanding how to create and manage checksums, as well as how to use these checksums to verify the integrity of backed-up data. By having a thorough understanding of backup and recovery in GNU/Linux, an RHCSA can ensure that critical system data is properly backed up and can be restored in the event of a disaster, minimizing downtime and data loss.

Networking in GNU/Linux

A Red Hat Certified System Administrator should have a thorough understanding of networking in GNU/Linux, including the ability to configure and manage network interfaces, protocols, and services. This includes understanding the different types of network interfaces, such as Ethernet, Wi-Fi, and VLANs, as well as the tools and commands used to configure and manage these interfaces, such as `ip`, `ifconfig`, and `nmcli`. An RHCSA should be familiar with the `ip` command, which is used to manage IP addresses, routes, and tunnels, as well as the `ifconfig` command, which is used to configure and manage network interfaces.

Understanding the concept of network protocols, including TCP/IP, DNS, DHCP, and HTTP, is also crucial for an RHCSA. This includes understanding the different layers of the OSI model, as well as the role of each protocol in the networking stack. An RHCSA should be familiar with the `tcpdump` command, which is used to capture and analyze network traffic, as well as the `netstat` command, which is used to display network statistics and connections.

In addition to configuring and managing network interfaces and protocols, an RHCSA should also understand how to configure and manage network services, such as SSH, FTP, and HTTP. This includes understanding the different configuration files and options used to manage these services, such as `/etc/ssh/sshd_config` and `/etc/httpd/conf/httpd.conf`. An RHCSA should be familiar with the `sshd` and `httpd` commands, which are used to manage the SSH and HTTP services, respectively.

An RHCSA should also understand the importance of network security, including how to configure firewalls, such as `iptables` and `firewalld`, to control incoming and outgoing network traffic. This includes understanding the different types of firewall rules, such as input, output, and forward rules, as well as how to use tools like `iptables` and `firewalld` to manage these rules. Additionally, an RHCSA should be familiar with the concept of network segmentation, including how to use VLANs and subnets to isolate network traffic and improve security.

In a real-world scenario, an RHCSA may need to configure and manage network interfaces, protocols, and services to support a variety of applications and services, such as web servers, email servers, and file servers. An RHCSA should be able to use the tools and commands described above to configure and manage network interfaces, protocols, and services, as well as troubleshoot common network issues, such as connectivity problems and performance issues. By having a thorough understanding of networking in GNU/Linux, an RHCSA can play a critical role in maintaining the security, availability, and performance of networked systems.

Furthermore, an RHCSA should also understand the importance of network troubleshooting, including how to use tools like `ping`, `traceroute`, and `mtr` to diagnose and resolve network connectivity issues. This includes understanding how to use these tools to identify network problems, such as packet loss and latency, as well as how to use other tools, such as `tcpdump` and `wireshark`, to analyze network traffic and identify the root cause of network issues. By having a thorough understanding of networking in GNU/Linux, an RHCSA can quickly and effectively troubleshoot and resolve network issues, minimizing downtime and improving network performance.

Security Principles in GNU/Linux

A Red Hat Certified System Administrator should have a thorough understanding of security principles in GNU/Linux, including the ability to configure and manage system security, as well as implement best practices to prevent unauthorized access and protect sensitive data. This includes understanding the concept of least privilege, which dictates that users and processes should only have the necessary permissions and access to perform their tasks, as well as the principle of separation of duties, which dictates that sensitive tasks and data should be isolated and protected from unauthorized access.

Understanding the different types of security threats, including malware, viruses, and unauthorized access, is also crucial for an RHCSA. This includes understanding the different types of attacks, such as phishing, social engineering, and denial-of-service attacks, as well as the tools and techniques used to prevent and mitigate these threats. An RHCSA should be familiar with the `selinux` command, which is used to manage and configure SELinux policies, as well as the `iptables` command, which is used to configure and manage firewall rules.

In addition to understanding security principles and threats, an RHCSA should also be familiar with the different security tools and utilities available in GNU/Linux, including `openssl`, `openssh`, and `gnupg`. This includes understanding how to use these tools to encrypt and decrypt data, as well as how to use them to authenticate and authorize users and processes. An RHCSA should also be familiar with the concept of access control lists (ACLs), which are used to control access to files and directories, as well as the concept of mandatory access control (MAC), which is used to enforce security policies and restrict access to sensitive data.

An RHCSA should also understand the importance of password security, including how to configure and manage password policies, such as password expiration and password strength. This includes understanding how to use tools like `passwd` and `chpasswd` to manage passwords, as well as how to use tools like `pam` to configure and manage password authentication. Additionally, an RHCSA should be familiar with the concept of multi-factor authentication, which is used to provide an additional layer of security and prevent unauthorized access.

In a real-world scenario, an RHCSA may need to configure and manage system security to protect sensitive data and prevent unauthorized access. An RHCSA should be able to use the tools and commands described above to configure and manage system security, as well as implement best practices to prevent security breaches and protect sensitive data. By having a thorough understanding of security principles in GNU/Linux, an RHCSA can play a critical role in maintaining the security and integrity of GNU/Linux systems.

Furthermore, an RHCSA should also understand the importance of security auditing and compliance, including how to use tools like `auditd` and `aureport` to monitor and analyze system activity, as well as how to use tools like `openscap` to scan and remediate security vulnerabilities. This includes understanding how to use these tools to identify and mitigate security risks, as well as how to use them to demonstrate compliance with security regulations and standards. By having a thorough understanding of security principles in GNU/Linux, an RHCSA can ensure that GNU/Linux systems are secure, compliant, and meet the necessary security standards and regulations.

Conclusions

This concludes Article 8 of my RHCSA series. We discussed many aspects of offering administrative utilities on GNU/Linux computer systems:

  • A Red Hat Certified System Administrator should have a thorough understanding of user and group management in GNU/Linux, including the ability to create, modify, and delete users and groups using commands such as `useradd`, `passwd`, `usermod`, `groupadd`, and `groupmod`. 
  • A Red Hat Certified System Administrator should have a thorough understanding of system services management in GNU/Linux, including the ability to start, stop, and restart system services using commands such as `systemctl` and `service`.
  • A Red Hat Certified System Administrator should have a thorough understanding of system monitoring in GNU/Linux, including the ability to monitor system resources, such as CPU, memory, and disk usage, as well as network and file system activity.
  • A Red Hat Certified System Administrator should have a thorough understanding of backup and recovery in GNU/Linux, including the ability to create and manage backups of critical system data, as well as restore systems from backups in the event of a disaster. This includes understanding the different types of backups, such as full, incremental, and differential backups, as well as the tools and commands used to create and manage backups, such as `tar`, `dump`, and `rsync`.
  • A Red Hat Certified System Administrator should have a thorough understanding of networking in GNU/Linux, including the ability to configure and manage network interfaces, protocols, and services.
  • A Red Hat Certified System Administrator should have a thorough understanding of security principles in GNU/Linux, including the ability to configure and manage system security, as well as implement best practices to prevent unauthorized access and protect sensitive data.

References:

[1] 2020 - Lecture - CSCI 275: Linux Systems Administration and Security - Moe Hassan - CUNY John Jay College - NYC Tech-in-Residence Corps. Retrieved June 26, 2025 from https://academicworks.cuny.edu/cgi/viewcontent.cgi?article=1053&context=jj_oers

You should also read: