Pass the Oracle Linux Administration 1z0-106 Questions and answers with ExamsMirror

Option A (Correct):The configuration lineauthpriv.* /var/log/authwould direct all messages of theauthprivfacility (which includes sensitive authentication messages) to the/var/log/authfile. The log entries provided, which include authentication-related messages from PAM (pam_unix), would be logged due to this setting.

Option B (Incorrect):The*.emerg *setting logs emergency messages to all users, not specifically the provided log output.

Option C (Incorrect):This setting logs various non-authentication-related messages to/var/log/messages. It specifically excludesauthpriv.

Option D (Incorrect):This setting appears to be commented out and incorrect for the logging behavior described.

Option E (Incorrect):Thecron.*setting logs cron messages, unrelated to the provided authentication logs.

Oracle Linux Reference:Refer to:

Oracle® Linux 8: System Logging with rsyslog

Option A: Ksplice can be used without a network connection

Explanation:

Ksplice provides anOffline Clientspecifically designed for systems that do not have a direct connection to the internet. This client allows administrators to download Ksplice updates on a system with internet access and then transfer them to the offline system for installation.

This means Ksplice can be effectively used in environments with strict security policies where network connectivity is restricted or not available.

Oracle Linux Reference:

Oracle® Linux 8: Ksplice User's Guide- Section on "Using the Ksplice Offline Client":

"The Ksplice Offline client enables you to apply Ksplice updates to systems that do not have direct access to the Internet or to the Oracle Uptrack server."

Option B: It can patch the kernel without shutting down the system.

Explanation:

The primary purpose of Ksplice is to allow administrators to apply critical security patches to the running kernelwithout requiring a rebootor shutting down the system. This ensures high availability and minimizes downtime, which is crucial for production environments.

Ksplice works by performingjust-in-time (JIT) compilationof kernel patches and applying them directly to the running kernel in memory.

Oracle Linux Reference:

Oracle® Linux 8: Ksplice User's Guide- Introduction:

"Ksplice enables you to keep your systems up to date and secure by applying important kernel security updates without rebooting."

Why Other Options Are Not Correct:

Option C:Yum cannot upgrade a kernel patched by Ksplice

Explanation:

This statement is false. While Ksplice patches the running kernel in memory, yum can still upgrade the kernel packages on disk. After a yum kernel update, a reboot would be necessary to run the new kernel version, but yum operations are not hindered by Ksplice patches.

Oracle Linux Reference:

Oracle® Linux 8: Ksplice User's Guide- Compatibility with Package Managers:

"Ksplice works seamlessly with package management tools like yum and dnf. You can continue to use these tools to manage your kernel packages."

Option D:Ksplice has two clients; each can run in three different modes.

Explanation:

While Ksplice does have two clients (the online and offline clients), the statement about each running in three different modes is inaccurate or misleading. The clients do not operate in "three different modes" per se.

Oracle Linux Reference:

No official documentation supports the claim of "three different modes" for each client.

Option E:The Ksplice client is freely available to all customers.

Explanation:

Ksplice is a feature available to customers with an active Oracle Linux Premier Support subscription. It is not freely available to all users.

Oracle Linux Reference:

Oracle® Linux 8: Ksplice User's Guide- Access Requirements:

"To use Ksplice, your system must be covered by an Oracle Linux Premier Support subscription."

Conclusion:

Options A and B are correct because Ksplice can be used without a network connection via the offline client, and it allows patching the kernel without shutting down the system, ensuring minimal downtime.

Explanation of Answer D:The entrypool pool.ntp.org offlinein the/etc/chrony.conffile specifies that thechronydservice should not automatically poll the NTP pool servers atpool.ntp.orguntil it is explicitly enabled by thechronyccommand. This setting is typically used in environments where the network is not always available (e.g., laptops or isolated systems) to avoid unnecessary polling.

Explanation of Answer D:The/etc/login.defsfile in Oracle Linux contains configuration settings related to user account policies, including password aging controls. This includes settings such asPASS_MAX_DAYS,PASS_MIN_DAYS, andPASS_WARN_AGE, which define the maximum number of days a password is valid, the minimum number of days between password changes, and the number of days before password expiration to warn users, respectively.

Explanation of Answer E:The/etc/login.defsfile also contains settings for the encryption method used to encrypt user passwords. TheENCRYPT_METHODparameter specifies the hashing algorithm, such as SHA512, that is used to encrypt user passwords stored in/etc/shadow.

Understanding the Automounter Configuration:

/etc/auto.master:

/net -hosts

/- auto.direct ro

The /- auto.direct ro line indicates:

Mount Point Prefix:/ (direct mounts)

Map File:auto.direct

Global Mount Options:ro (read-only)

/etc/auto.direct:

/nfs1 host01:/export/share1

/nfs2 -sync host01:/export/share2

/nfs3 host02:/export/share3

/nfs1 and /nfs3:

No specific mount options in auto.direct.

Inherit the ro option from /etc/auto.master.

/nfs2:

Specifies -sync option in auto.direct.

Inherits ro from /etc/auto.master.

Mount options are ro,sync.

Mount Options Resolution:

Global Options (ro) apply to all entries unless overridden.

Per-Entry Options in auto.direct override or supplement global options.

Effective Mount Options:

/nfs1:

ro (from /etc/auto.master)

Default NFS options (async unless sync is specified)

/nfs2:

ro (from /etc/auto.master)

sync (specified in auto.direct)

/nfs3:

ro (from /etc/auto.master)

Default NFS options (async)

Oracle Linux Reference:

Oracle® Linux 8: Configuring File Systems-Automounter Configuration:

"Options specified in the master map apply to all entries in the map unless overridden by entries in the map itself."

NFS Default Options:

"By default, NFS mounts are asynchronous (async) unless the sync option is specified."

Conclusion:

/nfs1 and /nfs3:Mounted with ro,async.

/nfs2:Mounted with ro,sync.

Correct Option:A

Explanation of Answer E:This option correctly matches the Kubernetes components with their descriptions:

Kubectl- d. Command-line interface used to control Kubernetes

Etcd- f. Stores configuration data relating to the cluster

Kubelet- c. Agent that allows nodes to communicate with the API

Kube-proxy- e. Performs networking functions and routes network traffic

Kube-apiserver- a. Processes and validates requests and performs operations

Kube-scheduler- b. Determines where containers should run based on resource availability

Option A (Correct):The command creates a Kubernetes Deployment, which ensures the specified number of replicas (pods) are running at all times. The deployment will manage the creation and maintenance of these pods to ensure availability.

Option D (Correct):The deployment configuration specifies that the container running inside the pod exposes port 80 (containerPort: 80).

Option B (Incorrect):The deployment is namednginx-deployment, notnginx.

Option C (Incorrect):The command creates a Deployment object that manages multiple pods; it does not directly create a single pod namednginx.

Option E (Incorrect):The command specifies the nginx image version1.14.2, but it will not fail immediately if the image version is not available. Kubernetes will attempt to pull the image, and the failure will happen during that step if the image does not exist.

Oracle Linux Reference:Refer to:

Kubernetes Documentation on Deployments

kubectl createcommand usage details.

Option B: journalctl -p err shows only error log level.

Explanation:

The -p or --priority option in journalctl filters messages by their priority level.

When specifying asingle priority level, journalctl shows messagesonlyat that level.

The priority levels, as per syslog standards, are:

0: emerg

1: alert

2: crit

3: err

4: warning

5: notice

6: info

7: debug

Therefore, journalctl -p err displays messages with priorityerr (3)only.

Oracle Linux Reference:

Oracle® Linux 8: Managing Log Files- Section onFiltering Output withjournalctl:

"Use the -p option to display messages from the journal that have a specific priority level."

Example:

# journalctl -p err

Option D: journalctl -k shows kernel logs since the last boot.

Explanation:

The -k or --dmesg option filters messages from the kernel, equivalent to the output of the dmesg command.

This option implies -b, which limits the output to messages from the current boot.

Therefore, journalctl -k displays kernel messages since the last boot.

Oracle Linux Reference:

Oracle® Linux 8: Managing Log Files- Section onViewing Kernel Messages:

"Use the journalctl -k command to display kernel messages since the last system boot."

Example:

# journalctl -k

Option E: journalctl -p 6 shows all info log level messages and above.

Explanation:

When specifying a single numeric priority, journalctl displays messages withthat priority level and higher priority levels(i.e., lower severity).

Priority levels are ordered from 0 (highest severity) to 7 (lowest severity).

Therefore, journalctl -p 6 shows messages with priorities:

0 (emerg)

1 (alert)

2 (crit)

3 (err)

4 (warning)

5 (notice)

6 (info)

This includesinfo level messages (6)and all higher priority messages.

Oracle Linux Reference:

Oracle® Linux 8: Managing Log Files- Section onFiltering Output with journalctl:

"When you specify a single priority level, journalctl shows messages at that level and higher severity."

Example:

# journalctl -p 6

Why Other Options Are Not Correct:

Option A:journalctl -bl -p err fails if journal persistence is not configured.

Explanation:

The -b option displays messages from the current boot. This works even if journal persistence isnotconfigured because the logs from the current boot are stored in volatile memory (/run/log/journal).

Therefore, the command doesnot failif journal persistence is not configured.

Oracle Linux Reference:

Oracle® Linux 8: Managing Log Files- Section onJournal Volatility:

"By default, the journal stores logs in volatile memory and does not persist logs across reboots unless persistent storage is configured."

Option C:journalctl -p notice..warning shows all messages from notice to warning log level since the last boot.

Explanation:

The -p option allows specifying arangeof priorities. However, the correct order for the range should be from thehigher priority (lower number)to thelower priority (higher number).

Also, the priorities should be specified in the correct sequence, and ranges are inclusive.

Moreover, journalctl by default shows messages from all boots unless limited by the -b option.

Therefore, without -b, it does not limit messages to "since the last boot," making the statement incorrect.

Correct Command:

To display messages fromwarning (4)tonotice (5), the command should be:

# journalctl -p warning..notice -b

But even then, the priorities need to be specified correctly, and the command in Option C is incorrect.

Conclusion:

OptionsB,D, andEare correct because they accurately describe the behavior of the journalctl command in filtering and displaying log messages based on priority levels and sources.

Explanation of Answer B:The commandssh -L 5011:127.0.0.1:80 bob@10.10.2.20 -f sleep 30creates a local port forward. This means port5011on the client machine is forwarded to port80on the remote machine (10.10.2.20) using the SSH connection.

Explanation of Answer E:The-foption of thesshcommand causes the SSH connection process to fork to the background after authentication is complete. Thesleep 30command keeps the SSH connection alive for 30 seconds.

Option B (Correct):Container applications are dependent on the host operating system's kernel because containers share the OS kernel, unlike virtual machines, which use a hypervisor. Compatibility of the host OS kernel version is required to run containers.

Option D (Correct):Podman, Buildah, and Skopeo are container tools for managing container applications. Podman runs containers without requiring a daemon like Docker, Buildah is used to build container images, and Skopeo is used for transferring container images. These tools can operate independently of one another, providing a flexible and modular approach to container management on Oracle Linux.

Option A (Incorrect):Container applications built on bare metal can run on virtual machines or cloud instances as long as the environment supports the container runtime.

Option C (Incorrect):Containers do not package the entire runtime stack; they include the application and its dependencies but rely on the host OS for the kernel.

Option E (Incorrect):Podman does not require a running daemon; one of its advantages over Docker is that it can run containers in rootless mode without needing a persistent daemon.

Oracle Linux Reference:Refer to:

Oracle® Linux 8: Podman and Containers Guide

man podman,man buildah,man skopeofor further details on these tools.