RHCE Cheat Sheet: From Basics to Advanced

Published On: 4 February 2025

Objective

For Linux system administrators, the Red Hat Certified Engineer (RHCE) certification is a highly esteemed credential. To obtain this certification, one must have a firm grasp of a variety of Linux concepts and abilities. This cheat sheet covers everything from basic information to expert system management, giving you a quick reference to key commands and techniques. This guide will help you effectively navigate through the complexities of Linux administration, whether you're polishing your abilities or preparing for the exam. Let's get started!

Basics: Essential Linux Commands

File Management

ls: List directory contents
```
ls
ls -l   # Long listing format
ls -a   # Include hidden files
```
The ls command displays the contents of a directory. Options like -l and -a enhance the output to show detailed information or include hidden files.
cp: Copy files and directories
```
cp source_file target_file
cp -r source_dir target_dir
```
The cp command duplicates files or directories. Use the -r flag for recursive copying of directories.
mv: Move or rename files and directories
```
mv old_name new_name
```
The mv command renames a file or moves it to a different location.
rm: Remove files or directories
```
rm file
rm -r directory
```
The rm command deletes files or directories. Use -r for recursive deletion of directories.

Text Processing

cat: View file contents
```
cat file.txt
```
The cat command displays the content of a file. It can also concatenate multiple files.
grep: Search text in files
```
grep 'pattern' file.txt
```
The grep command searches for a specific pattern in a file and prints matching lines.
awk: Process and analyze text files
```
awk '/pattern/ {print $0}' file.txt
```
The awk tool scans files line by line, applies patterns, and performs specified actions, such as printing matched lines.
sed: Stream editor for text replacement
```
sed 's/old/new/g' file.txt
```
The sed command edits streams of text, replacing occurrences of a pattern with a new string.

User Management

useradd: Add a new user
```
useradd username
passwd username
```
The useradd command creates a new user. The passwd command sets or updates their password.
usermod: Modify user information
```
usermod -aG groupname username
```
The usermod command modifies a user’s properties, such as adding them to a group.
userdel: Delete a user
```
userdel -r username
```
The userdel command removes a user. Use the -r option to also delete their home directory.

Intermediate: Networking and Services

Networking Commands

ip: Display or manipulate IP addresses and routes
```
ip a
ip link set eth0 up
```
The ip command manages network interfaces, addresses, and routing tables.
ping: Test network connectivity
```
ping 8.8.8.8
```
The ping command sends ICMP packets to a host to verify connectivity and measure latency.
netstat: Display network connections
```
netstat -tuln
```
The netstat command lists active network connections and listening ports. Use the -tuln flags for a concise view.

SSH and Remote Access

ssh: Secure shell for remote login
```
ssh user@remote_host
```
The ssh command establishes a secure, encrypted connection to a remote machine.
scp: Securely copy files between systems
```
scp file user@remote_host:/path
```
The scp command transfers files between systems securely using SSH.

Firewalld Management

firewalld: Manage firewall rules
```
firewall-cmd --add-port=80/tcp --permanent
firewall-cmd --reload
```
The firewall-cmd utility configures and manages firewalld rules dynamically and persistently.
iptables: Legacy firewall management
```
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
```
The iptables command manages packet filtering rules for network traffic.

Advanced: System Administration

SELinux Management

semanage: Manage SELinux policies
```
semanage port -a -t http_port_t -p tcp 8080
```
The semanage command modifies SELinux settings, such as mapping services to ports.
getsebool / setsebool: Get or set SELinux booleans
```
getsebool httpd_can_network_connect
setsebool -P httpd_can_network_connect on
```
These commands retrieve or set SELinux boolean values that control specific policy behaviors.

Storage and File Systems

LVM Management:
```
pvcreate /dev/sdb
vgcreate vg_name /dev/sdb
lvcreate -L 10G -n lv_name vg_name
mkfs.ext4 /dev/vg_name/lv_name
mount /dev/vg_name/lv_name /mnt
```
Logical Volume Manager (LVM) commands create and manage physical volumes, volume groups, and logical volumes for flexible storage management.
df and du: Disk Usage
```
df -h    # Show disk space usage
du -sh * # Show size of files and directories
```
The df command reports file system disk space usage, while du calculates directory or file sizes.

System Performance

top / htop: Monitor Processes
```
top
htop
```
These commands display real-time system performance metrics, including CPU, memory, and processes.
free: Check Memory Usage
```
free -m
```
The free command shows memory usage, including free and used RAM and swap space.
iostat: Monitor I/O Performance
```
iostat -x 1
```
The iostat command provides statistics on CPU usage and input/output performance.

Automation with Ansible

Playbooks: Define Automation Tasks
```
- name: Install Apache
  hosts: webservers
  tasks:
- name: Install httpd
  yum:
  name: httpd
  state: present
```
Ansible playbooks are YAML files that define a series of automation tasks for system configuration and deployment.
Ad-hoc Commands: Quick One-liners
```
ansible all -m ping
ansible webservers -a "/bin/echo hello"
```
Ad-hoc commands allow you to execute tasks on managed nodes without creating a playbook.

System Logs and Monitoring

journalctl: Query System Logs
```
journalctl -u httpd.service
```
The journalctl command retrieves logs from the systemd journal, filtering by service or other criteria.
logrotate: Manage Log File Rotation
```
cat /etc/logrotate.conf
```
The logrotate utility automates the rotation, compression, and deletion of log files.

Intermediate: System and Network Management

Process Management:

ps: Display Information About Running Processes
```
ps aux     # List all processes with details
ps -ef     # Show full format listing of processes
```
The ps command displays information about running processes. It can be used to find resource-hogging processes or troubleshoot performance issues.
kill: Terminate Processes
```
kill        # Kill a process by its PID
kill -9     # Force kill a process
```
The kill command is used to terminate a process by its PID. Use -9 for a more forceful termination.
nice / renice: Adjust the Priority of a Process
```
nice -n 10 command  # Start a command with a lower priority
renice -n -5   # Change the priority of an existing process
```
The nice and renice commands change the priority of processes, helping to optimize system resource utilization.

Advanced: Networking and Security

Network Interface Management:

nmcli: Manage NetworkManager From the Command Line
```
nmcli connection show    # Show all network connections
nmcli connection up eth0 # Activate the network interface eth0
```
The nmcli tool interacts with NetworkManager to configure network connections, allowing you to manage both wired and wireless connections.

ip addr: Display and Manipulate IP Addresses

ip addr show    # Show IP address information for all interfaces
ip addr add 192.168.1.10/24 dev eth0  # Add an IP address to an interface

The ip addr command is used to view and configure network interface IP addresses.

Firewall Management (Advanced):

firewall-cmd: Manage Firewall Rules With firewalld
```
firewall-cmd --zone=public --add-service=http --permanent  # Allow HTTP in the public zone
firewall-cmd --reload    # Apply the changes
```
The firewall-cmd tool interacts with firewalld to configure and modify firewall rules dynamically.

iptables: Configure Legacy Firewall Rules

iptables -A INPUT -p tcp --dport 80 -j ACCEPT  # Allow HTTP traffic
iptables-save > /etc/iptables/rules.v4    # Save iptables configuration

The iptables tool provides low-level control over firewall rules for network traffic filtering.

Advanced: SELinux and Security

SELinux Management:
- getenforce / setenforce: Get and Set SELinux Mode
```
getenforce       # Show the current SELinux mode
setenforce 0     # Set SELinux to permissive mode
setenforce 1     # Set SELinux to enforcing mode
```
  getenforce shows the current SELinux mode, and setenforce changes the mode between enforcing and permissive.
- seinfo: Display Detailed SELinux Information
```
seinfo -s   # Show SELinux policy info
```
  The seinfo command helps to analyze the SELinux policy and provides detailed information on its settings.
- audit2allow: Generate SELinux Policy Module to Allow Actions
```
audit2allow -a   # Show potential rules based on audit logs
audit2allow -a -M custom_module   # Generate a custom module
```
  This command helps identify and allow denied actions by generating SELinux policy modules.

Advanced: Storage Management

RAID Management (mdadm):

mdadm --create /dev/md0 --raid-devices=2 --level=1 /dev/sda /dev/sdb   # Create a RAID 1 array
mdadm --stop /dev/md0    # Stop a RAID array

The mdadm command is used for managing software RAID arrays on Linux.

XFS Filesystem Management:

xfs_growfs: Expand an XFS Filesystem
```
xfs_growfs /dev/mapper/vg_name-lv_name
```
xfs_growfs expands an XFS filesystem to use additional space on a logical volume or partition.
xfs_repair: Repair an XFS Filesystem
```
xfs_repair /dev/sdb1    # Repair an XFS filesystem on a partition
```
This command is used to fix any corruption in an XFS filesystem.

Advanced: System Performance Monitoring

Sysstat Tools (iostat, mpstat, pidstat):

iostat: Monitor CPU and I/O Statistics
```
iostat -x 1   # Show extended stats for I/O devices
```
The iostat command helps monitor system input/output statistics and CPU utilization.
mpstat: Monitor CPU Usage Across Multiple Processors
```
mpstat -P ALL 1   # Display statistics for all CPUs every 1 second
```
mpstat shows CPU performance, including individual CPU usage.
pidstat: Display Statistics for Individual Processes
```
pidstat -u 1   # Show CPU usage for each process
```
The pidstat tool displays various performance statistics for individual processes, including CPU usage, memory, and I/O statistics.

Advanced System Monitoring

atop: Advanced System and Process Monitor
```
atop    # Monitor system resources in real-time
atop -r /path/to/logfile   # Replay historical system stats
```
atop provides an advanced view of system performance, including real-time process monitoring.
sar: Collect, Report, and Save System Activity
```
sar -u 1 3    # Report CPU usage every 1 second, 3 times
```
sar provides system activity reports and is part of the sysstat package.

Advanced: Automation with Scripts and Ansible

Shell Scripting:

For Loop in Bash
```
for i in {1..5}; do
    echo "Processing file $i"
done
```
This loop processes a series of files or tasks, automating repetitive operations.
If-Else Condition in Bash
```
if [ -f "/path/to/file" ]; then
    echo "File exists"
else
    echo "File does not exist"
fi
```
This conditional statement checks for the existence of a file and executes commands based on the result.

Ansible Advanced Features:

Playbook Example for Apache Installation

- name: Install Apache on webservers
  hosts: webservers
  become: true
  tasks:
- name: Install Apache package
  dnf:
  name: httpd
  state: present
- name: Start Apache service
  service:
  name: httpd
  state: started
  enabled: yes

This Ansible playbook installs and starts the Apache web server on the specified hosts.

Ansible Roles: Creating a Role in Ansible
```
ansible-galaxy init my_role  # Initialize a new role
```
Ansible roles help structure complex playbooks by organizing tasks, handlers, templates, and other files into reusable units.

Exam Tips

Understand the Exam Objectives: Learn the official RHCE exam objectives. To increase your confidence and proficiency, go over each topic in detail and practice related tasks regularly.
Set Up a Virtual Lab: Create a virtual test environment to experiment and practice system configurations, troubleshooting, and other exam-related tasks. This practical experience is crucial for real-world situations.
Master Time Management: The RHCE exam is time-sensitive, so practice time management. Make sure you allocate sufficient time to each task and avoid getting stuck on challenging problems.
Use Available Documentation: If allowed, use man pages, help commands, and other built-in documentation. Knowing how to access and use documentation during the exam can help troubleshoot and solve issues more efficiently.
Develop Your Troubleshooting Ability: Have a solid troubleshooting approach. Practice diagnostic commands, analyze system logs, and test solutions to resolve problems in real-time. This skill is essential for both the exam and daily system administration.
Remain Calm Under Pressure: Staying composed is essential during the RHCE exam. Don’t let time restrictions or unexpected issues overwhelm you. Focus on the task at hand, think logically, and move on if you’re stuck for too long.

Conclusion

You can rapidly refer to the important commands, tools, and ideas necessary for Linux administration with the aid of this RHCE cheat sheet. You'll be prepared to tackle challenging system management duties and confidently take the RHCE exam if you master these abilities. This cheat sheet is a great tool whether you're managing daily Linux systems or preparing for certification. Keep refining your abilities and practicing—you can succeed in RHCE!