*nix education & certification questions
Jim Dennis
jimd at starshine.org
Tue Jul 5 20:03:45 PDT 2005
On Tue, Jul 05, 2005 at 04:32:20PM -0700, Eric Wagar wrote:
>> 1) What would be the best certification path(s)? Do you think something
>> like a Solaris Sys Admin cert program or a Red Hat cert program would
>> be best?
>> Or something more generic (CompTIA, SAIR, LPI?)? Granted, I would rather
>> LEARN the OS IN AND OUT, not just have some highly-regarded piece of paper.
> My *personal* experience has been with the RedHat RHC* series. I am
> hoping to take mine sometime this year. (Hoping because it will be on
> my own dime and with my own vacation time.)
> From what I have seen and read for the RHC* series, the tests are all
> hands-on practical tests. (Same as the Cisco tests.) I am a Sun
> Solaris 7 certified admin. When the day comes that it has been of use
> to me, I will let you know! :) (It was all book knowledge, nothing
> real world.)
> I also have three highly skilled and knowledgeable co-workers who took
> the Redhat RHCE Bootcamp (the company paid) and they did not get the T
> or the E cert. So, that tells me that I must study and then absorb
> *everything* in the classes I will be taking.
> Out of the Sun or RH cert, I'd take someone who had the RH cert.
> eric
My comments:
CompTIA Linux+ and related tests:
Not worth the paper they're printed on
Sair:
Are they *still around*? (Yes, I know they are, but I'm still
incredulous).
LPIC:
Their heart is in the right place; but I don't think any
employers will notice this on your resume
Novell SCLP (S.u.S.E. Certified Linux Professional):
This shows some promise but it's too early to tell.
RHCE:
As you say, this is all hands on. I haven't taken this test
yet, but I've had several students in my own (in-house) sysadmin
classes who have attained RHCEs and my experience was that they
were among my most knowlegeable students. (They consistenly assure
me that I will pass these with ease, given what they could see of my
knowlege and skills from taking 5 days of my classes).
Sun Certified Solaris:
I've never had anyone express any interest in this. The lack of
this seems to have no effect on my resume --- but I am known
primarily as a Linux guru; so any Solaris knowlege that leaks
over is just gravy for the people interested in me.
A co-worker of mine just took the RH bootcamp and test last week. I
suspect that he'll tell me how it went next week and I'll be talking
to my manager to see if they want me to take the class or just
challenge the test. (Class+test: ~$3500, just the test: ~$800).
Since they've had me teaching a whole serious of in-house classes in
the hopes that many of my students would attain at least the RHCT
the main benefit of running me through the class would be for me to
observe the teaching style and ensure that I'm not missing anything
major in my own courseware.
My advice:
Run Linux at home. Get it running on at least two machines (client
and server). Configure one of the systems to be a kickstart server
(installing and configuing DHCP, tftpd and httpd daemons, an NFS
export, and DNS (with forward and reverse zones). Make it a router
and keep the client system on a separate segment "inside" the
server/router.
Tear apart a copy of the initrd (initial RAM disk) and read the
/linuxrc you find therein. Read the nash man page. Start at the
top of your /etc/inittab: for every line run the file command on the
command in the third field. If it's a binary, read the man page;
if it's a script, read it. For every line in the rc.sysinit (and
other start-up scripts) follow the same procedure.
Run multiple kickstarts from CD, floppy, and over PXE. Customize
your kickstarts to run over NFS and HTTP, and write as much as you
can into post installation and post upgrade scripts. Install
different versions. Add the useradd commands to your kickstart
to preserve your account info (include the -p to preserve your
password hash). Set the system up with GRUB passwords, MD5 encoded
and in the kickstart. So the same for LILO. Configure inittab
to run sulogin in single-user mode.
Convert the client from using DHCP to static IPs. Figure out how
to bind the client's MAC address to a specific kickstart
configuration. Figure out how to have your client restore its
static addressing information during a kickstart post-install.
Peform an absolutely minimal installation. Then try to install all
of the packages necessary to get X and GNOME running properly.
(Learn how to deal with RPM dependency hell).
Configure the server to do masquerading. Add squid. Configure it
to run squid as a transparent proxy, *and* to allow access to its
own local httpd as well.
Configure the server to be a NIS master. Configure the client to be
a NIS client. Then convert them to both use LDAP. Configure autofs
on the client.
Configure the server to provide mail services using sendmail and
whatever POP and IMAP servers come with your copy of RH. Configure
fetchmail on the client.
Install a webmail package on the server. Access it with the client.
Change video cards, add memory and add a disk drive to the client.
Reconfigure the X, add a filesystems and mount points for the drive.
(Notice that the additional memory generally needs no special
configuration).
Reconfigure the client system to use LVM. Add the other drive as
a PV to your VG. Resize some of your partitions. Figure out how
to remove one PV from your VG while preserving all the data. Learn
how to access the VG from a generic rescue disc (like Ubuntu's live
CD).
Re-install the client using soft-RAID; use mirroring on the rootfs
and RAID 5 for /home. (Yes, get a small stack of cheap drives for
this. I'd recommand about 6 of them and you'll probably need an
extra controller as well --- getting experience with SCSI, and USB
storage is good). Pull cables on different drives (with the system
off) and power it back up. Learn how to configure the system to
boot off either mirror (CMOS settings *and* bootloader using both
GRUB and LILO). Learn how to restore the RAID sets (blank the drive
you pulled .
Pick out some of the .src RPMs. Install and rebuild them. Make
minor packaging changes (for example build a custom version of the
screen RPM that makes the screen binary setUID root and associated
with some local "screen" group --- but not world executable; add the
necessary groupadd command to the pre-install and the removal to the
post install). Be sure this rebuilt RPM has a distinctive name like:
foo-1.2.3-MINE4.i486.rpm
Write your own RPM from scratch. Create a simple "service" that
just does "logger hello world" in your rc scripts and a simple cron
job that calls it periodically; build the RPM around that script
and have the post-install do the necessary chkconfig --add and
service commands. Be sure that the pre-remove does the necessary
chkconfig --del and service stop commands.
To learn RHEL3 and RHEL4 consider playing with the community
rebuilds of the same sources: CentOS: http://www.centos.org/
Fetch CentOS3 and CentOS3.5 and CentOS4 and CentOS4.1. Practice
installing and upgrading; including kickstarts into 3.0 with
post-install upgrades up to 3.5 (RHEL3 update 5) and so on.
Burn your own CDs and DVDs. Figure how to loop mount the .iso
images that you download from centos.org and how to export those
over NFS.
Install and run Bastille (http://bastille-linux.org/ ). It will
ask you all sorts of questions about how you want to use the system
with all sorts of advice on securing it. It will then use your
responses to lock down the system. Now tear apart every change
it made and figure out how it worked and why each of those changes
was made. Figure out how to save and apply a Bastille policy as
part of a kickstart post installation.
Have a friend change your root password. Break in and fix it.
Configure your kickstart server to also serve "rescue" images
for both RHEL4 and RHEL3 (to PXE boots).
Have a friend break something else (give him or her a long list of
possibilities: netmask, default route, hostname, nsswitch.conf,
/etc/pam.d configuration files, /etc/fstab, grub.conf or lilo.conf,
filesystem labels, ...). Diagnose and fix each of these in turn.
Learn how to use rpm -qf and rpm -V effectively!
In other words my advice is to set up your own lab (two or three cheap
systems; the server can even be headless --- configure it for serial
console and use a null modem cable). Set up your own little self-study
group (with one or a few others who are also interested in pursuing
an RHCE). Find creative ways to break the system for your partners to
diagnose and repair and have them return the favor. (Search google and
the newsgroups for problems that you can reproduce in your lab).
Sorry I'm not available to teach external classes at this time.
However, many of these are exactly the sorts of things I do in my
classes. (Unfortunately 5 days isn't long enough for most of these and
I have about 25 hours of lecture materials to get through, too).
--
Jim Dennis
More information about the Baylisa
mailing list