Passed RHCE on RHEL 7

My experience on RHCSA and RHCE exams.

Experience on…

RHCSA (EX200)

I’ve passed my RHCSA back in April with the score of 300/300. I managed to finish all tasks in around 80 minutes, checked that everything was working, rebooted a VM several times and headed home.

I have to be honest and admit that for anyone with a relevant work experience, the RHCSA exam is like a colouring book – unless you are new to RedHat Linux, you will pass it.

A little piece of advice for those taking the exam, once you get networking configured, use multiple SSH windows (that’s what the exam instructor suggested for others using a console interface). It really helps to track issues down easily if you have any.

For those interested, the only study material that I used to prepare for the RHCSA exam was Sander van Vugt’s book (and loads of RHEL virtual machines, obviously). Please be advised that I’m not advocating the Sander’s book, I just want to give credit where credit is due.

I didn’t take any Red Hat training courses. This is also the case for RHCE.

RHCE (EX300)

I’ve passed RHCE with the score of 281/300, what is over 93% if you turn it into percentage. I was aiming for a perfect score of 300/300, but as it turns out, I apparently lost 19 points (no idea where and why). It took me over a month to prepare for it, but I had to wait until late summer for the exam as other dates were fully booked.

So, the exam was an easy one to be honest, it took me approx 2 hours to complete everything, then half an hour to check services were starting and working properly, rebooting a couple of times, and that is it basically.

The exam was easy (I kid you not), there was nothing particularly hard. 3.5 hours for the exam is plenty of time if you are properly prepared, not sure otherwise.

As with RHCSA, I used Sander van Vugt’s book to prepare for the RHCE topics.

Tips

Read all questions properly, don’t be afraid to ask the instructor to clarify them if you don’t understand what is required. He will reword it in a manner so that any confusion that may arise is gone. There were a couple of RHCE questions that I had to ask for clarification (mostly because I was over-prepared for the exam and looked into tasks deeper than I should).

This should come as no surprise, but you must know where to find information on a RHEL system. Man pages and docs are there to be used!

Install and use the httpd-manual package. SELinux (there is sealert if you get stuck):

# man -k _selinux
# man httpd_selinux
# man semanage-fcontext
# man semanage-port

Firewalld rich language:

# man firewalld.richlanguage

Examples for network bonding, teaming, bridging and more:

# man nmcli-examples

Examples for discovering iSCSI targets, logging in and out:

# man iscsiadm

How to generate a self-signed TLS certificate with openssl:

# less /etc/pki/tls/certs/make-dummy-cert

Network teaming examples:

# less /usr/share/doc/teamd-1*/example_configs/loadbalance_1.conf

Postfix on a null client configuration:

# less /usr/share/doc/postfix-2*/README_FILES/STANDARD_CONFIGURATION_README

Bash compound commands (for, case, if, while etc), conditional expressions, shell builtin commands (break, continue, getopts, popd, pushd, read etc) and much more:

# man bash

MySQL configuration examples:

# less /usr/share/mysql/my-innodb-heavy-4G.cnf

Last but not least, practice is the key, the more you do, the better the chances you have to pass the exam.

78 thoughts on “Passed RHCE on RHEL 7

    • Hi Tomas,

      I gave my RHCE 7 exam sometime in 2017 in kiosk and got struck at first step only in configuring network. i still remember there was no gateway information given but asked to configure network. Did you see this type of issue or got all that info during your test.I felt kiosk on that day was worst option i preferred in my life as there was issue with keyboard and servers spinning up slow after reboots. I lost interest in that after 2 hours and gave up that exam results.

    • Hi! I cannot discuss the content of the exam I’m afraid, but I can tell you that all info required to pass it was provided.

    • Hi guys
      the thought about missing gateway caught my interest.

      How would you access VMs from host over ssh if you don’t have any GW, presuming VMs and Host are on different subnet ?
      Thanks for any inputs

    • Hi Tomas,
      thank you for your response.

      I think you do not have root on Desktop/Host, only on VMs.
      So not sure how one could use routing to reach VMs on different subnet.
      My concern is how to achieve having ssh for copy/paste on VMs..

      Thank you

  1. Its nice to learn of others experience on the exam.I am still to write mine on the 23rd of september and your tips are true.thats what i am basically doing

    Practising and practising and practising and seeing where i can get the information

    I am a lil short on bash but since i come from a php and python background ,i guess i will manage

    • I’m sure you will manage. Always remember, Bash is a hammer, when wielded everything looks like a nail!

  2. Hi, Tomas,

    Great blog :)
    May I ask that was it really tested you about how to set teaming or firewalld rich rule in both of the exams?

    • You can surely ask, but I won’t be able to answer I’m afraid. What I can tell you is that all questions were based on exam objectives (which are published on the Red Hat site) – therefore you if know the objectives well, you will be fine.

  3. @tomas ,whats the difference between this # less /etc/pki/tls/certs/make-dummy-cert and crypto-utils ,i find it easier to use crypto-utils when generating ssl certificates

  4. Congrats and thank you for all your commitment in maintaining this resource on Linux.
    What do you have next in mind? The LFCS/LFCE path or RHCA? :)

    • I’ve already got LPIC-3 which is a distribution-neutral certificate, therefore I have no plans to take on LFCS/LFCE (unless somebody’s willing to pay for training and/or exams, then I can think about it).

      I will likely go for RHCA, but I also have OSCP in mind, which I wanted to do for some time (I started in the days when they still used BackTrack!).

  5. @tomas ,confirm rebooting the server first and NOT the client (One with nfs ,iscsi ,samba shares) is important with respect to booting

  6. I’ve got my results, I also got 281/300 for the RHCE haha, glad it’s over!

    Thanks for the posts on the topic, a few of them really helped me pick up some extra things that I hadn’t learned elsewhere.

    • No hard isn’t the word I’d use, challenging is probably more correct. Even though I knew almost all of it (a few small things caught me off guard) it took me some time to get it all working together properly.

  7. Hello,
    As we can’t discuss exam in public, can hint will do the trick :P??
    Did you solved each and every question?
    What do you recommend to learn NFS, and all other servers, to get passed in Exam ??
    and how to execute them properly??
    Regards!

    • Yes, I solved every single question on the exam, that’s why I hoped for a score of 300/300 :)

      I recommend to set up a home lab and practice a lot, don’t take the exam lightly. There are several RHCE study books available on a market, you may find them helpful (I don’t know your knowledge level).

  8. Hello,
    Thanks for the reply.
    I have just started with Linux, I am running, CentOS and Ubuntu, RHEL &, virtually. and trying to use them, learn them.
    I have seen lots of results but most of them(students) have never scored above 240-250, yours score is pretty impressive.
    You said you learned from Sandar Van Vugt book,right? If you are starting as fresh, would it be helpful?
    Also, I have asked experienced students,they said SMTP question is the hard one, where can I find good solution for this?

    • Usually the score reflects the amount of work you put in preparing for the exam. Some people simply aim to pass, some want to learn, it depends on what your goal is.

      I did use Sander’s book as a study material, but be advised that Linux support is my bread and butter, therefore most of the things required for the exam I knew already. Regardless, I believe that the book is useful, and you should find it of great help, especially if you’re just starting with Linux. All RHCSA and RHCE exam requiremens are covered in the book, you should find solutions in there.

  9. “therefore most of the things required for the exam I knew already.”
    You mean all your queries are answered by Support, Right?

    • Not sure I understand what you mean. I do Linux support for a living, therefore RHCE topics aren’t something new to me – pretty much all applications/services covered by the exam I use on a daily basis (with the exception of Kerberos perhaps).

  10. I agree with @tomas ,i am going to be writing mine on the 23rd of september and i should say this ,practice is the only way you can grasp the little things that you might miss on the exam .. and by practice i mean starting from manually installing the VMs and redoing the process over and over again.

    I am also a Linux engineer by proffession and most of the topics i am familiar with except for samba and kerberos, but studying and doing them made everything methodolical ,if you know what i mean…..now for me its more of ,where do i get the write syntax if i get stuck.

    Its like firewalld rich rules , you can practice all you want but somehow you will need to see man firewalld.richlanguage.

    Wish me luck also and hope i pass too

  11. Hey Tomas, great site btw. I failed my exam recently with ZERO points due to my system1 not booting after I tried to re-partition VDA2 being the root partition. I’m interested to know for ISCSI target on exam should additional drive be available such as vdb to create the partiton, Else what are we expected to do? Resize root volume?

    • I don’t know if an additional drive should be available or not as there are multiple ways to skin a cat (you may have multiple drives, you may have one drive that’s large enough to create other partitions, you may have a drive with partitions where some are not in use, there may be space available in a volume group etc). I cannot tell you what’s on the exam, but hope this helps.

  12. I just wanted to add something regarding the opening ssh tunnels into vm instead of working console.
    It saves you time because you can copy paste the service urls and docs into the terminal, and it also reduces error.
    Remember the exam is marked using automated scripts, so even if slight spelling mistake can take away valuable exam points.

    • I think what you meant was a regular SSH session, not an SSH tunnel.

      I agree with you, once you get networking configured, use multiple SSH sessions. I personally had one for journalctl, one for audit.log and two others to do the exam tasks. It really helps to track issues down easily, not to mention increased productivity.

  13. I passed the rhce exam :),
    It is indeed easy , clear questions. Just ensure that you study hard enough.
    Thanks Tomas for your help.

  14. hi, i have a query regarding the rhce exam, will the environment for the exam is virtually(like virtualbox) to be created or on the server we have to create

  15. what does the exam setup look like ? i’ve been practicing everything through the command line, using a multi-user.target VM, that i access from a GUI host with virt-manager/SSH. will they give me the IP of the VM, so i can SSH into it ? how will i access the boot menu, without virt-manager ? it’s an expensive exam, considering how ambiguous it the basic setup is. will i have to use this crazy `grubby` line ? https://www.certdepot.net/rhel7-access-virtual-machines-console/

    • You will be given a machine to work with, and all exam-related instructions will be provided. These instruction will have answers to the questions you asked (and how to access one thing or another).

  16. Hey Tomas,

    I’m glad you shared your experience. As we have all noticed , everyone has his own approach.

    I have a question that might not breach the NDA. What do you think about autofs used on the exam. Is there any explicit definition that all/some mountpoints should be available on boot ? As you have mentioned on the Gilles’ website – most probably the client will be rebooted after the server, but yet i think that autofs is quite flexible.

    What is your own opinion about that. It seems that as closer I get to my exam , the more nervous I get.

    • You are asking about something that’s used on the exam, I cannot answer that I’m afraid. However, when machines are rebooted, common sense should prevail. Hope this helps.

  17. Heyp Tomas! I m planingl to pass exam rhce.do you have a question with answer?if you some could you sen for my email

  18. Hi tomas
    One questions (stupid Questions )
    I hope that for testing a reboot we must reboot a server in the order .
    I tried to do a test and all will go fine.
    When i test a reboot :
    if i reboot in order server and then a Desktop(client) all will go fine
    if i reboot all Desktop/sever at the same time the client don’t mount automatically all shared file system.
    I think that a client is more fastest of server and not find all service up.
    Is it normal ? Redhat execute test reboot in order (first server and then client) ?

    thanks a lot

    • If a client attempts to use a service that is not yet available on a server, it will naturally fail. With regards to Red Hat’s reboot order, I don’t have such information I’m afraid.

  19. Is there any penalty for installing unnecessary services or opening extra ports on the exam? Say I skim the exam and see essentially what is needed, could I not just write a script to install packages and configure firewalld in one shot for both hosts?

    • I don’t know about any pernalties, but the rule of thumb is that if you’re not asked to open a port, then don’t.

      With regards to scripting, it does not matter how you deliver the solution, as long as all the objectives are met. I used scripts myself because they helped me to save time. You can write a script, or you can do things manually, it’s really up to you. It’s the end result that matters.

  20. Hello,
    I am looking at post from “reaz mahmood says: 03/12/2016 at 3:37 pm” On using copy and paste to reduce errors. Once the network setup, as there way to open multiply ssh session right from your your instructions are? Or have to switch to graphical mode on the vm and open multiply ssh sessions?

    Thanks for you help

  21. Is teaming that easy? Example the exam will say set up teaming? for eth0 and eth1 , so you will do the command below?

    #. locate loadbalance_1.conf
    #cp /usr/share/doc/teamd-1.27/example_configs/loadbalance_1.conf .
    #vim loadbalance_1.conf
    {
    “device”: “team0”,
    “runner”: {“name”: “loadbalance”},
    “ports”: {“eth0”: {}, “eth1”: {}}
    }

    ]

    #nmcli c add type team con-name TEAM0 ifname TEAM0 config /root/loadbalance_1.conf
    # vim /etc/sysconfig/network-scripts/ifcfg-TEAM0
    – add the ip address? netmask? and agteway?

    Question: Please answer by number
    # is that it? you are good to go? for teaming?
    # Is this the same concept as bonding. When turn off the eth0, onboot=no then the server still accessible.
    – so my question is. Why teaming not bonding? What the diff?

    • I’ll put it that way: network teaming isn’t hard to implement, and everything is easy when you learn it.

      Your example looks OK, although I didn’t verify the commands. You may need to specify the IPv4/IPv6 addresses, netmask, gateway, DNS servers, depending on what is asked during the exam. To avoid repeating myself, there is an article on this website with step-by-step instructions for both teaming and bonding, check it out: https://www.lisenet.com/2016/configure-aggregated-network-links-on-rhel-7-bonding-and-teaming/

      Note that you can use either one, network teaming is offered as an alternative and does not replace bonding in RHEL 7.

    • Well i did not do the nmcli commands for the iP address, I just modified it in /etc/sysconfig/network-scripts/ifcfg-TEAM0

      #nmcli c
      NAME UUID TYPE DEVICE
      TEAM0 c0dbbe71-632c-47c0-bb6d-d6c1abdef7a4 team TEAM0
      slave1 a501171b-6506-43d6-a201-14c02f7ad5d5 ethernet eth0
      slave2 c037d5d7-cf31-472b-82e8-d64d3e1f128a ethernet eth1
      virbr0 d2695182-77e1-418a-94a8-15aaf2422138 bridge virbr0
      eth0 4927b01e-c134-4b02-82bb-c2e4ea03a7b9 ethernet —

      Also, I am not sure why the command below is needed?
      # nmcli c add type team-slave ifname eth0 con-name slave1 master TEAM0
      # nmcli c add type team-slave ifname eth1 con-name slave2 master TEAM0

      I think the command above iis redundant on this one?
      nmcli c add type team con-name TEAM0 ifname TEAM0 config /root/loadbalance_1.conf

      Also my question to you Tomas. You said. Linux is your bread and butter. Mine too. But Not the RHCE objectives. Maybe more of RHCSA objectives. The moment you created this website, and this is your bread and butter. and in the exam you only have 281. I would like to assume the exam is hard. Your website I would like to believe is 100% the exam.

    • You’re right, if you modify the ifcfg config file manually, then you don’t need the nmcli commands that add slave interfaces. Those commands are redundand in your particular case.

      The kind of gigs that I’ve done include every single RHCE objective but kerberos. I’ve never used kerberos in production. Apart from that, I’ve done it all (still do). With that in mind, I didn’t find the exam hard. The reason for scoring 281 out of 300? Honestly, no idea. I’d like to know myself. I solved and verified every single exam objective. I cannot think of anything that I missed during the exam. I cannot tell where I lost the points because I honestly have no clue.

      I spoke with many candidates who took and passed RHCE, and I don’t know one person who’s got more than 283/300. Surely there must be people who scored 300? Does it mean that the exam is hard? Or perhaps there is something that we all got wrong according to the grading script? Who knows.

    • Tomas, the page you gave is how to configure. My question to you.

      What are the diifference? Advantage disadvantage?And why we need to use 1 way or the other.
      Thank you

    • There are two ways to configure aggregated network links on RHEL 7, via bonding or via teaming.

      Network bonding enables two or more network interfaces to act as one, simultaneously increasing the bandwidth and providing redundancy.

      Network teaming is designed to implement the concept in a different way by providing a small kernel driver to implement the fast handling of packet flows, and various user-space applications to do everything else in user space. The existing bonding driver is unaffected, network teaming is offered as an alternative and does not replace bonding in RHEL 7.

    • I have found smehow who scored 300/300. I woudl like to think it is the scripting. My last question for you for the day.
      What is your recommendation? based on the sample exam you gave here. If you were in my shoe.

      what topics you will do first and last? I have my own preference which last(the nfs kerberos)
      But what do you think you will do first until the last? So you will become more efficient and just like you. You have extra 1 hour to verify everything.

    • The approach that I use is simple, but some might say time consuming: if I have a doubt that something will be on the exam, I go and study it, until I’m familiar with the topic.

      What I learnt is that if I don’t do that, I start to worry too much (will this be on the exam? will that be on the exam?), what in return steals my focus, and I waste time thinking about what could happen rather than actually spending that time studying.

      If I were in your shoes, I would practise until I’m confident that I can pass the exam. My advice? Start with questions that you can do without looking up documentation.

  22. Hi Tomas,
    I think your tips is good. How about adding this?For setting up a vhosts? What you think? Im sorry for bugging you. I think I need to have a shortcut and be as fast as I can.

    # rpm -aql|grep httpd|grep hos
    /usr/lib64/httpd/modules/mod_authz_host.so
    /usr/lib64/httpd/modules/mod_vhost_alias.so
    /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf
    [[email protected]]#

    2.
    # cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf /var/www/html/rhce.example.com

    • Use whatever configuration works best for you. If you know where to find examples, then copy them and modify as required. Being familiar with Apache virtualhost configuration helps a lot.

    • Also. for httpd.
      1. install the httpd.
      2. locate httpd-vhosts.conf
      3. copy it to /etc/httpd/conf.d/
      4. modify
      5. create the Directory /var/www/html/MYWEBSITE/ ; create the index.html in that directory.
      6. Dont forget to add the IP in /etc/hosts else you will encounter (HOST not FOUND).

      there you go. you have basic webserver. Whats next?? I wanna make it more simple. Deploy basic CGI app? Is this really needed? If yes? Maybe we can make it more simple?

  23. Okay. Please tell me what is wrong with this config.

    AuthType Basic
    AuthName “Password protected area”
    AuthUserFile /etc/httpd/conf/passwd
    Require user webuser

    ServerAdmin [email protected]
    DocumentRoot “/var/www/html/backoffice.web.example.com”
    ServerName backoffice.web.example.com
    ServerAlias http://www.backoffice.web.example.com
    ErrorLog “/var/log/httpd/backoffice.web.example.com-error_log”
    CustomLog “/var/log/httpd/backoffice.web.example.com-access_log” common

    ServerAdmin [email protected]
    DocumentRoot “/var/www/html/backofficenew.web.example.com”
    ServerName backofficenew.web.example.com
    ServerAlias http://www.backofficenew.web.example.com
    ErrorLog “/var/log/httpd/backofficenew.web.example.com-error_log”
    CustomLog “/var/log/httpd/backofficenew.web.example.com-access_log” common

    # htpasswd -c /etc/httpd/conf/passwd webuser
    # chmod 600 /etc/httpd/conf/passwd
    # chown apache:apache /etc/httpd/conf/passwd

    [[email protected]:/var/www/html]# ls -ld private/
    drwxr-xr-x. 2 apache apache 23 Apr 23 19:32 private/
    [[email protected]:/var/www/html]# ls -lZ private/
    -rw-r–r–. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 index.html
    [[email protected]/var/www/html]# ls -l private/
    total 4
    -rw-r–r–. 1 apache apache 34 Apr 23 19:32 index.html
    [[email protected]:/var/www/html]#

    #curl -u webuser:password http://localhost/private
    -> this is not working.
    # elinks http://elinks/private
    -> error is ” The requested URL /private was not found on this server.

    1. Why it is like that? why it can not see the index.html i put in private directory..
    2. the entries below I put it in vhosts.conf. i put it in in /etc/httpd/conf/httpd.conf, nothing happen.

    AuthType Basic
    AuthName “Password protected area”
    AuthUserFile /etc/httpd/conf/passwd
    Require user webuser

    3. The entries above, do we have documentation on that? or u need to put that in your brain?

    • I think you should be using backofficenew.web.example.com and not localhost, because that’s the ServerName that you have configured.

      Apache documentation is provided by httpd-manual package.

    • But it does forward the request to the /private/ directory, that’s what you want, right?

      Why do you have this defined?

      ServerAlias http://www.backoffice.web.example.com

      It seems to cause the redirect to www. I’d suggest to get rid of it.

  24. Tomas, my apology. the fix was changing the ownership. when I created the private folder it is own by root. Anyway. Im trying now to add user..and CGI.. in your http page..theres a lot of semanage. a lot of things to remember.. Im trying how to make it easier. or simplier..etc..

    • Yea, most of these things come with experience. If you don’t use Apache regularly, then it’s going to take a bit of time to learn.

  25. I failed on friday, in Milan, There was a full page of information about the initial setup which I didn’t expect and that really disappointed me because I knew I would need all the time to configure everything and reading all that page would have taken me at least 20 minutes. Other than that the keyboards were Italian and we had to ask the instructor how to turn them into english, because the localectl command did not work. Even the mouse was defect and I could not see the pointer properly. Moreover, we were supposed to start at 1 pm but there were problems with the machines and we finally started around 2.30pm. So I had no lunch and I when we started I was hungry already. All in all I think you must be able to configure everything in 3 hours and get things right first time, because there is no time for troubleshooting and no time for thinking. I think they test not only your knowledge but also your speed, which is really unfair.

    • Thanks for providing your feedback.

      Have you tried the sample exam that’s available on this site before taking the RHCE exam? If so, were you able to complete it in less than 3 hours?

      You need to be fast, that is right, but it’s pretty much the case with all Red Hat exams.

    • I had a similar situation last time I wanted to renew my RHCE. We too had issues on the exam site: the environment could not be properly setup in time because it would crash all the time, etc. Eventually we collectively decided to go home and contact a representative to take the exam at a later time (and place..). We figured that if we did this collectively and mention these issues, they wouldn’t refuse to give us an exam voucher. I’ll admit it was a guess, but it worked.

      Our reason to make this decision was the following. The exam would have started on Friday afternoon at 1:00pm, but by the time (the instructor *expected* !) we could start, the exam would finish at 5:30pm (if you need the full 3,5 hours given, which some do). The building would close at 6:00pm sharp, and the instructor mentioned he may not have the necessary time available to submit the results to RH. I have no clue if that’s actually true, but that’s what we were told. Because of his remark we discussed our options and concluded that he most likely couldn’t make it in time, and problems would come from there as well.

      I cannot recommend anyone to take the same decision: if you ever end up in the same position you have to make up your own mind. However, if you do make the same decision then I suggest you do it collectively, like we did, to make a point.

      For me it was an interesting time, because that was the last exam date I could renew my RHCE: if I’d let the date slip I had to retake both RHCSA and RHCE. So, in the weeks afterwards I had a few discussions back and forth about it not being my fault that the exam setup wasn’t completed in time. In the end I got a time extension for the renewal until the first exam opportunity and voucher, at which time I passed.

      All of that said, the RHCE exam is certainly doable for anyone with enough recent hands-on experience (on RHEL or CentOS or similar) and sufficient preparation. If you do not have the experience or did not prepare sufficiently, it is likely that you will fail the exam.
      Even if you have a lot of recent experience then sufficient preparation is IMO still a must. That is because the exam will most certainly touch topics that you don’t use in your daily job, or you manage those topics using a configuration management system which of course is not covered in the exam, and you will loose those precious points because it’s likely that you don’t know how to do things yourself or you need too much time to complete the tasks.

    • Thanks for your feedback. So if I understand it right, your exam was scheduled for 1PM, but you were unable to start until 2PM. If I were in your shoes, I would still do it, would finish by 5:30PM and leave the rest to the instructor. Submitting results to Red Hat is not your job, nor your responsibility. Chances are that this would have delayed the evaluation of your exam VMs by a day or maybe two, but does it matter? It can take up to three days to receive the results anyway.

      Regardless, I’m glad that it all worked out for you, and that you passed the exam!

Leave a Reply

Your email address will not be published. Required fields are marked *