See the web pages for the English edition of this book for details



The Red Hat Subscription Management (RHSM) service is provided by Red Hat for comprehensive subscription management. Red Hat delivers software updates, technical support, and access to supported software versions by issuing subscriptions to its products. You purchase subscriptions based on your IT needs and the Red Hat software you plan to use in the environment. You first register your systems with RHSM and then attach subscriptions to them based on the operating system and software they run.

RHSM offers Red Hat customers access to the customer portal via to add, organize, inventory, check status, track usage, and report on available subscriptions and any number of registered systems along with software products used by those systems. Software content for all supported software versions is delivered via geographically distributed Content Delivery Network (CDN). You can log in to the portal using the credentials you created/used in Chapter 01 “Local Installation” to download RHEL 8.

Local system administration and its subscriptions may be managed using the Subscription Asset Manager (SAM). SAM allows you to import entitlements via a manifest exported from the Customer Portal and gives you centralized control of the subscription assets. SAM can define groups and grant systems and users access to them. SAM controls the entitlements locally, but gets the contents from the Customer Delivery Network. In order to use SAM, you need to enable access to a Red Hat repository to install it.

Subscriptions for a single system can also be managed using the Subscription Manager client application called subscription-manager that is installed locally on the system. This application has both graphical and command line interfaces, and it lets you manage the local system and its allocated subscriptions. Subscription Manager connects the local system with the Customer Portal or Subscription Asset Manager, and it gets contents from the Customer Delivery Network.

The subscription-manager command has several subcommands to perform various operations for local system subscriptions. Some of the subcommands are described below.

Subcommand Description
attach Attaches a subscription to a registered system.
auto-attach Automatically attaches the closest-matched subscriptions.
clean Removes all local system and subscription data.
list Lists subscription and product information.
register / unregister Registers (unregisters) a system to the Customer Portal.
remove Removes subscription information.
repos Lists available repositories.
status Shows subscription and product status.

If you have an active subscription available, you can register your system with RHSM and attach it with the subscription that matches the system. You can do this from the command line by running the subscription-manager command, but you will need to supply valid user credentials in order to accomplish the tasks.

subscription-manager register –auto-attach



  The system has been registered with ID: 2c9bc658-4cf8-4241-a388-ce50b8dce251

  Installed Product Current Status:

  Product Name:        Red Hat Enterprise Linux Server

  Status:                      Subscribed

After the system has been registered and a subscription has been attached to it, you can view the information by running the Subscription-Manager in the console by selecting Applications | System Tools | Red Hat Subscription Manager.

The My Installed Products tab shows the product name and its version, subscription status, validity dates, and product subscription details.

The last tab lists information about all available subscriptions.

You can remove the subscription assigned to the system and then unregister it using the subscription-manager command. Finally, run this command again with the clean option to remove any data stored locally for this system.

subscription-manager remove –all

1 subscription removed at the server.

1 local certificate has been deleted.

subscription-manager unregister

System has been unregistered.

subscription-manager clean

All local data removed

The above can be achieved by using the graphical equivalent of the Subscription-Manager.


The Red Hat Certified System Administrator (RHCSA) certification exam is a performance-based hands-on exam designed for IT professionals. This exam is presented in electronic format on a live desktop computer running Red Hat Enterprise Linux 8. This desktop computer will have two RHEL 8-based virtual machines to accomplish the exam tasks. During the exam, the candidates will not have access to the Internet, or printed or electronic material except for what comes standard with RHEL 8. The official exam objectives (57 in total as of January 8, 2020) are listed at Visit the URL for up-to-date and in-depth information. The exam objectives are covered in detail in the chapters throughout the book. An enumerated list of exam objectives is presented below along with the chapter number where the objective is discussed.


  1. Access a shell prompt and issue commands with correct syntax (chapter 2)
  2. Use input-output redirection (>, >>, |, 2>, etc) (chapter 7)
  3. Use grep and regular expressions to analyze text (chapter 7)
  4. Access remote systems using ssh (chapter 19)
  5. Log in and switch users in multi-user targets (chapter 6)
  6. Archive, compress, unpack, and uncompress files using tar, star, gzip, and bzip2 (chapter 3)
  7. Create and edit text files (chapter 3)
  8. Create, delete, copy, and move files and directories (chapter 3)
  9. Create hard and soft links (chapter 3)
  10. List, set, and change standard ugo/rwx permissions (chapter 4)
  11. Locate, read, and use system documentation including man, info, and files in /usr/share/doc (chapter 2)


  1. Boot, reboot, and shut down a system normally (chapter 12)
  2. Boot systems into different targets manually (chapter 12)
  3. Interrupt the boot process in order to gain access to a system (chapter 11)
  4. Identify CPU/memory intensive processes and kill processes (chapter 8)
  5. Adjust process scheduling (chapter 8)
  6. Manage tuning profiles (chapter 12)
  7. Locate and interpret system log files and journals (chapter 12)
  8. Preserve system journals (chapter 12)
  9. Start, stop, and check the status of network services (chapter 12)
  10. Securely transfer files between systems (chapter 19)


  1. List, create, and delete partitions on MBR and GPT disks (chapter 13)
  2. Create and remove physical volumes (chapter 14)
  3. Assign physical volumes to volume groups (chapter 14)
  4. Create and delete logical volumes (chapter 14)
  5. Configure systems to mount file systems at boot by Universally Unique ID (UUID) or label (chapter 15)
  6. Add new partitions and logical volumes, and swap to a system non-destructively (chapters 14 and 15)


  1. Create, mount, unmount, and use vfat, ext4, and xfs file systems (chapter 15)
  2. Mount and unmount network file systems using NFS (chapter 16)
  3. Extend existing logical volumes (chapters 14 and 15)
  4. Create and configure set-GID directories for collaboration (chapter 4)
  5. Configure disk compression (chapter 13)
  6. Manage layered storage (chapter 14)
  7. Diagnose and correct file permission problems (chapter 4)


  1. Schedule tasks using at and cron (chapter 8)
  2. Start and stop services and configure services to start automatically at boot (chapter 12)
  3. Configure systems to boot into a specific target automatically (chapter 12)
  4. Configure time service clients (chapter 18)
  5. Install and update software packages from Red Hat Network, a remote repository, or from the local file system (chapter 9 and 10)
  6. Work with package module streams (chapter 10)
  7. Modify the system bootloader (chapter 11)


  1. Configure IPv4 and IPv6 addresses (chapter 17)
  2. Configure hostname resolution (chapter 18)
  3. Configure network services to start automatically at boot (chapter 12)
  4. Restrict network access using firewall-cmd/firewall (chapter 20)


  1. Create, delete, and modify local user accounts (chapter 5)
  2. Change passwords and adjust password aging for local user accounts (chapter 5 and 6)
  3. Create, delete, and modify local groups and group memberships (chapter 6)
  4. Configure superuser access (chapter 6)


  1. Configure firewall settings using firewall-cmd/firewalld (chapter 20)
  2. Create and use file access control lists (chapter 4)
  3. Configure key-based authentication for SSH (chapter 19)
  4. Set enforcing and permissive modes for SELinux (chapter 21)
  5. List and identify SELinux file and process context (chapter 21)
  6. Restore default file contexts (chapter 21)
  7. Use Boolean settings to modify system SELinux settings (chapter 21)
  8. Diagnose and address routine SELinux policy violations (chapter 21)


Storage Optimization with Virtual Data Optimizer

One of the new features recently introduced in RHEL is a device driver layer that sits between the operating system kernel and the physical storage devices. The goals are to conserve disk space, improve data throughput, and save on storage cost. This feature is referred to as Virtual Data Optimizer (VDO). VDO employs thin provisioning, de-duplication, and compression technologies to help realize the goals.


VDO makes use of the thin provisioning technology to identify and eliminate empty (zero-byte) data blocks. This is referred to as zero-block elimination. VDO removes randomization of data blocks by moving in-use data blocks to contiguous locations on the storage device. This is the initial stage in the process.

Next, VDO keeps an eye on data being written to the disk. If it detects that the new data is an identical copy of some existing data, it makes an internal note of it but does not actually write the redundant data to the disk. VDO uses the technique called de-duplication to this end. This technique is implemented in RHEL with the inclusion of a kernel module called UDS (Universal De-duplication Service). This is the second stage in the process.

In the third and final stage, VDO calls upon another kernel module called kvdo, which compresses the residual data blocks and consolidates them on a lower number of blocks. This results in a further drop in storage space utilization.

VDO runs in the background and processes inbound data through the three stages on VDO-enabled volumes. VDO is not a CPU- or memory-intensive process; it consumes a low amount of system resources.


The concept of VDO volumes is similar to that of disk partitions, which you created in Exercises 13-1 and 13-3 using parted and gdisk. VDO volumes can be initialized for use just like disk partitions, or they can be used as LVM physical volumes.

VDO offers a set of commands to create, manage, and monitor volumes. Of these vdo and vdostats commands are discussed and used in this section. The vdo command is used to create and perform essential operations on VDO volumes, and the vdostats command is employed to monitor usage statistics of the underlying physical storage device.

Table 13-2 summarizes the subcommands available with vdo.

Subcommand Description
create Adds a new VDO volume on the specified block device
status Returns the status and attributes of VDO volumes
list Lists the names of all started VDO volumes
start Starts a VDO volume
stop Stops a VDO volume

Table 13-2 vdo Subcommands

The vdostats command has a couple of interesting options that you will use shortly.


This exercise should be done on server2 as user1 with sudo where required.

In this exercise, you will install the VDO software packages, start the VDO service, and mark it for autostart on subsequent system reboots.

    1. Install packages vdo and kmod-kvdo:

    2. Start the service and enable it to start automatically on future system reboots:

    3. Check the operational status of the service:

The relevant packages for VDO are installed, and the VDO service is started and activated. This concludes the exercise.


This exercise should be done on server2 as user1 with sudo where required.

In this exercise, you will create a volume called vdo-vol1 of logical size 16GB on /dev/sdf disk (the actual size of /dev/sdf is 4GB). You will list the volume and display its status information. You will also show the activation status of the compression and de-duplication features.

    1. Create volume vdo-vol1 (–name) on /dev/sdf (–device) of logical size 16GB (–vdoLogicalSize) with a slab size of 128MB (–vdoSlabSize):

 If the logical size is not specified, the VDO volume will have the same size as the underlying disk (/dev/sdf in this case).

 The slab size is the size of the increment by which VDO volumes grow. This value must be a power of two between 128MB and 32GB; the default is 2GB. The default unit of size specification is MB.

    2. List the new volume using the vdo and lsblk commands:

As indicated, the major number for the VDO volume is 253, which is associated with the device mapper kernel driver. The output also shows the logical volume size (16GB) and type (vdo). It also depicts the disk (sdf) that houses the volume, along with its actual size (4GB).

    3. Display the usage status of the volume:

The size of the actual disk is 4GB. Due to thin provisioning, the system allowed you to create the VDO volume much larger in size (4 times) than the physical disk capacity.

    4. Show detailed statistics for the volume including configuration information:

. . . . . . . .

The output will expose over one hundred different settings for the volume.

    5. Display detailed statistics for the volume including configuration information:

. . . . . . . .

The status includes volume, kernel module, and configuration information. It also provides a detailed look at volume-specific elements.

    6. Show the activation status of the compression and de-duplication features:

Both compression and de-duplication features are activated by default on new VDO volumes. This concludes the exercise.


Chapter 02, Pg 55, Section: Exposing Short Description: The second to last sentence: “You may alternatively run man -f yum.conf and yum -f passwd for the exact same results.” should be read as “…. man -f yum.conf and man -f passwd for ….”

Chapter 03, Page 65: Line 8 should be read as: “To append files located in the /etc/yum.repos.d directory to the existing tarball /tmp/files.tar”

Chapter 03, Page 65: Line 9 should be read as: “To list what files are included in the files.tar tarball”

Chapter 03, Page 81: Line 8 should be read as: “Figure 3-2 shows the file file10 with a soft link called softf10 pointing to it.”

Chapter 04, Exercise 4-4: Please open both terminal sessions with ssh. The who and write commands won’t work as expected in the gnome terminal sessions due to a bug.

Chapter 06, Page 142, Exercise 6-5: The 2nd sentence in the exercise description is extra and should be ignored: “……. You will modify the primary group for user200 to sysadm ……”.

Chapter 07, Lab 7-2: The instruction “Have the output printed on the screen as well as redirected to file /tmp/ioutput …..” should be read as “Have the output printed on the screen and the errors forwarded to file …..”.

Chapter 08, Page 191, 4th and 5th sentences in the last paragraph should be read as: “Anacron executes the /etc/cron.hourly/0anacron script to determine whether to run missed jobs. The script includes three checks: (1) the presence of the /var/spool/anacron/cron.daily file, (2) the elapsed time of 24 hours since it was last run, and (3) if the system is plugged in to an AC source.”

Chapter 11, Exercise 11-1: Before performing Exercise 11-1 to reset the root user password, ensure that you reinstall the policycoreutils and dependent packages that were removed in LAB 10-2. Your RHEL instance will hang if this is not done.

Chapter 14, Page 325, Table 14-1: The description for the lvresize command should be read as: “Resizes a logical volume. With the -r option, this command calls the fsadm command and resizes the underlying file system as well.”

Chapter 15, Q26 answer is: /dev/mapper/vg20-lv1  /ora1  ext4  defaults 0 0