Red Hat RHCSA EX200

The RHCSA is a hands-on, performance-based exam where you type real commands on a live system. Mastering the shell is not optional — it is the foundation for every task. Practice tab completion and history shortcuts to save time during the exam. Know how to redirect both stdout and stderr to the same file with &> file.log, as log redirection tasks appear frequently.

On the RHCSA exam you will be asked to create, copy, move, and archive files under specific constraints. Practice find with multiple criteria such as find / -user student -size +1M -type f. Know the difference between hard and soft links cold — exam tasks often require creating both and understanding which survives file deletion. Always use star when you need to preserve SELinux contexts during backup and restore operations.

Text processing is a critical RHCSA skill because many exam tasks require you to extract, filter, or modify configuration data. Practice chaining commands together: grep -v "^#" /etc/ssh/sshd_config | grep -v "^$" strips comments and blank lines to show only active directives. Master sed -i for in-place file edits — the exam often requires modifying configuration files without a text editor.

Disk partitioning is a core RHCSA objective. The exam may provide additional disks that you must partition, format, and mount. Always run lsblk or fdisk -l first to identify available disks. Remember that parted writes changes immediately (no undo), while fdisk and gdisk only write when you press w. After partitioning, run partprobe /dev/sdb to update the kernel partition table without rebooting.

Persistent mounting via /etc/fstab is a guaranteed RHCSA topic. A misconfigured fstab entry can prevent the system from booting, so always test with mount -a and verify with df -h before rebooting. Use UUIDs rather than device names. Remember that XFS cannot be shrunk — if a task requires reducing a filesystem, it must be ext4. The exam checks that mounts survive a reboot, so temporary mounts will not earn points.

LVM is one of the most heavily tested RHCSA topics. You will almost certainly need to create, extend, or troubleshoot logical volumes on the exam. Memorize the full lifecycle: pvcreate → vgcreate → lvcreate → mkfs → mount → fstab. When extending, always remember to grow both the LV and the filesystem — lvextend -r can do both in one step. Practice the -l +100%FREE syntax for using all available space.

User management tasks appear on every RHCSA exam. Pay close attention to the exact requirements: specific UIDs, specific shells, password policies, and group memberships. The most common mistake is using usermod -G without -a, which removes the user from all other supplementary groups. Always verify with id username after making changes. Practice chage for password aging — the exam frequently requires setting expiration dates and maximum password ages.

Group management works hand-in-hand with permissions. On the exam, you may be asked to create a collaborative directory where multiple users can read and write files. The typical pattern is: create a group, add users to it, create the directory, set group ownership with chgrp, and apply SGID with chmod g+s. Verify group membership changes with id username — note that users must log out and back in for new supplementary group memberships to take effect.

Permissions are fundamental to every RHCSA task. The exam expects you to set exact permissions using both numeric and symbolic modes. Remember that directory permissions control access differently than file permissions — x on a directory is the gatekeeper. A common trap: setting r without x on a directory lets users list file names but not read their contents or metadata. Practice until numeric-to-symbolic conversion is automatic: 750 = rwxr-x---.

The exam frequently combines SGID and sticky bit in collaborative directory scenarios: create a shared directory with SGID so all files belong to the team group, and add the sticky bit so users cannot delete each other's work. The numeric representation adds a fourth digit: chmod 2770 /shared sets SGID + rwxrwx---. Verify with ls -ld /shared and look for the s in the group position and t in the others position.

ACLs are tested on the RHCSA when a task requires granting permissions that cannot be expressed with standard owner/group/other permissions. For example: "User alice should have read-write access and user bob should have read-only access to the same file." Default ACLs on directories are critical for ensuring inherited permissions on newly created files — without them, each new file would need manual ACL configuration. Always verify with getfacl after setting ACLs.

Network configuration with nmcli is a critical RHCSA skill. The exam requires persistent network settings that survive a reboot. Always use nmcli rather than editing connection files directly. After making changes, run nmcli con up "connection-name" to apply them. Verify with ip a and test connectivity with ping. Set the hostname early in the exam with hostnamectl — it is often one of the first tasks.

When troubleshooting network issues on the exam, follow a systematic approach: (1) Check the interface is up with ip link, (2) verify IP configuration with ip a, (3) test gateway connectivity with ping, (4) check DNS resolution with dig, (5) verify the firewall with firewall-cmd --list-all, (6) check if the service is listening with ss -tlnp. This layered approach prevents wasted time on the wrong problem.

firewalld is tested on every RHCSA exam. The most common mistake is forgetting --permanent and losing rules after a reboot. Always use both: --permanent to persist, then --reload to activate. The exam verifies your rules survive a reboot, so runtime-only rules earn zero points. Know the predefined service names (http, https, ssh, nfs, samba, dns) — they map to specific ports defined in /usr/lib/firewalld/services/.

SELinux must be in enforcing mode for the RHCSA exam — disabling or setting it to permissive will cost you points. The exam tests your ability to work with SELinux, not around it. Understand that SELinux contexts are the key to troubleshooting: if a service cannot access a file, compare the process context (ps -eZ | grep httpd) with the file context (ls -Z /path) to identify the mismatch. The type field is what matters most in day-to-day administration.

SELinux troubleshooting follows a repeatable pattern: (1) identify the denial with ausearch -m avc or sealert, (2) determine the cause (wrong file context, missing boolean, or non-standard port), (3) apply the fix (restorecon, setsebool -P, or semanage), (4) verify the fix works. On the exam, always check SELinux when a properly configured service fails to work — it is the most common hidden cause of access denied errors on RHEL systems.

Process management on the RHCSA is practical: you need to find resource-heavy processes, adjust their priority, and terminate them when necessary. Always try SIGTERM before SIGKILL — SIGKILL does not allow the process to clean up (close files, release locks). For the exam, know how to use top to identify the most CPU- or memory-intensive process, and how to change its nice value with renice. Practice nohup for long-running tasks that must survive a logout.

systemd service management is one of the most frequently tested RHCSA topics. Every service you configure on the exam (httpd, sshd, chronyd, etc.) must be both started and enabled to earn full marks. Use systemctl enable --now to do both in a single command. If a service fails to start, check systemctl status servicename and journalctl -u servicename for error details. Remember that masking is the only way to completely prevent a service from starting.

The RHCSA exam frequently requires configuring a YUM/DNF repository from a given URL and installing packages from it. Practice creating .repo files manually in /etc/yum.repos.d/ with the correct syntax. Module streams are a newer RHCSA topic — know how to list, enable, and install modules. If dnf install fails, verify the repo is enabled with dnf repolist and check network connectivity to the repository URL.

RPM query commands are invaluable for the RHCSA exam. When you need to find which package provides a specific command or file, use rpm -qf $(which command). When you need to find where a package installed its configuration files, use rpm -qc packagename. DNF handles installations, but RPM queries are faster and work offline. Know both tools and when to use each — the exam tests practical Linux administration, and experienced admins use both daily.

Scheduling tasks is a common RHCSA exam objective. Practice writing cron expressions until they are second nature: */5 * * * * means every 5 minutes, 0 9-17 * * 1-5 means every hour from 9 AM to 5 PM on weekdays. Remember that cron uses the user's environment, which may not include the full PATH — always use absolute paths in cron commands (e.g., /usr/bin/tar instead of tar). The at command is tested less frequently but know its syntax for one-time scheduled tasks.

The RHCSA may ask you to configure persistent journal storage so that logs survive a reboot. The steps are: mkdir -p /var/log/journal, then systemctl restart systemd-journald. Verify with journalctl --disk-usage. When troubleshooting any service, always check both journalctl -u servicename and the service's own log files in /var/log/. Practice journalctl filtering extensively — it is faster and more powerful than manually searching through log files with grep.

Understanding the boot sequence is critical because the RHCSA exam may require you to interrupt the boot process for troubleshooting. Know the order: firmware (BIOS/UEFI) → GRUB2 → kernel + initramfs → systemd → default target. If you modify /etc/default/grub (e.g., to add kernel parameters), you must regenerate grub.cfg. Do not edit grub.cfg directly — changes will be overwritten on the next kernel update.

Root password reset via rd.break is a classic RHCSA exam task. Memorize the full procedure: edit GRUB → add rd.break → mount -o remount,rw /sysroot → chroot /sysroot → passwd root → touch /.autorelabel → exit → reboot. Forgetting touch /.autorelabel is the most common mistake — SELinux will prevent login because /etc/shadow has the wrong context. Practice this procedure multiple times before the exam.

Podman is a newer addition to the RHCSA exam. Practice running rootless containers as a regular user — not as root. The exam may ask you to pull an image, run a container with port mapping, and ensure it starts automatically. For auto-start, generate a systemd user service: podman generate systemd --new --name myapp > ~/.config/systemd/user/myapp.service, then systemctl --user enable --now myapp and loginctl enable-linger username to allow user services to run after logout.

While the RHCSA does not require advanced scripting, you must be comfortable writing basic scripts that automate common tasks. Practice creating scripts that: create multiple users from a list, set up directories with specific permissions, and schedule tasks with cron. Remember that scripts executed by cron run in a minimal environment — always use absolute paths for commands and files. Test scripts manually before scheduling them, and redirect output to log files for troubleshooting.