Re: [lpi-examdev] LPI- 304
Hi Hasan, On 04.05.13 14:11, hasan akgöz wrote: Where can I find sample questions , LPI 304? . I don't remember having seen any... However, 304 is as lpi-stylish as all other LPI-exams therefore the general advices for LPI exams apply here too. Once you've made it to LPIC-2/301 you shouldn't any encounter any formal surprises in 304. Howwould you suggestshould be preparedfor the exam? I'm not aware of any dedicated 304 materials, therefore I'd take the objectives and collect material for each objective. There are several books on high availbility and virtualization in German and English, you should however be careful that they cover what is in the objectives (i.e. with regard to Linux-HA). The objectives (http://wiki.lpi.org/wiki/LPIC-304) contain links to the primary documentation, too. To get an overview on how Xen and KVM administration relate to each other I'd suggest taking a look on libvirt and the related tools, too.And, as always, try to get as much hands-on-experience as possible to get a feeling on what one needs in practise. Regards and good luck for your preparation and examination, Fabian(speaking for himself) ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] Virtualization topics in LPIC
On 21.06.13 13:57, G. Matthew Rice wrote: On Fri, Jun 21, 2013 at 7:48 AM, Alexandru Juncu al...@rosedu.org wrote: The 3 level pyramid is very good. But maybe LPI needs to take a lesson from other certification vendors and initial tracks from the second level. Just a thought... It's a thought shared by many. There was even a proposal to add a Virtualization Technician cert that only required LPIC-1. Moreover, it's a dangerous thought from my point of view. Virtualization is something that bothers almost everything in IT, from storage to network to capacity planing to at least some idea of what is going on in the VMs. Someone who deals with virtualization beyond having some VMs on his desktop (with whatever product/hypervisor he likes) should have at least LPIC-2-experience. Giving virtualization-certificates to LPIC-1-certified candidates has the high risk to produce lpi-certified virtualization experts without the sufficient experience, which in return would likely harm the overall reputation of the LPI brand and certificates. However, now that the burden of passing 301 in order to become 304-certified is falling people are able to become virtualization-certified right from LPIC-2. For me this seems to be an appropriate compromise as it requires a certain amount of previous knowledge in combination with virtualization-specific competences. That stated, I don't see any necessity for Virtualization in pre-LPIC3 exams. Getting a VM up and running using Virtual Machine Manager / VirtualBox / VMware Workstation / whatever is not worth testing when compared to other objectives in LPIC-2. On the other hand, everything beyond that is better off in 304. It just didn't get picked up internally. Although, the talks are coming around again. Instead of going back to those VCT-ideas I strongly recommend to focus on the upcoming revisions of 303 and 304 as they now attract the wider range of all LPIC-2-certififed candidates. Also, once the 30x-track is opened to all LPIC-2-candidates we should consider continue working on 305 and 306 in order to offer more specialty exams around LPIC-2. Regards, Fabian (speaking for himself) ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] systemd now for LPIC-1 or later?
Hi Ingo, On 02/16/2014 11:35 PM, Ingo Wichmann wrote: But my impression is: this is not discussed and decided here. We'll be presented with a result. Right now there is a survey (https://www.surveymonkey.com/s/2014-LPIC-Objectives) out there that specifically asks for the desirable changes to systemd, upstart and sysv init coverage in LPIC-1 (first question).This survey is not just a dummy, it is highly considered in exam development. Also, once the result from the survey are known, there will be the usual JTA to determine the relevance of the distinct objectives, with respect to the survey. In my opinion we will have to deal with both systemd and sysv init for several years. We also should consider the point in time in which the exams will be pushed to the market and how that aligns with enterprise distributions releasing with systemd. Once in the field, the objectives will remain unchanged for around 2.5 years, which is quite a long time, maybe too long to keep systemd at a minimum weight. Also, there will be a window of several years in which an LPIC-1 candidate may be faced by both older systems using sysv init and recent installations using systemd. So, i personally would advice to have both systemd and sysv init in the next LPIC-1 objectives in quite high intense, but I'm pretty sure the survey and the JTA will have the last words regarding that. And both are open for participation :-) Regards, Fabian -- Fabian Thorns ( fab...@thorns.it ) * Consultant ( Linux, Networks, Virtualization, HA -- www.xamira.de ) * Author ( www.IPv6-Handbuch.DE ) ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] reiserfs
Hi there, It is hard to find the right trade off between legacy technology that is loosing relevance and upcoming technologies that just begin to spread. From the candidate's perspective there are old topics that they may rarely see in the field and that they would only learn for LPI -- though they may never use them again. On the other hand there are topics that are already adopted but not yet widely used though they should be considered when designing new setups. As LPI has a large influence on what candidates spend their time on we should consider our objectives well. Imho the focus should be the large part of topics that are state of the art and both used in the field as well as in new setups. This is where we should test really intense and deep. On side issues we should definitely expect awareness of the candidates so that they can make a profound decision whether it is a topic they should use in a given context or not (i.e. if it is still offered by current distributions) and that they have the context to study that topic in all details in case it becomes relevant for them. We should not forget that LPI has a certain responsibility regarding the candidate's resources that are spent for studying the parts of the objectives the candidate is not that familiar with. Of course we must ask the candidates to have a comprehensive knowledge, but it must have the right trade off. Here I absolutely agree to Alessandro, tough I would apply the same 'legacy policy' to LPIC-2 too and expect candidates to be able to educate themselves for one or the other legacy topic using the context the got from LPI's 'awareness of'. ReiserFS, to come to an conclusion, is nothing I see any more at any of our customers. It's nothing I would recommend to anyone. Also, a Linux expert that know each and every ReiserFS command but cannot tell about the pros and cons of btrfs maybe had a slightly wrong focus in his studies... I would bring Reiser down to awareness of and drop it in the next revision. Best regards, Fabian PS: Regarding training material provides... it's their job to keep up with recent and cool technology! We should not postpone changes to let them off that debt. ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] Status of LPIC-1, LPIC-304 and Linux Essentials Objectives
On 07/16/2014 02:36 AM, G. Matthew Rice wrote: On Tue, Jul 15, 2014 at 6:05 PM, Bryan J Smith b.j.sm...@ieee.org wrote: So _everyone_ needs to know Class A, B and C if they are going to remotely do any DNS administration. So it's best to introduce them with their CIDR for IPv4. DNS servers/reverse records are part of LPIC-2, though. One could also see those reverse DNS aspects as some address boundaries / lengths aligning better with the notation of IP addresses in the reverse DNS than others. This is just like /64, /60, /56... for IPv6 and based on how reverse DNS names are written (which in return may have been influenced by other ways of looking at subnets years ago, but that is another story). LPIC-1 is about being a consumer of DNS services. So, final vote guys: - explicitly mention CIDR notation? (I've always considered it a given) - explicitly mention VLSM? (also always considered it a given) - include Class A, B, C networks? (we used to have it but dropped it; I always considered it a little bit of an archaic way of referring to subnets; plus internal networks don't care and most people have their public IPs assigned/subnetted for them) I vote for including CIDR in the list of terms to be explicit on what we expect -- CIDR and CIDR only. No explicit prefix lengths, no VLSM, and i.e. no network classes! There are way too many people out there still thinking in network classes and more or less ignoring classless routing. For the aspects included in LPIC-1 we should get over classful routing and keep some special names for /24 etc. as part of the history lessen. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] Extra stuff for 201
Hi Martin, right now the new version of the LPIC-1 objectives have just been closed. xz and systemd have been included in the LPIC-1 exams and it's very likely that they'll be covered during the next revision of LPIC-2 too. Regarding zabbix... 200.2 refers only to the awareness of Nagios (and MRTG and Cacti). To me this sounds as if one representative from each group of monitoring tools has been named so that the candidates know the range of possible monitoring approaches. One may also argue how Nagios relates to Incinga these days, but when comparing the weight intensity of knowledge (awareness-level) required in 201 and 303 I think we shouldn't overfill 200.2with more and more tools. Just my opinion :-) Regards, Fabian On 07/29/2014 03:45 PM, Martin Møller Skarbiniks Pedersen wrote: Hi, I think the following should be added: 201.2 xz Because the kernels at kernel.org http://kernel.orgare compressed with xz 200.2 zabbix Because my students are moving away from nagios and are using zabbix instead. 202.4 systemd Because systemd is the future and it is already default for many professionel distros eg. CentOS. Regards Martin M. S. Pedersen ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] Suggestions for 202 exams (adds)
Hi Martin, On 07/29/2014 04:05 PM, Martin Møller Skarbiniks Pedersen wrote: Hi again, I think that the following should be added to the 202 exams: 208.?? Varnish Varnish is a very effective and common used HTTP accelerator and much better than squid for this use case. It is also quite easy to configure. My personal impression is that Varnish is often used as a reverse proxy while squid's primary use case is a forward proxy. This shouldn't say that other usages aren't possible, it's just the impression that I have regarding people are using it. Nevertheless I wouldn't mind mentioning Varnish in one or the other way! 212.3 ssh-keygen This tool for making ssh keys are missing (strange) 212.3 ssh-copy-id This tool for added/uploading ssh keys are good to know. At least ssh-keygen is part of the 110.3 objectives. In general, as I read it basic SSH operation is covered in 110.3 while 212.3 is going deeper into the details. Also, just because a command is not listed in the *partial list* of files, terms and utilies doesn't mean that it may not be tested if is a command that should be known by someone who is able to fulfill the key knowledge areas. As 212.3 includes Private and public key files I would teach candidates also the usual tools required to deal with those files. Regards, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] SQL in LPIC 1
Hi there, On 02/11/2015 02:16 PM, Anselm Lingnau wrote: Simone Piccardi picca...@truelite.it wrote: Could you provide some examples? In my (limited) experience almost all programs I'm using just log to text file (journald beeing the main exception). Apache can write its access log to an SQL database, for example. AFAIK, the modern syslog replacements (like rsyslogd or syslogd-ng) can also be configured to use an SQL database backend rather than the traditional text files. Reasons why one would want to do this include (a) speed and (b) ease of finding things, both of which aren't exactly among the strengths of the text-file based approach (as the journald developers, too, are fond of pointing out). Note that getting these tools to actually log to an SQL database is not part of the LPIC-1 exam (and rightly so, as far as I'm concerned). I presume the general idea is that a “junior” sysadmin might end up working in a place where senior staff have set things up that way, and a junior employee would need basic familiarity with SQL in order to look at logging data – much like LPIC-1 doesn't require a candidate to be able to install and configure an MTA from scratch, just to deal with it once it's there. As this is usually not the default I wouldn't expect many people really using it. If, on the other hand, someone touches these defaults, than it would be most likely to implement tools like logstash to centrally log, normalize, aggregate and analyze the log data. This, however, would be far beyond the LPIC-1 focus.In case someone would have set this up the junior administrator would find himself in front of an interface like kibana which requires some additional learning time anyway. Anyway, that's what I was told at the time. Maybe Matt can shed more light on the actual rationale of adding SQL to LPIC-1. After all, he was there and I wasn't ;^). The way LPI figures out exam objectives does suggest that the issue must have come up during the JTA. Would be interesting to know where this objective's roots are, yeah :-) This objective has already been marked in the Future consideration section of the LPIC-1 wiki page, so it will for sure pop up again during the next review of the objectives. Fabian (who would still vote for dropping SQL once we get the chance to) ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] SQL in LPIC 1
Hi there, I would vote for removing SQL from LPIC-1 during the next objective update too. Unfortunately this will be somewhere far away in the future as we're just switching to version 4. As Martin points out, user management and security are important for database administrators -- as they are for plenty of services, like an XMPP service or restrictive VPN access. Also, as Harald mentioned, all data needs to be backed up. But again, this is application specific. However, these aspects change the focus of the objective (specific server management/operation (dealing with the database process) vs. DDL/SQL (dealing with the database content)) as well as its position on the LPIC-track (should be somewhere near Apache as an own topic, which means LPIC-2, as it is no core system service). And this not only opens up the discussion of MySQL vs. PostgreSQL, it may also attract one or the other NoSQL guy waiting around the corner... so where to put an end to all those possibilities to be included or not? I'm not sure why we have SQL on the exams right not, t may have come from the LAMP term, but than I'd suggest reconsidering its relevance in case we HOPEFULLY one day get to work on the pending LPIC-3 exams (a long long time ago people thought about having an exam 306 Web Services). IMHO for sysadmins even LDAP has a higher relevance than SQL, which is why it was moved to LPIC-2. Also, in 304 we don't specifically test database HA, although it has some specific aspects. But is just considered one application next to others with our focus not being those applications but the general infrastructure. I'd like to do the same regarding SQL in LPIC-1. As we just had a large review of the LPIC-1 objectives I added the SQL issue to the Future Change Consideration section of the wiki page so that we can come back to that discussion once we get the change to reevaluate the objectives again. We *may* consider placing database servers in the next LPIC-2 JTA as well, but I personally would like to see it being part of a Web server administrator exam that includes the whole LAMP-stack in all its derivations. But this is yet nothing to even dream about :( Regards, Fabian On 02/10/2015 06:39 PM, Hendrik Jan Thomassen wrote: Dear listers, I fully agree with Simone Piccardi who wrote: I'm totally against changing the topic or raising it weight, in my opinion 2 question on SQL are already too much, I'd prefer 0, like it was. LPI should be a Linux Sysadmin Certification, this is a generic argument, it tell almost nothing about you are proficient in Linux. To me, SQL is just another application domain. I have spent decades of my career as a full time UNIX administrator in a technical environment without ever touching SQL. If you argue that many administrators get involved in SQL, the same is true for HTML, or colour theory, or version control systems, or .. There are many more reasons to examine XML basics, because that really is a topic that any modern Linux administrator needs a basic grasp of. Hendrik-Jan Thomassen ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-303 objectives review
Dear all, This year, we're working on a major update of the objectives for the LPIC-303 (Security) exam. During the last few weeks, we consulted several existing LPIC-303 holders, some subject matter experts (SMEs), and courseware providers for their opinion and ideas for the update. Thanks to all of you for your very positive comments on that first draft! Based on this feedback, I created a more comprehensive draft of the content and how LPIC-303 could be structured for version 2. The overall goal is to focus more on the security aspects of Linux infrastructure instead of security related aspects of specific applications or services. This is why the former topic 322, Application Security, has been reduced and integrated into other topics. Instead of asking the candidate to configure SSL with numerous services, the draft focuses on Apache HTTPD to test the general understanding of how SSL/TLS is used. Also, topic 323, Operations Security, has been dropped as it does not directly address system security. On the other hand, the required knowledge of X.509, CAs and SSL has been increased. Also, new proposed content includes: - DNSSEC and DANE - eCryptfs - FreeIPA - SSSD - CIFS security - IPv6 - Host and Network Hardening - Host Intrusion Detection. In general, topics have been renamed to reflect the intention behind the topic and not the specific tools used to achieve them. The current draft is available at the LPI wiki at: http://wiki.lpi.org/wiki/LPIC-303_Objectives_V2 and we ask all of you to discuss it here on the lpi-examdev list. The LPIC-303 objectives contain a lot of complex technology (even in version 1). Although we think that we've included anything relevant to the Security subject area, we would like some feedback from everyone on any additional topics and aspects that you would like to see in the exam. Feedback on what could be dropped is also of great value to help in reducing the amount of topics that are covered and the amount of effort required to acquire a LPIC-303 certification. One possible candidate to be dropped is OpenSSH as it has already been tested in LPIC-2 (and LPIC-1). Also, it may be a good idea to move Advanced GPG to LPIC-2 during the next LPIC-2 update (and drop it from LPIC-303 for now). What do you think? So, please don't hesitate to share your opinion with us. We appreciate any feedback! Lastly, once the general architecture of the exam is fixed we will have a more formal survey and/or Job Task Analysis (JTA) to determine more precisely the relevance of the topics and assign weights to the objectives. Best regards, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] 211.2 and procmail
Hi Simone, I guess we have procmail in there because of the "Local E-Mail Delivery" topic of the objectives. It is something a user can run on his own system while delivering mails to a locally accessed Maildir/mbox while sieve are usually deployed to a remote server, which would move this topic to 211.3. Nevertheless I share your thought that sieve filter are preferable over procmail regarding sorting and arranging emails. There may be other reasons to use it, though. To make sure we consider this during the next revision of LPIC-2, I added a note to the wiki. Regards, Fabian On 01/04/2016 04:55 PM, Simone Piccardi wrote: > Hi, > > there is a specific reason because this argument is almost centered on > procmail. Why choosing procmail instead of sieve filter that can be > managed also from clients? > > Regards > Simone ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-2 Objectives Draft
Dear all, first of all, I would like to thank you for your thoughts and suggestions for the upcoming LPIC-2 version. A lot of them made it to the current objectives draft, though we won't be able to include all of them (sorry, Bryan, yet another LPIC-2 without FreeIPA). In addition to the issues discussed on the list, we did several additional updates to stay up to date with current Linux distributions. The first draft of the new objectives is available at http://wiki.lpi.org/wiki/LPIC-2_Objectives_V4.5 Since it's a draft, we can still do changes to it. Please review the new objectives and share any comments or thoughts you might have either here or directly with me. To literally track all changes, you might want to consult the history of the wiki page. The page was initially started with the current version 4.0 objectives and all changes were recorded. Best regards, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPI 200.2 and collectd
I agree that collectd wouldn't be the first thing that comes my mind either... I wouldn't dare to suggest Nagios or Icinga being part of an LPIC-2 exam as both could easily fill an exam on their own. I see that topic more about getting an idea of which kind of properties exist and how to measure them. Any simple tool would be sufficient for that task. Just removing collectd would make 200.2 hard to test... Do you have any other tool that you see more prominent / useful these days? Or, given we drop collectd, would you prefer to extend the "Awareness of monitoring solutions" part to feature knowledge and comparison of Icinga2 and Cacti (or keep Nagios and MRTG included?) and maybe spice in conceptual knowledge of SNMP? We should try to avoid "submarines" (to quote Anselm) which consist of a tiny tiny bullet in the objectives and open enormous discussions in training. Fabian On Mon, Feb 22, 2016 at 11:39 PM, Bryan J Smithwrote: > Bryan J Smith wrote: > >> These types of objectives will always be difficult to keep "Scope Creep" >> from entering. that said ... >> > > Sorry, "Send" hit. Continuing ... > > Ultimately, the context is "Capacity Planning." So we're actual talking > about collecting statistics. So instead of talking about collectd, > Nagios/Icinga, etc..., why aren't we actually talking about what most of > these tools use? [1] > > I.e., RRDTools and its RRD files > > Just saying, I'd focus on RRD and similar solutions, under the > objective's context, "Capacity Planning." > > -- bjs > > [1] > https://en.wikipedia.org/wiki/RRDtool#Other_tools_that_use_RRDtool_as_a_DBMS_and.2For_graphing_subsystem > > > > On Mon, Feb 22, 2016 at 2:43 PM, Anselm Lingnau < >> anselm.lingnau+exam...@linupfront.de> wrote: >> >>> kenn...@floss.cat wrote: >>> >>> > My support for munin as easy & nice-looking capacity planning + Icinga >>> > (as nagios successor) for monitoring. >>> >>> We can probably bikeshed this until the cows come home. >>> >>> The advantage of collectd is that it is small, it measures the most >>> important >>> things, and it is reasonably easy to understand. Apart from that, if you >>> have >>> seen one monitoring tool you have more or less seen them all, and >>> everybody is >>> going to be using something different from everybody else anyway. >>> >>> If we put Nagios or Icinga on the exam, the next question is going to be >>> where >>> do we stop, since surely we don't want everyone to have to know all the >>> 94 >>> Nagios plugins in Debian Jessie, but the 10 plugins that you use are >>> likely >>> going to be different from the 10 plugins that I use or that Simone uses, >>> while each one of us will argue vehemently that *our* plugins are the >>> most >>> important ones and absolutely must be on the exam while the others can >>> get >>> lost >>> . >>> >>> > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPI Exam and Certification Development Survey 2016
Dear LPI Community, In the townhall meetings held recently, the question of LPI's role in an evolving technical world was raised. During the last months we had numerous discussions with people at Open Source events asking them for what they do in their jobs, how they expect to change them in the future and how, in their opinion, LPI should deal with such developments. First of all, I would like to thank those of you who already shared their thoughts with us. Especially those of you who provided valuable feedback on expectations LPI could meet better than we do today. Based on the feedback we’ve received so far, we would like to further clarify the expectations people have of LPI. Therefore, we created an online survey that covers the aspects mentioned most often in consultations. The survey is anonymous and should take about 15 to 20 minutes. It is open for participation until April 30th, 2016. You can find the survey at https://www.surveymonkey.com/r/3CN7WG9 With your participation, you will provide LPI with valuable feedback and insights. We rely on your feedback as we want our certificates and exams to support you and the community. So, go ahead and let us know what you think :) Thanks for your time and support of LPI, Fabian PS: Feel free to share this mail with anyone who might be interested in the survey. ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-2 Objectives Review
Dear all, before you hit reply -- please read this email until the end! Looking at the exam development calendar it's time to start thinking about the next revision of the LPIC-2 objectives! This year a minor update is due, so we should verify that the current content of the objectives still matches recent technology and adopt it there necessary. As we will have a minor update we won't be able to change the overall architecture of the exam. Therefore, I would like to invite all of you to browse to http://wiki.lpi.org/wiki/LPIC-2_Objectives_V4 and take a look at the current exam objectives. Also, please take special care to the "Future Change Consideration" section at the end of the page which includes some ideas that came out of prior mailing list discussions and candidate feedback. If you have any comments regarding the exam, please put them up for discussion here. To keep the threads at least somehow readable, I will start TWO NEW THREADS, ONE FOR 201 AND ONE FOR 202. Please try to post to the relevant thread and carefully consider breaking controversial topics out of the thread (did I mention how glad I am vi is in LPIC-1? :-) Once the discusses progresses, I will summarize the results and put them into a draft for the new objectives. I'm looking forward to your thoughts and comments! Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] Exam 202 objectives discussion
...and 202 :-) ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] Exam 201 objectives discussion
... for exam 201 ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-OT DevOps Tools Engineer Objectives Draft
Dear all, as you might know, we're working on a new certification, "LPIC-OT DevOps Tools Engineer". We've started the Job Task Analysis in 2016 to find out about the relevance of the exam's topics. First of all, I'd like to thank all of you who took the time to rate the tasks, add new tasks and contact us directly to provide feedback. We evaluated all your input and today we can finally present you the result -- the initial draft on the objectives for the new certification! I'd like to invite you to take a look to our wiki at https://wiki.lpi.org/wiki/LPIC-OT_DevOps_Tools_Engineer_Objectives_V1 and share your thoughts and comments on this new exam either here on the list or directly with me. The current objectives really are a draft, we're still able to adjust and change things. So please take that chance to review the objectives and bring up any suggestions you might have. Looking forward to the discussion, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] lpi-examdev Digest, Vol 104, Issue 4
Hi Jeremy, thanks for your encouraging feedback! On Sun, Feb 26, 2017 at 5:05 AM, Jeremy Hajekwrote: I had one piece of advice. The Docker material needs to be reviewed > because the concepts there are vastly different than Virtualization. > Perhaps the Docker material could be its own track/specialization? > This depends a lot of the depth of Docker. You're right, the current objectives are mostly about using Docker, not about configuring its latest detail and understand the actual containerization on a Kernel level. If we would like to test that, we would need to require more background in Linux / operating system than we currently ask the candidates of the new exam to have. Such an exam would probably be better off in the LPIC-3 track since we can expect a high level of Linux proficiency. For the LPIC-OT DevOps Tools Engineer, we intentionally want to keep these requirements low to make the effort to study the objectives reasonable for software developers too. How far do you get into these technical background in your lectures? > What I mean is traditional Virtualization which we have been using for a > while now (VMware, Virtual Box, others) is essentially the same concepts > as a regular PC-- its hardware virtualization (virt of a BIOS, Drivers, and > so on) > > Docker (and containers in general) move to a different concept of > immutable infrastructure--which flies in the face of all the LPIC base > standards. Those needs are lessened when you are enabling containers that > have no SSH even. Containers that are being spun up via AWS Lambda for > instance are done so fast and then destroyed--because it is cheaper to spin > a container up calculate something and then spin it down (much in the way > you would use a function()in a programming language) . TL DR Containers > (Docker) are more than just lightweight virtualization. > Good point. So far, we we have "Design software to be run in containers" in 701.1 which strives this a little. Do you think adding "Understand major differences between containers and virtual machines" to either 702.1 or 702.3 helps? 702.1 would be pretty Docker-specific, 702.3 we could allow us to cover this in a more generic way. We also have the security implications of containers as well as awareness of other container solutions (rkt) here. Let me know what you think -- and thank you for pointing this out. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] lpi-examdev Digest, Vol 104, Issue 4
Hi Bryan, On Sun, Feb 26, 2017 at 5:13 AM, Bryan Smithwrote: > DevOps in the '10s are the move to Stateless Servers, just like > Client-Server in the '90s was the move to Stateless Clients. > > No more persistent stores in Servers, just like we eliminated on Clients. > That's how to focus on this, and how Containers and DevOps are different > than Traditional Virtualization and it's continuing support for persistent > data on Servers. > All true, but this not only specific to containers but also to microservices and similar architecture patterns. In 701.1 we already mention "how services handle data persistence". Do you think we should be more specific here? Regards, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-300 Objective Discussion
Dear all, taking a look at https://wiki.lpi.org/wiki/LPIC-3_300_Objectives_V1 You will notice that it's time to review the current LPIC-300 objectives to ensure they are still up to date. Therefore I'd like you all to share your thoughts about our current objectives with the list, including wishes what should be changed in the next update. We have however to obey that it will be "minor update", so we can't fundamentally turn the while exam around. Some things we should discuss from my point of view would be: * Relevance of NT4 domains vs. AD domains * Same for NBNS vs. DNS * Shift from Samba 3 to Samba 4 (which shouldn't cause too much trouble, though) However, I don't want to limit the discussion on these points. Just go ahead and point out what you think. As usual, I will comment when necessary and condense all the comments into a draft for potential updated objectives which we will then review altogether again. Looking forward to an interesting discussion, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-OT DevOps Engineer
Dear all, I'm sure you already saw the news but I wanted to send out a reminder that we currently have a Job Task Analysis running for a new certification called "LPI Certified Open Technology DevOps Engineer". In 2016 we talked a lot about automation tools, container virtualization, cloud computing and several other technologies that affect what our candidates are doing in their jobs. At the same time, the environment and organization of these jobs start to change, bringing more and more tools into a sysadmin's daily life and more and more sysadmin tasks into developer's work. To react on this continuous movement, we'd like to create a dedicated certification focusing on the open source tools commonly used to work in a DevOps environment. The target audience is both Dev and Ops, therefore the certification should be seen as a complement to either an LPI or a development certification. We put some more information on the new certification online here: http://www.lpi.org/devops The JTA is available here: https://xd.lpi.org/caf/Xamdev/jta You'll need an LPI-ID to join the JTA (available at https://cs.lpi.org/caf/Xamman/register), but I'm sure most of you already have one. The JTA is an online survey that helps us to determine which skills are actually relevant and should be covered in the certification. In January, we'll discuss the potential objectives based on the outcome of the JTA on the lpi-examdev list. Nevertheless, go ahead and share your thoughts whenever you like! Also, if you have Dev or DevOps people who are not involved in LPI yet, please don't hesitate to share this with them. It's important to get their feedback in the JTA too! Looking forward to the JTA's results and your feedback, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] How can I participate into Beta Exam
Dear all, just a quick reminder, the beta signup is available at www.lpi.org/beta-signup Fabian On Fri, Jul 21, 2017 at 2:45 PM, Fabian Thorns <ftho...@lpi.org> wrote: > Hi Alexandru, > > now that you asked for it I will send an update to the list as soon as the > registration is open. > > Fabian > > On Fri, Jul 21, 2017 at 12:20 AM, Alexandru Ionica < > alexandru.ion...@gmail.com> wrote: > >> Hello Fabian, >> >> Will there be a public announcement on this list when the registration is >> open ? >> >> Thanks. >> >> On Fri, Jul 21, 2017 at 12:52 AM, Fabian Thorns <ftho...@lpi.org> wrote: >> >>> Hi Renato, >>> >>> On Thu, Jul 20, 2017 at 4:43 PM, Renato Felix <jovemfe...@gmail.com> >>> wrote: >>> >>>> It's the first time I'm getting involved with LPI and it's just this >>>> Dev integration with Ops (I'm currently more DEV). >>>> >>> >>> Welcome to the LPI community! >>> >>> >>> I did not understand *how to sign up for the Beta Certification Exam >>> (**Summer >>>> 2017 - Beta Exams**)* informed here in the list or on the site itself >>>> ... On the site lpi.gov/devops appears the option to buy ... but do I >>>> understand the beta is free !? >>>> >>> >>> The beta exams are indeed free. We're about to start the registration >>> for the beta exams soon; the last preparations are just about to be >>> finished. In the mean time, feel free to follow up directly with me to see >>> which beta exam lab is the closest one to you. >>> >>> Fabian >>> >>> >>> ___ >>> lpi-examdev mailing list >>> lpi-examdev@lpi.org >>> http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev >>> >> >> >> ___ >> lpi-examdev mailing list >> lpi-examdev@lpi.org >> http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev >> > > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] How can I participate into Beta Exam
Hi Renato, On Thu, Jul 20, 2017 at 4:43 PM, Renato Felixwrote: > It's the first time I'm getting involved with LPI and it's just this Dev > integration with Ops (I'm currently more DEV). > Welcome to the LPI community! I did not understand *how to sign up for the Beta Certification Exam (**Summer > 2017 - Beta Exams**)* informed here in the list or on the site itself ... > On the site lpi.gov/devops appears the option to buy ... but do I > understand the beta is free !? > The beta exams are indeed free. We're about to start the registration for the beta exams soon; the last preparations are just about to be finished. In the mean time, feel free to follow up directly with me to see which beta exam lab is the closest one to you. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] How can I participate into Beta Exam
Hi Alexandru, now that you asked for it I will send an update to the list as soon as the registration is open. Fabian On Fri, Jul 21, 2017 at 12:20 AM, Alexandru Ionica < alexandru.ion...@gmail.com> wrote: > Hello Fabian, > > Will there be a public announcement on this list when the registration is > open ? > > Thanks. > > On Fri, Jul 21, 2017 at 12:52 AM, Fabian Thorns <ftho...@lpi.org> wrote: > >> Hi Renato, >> >> On Thu, Jul 20, 2017 at 4:43 PM, Renato Felix <jovemfe...@gmail.com> >> wrote: >> >>> It's the first time I'm getting involved with LPI and it's just this Dev >>> integration with Ops (I'm currently more DEV). >>> >> >> Welcome to the LPI community! >> >> >> I did not understand *how to sign up for the Beta Certification Exam >> (**Summer >>> 2017 - Beta Exams**)* informed here in the list or on the site itself >>> ... On the site lpi.gov/devops appears the option to buy ... but do I >>> understand the beta is free !? >>> >> >> The beta exams are indeed free. We're about to start the registration for >> the beta exams soon; the last preparations are just about to be finished. >> In the mean time, feel free to follow up directly with me to see which beta >> exam lab is the closest one to you. >> >> Fabian >> >> >> ___ >> lpi-examdev mailing list >> lpi-examdev@lpi.org >> http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev >> > > > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-OT DevOps Tools Engineer certification's books
Hi Valerio, since the certification is new there is no book specific to the preparation for this exam yet. The most important source for preparing for the exam are the objectives which you can find here: https://wiki.lpi.org/wiki/LPIC-OT_DevOps_Tools_Engineer_Objectives_V1 If the objectives require you to do something with a specific software, you should actually do it. If you are already experienced with that topic, just review which tasks and terms the objectives mention and verify that you know them well. Most projects also offer getting started guides which can help to do your first steps towards a new topic. The LPI objectives assume practical experience and usually go beyond these getting started guides, so it is always good to at least skim through the rest of the documentation to see if there is more on the aspects LPI mentions in the objectives. As some additional help, there is a posting coming up the next days in the LPI blog that describes how to learn using the objectives. If you want, I can share the link here as soon as it is published. We are also planning to provide more references to available documentation around the launch of the final exam. These references are intended to help candidates who just get started with the content of the exam and want to study and gain experience over a longer amount of time. For the beta exams starting in a few weeks, we expect candidate to already have some experience in some of the exam's areas. That said, if you come across materials you find useful or want an opinion on, feel free to share them here (or on lpi-discuss). We could also create a page on our wiki to collect such references. We wanted to do that anyway to conserve the content we'll release around the launch of the final exams, but we can get started at any time. Sorry for not having the one and only reference for all the exam; but I'm glad to help if you get stuck with a specific topic. Fabian On Tue, Jul 25, 2017 at 9:33 PM, 'warezt...@inwind.it' via Relay - fthorns < ftho...@relay.lpi.org> wrote: > Hello I'm Valerio. > I'll participate to this exam on september. > I was wondering if there are some books or pdf notes about this beta exam > in order to be well prepared for that day. > Thank you very much > Valerio > > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-OT DTE: Icinga 2 vs. Prometheus
Dear all, you probably know we're getting closer to the finalization of the LPIC-OT DevOps Tools Engineer certification. While we're doing some last tweaks to the objectives, we struggled over the question whether Icinga 2 or Prometheus is the 'better' tool for monitoring the components of an application. Also, from a didactic point of view, Prometheus seems to be easier to learn than Icinga. What are your thoughts about replacing Icinga 2 with Prometheus in here: https://wiki.lpi.org/wiki/LPIC-OT_DevOps_Tools_Engineer_Objectives_V1#705.1_IT_Operations_and_Monitoring_.28weight:_4.29 Thanks for your thoughts, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-OT DTE: Icinga 2 vs. Prometheus
Hi Jeroen, thanks for following up :) On Thu, Jul 6, 2017 at 4:51 PM, Jeroen Batenwrote: Well, you can teach a dog a trick, but humans are able to understand things. > > This means that the question is not "icinga or prometheus" but > understanding monitoring. > This is very true. Although we need a sample implementation as a practical example in order to test something practical. > And having knowledge of how to setup monitoring. > > A short google trends shows a higher result on Prometheus but this can > also be attributed to a certain movie. > > And, why not Zabbix now we are talking about this? Easy to install from > a repo and anyone with a browser can configure it. Just click away like > any self respecting Windows admin. (yes, this is a subtle rant :-) ) > Zabbix was one of the tools mentioned less often in the studies we did so far. Although, since we're talking about the DevOps Tools Engineer exam, the tool should play well in the context of containers, microservices, etc.. > So, all the descriptions are non-specific regarding a product. > > I would suggest to make the exam also non-specific. After all this has > always been one onf the strong points for LPI. Distribution agnostic > certification. Why change that now? > Distribution agnostic is something different than agnostic of any technology. We are, for example, covering Postfix, Apache HTTPD and Dovecot, although there are alternatives for all of them. We did our best to find out which of these projects are the most relevant / didactically preferable project so we can expect a lot of candidate to be already familiar with that project and to make learning it a benefit for those who still have to. Not asking something about a specific product / project would make the examination as well as the preparation for the exam harder than it has to be. Therefore the question which monitoring tool would be the preferable one in the context of the DevOps Tools Engineer exam. Regards, Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] Linux Essentials Objectives Discussion
We might want to start commenting on exam 010 here. ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-1 and Linux Essentials Objective Updates
Dear all, it's again time to update some of our exam's objectives. This time, we'll work on exams 010, 101 and 102; in other words, we're updating Linux Essentials and LPIC-1. We're doing both at the same time since a some of the relevant changes will likely affect both certifications. Our main goal is to make sure the exams still cover technologies and skills needed by the candidate described in the objectives. You can find the current objectives in our wiki: https://wiki.lpi.org/wiki/LinuxEssentials_Objectives_V1.5 https://wiki.lpi.org/wiki/LPIC-1_Objectives_V4 Please share anything you'd like to see being added, removed or changed in the exams. To keep some structure in the discussion, I'll start one thread per exam in a minute. Please keep comments on the respective thread and follow up with general topics here. As usual, LPI staff will be a less chatty at the beginning to not influence the discussion too early. However, if you want my opinion on anything, just say so :) If you have anything you'd like to share in private, send me a direct message. If you know of someone who might be interested in sharing some thoughts on the exam content, please spread the word about the examdev list. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-1 Exam 102 Objectives Discussion
We might want to start commenting on exam 102 here. ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-1 Exam 101 Objectives Discussion
We might want to start commenting on exam 101 here. ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] monitoring for devops
Hi Jeroen, On Tue, Aug 22, 2017 at 12:27 PM, Jeroen Batenwrote: In case you mist my earlier reply (lost at the bottom of an old thread > in your email client :-) ) I repost it like this. > Good point, I still owe you a response on that thread. Here it comes :) Having thought about devops and monitoring I must admit that I am not > happy about where it was heading. > > I love LPI's generic and practical approach so I spend some time about > that regarding devops and monitoring > > Yes, a devops guy needs to know about monitoring. > Yes, he should know that there are a few popular open source projects > that do monitoring: Nagios, Icinga, Zabbix, Prometheus (if you must > insist allthough I think it is not nearly mature enough). > > No, he should not become an expert in one of these packages. > (well, I could say it must be Zabbix but 10 to 1 somebody will see that > completely differently) > We had some opinions whether or not to test a specific product / project. The problem with concepts is that they are hard to test. Examples ease this a lot because they avoid long verbal explanations. Specifying a specific tool might also provide guidance for candidates who are new to a topic because it gives them a point to start their study (and maybe learn enough to pick another solution that better serves their needs). Take email servers as an example; one might try to test email delivery on a conceptual level only, but (for very good reasons) we're testing Postfix in LPIC-2. In fact, we used to test several MTAs in former times. After all, we have to find the right balance between having some meat on the bones (by having examples for the concepts we test), being useful (to those who use the objectives to learn new topic) and being efficient (to those who know a different tool and prepare for the exam). All this has to be decided from the candidate's perspective. For the DevOps Tools Engineer exam, this candidate's focus are microservices in a dynamic environment where new containers / VMs are spawned automatically, potentially in a very high frequency, potentially triggered by some automatism. This has significant influence no how monitoring works. Keeping track of a dynamic environment requires a monitoring system to use some kind of service discovery. Furthermore, tools like Kubernetes can detect the failure of a container/pod and restart it automatically. Monitoring the old pod wouldn't be a great benefit; instead, the amount of container failures or pod restarts might be better indicator to find problems; i.e. since the failure of a single container/pod might not affect the overall availability of a service. This shifts the interest from a single server/container to services and from simple up/down to more detailed metrics. The main reason why we reconsidered Icinga2 were these requirements and how easy it is to fulfill them. > But we can tell students about things like: > -Be aware of sizing. The amount of monitorin information is the number > of items times the number of servers. > Not necessarily. It could also be the general availability of a service no matter how many (virtual/containerized) servers provide the service. It might also be the overall rate of failing requests, the overall number of certain API calls, the overall number of available processing nodes, the number of container restarts... . > -Know the difference between storing in a rrd database or a sql database > or elastic database and the difference in housekeeping. > Here we run into the same problems as mentioned above, in a general approach questions on these topics can easily become vague while using a specific example requires us to make a choice. > -The sort-of standard way how return/errorlevels are organised: > > Nagios/Icinga: > Plugin Return Code Service State Host State > 0 OK UP > 1 WARNING UP or DOWN/UNREACHABLE* > 2 CRITICALDOWN/UNREACHABLE > 3 UNKNOWN DOWN/UNREACHABLE > > Zabbix: Any exit code that is different from 0 is considered as > execution failure. > > Prometheus:? (couldn't find it, pointers welcome) > Short answer: There is the "up" time series which might be an initial indicator. Longer answer: What defines a warning / critical / ok state of a service or an application? A lot of these definitions stem from metrics. Nagios and icinga allow us to procure performance data, but they are pretty static in how they interpret them (basically warning / critical thresholds). Prometheus also can collect multiple metrics and can be configured to alert on thresholds. For Nagios / Icinga(2) storing performance data over a longer period of time requires additional helpers; I heard the cool kids use datastores like InfluxDB or Graphite and dashboards like Grafana -- which basically ends up with the same dashboards Prometheus creates. The result for what people want when monitoring their microservices seems to be pretty similar, although Prometheus
Re: [lpi-examdev] Make the lpi 102 desktop topic useful again
Hi there, I agree that our current 106.1 and 106.2 objectives are not really helpful anymore. I like the idea of including remote desktop sessions; although I argue that we can't also add virtualization within the three weight points of those objectives. Objective 106.1, X11 installation and configuration is not entirely irrelevant, apparently we're in the year of the Linux desktop :) What about getting rid of some of the details in there and bring this objective to a higher conceptual level: * Add 'Understanding of the X11 architecture.' * Add 'Overwrite specific aspects of Xorg configuration, such as keyboard layout.' * Add 'Manage access to the X server and display applications on remote X servers.' * Add /etc/X11/xorg.conf.d/ * Add 'Awareness of Wayland' * Drop 'Verify that the video card and monitor are supported by an X server.' * Drop 'Awareness of the X font server'. * Drop xwininfo * Drop xdpyinfo Objective 106.2 is more tricky. I doubt anyone adjusts display manager greetings these days. We might consider renaming this objective to 'Graphical Desktops' and change the content to something like this: Key Knowledge Areas: * Understand desktop environment and their major components, such as display managers and window managers. * Awareness of major desktop environments * Awareness of protocols to access remote desktop sessions List of terms: * KDE * Gnome * Xfce * X11 * VNC * Spice * RDP That would introduce the protocols Ingo proposed at a level reasonable for a weight one topic and would remove specific configuration of a display manager. What do you think? Fabian On Fri, Oct 27, 2017 at 6:19 PM, Bryan Smithwrote: > On Fri, Oct 27, 2017 at 10:31 AM, Mark Clarke > wrote: > > What would be good, if its at the right level for 102, is to talk about > > kvm/libvirt and setting up a remote desktop sessions via spice or vnc. > > Some of these details are already touched upon in LPI 304. > > Although I would love to see conversations of bringing these down to > lower levels for junior admins, what day-to-day tasks might be > involved. > > > Nothing more annoying than getting 20 pop-up login boxes in virt-manager. > > Virt-Manager is kinda akin to VMware Player. It's a basic, minimal > solution. > > > oVirt is a backend/front-end to libvirt, including Web-based > administration console and full Virtualized Desktop Infractructure > (VDI) for managing SPICE. oVirt, like libvirt, was originally > designed to be HyperVisor agnostic, so there was no reason it couldn't > support Xen or ESX. But because their commercial stacks, XenServer > and vSphere, respectively, are huge, commercial cash cows, Citrix and > VMware never supported further development of oVirt for their > HyperVisors. > > So oVirt has become largely KVM/SPICE-only. Commercially it is > supported as Red Hat Enterprise Virtualization (RHEV), RHEV-H being > the equivalent to ESXi, and RHEV-M being the equivalent to vSphere. > > > - bjs > > > On 24/10/2017 08:36, Ingo Wichmann wrote: > >> Hi there, > >> > >> I think we should think again, what todays junior sysadmin should know > >> about Linux graphical interfaces. Here are my points: > >> > >> * What does a X-Window client application need to start on a remote > >> machine and display on my local machine? > >> * What's the role of a X-Window manager here? > >> * What's the role of a X-Server here? > >> * Security implications > >> > >> I'm not sure about a simple X-Window-based terminal server: do people > >> use this? I'm aware of quite a few people using x2go. > >> > >> * How do I start a VNC Session? > >> * What's the role of a VNC Client here? > >> * What's the role of a VNC Server here? > >> * Security implications > > -- > Bryan J Smith - http://www.linkedin.com/in/bjsmith > E-mail: b.j.smith at ieee.org or me at bjsmith.me > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-1 Exam 101 Objectives Discussion
Hi there, this might be another can of worms, but I'd still like to open it: During the ifup/ifdown discussion we saw that a lot of Linux runs in 'the cloud' these days. IaaS instances and container are an increasingly important runtime environment for Linux, so we might want to spice a bit of that into LPIC-1. In case we drop quotas (weight: 1) and lower the weight of editors (weight 3 to 2), we would have two spare weight points which we could invest in a new topic 102.6 -- Linux in the Cloud. Since it would only be two weights, we can't go below the surface, so I would propose this content: * Understand concepts of virtualization and containerization. * Understand common components of IaaS clouds (computing instances, block storage (ephemeral + persistent), networking) * Understand and how Linux is deployed in computing instances and understand the role of cloud-init. * Know Docker features, including the role of container images and Dockerfiles. I don't think we should require candidate to use any of these things, I'd be glad if they'd knew how Linux is provisioned to an instance/container and how a cloud/container is different from a regular installation. This would also enable candidates to do their LPI experiments with free instances some cloud providers offer; and it would be a nice bridge to the LPIC-OT DevOps Tools Engineer. Feel free to outvote me if you have any concerns; i.e. if you think this is not adequate for two weights or if you think it's unreasonable for LPIC-1. Fabian On Tue, Oct 10, 2017 at 10:10 PM, Fabian Thorns <ftho...@lpi.org> wrote: > We might want to start commenting on exam 101 here. > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-1 Exam 102 Objectives Discussion
Dear all, as you might have expected, there is an email for the new objective proposal for exam 102 as well. The links to the draft in the wiki is the same as for 101: https://wiki.lpi.org/wiki/LPIC-1_Objectives_V5.0 The changes from version 4.0 can be seen in the page history: https://wiki.lpi.org/pubwiki/index.php?title=LPIC-1_Objectives_V5.0=revision==4226 There is also a dedicated wiki page summarizing the proposed changes: https://wiki.lpi.org/wiki/LPIC-1_Summary_Version_4.0_To_5.0#Changes_in_Exam_102 A few changes discussed on the list are currently not part of the proposal because of these considerations: * TCP Wrappers are kept since there seems to be a strong opinion that the candidate should at least recognize them. Reconsidering them is added as future change consideration. * Automatic update management is not covered due to lack of simple mechanisms and risks associated to it. * iptables, SELinux, polkit etc. have not been added because they are part of LPIC-2/-303. There is no point in teaching candidates how to just turn them off; instead, candidates obey the rules so that they don't run into these constraints in case they were put in place. * gpasswd is not covered because it is assumed that it is better set up groups and permissions in a way to avoid a shared secret for all group members and implement some basic RBAC concepts. * limits.conf relies on pam_limits and therefore belongs to LPIC-2. pam_limits is already covered there. Furthermore, the following future change considerations were added to the LPIC-2 objectives due to the discussion of the LPIC-1 objectives: * Advanced shell scripting (sed -e, set -x, set -o, pipefail, PIPESTATUS, declare) * Filesystem quota (similar to the topic removed from LPIC-1) * Understanding of consistency in backups, e.g. for databases * Let's Encrypt for certification procurement Polkit was added as future consideration to exam 303 and cloning a Linux system was added as future change consideration to exam 304. Again, please comment on these changes if you think something should be different or if you think some of the arguments / reasons are wrong. Fabian On Tue, Oct 10, 2017 at 10:10 PM, Fabian Thorns <ftho...@lpi.org> wrote: > We might want to start commenting on exam 102 here. > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-1 Exam 102 Objectives Discussion
Dear all, thanks for the great discussions on the LPIC-1 exams. Since the discussion seems to settle, it's (almost :) time to wrap things up. Before doing so, I'd like to share a list of additional proposals which were brought up in side conversations or seem worth a look for various reasons. Since they haven't been discussed in this thread yet, it would be great to get your thoughts on those, too. 105.1 Customize and use the shell environment: * Move lists to 105.2 105.2 Customize or write simple scripts: * Turn "sh" into "Bash" in "Use standard sh syntax (loops, tests)." 106.3 Accessibility: Here we got two proposals: * One to only address color blindness and reduced debility of sight be covering color adjustments/inversion (using xcalib), zoom in/out, desktop themes, as well as voice recognition. * The second proposal is to drop this section since installing these tools for only one weight seems unreasonable to some trainers 107.2 Automate system administration tasks by scheduling jobs: * Add systemd.timer * Remove anacron 108.2 System logging: * Drop syslogd * Add rsyslogd * Add interaction between rsyslog and systemd-journald * Add systemd-cat 109.2 Basic network configuration: * Drop ifup * Drop ifdown 109.3 Basic network troubleshooting: * Drop ifup * Drop ifdown * Consider whether or not we should keep the dedicated IPv6 tools such as ping6 since functionality seems to get merged in the same tools again 109.4 Configure client side DNS: * Add awareness of systemd-resolved 110.2 Setup host security: * Add systemd.socket * Drop inetd (but keep xinetd) * Drop TCP wrapper 110.3 Securing data with encryption: * Add additional SSH ciphers * Add gpg-agent * Add gpg options to encrypt, decrypt, sign and verify files Let me know what you think! And don't worry about 101, there will be a similar mail soon :) Fabian On Tue, Oct 10, 2017 at 10:10 PM, Fabian Thorns <ftho...@lpi.org> wrote: > We might want to start commenting on exam 102 here. > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-1 Exam 102 Objectives Discussion
Hi Mark, On Thu, Nov 9, 2017 at 2:44 PM, Mark Clarkewrote: > No changes to 106.1 and 106.2? There was some discussion on this. In > particular xwininfo and xdpinfo. Maybe something about Wayland. I would > just like this section to be more relevant and practical. I am not an > expert on X and Wayland hence my vague suggestions but there were some on > the list. > I know, my email was just stuff that wasn't covered yet. I'll share a draft with all the changes once we discussed these additional ones :) Sorry for not being explicit enough about that. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-1 Exam 101 Objectives Discussion
Hi there, as promised, I'd also like to share a list with additional comments regarding exam 101. These things have not been discussed on the list yet, they stem from private conversations. I'd like to get your opinion on these things too. Afterwards there will be a wrap up of the whole discussion, including everything discussed before and not included in here :) Like the previous email on 102, this is a summary of proposals. Just because I'm sending it doesn't mean it's somehow set. Here you go: 101.1 Determine and configure hardware settings * Remove "Configure systems with or without external peripherals such as keyboards." * Remove "Know the differences between coldplug and hotplug devices." 102.4 Use Debian package management: * Add apt 102.5 Use RPM and YUM package management: * Add zypper * Remove yumdownloader 103.2 Process text streams using filters * Remove od, paste and join (in addition to the tools already identified as potential dropouts) 103.7 Search text files using regular expressions * Be explicit about which kind of regex we test. With grep and sed being our use case for regex, basic regular expressions seem like a good default, unless we want candidates to also know about extended regular expressions, the difference and how to make sed/grep use them. On the other hand, we're testing egrep now, so in the best case candidates should implicitly know the difference. Thoughts on this? * Remove egrep and fgrep * Add sed skills to work with ranges and delete, change, substitute on ranges 104.1 Create partitions and filesystems * Add gpt * Add awareness of exfat 104.2 Maintain the integrity of filesystems * Add mkfs * Remove e2fsck and mke2fs Looking forward to hear your opinion, Fabian On Tue, Oct 10, 2017 at 10:10 PM, Fabian Thorns <ftho...@lpi.org> wrote: > We might want to start commenting on exam 101 here. > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-1 Exam 102 Objectives Discussion
On Thu, Nov 9, 2017 at 10:58 PM, Anselm Lingnauwrote: > Alex Clemente wrote: > > > NetworkManger is easy. > > NetworkManager : iproute2 = GNU Emacs : vi > Would you argue that there people who use Emacs to debug the result of using vi (or vice versa)? In that regard, NetworkManager : ifup/ifdown or NetworkManager : systemd-networkd would be better comparisons. Which brings us to the question, if (and at which level) we should ask candidates to know about nm and systemd-networkd, i.e. with their already mentioned increasing relevance on laptops and IaaS instances. 109.2 (basic network configuration) ( and 109.3 (basic network troubleshooting) each have a weight of 4. We currently list both ip and some net-tools (even in case we drop ifup/ifdown), although I wouldn't mind adding a hint that the focus is using iproute2. > Since we seem to be keeping vi: If we add NetworkManager to the exam, we > should also add GNU Emacs ;^) > Depending on the final decision on editors (which isn't made yet), adding awareness of Emacs and nano to 103.8 might make everyone equally unhappy :) Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPI BSD Associate
HI everyone, some of you might have heard that the BSD Certification Group recently joined BSD. Over the last couples of months we've been working on adjusting the existing BSD Associate objectives in the LPI format. Today, we are proud to share the current draft objectives for the upcoming LPI BSD Associate certification: https://wiki.lpi.org/wiki/LPI-BSD_Associate_Objectives_V1.0 The certification will not be part of the LPIC track, it will be a single exam that leads to the LPI BSDA certification. Similar to the DevOps Tools Engineer, it will be classified as an 'Open Technology' certification. As usual, please share any thoughts and comments either here, or directly with me or our BSD Advisory Board lead, Dru. Also, if you have a background in BSD and have not yet been involved in the exam development, feel free to speak up :) Fabian -- Fabian Thorns <ftho...@lpi.org> GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] Is it time to move lpi-examdev to a forum?
I prefer to keep the general exam development discussion on this list. Mattermost might be useful for detailed discussions on specific topics or during SME work on specific topics. As Anselm points out, introducing another platform, with dedicated credentials, has the high risk of loosing people who do not regularly check for new messages, do not want to sign up, etc.. I see no real benefit in Discourse for this specific use case, but I'm glad to discuss any potential benefits of Discourse if they are pointed out. Fabian On Mon, Jan 1, 2018 at 5:11 PM, Anselm Lingnauwrote: > Jeroen Baten wrote: > > > +1 on mattermost! > > Mattermost is an impressive piece of software, but I am on Slack for one > project and on a couple of different Rocketchat instances for others. It > frankly sucks to have to keep an eye on N separate IM platforms, and I > don't > like the way they're all subtly different from each other; finally, they're > not suitable for the type of long-form discussion that tends to happen on > this > list. > > If this list moves to an IM platform I will probably just give up on it > because it's too much of a hassle trying to keep up. I'm fine with e-mail, > and > I don't feel a compelling need to move this list to something else. “Never > touch a running system.” > > Anselm > -- > Anselm Lingnau · ans...@tuxcademy.org · https://www.tuxcademy.org > Freie Schulungsmaterialien für Linux und Open-Source-Software > Free Training Materials for Linux and Open-Source Software > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] About Linux as a virtualization guest
On Wed, Aug 1, 2018 at 4:31 PM, 'Simone Piccardi' via Relay - fthorns < ftho...@relay.lpi.org> wrote: > Il 01/08/2018 09:37, Fabian Thorns ha scritto: > > I wouldn't go too deep into those details, we're not talking about VM > > Exists/Entries nor about masking individual CPU flags. Following the > > objectives [1], there will be one question on each 101 exam asking > > something about the concepts of a VM or a container, about what to buy > > in an IaaS cloud to run Linux, about how to get Linux into a VM/a > > Container/an IaaS instance, which could be as easy as using an existing > > image. It's a one weight objective only, so it's safe to assume that > > we're talking about what is inside a VM/a container, not how the > > virtualization is implemented in details. > > > > Reading the list of used files, terms and utilities in 102.6 it seems > that what you need know to is little bit too broad for a single question > topic. > > If you cite SSH host keys you are talking about an SSH server > configuration, that's 212.3. So for this single question you need to > teach people a 4 questions topic of a more advanced exam. > We're not asking for SSH server configuration, we ask for knowing SSH host keys exists (this is LPIC-1 knowledge) and that they should be specific for an individual system (again, LPIC-1 knowledge) and that this might have implications in a virtualized environment where images, clones etc. are used (that is the new part in here (which should be easy to explain). > If you require understanding networking (in Understand common elements > virtual machines in an IaaS cloud, such as computing instances, block > storage and networking) you are asking about topics covered in Exam 102. > When you click the 'create an instance' button in your favorite cloud, do you have to configure networking? Do you have to do something if you want to reach your instance externally? Anything which relates to using ip or ifconfig belongs to exam 102, getting the networking interface and having an idea of how these instances are usually connected to the outside (again, not the exact routing, but the concept of how traffic to an external IP address ends up in an IaaS instance). > > So far I cannot understand what kind of competence (at the Exam 101 > level) you want to test. A generic one about knowing you need to have a > tailored image for launching a container? That's what the objectives say. This is not specific to one hypervisor or to, this is mostly conceptual. Installation a VM might be different from installation a physical server, setting up a Linux instance in the cloud might be different from running a VM locally. It doesn't matter if it is KVM, Xen or VMware on the one side or GCP, AWS, DigitalOcean on the other. Likewise, a ps ax in a VM might look different to a ps ax in a Docker container; in fact, even getting to a shell might be different when using a classic VM, an LXC container or a Docker container. The candidate doesn't need to be able to build a container or a VM image, but he should have an idea about the differences in case he's facing one of these kinds of 'Linuxes'. To get another idea of this topic, try this (please really do it): Image you're preparing yourself for your LPIC-1 exams; go to one or two big IaaS cloud providers and try to get a Linux there, with a user account to log, a public IP address to SSH to and a persistent disk to store something. Once you got this, you're good to apply your LPIC-1 knowledge. The steps to this point are similar in most clouds; conceptual knowledge of these steps is what we ask for. Next, start a Docker container and a Linux VM. How to do this is our of scope of this objective anyway. But even when you try to get a shell in the VM or in the Container, you might notice some differences. Once you got the shell, check which processes are running and which software is installed. Imagine as an LPIC-1 alumni you're put into either of these environments, which information do you need to find out what's going on and to do one or the other thing which is in the other objectives? That's what this topic is about. For the next revision, should we add virt-what? Fabian -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] About Linux as a virtualization guest
Hi Sergio, On Tue, Jul 31, 2018 at 11:13 PM, Sergio Belkin wrote: > Hi, I'd like to understand exactly what a candidate should to be able, are > these abilities correct? > >- Determine if a system it's either a container or a virtual machine >- To be aware of differents technologies of containerization (eg: >docker,LXC) virtualization (eg: virtualbox, kvm) and difference between >public and private computing >- Basic Install Linux on a hypervisor (VirtualBox, KVM) >- Check/list containers/virtual machines running > > I think these knowledges are not required: > >- Build/run containers >- Configure networking on container > > > Well, please could you correct me if I'm wrong? And more example will be > welcome > You're absolutely right, neither networking configuration nor building containers is mentioned in the objectives. I would just be careful of mentioning Docker and LXC in the same list, as their approaches are a little different (application container vs. system container). The idea behind this objective is to be able to apply the LPIC-1 knowledge not just on a regular PC, but also on a VM or even to debug a container. It is not about configuring up the hypervisor, it is about using Linux inside a VM and understanding what a VM / a container is, where their installations come from (knowing there is an image, knowing where it comes from, but not practically building it from scratch). There are also some common specialties of most IaaS clouds, mostly related to images, too. In fact, getting a Linux VM in the cloud requires almost no networking knowledge, but the candidate should know enough about it to use his LPIC-1 skills in that instance. I hope this helps :) Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] About Linux as a virtualization guest
I wouldn't go too deep into those details, we're not talking about VM Exists/Entries nor about masking individual CPU flags. Following the objectives [1], there will be one question on each 101 exam asking something about the concepts of a VM or a container, about what to buy in an IaaS cloud to run Linux, about how to get Linux into a VM/a Container/an IaaS instance, which could be as easy as using an existing image. It's a one weight objective only, so it's safe to assume that we're talking about what is inside a VM/a container, not how the virtualization is implemented in details. Fabian [1] https://wiki.lpi.org/wiki/LPIC-1_Objectives_V5.0#102.6_Linux_as_a_virtualization_guest On Wed, Aug 1, 2018 at 8:51 AM, Kenneth Peiruza wrote: > PS: depending on which hardware do you emulate, it can be really difficult > to determine. > > Imagine a KVM emulating regular hardware and CPUs instead of using default > qemu-cpu and virtio NICs and HDDs. It's gonna be tricky to get aware of the > platform and it will make no difference because you will not tweak anything > inside that VM... > > Regards, > > Kenneth > > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] Lpi v5
Hi there, well observed! Version 5.0 of LPIC-1 will be released in Fall, probably in September. The objectives are in the wiki at https://wiki.lpi.org/wiki/LPIC-1_Objectives_V5.0 A summary of the changes is online as well: https://wiki.lpi.org/wiki/LPIC-1_Summary_Version_4.0_To_5.0 Once version 5.0 is released, both version 4.0 and 5.0 will be available in parallel for a grace period of six months. Fabian On Thu, Jul 12, 2018 at 1:47 PM, Robin Mettner wrote: > Hello, > > my name is Robin and i am taking the exam lpi-101 and 102 next month. > Currently the exam Version is 4.0. As i booked the exam, i saw that the > exams for LPIC-2 are at the Version 4.5. I also saw that last month were > beta LPI 101 and 102 exams. > > > My question is, will there be a LPIC-1 version 4.5/5 any time soon. > > I'm looking forward to your response. > > Best Regards > Robin Mettner > > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] IoT and Security in Schools/Universities
Hi there, our academic advisory committee is currently working on some topics related to IoT and Security. The group is mostly formed of teachers and professors who hold courses/lectures on these topics. If you're doing something similar and would like to join, let me know and I'll bring you in touch with the committee's leads. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] Extending LPIC-1 with the DevOps Tools Engineer
Hi there, what do you think: Would it be reasonable to let the DevOps Tools Engineer certification extend an existing active LPIC-1? Fabian -- Fabian Thorns <ftho...@lpi.org> GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] Extending LPIC-1 with the DevOps Tools Engineer
Hi Marek, On Thu, Apr 19, 2018 at 7:41 AM, Marek Andersonwrote: > I think so too. On a related note does Lpic 2 extend Lpic 1 validity? If > not, why not? > It does! And, an LPIC-3 extends both the candidate's LPIC-1 and LPIC-2. It's all about demonstrating that the candidate proceeds in his professional development. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-3 Objectives Discussion
Dear all, now that the updated LPIC-1 and Linux Essentials exams are passing their last steps towards the release (a HUGE THANK YOU to all of you who helped!), it's time to focus on the next objectives updates. According to our schedule, LPIC-3 is due. I'd like to start the discussion for all three LPIC-3 exams today. To keep things in order, I will start one thread for each exam. Please follow up in the respective thread. As usual, we will have our initial discussion on this list. Once the dust settles, I will turn the comments into proposals for updated objectives and we will have a second discussion on those objectives -- unless we discover the need to do more research or a JTA for one of the exams. And, as usual as well, if you want to have a private conversation on any of these topics, just reach our to me or the team directly. Looking forward to your thoughts and comments, Fabian -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-300 Objectives
Hi there, this thread is about exam 300. The current objectives are available here: https://wiki.lpi.org/wiki/LPIC-3_300_Objectives_V1 I think we will have some fundamental discussions about this exam; i.e. regarding the relevance of NT4 domains, of the amount of Windows knowledge covered in the exam, about the real relevance of FreeIPA and, in general, what a 'Mixed Environment' is in 2019. This is certainly not everything we should discuss for this exam, so speak up for whatever you consider relevant. Fabian -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-304 Objectives
Hi there, let's discuss exam 304 in this thread. The current objectives are available here: https://wiki.lpi.org/wiki/LPIC-304_Objectives_V2 Some of you raised the following points in private conversations: - Container virtualization, i.e. Docker - Storage (i.e. Ceph, with respect to both HA and virtualization)? - Notwork HA (bonding) - Is it still worth having a combined HA and virtualization certification? I'm sure there is more to discuss, so just follow up with whatever you have in mind :) Fabian -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] LPIC-303 Objectives
Hi there, this thread is supposed to discuss exam 303. The current objectives are available here: https://wiki.lpi.org/wiki/LPIC-303_Objectives_V2 The current objectives for this exam seem quite fine to me, although a few tools might need to be updated (IPsec) / reconsidered. But I'm sure you will spot more discussion points in the objectives once you review them again. Fabian -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] 300/303: Where to put FreeIPA/SSSD?
Hi there, sorry for starting another thread. After spending some time thinking about your mails regarding 300 and 303, I'd like to ask for your opinion on one specific question that seems crucial to me: Where do we want to cover FreeIPA and SSSD? Do we see them mainly as tools to harden systems or as tools to integrate authentication realms (either 'mixed' or 'non-mixed')? If we decide for the latter, we might consider moving FreeIPA from 303 to 300, extend it there and maybe replace OpenLDAP with 389 Server (and potentially do the same for LPIC-2 in the next revision). This seems a reasonable use of the weights freed up by NT4 domains; and we might fill the gap it leaves in 303 with some basic pentesting (this should be discussed elsewhere, though). What do you think? Fabian -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] LPIC-304 Objectives
Hi there, thanks for all your comments. It seems there is a general agreement that 304 should be split, and that the building blocks of whatever comes out of it are virtualization, high availability and storage. We've already mentioned ceph and in a side conversation fibrechannel was mentioned, but i was wondering what else should be added to the three baskets (virtualization, HA, storage). We need to get a first idea of the possible amount of content of each topic to see what could potentially make up an own exam. If you have new topics in mind for any of those three categories, please share them here. Fabian On Tue, Oct 16, 2018 at 4:38 PM Fabian Thorns wrote: > Hi there, > > let's discuss exam 304 in this thread. > > The current objectives are available here: > > https://wiki.lpi.org/wiki/LPIC-304_Objectives_V2 > > Some of you raised the following points in private conversations: > > - Container virtualization, i.e. Docker > - Storage (i.e. Ceph, with respect to both HA and virtualization)? > - Notwork HA (bonding) > - Is it still worth having a combined HA and virtualization certification? > > I'm sure there is more to discuss, so just follow up with whatever you > have in mind :) > > Fabian > > -- > Fabian Thorns GPG: F1426B12 > Director of Certification Development, Linux Professional Institute > -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] What does stand for Linux Extensions? in LPI 101
Hi Bryan, On Mon, Dec 31, 2018 at 3:48 PM Bryan Smith wrote: I just wanted to note that, AFAIK, LPI objectives and exams cover only open > source, with a preference for Upstream built-in and not conflicting (e.g., > kernel.org). > For specific implementations, yes. But we also test how to join an AD domain hosted on Windows in LPIC-2 (and 3), although we focus on the Linux aspects. > So in the case of 'guest' (e.g., 102.6), that would mean what is in > kernel.org or compatible by default, let alone nothing that would be > incompatible (technical or licensing). > If we were testing specific implementations, yes. The only things I've seen, and someone can correct me if I'm wrong, that > are an issue are 'host' modules, not 'guess,' and GPLv2 incompatible > VirtualBox Extensions for 'guests.' > Are the VMware tools open source? P.S. Maybe the objective should be named "Linux kernel 'guest' support > software (GPLv2 compatible)'? > Most of the concepts we test in 102.6 apply to proprietary software, too. The list of things to keep in mind when migrating from paravirtualized Xen to fully virtualized KVM might be very close to the list of things to consider when migrating from VMware ESI to Microsoft Hyper-V or when migrating from cloud A to cloud B (assuming one tries to move VMs instead of just redeploying everything). In all of these situations it's about running Linux on whatever platform is chosen, it's not about knowing configuration knobs of VirtualBox. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] What does stand for Linux Extensions? in LPI 101
On Mon, Dec 31, 2018 at 4:31 PM Bryan Smith wrote: > Yes, EMC/VMware finally got their 'guest' support Upstream into kernel.org. > Not eveything is in there, but it's does include 'basic' driver > functionality that Oracle still keeps proprietary, and causes havoc. > > As far as your AD and V2V comment, what proprietary software is Linux > shipping that supports such? ;) > > I.e., None > > Case-in-point: It's all 100% open source supporting interfaces and data, > not proprietary software running on Linux itself. > > The same concept applies. :) > > Proprietary software dependencies are not the same as interface/data > support. > Good point. So the short answer to Sergio's question is probably that he should spent as much time as he thinks one weight out of 60 deserves on the concepts and maybe having a look to one example without digging too deep into any implementations details. Fabian ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
Re: [lpi-examdev] 300/303: Where to put FreeIPA/SSSD?
Hi there, thanks for all your comments. It seems that we all agree to move 326.3 (User management) and 326.4 (FreeIPA) from 303 to 300 and drop OpenLDAP from 300. Given this agreement, I'd like to move the discussion back to the 300 and 303 threads (and refer to some of your emails there). Fabian On Mon, Nov 26, 2018 at 4:19 AM Bryan Smith wrote: > I'll make the same arguments I made years ago ... > > - Let's stop getting deep on LDAP Server ... > > I think too deep of LDAP knowledge, with either 389 or OpenLDAP Server, is > probably not ideal. E.g., we shouldn't be covering replication. It's too > LDAP-specific. Especially with 389 Server being multi-master. > > - Focus on how to do things, not LDAP Server-specifics > > We still need to cover advanced LDAP concepts in general, including > ldapmodify, etc... from the OpenLDAP client/libs that both 389 and OpenLDAP > Server use. But I wouldn't get deep into 389 schema. > > - When in doubt, on the server, cover IPA schema > > IPA is still 389 underneath, and standard schema. It's just 'canned' in a > way that is useful and, thanx to SSSD on the client, in a way you don't > have to start hacking up LDIF, JSON or other files to configure. > > I.e., virtually all of the schema for SSH Public Key, Sudoers, etc... are > in IPA, and ready-to-use with SSSD, instead of having to get 'into the > weeds' on what schema. It's a waste to do so. Just know what IPA provides > -- which is what other LDAP Servers can also provide. > > In fact ... > > - When in doubt, on the client, cover advanced SSSD configuration > > What we're really often talking about is mapping/use in SSSD, on the > client side. IPA Server + IPA Client (Linux SSSD w/IPA module) -- like AD > Server + AD Client (NT LSA w/AD SSP) -- is all canned and ready-to-use. So > when not doing IPA, we're really just talking about 'tweaking' SSSD to > support the same schema in another LDAP Server (just like the NT LSA > w/SSPs). > > That's been my continuing view. No need to 'get in the weeds' with > various LDAP Server implementations. Cover IPA, cover SSSD, and where the > schema and support map. > > - bjs > > > On Wed, Nov 21, 2018 at 8:05 AM Dirk Streubel > wrote: > >> Hi, >> >> i total agree with Kenneth, FreeIPA and 389 Server must be part of the >> 300 Exam. Also i think it is a good thing to gave a new Name for this Part. >> >> So, just another though i have: there a new Exams in Mind, what about >> the Name ( Number) of the Exam.For me it makes no sense to call it LPI-300 >> / 303 and 304. There a LPI-1 and LPI-2. Maybe the new Name could be >> LPI-3.0, LPI-3.3 or LPI 3.4 or something else. Or something different?! >> >> Regards from Castrop-Rauxel, >> >> Dirk >> >> >> >> Am 19.11.18 um 09:15 schrieb Kenneth Peiruza: >> >> Lpic 300, for sure. Get rid of openldap, show "LDAP" + >> FreeIPA+Samba4. >> >> That makes sense to me. So far, openldap has no direct relationship with >> Samba4, it made sense for samba3, but not anymore, and as we lost the auth >> integration with openldap when 301 got removed, it's there in 300 doing >> little or nothing. >> >> IMHO a chapter or two on pentesting would make 303 way more attractive >> (students always ask me to extend a bit on attack tools: enumeration, >> scanning & bruteforce logins). >> >> Regards, >> >> Kenneth >> >> >> On Nov 18, 2018 1:54 PM, Fabian Thorns >> wrote: >> >> Hi there, >> >> sorry for starting another thread. After spending some time thinking >> about your mails regarding 300 and 303, I'd like to ask for your opinion on >> one specific question that seems crucial to me: Where do we want to cover >> FreeIPA and SSSD? Do we see them mainly as tools to harden systems or as >> tools to integrate authentication realms (either 'mixed' or 'non-mixed')? >> >> If we decide for the latter, we might consider moving FreeIPA from 303 to >> 300, extend it there and maybe replace OpenLDAP with 389 Server (and >> potentially do the same for LPIC-2 in the next revision). This seems a >> reasonable use of the weights freed up by NT4 domains; and we might fill >> the gap it leaves in 303 with some basic pentesting (this should be >> discussed elsewhere, though). >> >> What do you think? >> >> Fabian >> >> -- >> Fabian Thorns GPG: F1426B12 >> Director of Certification Development, Linux Professional Institute >> >> >> >> ___ >> lpi-examdev mailing >> listlpi-
Re: [lpi-examdev] LPIC-300 Objectives
Hi there, it seems we agree to drop most of the topics 390 and 391 from the 300 exam, move over 326.3 (User Management) and 326.4 (FreeIPA) from 303 and add some more FreeIPA and SSSD. We currently cover the LDAP basics (including ldapmodify) in 202, so we could expect candidates to handle LDAP in general. Would you still cover it in the 300 exam? Assuming that we don't (and correct me if I am wrong here), what do you think of a potential objectives outline similar to this one? The xx*-topics/objectives would be the new structure, the 39*-objectives show where the current objectives would be placed in the new objectives. The old objectives still contain their original weight, I've added a '-' (and I think no '+') where I'd like to propose a change in weight. = Topic xx1: FreeIPA Domain Management (weight: 15) xx1.1 FreeIPA Concepts and Architecture (3) - Service - Replication topology - Domain Levels - DNS - Awareness of PKI xx1.2 FreeIPA Domain and IDM Server Management (weight: 3) xx1.3 FreeIPA User Management (weight: 3) xx1.4 FreeIPA Policies and Access Control (weight: 4) xx1.5 FreeIPA and Active Directory Integration (weight: 2) 326.4 FreeIPA Installation and Samba Integration (weight: 4) = Topic xx2: Linux Authentication (weight: 8) xx2.1 PAM and NSS Authentication (weight: 4) 391.1 LDAP Integration with PAM and NSS (weight: 2-1) 326.3 User Management and Authentication (weight: 5-3) xx2.2 SSSD Authentication and IPA Client Management (weight: 4) = Topic xx3: Samba Basics (weight: 8) xx3.1 Samba Concepts and Architecture (weight: 2) 392.1 Samba Concepts and Architecture (weight: 2) xx3.2 Samba Configuration and Tools (weight: 3) 392.2 Configure Samba (weight: 4-1) Add registry based configuration xx3.3 Samba Maintenance and Troubleshooting (weight: 3) 392.3 Regular Samba Maintenance (weight: 2-0.5) 392.4 Troubleshooting Samba (weight: 2-0.5) = Topic xx4: Samba File and Printing Services (weight: 11) xx4.1 File Shares (weight: 3) 393.1 File Services (weight: 4-1) xx4.2 Advanced Access Controll (weight: 3) 393.2 Linux File System and Share/Service Permissions (weight: 3) xx4.3 Print Shares and Printing Drivers (weight: 2) 393.3 Print Services (weight: 2) xx4.4 CIFS Integration (weight: 3) 397.1 CIFS Integration (weight: 3) Move smbmount and mount from 393.1 to 397.1 = Topic xx5: Samba Active Directory Services (weight: 15) xx5.1 AD Directory Maintenance / DC (weight: 4) 395.2 Samba4 as an AD compatible Domain Controller (weight: 3) 396.2 Active Directory Name Resolution (weight: 2-1) xx5.2 AD User Management (weight: 3) 394.1 Managing User Accounts and Groups (weight: 4-1) xx5.3 AD Domain Membership (weight: 6) 394.2 Authentication, Authorization and Winbind (weight: 5-1) 395.3 Configure Samba as a Domain Member Server (weight: 3-1) xx5.4 Windows Client Management (weight: 2) 397.2 Working with Windows Clients (weight: 2) Add awareness and capacities of GPOs = Drop: - 391.2 Integrating LDAP with Active Directory and Kerberos (weight: 2) - 390.1 OpenLDAP Replication (weight: 3) - 390.2 Securing the Directory (weight: 3) - 390.3 OpenLDAP Server Performance Tuning (weight: 2) - 392.5 Internationalization (weight: 1) - 395.1 Samba as a PDC and BDC (weight: 3) - 396.1 NetBIOS and WINS (weight: 3) Sorry if this looks messy, I hope you're getting what I mean. As usual, this is in no way final, it's intended to feed the discussion. Once we've put it in a proper share we will work out the details. Let me know what you'd like to see changed, Fabian On Tue, Oct 23, 2018 at 9:57 PM Dirk Streubel wrote: > Hi, > > i think Bryan is right. In the 300 exam must be the 389 Server and or the > FreeIPA Part. > > After the decision from Red Hat and Suse not to support OpenLDAP in the > future it makes sense to enlarge the exam with this two points. > > Another Point is 395.3 : Joining Samba to an existing NT4 domain > > In my opinion this point can be canceled. In my work i doesn't see any NT4 > domain any more. > > Perhaps in the world are some NT$ Domains but i think this is a handful of > domains. And how big is the chance to met them? > > Best regards > > Dirk > > > > Am 16.10.2018 um 22:29 schrieb Bryan Smith: > > Fabian Thorns wrote: > >> I think we will have some fundamental discussions about this exam; i.e. >> regarding the relevance of NT4 domains, of the amount of Windows knowledge >> covered in the exam, about the real relevance of FreeIPA >> > > First off: The "iPlanet lineage" (389) "Real World" > > I've been quiet since my initial barking, since LPI ignored the 2005+ open > sourced version 8 of iP
Re: [lpi-examdev] LPIC-303 Objectives
Hi, by moving the objectives 326.3 User Management and Authentication (weight: 5) and 326.4 FreeIPA Installation and Samba Integration (weight: 4) from the 303 to the 300 exam we'll vacate nine weight points in exam 303. Some of these points should certainly be dedicated to penetration testing. Metasploit would be one of the potentials tools, but there are more for sure, and we should consider if there are other topics that should get some of those spare weights, too. What do you think? And, this might be quite important, are you aware of any 'dual use' considerations in your local legislation which might make it hard for candidates and trainers to (responsibly) use pentesting tools for exam preparation legally? Fabian On Tue, Oct 23, 2018 at 7:36 PM Markus Schade wrote: > Also in regards to host hardening, the whole secure/trusted boot topic > is AFAIK currently nowhere addressed. > Microcode updates and where to check in cpuinfo and sysfs for cpu bugs > would also be nice. > > 325.3 > > We should mention LUKS2 > > Also there is clevis/tang for network bound disk encryption or TPM > unlocking. > > 328.4 > > Get rid of racoon. It's dead since 2014 > Replace with strongswan > > I'd really love to see wireguard here. I know it's not yet finalized, > but the configuration seems to be already stable. > > 320.6 > > should also include configuration of ciphers, macs and hostkey > algorithms all of which had to be set in the last years to disable > insecure suites. So candidates should not only see this in the field and > but should also be capable of setting these. > > Maybe have awareness of SSH CA. > > Best regards, > Markus > > > Am 18.10.2018 um 19:22 schrieb Marc Baudoin: > > Fabian Thorns écrit : > >> > >> this thread is supposed to discuss exam 303. > >> > >> The current objectives are available here: > >> > >> https://wiki.lpi.org/wiki/LPIC-303_Objectives_V2 > >> > >> The current objectives for this exam seem quite fine to me, although a > few > >> tools might need to be updated (IPsec) / reconsidered. But I'm sure you > >> will spot more discussion points in the objectives once you review them > >> again. > > > > My 2 cents... > > > > 325.4 DNS and Cryptography > > > > This talks about DANE to illustrate a real-world use of DNSSEC. > > Adding the SSHFP RR should be considered as another example. > > > > 326.1 Host Hardening > > > > Considering what's known about Spectre, I think "Be aware of the > > security advantages of virtualization" should be dropped or > > rephrased. > > > > 326.3 User Management and Authentication > > > > Should pam_tally.so (not pam_tally2.so) be dropped? > > > > 326.4 FreeIPA Installation and Samba Integration > > > > The ipa-replica-prepare doesn't seem to exist anymore in current > > versions of FreeIPA. > > > > 327.2 Mandatory Access Control > > > > I couldn't find togglesebool in CentOS 7. I didn't checked in > > CentOS 6. Is it still available somewhere? > > > > Maybe the chcon command should be added. > > ___ > > lpi-examdev mailing list > > lpi-examdev@lpi.org > > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev > > > ___ > lpi-examdev mailing list > lpi-examdev@lpi.org > http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
[lpi-examdev] Address Change for lpi-examdev
Dear all, I want to inform you about a chance of the examdev mailing list. Effective today from 10.30 EST, the list will have the address lpi-exam...@list.lpi.org There will be an alias in place to redirect mails to the old address, but, preferably, use the new address from today on. The subscriptions and archives are migrated, so there should be no change other than the new address. Regards, Fabian -- Fabian Thorns GPG: F1426B12 Director of Certification Development, Linux Professional Institute ___ lpi-examdev mailing list lpi-examdev@lpi.org http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev