Introduction

One of our engineers recently passed the LPIC-2. In the following article, he shares his experience, hoping that it will be helpful for those who are planning to take the exam in the future.

LPIC-2 is a more extensive and in-depth exam than LPIC-1. It covers not only what you have learned in LPIC-1 but also more content you have not learned in LPIC-1, such as kernel, web server configuration, and program compilation/installation mechanism. In other words, it is more practical.

The following is an overview of the topics covered in the 201 and 202 exams.

Exam 201

1. Capacity Planning
   Monitoring of resources such as CPU, memory, and disk
2. Linux Kernel
   Kernel components Compiling a Linux kernel
3. System Startup
   System Boot Mechanism
   Relationship between the kernel, boot loader, and file system
4. Filesystem and Devices
   Types and Features of File Systems
   Creation and management of file systems
5. Advanced Storage Device Administration
   RAID Logical Volume Manager
6. Networking Configuration
   Basic networking configuration Troubleshooting network issues
7. System Maintenance
   Make and install programs from source Backup operations

Exam 202

1. DNS
   BIND and DNS server configuration
2. WEB server and Porxy server
   Apache,NGINX, and Squid configuration
3. File Sharing
   Samba and NFS Server configuration
4. Network Client Management DHCP configuration
   PAM authentication LDAP client usage
5. E-Mail Services Using e-mail servers
   Managing E-Mail Delivery Managing Mailbox Access
6. System Security
   iptables
   FTP Server Security
   OpenSSH configuration TCP Wrapper

1. My State at the Start of My Studies

• Learned the basics of IT infrastructure at a tech school and joined Avinton after graduation
• Not passed CCNA yet, but in school, I learned networking based on the CCNA
• Passed LPIC-1

As I write this, you may feel that I would easily pass the exam since I studied infrastructure. At first, I felt so myself. Looking at the textbooks, I only knew the outline and needed help understanding many details. Compared to LPIC-1, LPIC-2 has many more detailed and in-depth questions, so there is much more to understand. On the other hand, I had a slight advantage regarding networking, encryption, and security areas.

2. Actual Hours Studied

• 201: 90 hours
• 202: 60 hours

My goal was to pass the exam in two weeks, which is probably a little short time to study for the LPIC-2. Before the exam, I thought, “I should have studied for this exam long ago.” If you have more time, you should spend more time than I did. 202 has more detailed questions, such as how to write a configuration file, than thinking questions, so you should spend more time studying for 202.

3. Questions and Scope of the Exam

The exam’s scope is quite comprehensive, so if you think “there won’t be much in this area,” you will likely get into trouble. When I took the 202 exam, there were many questions about mail servers, which were not included in the textbooks I used, and I was very nervous during the exam.
In particular, the configuration and commands for Dovecot (a mail delivery agent that works with mail servers) are rarely covered in textbooks. Still, the commands and options about Dovecot appear on the exam a lot.

4. Factors That Helped Me Pass the Exam

The questions on the exam are more extensive and in-depth than those found in Linux textbooks. Therefore, it was practical to examine and try things in Ubuntu to understand the commands, the results of executing the commands, and the format of the configuration files. It may be difficult to do trial and error in a limited amount of time, but I encourage you to give it a try on any Linux environment. My own experience at school about networking-related areas has been helpful. Among other things, knowing the basic mechanics of DNS, DHCP, and PKI makes studying much easier.

5. Scores and Post-Test Comments

• 201: 660/800 Passed
• 202: 500/800 Passed

I did not expect to pass both exams in two weeks. Especially for exam 202, I was anxious until right before the exam. I was disappointed to get an unexpected question on the first question, and the result was just about the passing score (500/800). However, by understanding the structure of each technology, I could guess the answers to the questions, and the experience of passing the exam, as a result, gave me confidence about Linux knowledge in myself.
Due to my schedule, I took the exam on two consecutive weekend days this time, but it would be better to leave at least one week between exams if possible.

6. Keywords of Study

The following is an excerpt of the key points regarding difficult items that took a long time to understand or needed to organize in my brain. (*Note: This is only an excerpt. It only covers some of the topics.)

Exam 201

• Capacity planning
  • Resource monitoring commands
    • vmstat: Memory monitoring
    • top: Process monitoring (CPU utilization descending)
    • iostat: Disk I/O monitoring
    • sar and sadc: Collect and display resource status logs
    • Thinking questions will be asked based on the output results of the commands, so learn how to see and use them
  • Resource monitoring tools
    • Nagios: System and network monitoring
    • Icinga2: successor to Nagios
    • MRTG: Traffic monitoring
    • Cacti: successor to MRTG
    • Learn the features of each tool
    • You will not be asked to go into the details of using each tool.
• Linux Kernel
  • Components of the kernel
    • How to read the version
      • Learn how versions change over time
      • Learn which version is the stable version and which version is the development version
    • Kernel image directories and types
      • /boot/vmlinuz*
      • zImage: size limited
      • bzImage: no size limit
    • Kernel modules
      • lsmod: Display loaded modules
      • insmod: Load a module
      • rmmod: Unload modules
      • modprobe: Resolve dependencies
      • depmod: Dependency update
      • modinfo: Display module information
    • Kernel Compilation
      • Understand how to compile the kernel yourself and the flow
        1. kernel source preparation, /usr/src/linux*
        2. kernel configuration
           .config, make config, make oldconfig
        3. compile kernel and kernel modules
           make
        4. install kernel modules and kernel
           make modules_install,make install
      • Understand the target of make command
        • clean
          Delete unnecessary files except .config
        • mrporper
          Delete .config files
        • all
          Perform all builds
        • make command is a generic gcc command used for programs in general.
    • Set kernel parameters
      • Rewrite the relevant files in /proc/* or use the sysclt command
    • Initial RAM disk
      • Primary root file system that is extracted into memory to boot the Linux mainframe
      • initrd
        The original initial RAM disk, gzipped from .img Expand with mount -o loop
      • initramfs Current initial RAM disk, gzipped from cpio archive Extract with cpio command after extracting with gunzip
• Booting the system
  • Boot preprocessing
    • BIOS,UEFI
      • BIOS boots the boot loader from the MBR area
      • UEFI boots the boot loader from the UEFI system partition
      • More quetstions digging into GRUB than UEFI in the exam
  • Boot Loader
    • GRUB
      • Understanding the boot process
        1. kernel and initramfs loading
        2. kernel self-extraction
        3. kernel initialization
        4. initramfs decompression
        5. Execute /init in initramfs
        6. Execution of /sbin/init
        7. Execution of boot script
    • Remember the features of SYSLINUX, ISOLINUX, and PEXLINUX
      • SYSLINUX: Boot from FAT (from USB memory stick)
      • ISOLINUX: Boot from file system (from CD)
      • PXELINUX: Boot via network
• File system
  • ext1~ext4,xfs,Btrfs
  • Understand the characteristics of each file system, such as the capacity that can be handled by each file system.
  • File system creation commands
    • mke2fs,mkfs
    • At the exam, there are many confusing wrong options such as “mke4fs” or “mkefs.ext4”, so identify them correctly.
  • File system management commands
    • fsck,tune2fs,xfs_admin,btrfs
    • The formatting of xfs and btrfs commands is completely different from the related commands, so you need to learn each of them well.
  • Mount-related
    • autofs,auto.master,fstab,udev
    • Understand the process of auto-mounting
    • There will also be questions related to udev, such as the process flow when a device is connected.

Exam 202

• DNS and BIND

  • DNS
    A mechanism for interconverting host names (domain names) and IP addresses
  • DNS Server
    Server that answers to name resolution from hosts BIND is responsible for this
  • Types of DNS servers
    • Authority server
      The server that holds the domain name and IP address information is the master DNS server, which holds zone information and has a specific zone of jurisdiction.
      The server that holds a copy of the zone information and ensures redundancy is called the slave DNS server.
    • Cache servers
      A server that answers queries A server that queries other servers for addresses that cannot be resolved by itself, and stores the combinations of addresses that can be resolved for a certain period of time.
  • DNS related commands
    • nslookup,dig,hostname
  • BIND
    • The program or daemon that actually performs name resolution is named
    • /etc/name.conf
      Describes zone information, specifies types of responses allowed, etc.
      The question asks for the correct format of the configuration file. Zone information is described in a separate file and specified in name.conf
      Therefore, it is necessary to understand the format of the zone file too.
    • Zone file record types
      • SOA: management information
      • NS: DNS server that manages the zone
      • MX: Mail server
      • A: IP address for host name
      • CNAME: Address for host alias

• Mail Service

  • MTA (Mail Transfer Agent)
    Mail forwarding, also called SMTP server Postfix and Sendmail are used.
  • MDA (Mail Delivery Agent)
    Forwards mail locally Sort mails sent from MTA into mailboxes Dovecot, CourierMail, and Procmail are used
  • MUA (Mail User Agent)
    Used when users send and receive mail
    When sending mail, it is sent to the MTA via smtp, and when receiving mail, it is retrieved from the mail server via pop3 or imap4
  • Note that there is not much content in japanese Linux textbooks, but it is frequently asked in the current 202 examinations
    The format of the configuration file, mail relay settings, and configuration commands are questioned

• File sharing:

  • Samba
    Open source software that allows a Linux server to join a Windows Network File sharing and printer sharing can be performed
    • /etc/samba/smb.conf
      • Configure permissions for sharing
        browseable: Whether it is visible when browsing
        writable: Whether writing is allowed or not
        path: Path of the shared directory
        write list: Users allowed to write
    • smbpasswd, pdbedit
      Enable/disable users, set passwords
  • NFS
    Network file sharing mechanism between Unix-like systems
    The latest version is version 4, but LPIC-2 handles version 3
    • RPC
      A feature that allows functions on a remote host to be used from another host
    • portmap
      Mapping of RPC programs to port numbers
    • /etc/exports
      Describe the directory to be published
      More precisely, it describes the IP addresses that are allowed to be mounted

• Manage network clients

  • DHCP
    • dhcpd.conf
      Need to know the format
  • PAM
    • /etc/pam.d/*
      Describe how to authenticate each module and what to do if the authentication succeeds or fails
      Understand the module type (type of authentication) and control (post-authentication processing)
  • LDAP
    • /etc/openldap/slapd.conf
      LDAP server configuration file
      Asked for the full path to the configuration file
    • slappsasswd
      Command to set the administrator password for rootpw in slapd.conf

• Security

  • ipatables
    A firewall that filters packets based on a set of rules called a chain
    In addition to the default chain, customized settings can be applied
    • INPUT chain
      Packets entering the local process are targeted
    • OUTPUT chain
      Packets leaving the local process are targeted
    • FORWARD chain
      Packets that do not enter the local process but are forwarded
    • There are no ruleset writing type questions in exam nor textbook, but you need to learn about the three default chains
  • Fail2ban
    Monitor log files to detect attacks and block the IP address of the attacker.
    Access blocking is done by adding iptables rules
    • /etc/jail.local
      Describe the rules you want to control in Fail2ban There is a separate configuration file named jail.conf from jail.local, but do not edit the .conf file, but create a new .local file.

7. Conclusion

Prior knowledge in school and experiences made me pass the exam. If I had no network knowledge at all, I would have struggled even more. It was great to use the networking-related study time to study other areas, and there are many easy-to-understand explanations of the basic mechanics of DHCP, DNS, and PKI on the Internet. Doing a little research before you start studying will have a significant effect.

Thank you for reading this far. I hope you all pass the exam successfully.