READ Free Dumps For RedHat- RH302
| Question ID 17506 | You are the Network Engineer of example.com domain. Configure to allow users |
| Option A | Answer : 1.vi /etc/security/time.conf login;*;user1|user2|user3;Al0900-1700 2.vi /etc/pam.d/login accountrequiredpam_time.so For Time based authentication, we should configured in /etc/security/time.conf Syntax of /etc/security/time.conf services;ttys;users;times services is a logic list of PAM service names that the rule applies to. ttys is a logic list of terminal names that this rule applies to. users is a logic list of users to whom this rule applies. times the format here is a logic list of day/time-range entries the days are specified by a sequence of two character entries, MoTuSa for example is Monday Tuesday and Saturday. Note that repeated days are unset MoMo = no day, and MoWk = all weekdays bar Monday. The two character combinations accepted are Mo Tu We Th Fr Sa Su Wk Wd Al the last two being week-end days and all 7 days of the week respectively. As a final example, AlFr means all days except Friday. pam_time modules checks the file /etc/security/time.conf for authentication. So, we should call the pam_time modules in /etc/pam.d/login. |
| Correct Answer | A |
| Question ID 17507 | You have a domain in your LAN example.com. Configure to allow login to jack only |
| Option A | Answer : 1.vi /etc/security/access.conf ALL EXCEPT station10.example.com 2.vi /etc/pam.d/system-auth accountrequired/lib/security/pam_access.so /etc/security/access.conf file helps to allow or deny login to users on the basis of origin. Syntax of /etc/security/access.conf origins The first field should be a "+" (access granted) or "-" (access denied) character. The second field should be a list of one or more login names, group names, or ALL (always matches). A pattern of the form user@host is matched when the login name matches the "user" part, and when the "host" part matches the local machine name. The third field should be a list of one or more tty names (for non-networked logins), host names, domain names (begin with "."), host addresses, internet network numbers (end with "."), ALL (always matches) or LOCAL (matches any string that does not contain a "." character). The EXCEPT operator makes it possible to write very compact rules |
| Correct Answer | A |