LFCS / tasks
0/24 completed — do these live in your VM, then check them off.
1. Find every file larger than 50 MB under /var; write their paths to /root/big.txt.
2. From /etc/passwd, extract usernames of accounts with UID ≥ 1000 into /root/humans.txt.
3. In /root/config.txt, replace every 'localhost' with 'server01', in place.
4. Create gzip archive /root/ssh-backup.tar.gz containing /etc/ssh.
5. Create + enable a systemd service hello.service that runs /usr/local/bin/hello.sh at boot.
6. Set the system to boot to the command-line target by default.
7. Schedule /usr/local/bin/backup.sh to run daily at 03:15 for root.
8. Install 'tree', then show which package owns /usr/bin/tree.
9. Create user alice: home dir, /bin/bash, group devops, account expires 2026-12-31.
10. Create group auditors; add existing user bob without removing his other groups.
11. Give alice passwordless sudo via a drop-in file.
12. Grant carol rwx on /srv/data via ACL without changing base perms.
13. Set the hostname to node1.lab.local persistently.
14. Permanently open TCP port 8080 and confirm it's active.
15. Harden SSH: disable root login and password auth, then apply.
16. Install a web server, serve 'LFCS PASS' at the docroot, enable at boot, confirm port 80.
17. Set timezone America/New_York and enable NTP.
18. On /dev/sdb: one partition, format xfs, mount at /data persistently by UUID.
19. /dev/sdc: PV → VG data_vg → 4G LV data_lv, ext4, persistent mount /mnt/data.
20. Grow data_lv by 2G including its filesystem, while mounted.
21. Add a 1 GB swapfile at /swapfile, enable now, persist.
22. LUKS-encrypt /dev/sdd, open as 'secure', ext4, mount /mnt/vault.
23. Load module br_netfilter, confirm loaded, persist at boot.
24. Count 'Failed password' lines in the auth log; write the number to /root/failcount.txt.