Forem: Elijah

KodeKloud Days 5-8: SELinux and Cron Jobs

Elijah — Tue, 23 Dec 2025 19:00:00 +0000

"Plot twist: Not every Linux is Ubuntu. Also, KodeKloud's UI is testing my patience like a buffering Netflix video at 3%. 📡💀"

Week two of the 100 Days challenge, and I got hit with a reality check: Ubuntu isn't the only Linux distro. After years of Ubuntu-centric DevOps tutorials, KodeKloud threw CentOS Stream at me and watched me flail.

Here's what I learned (and broke) this week.

Day 5: SELinux Configuration - The "Wait, This Isn't Ubuntu?" Moment

My confident first attempt:

sudo apt update
sudo apt install -y selinux-basics

Result: Command not found.

Turns out I was on CentOS Stream, not Ubuntu. Different package manager, different everything.

# Check your OS FIRST (lesson learned)
cat /etc/os-release

# CentOS uses dnf, not apt
sudo dnf install -y selinux-policy selinux-policy-targeted

# Edit SELinux config
sudo vi /etc/selinux/config
# Change SELINUX=enforcing to SELINUX=disabled

Why this surprised me: Every DevOps tutorial I've ever done uses Ubuntu. AWS tutorials? Ubuntu. Docker labs? Ubuntu. Kubernetes courses? Ubuntu. So encountering CentOS felt like showing up to a JavaScript class and being handed Assembly code.

Lesson learned: Always check /etc/os-release before assuming you know what distro you're on. Package managers are not interchangeable, despite what my Ubuntu-trained muscle memory believes.

Day 6: Cron Jobs - Easier Than Expected

Set up a cron job to echo "hello" to /tmp/cron_text every 5 minutes.

# Install cron daemon
sudo dnf install -y cronie
sudo systemctl enable --now crond

# Add the job (as root)
sudo su -
echo "*/5 * * * * echo hello > /tmp/cron_text" >> /var/spool/cron/root

# Verify
crontab -l

Cron syntax breakdown for */5 * * * *:

Position 1 (*/5): Every 5 minutes
Position 2 (*): Every hour
Position 3 (*): Every day of month
Position 4 (*): Every month
Position 5 (*): Every day of week

Translation: "Run this every 5 minutes until the heat death of the universe."

Day 7: Passwordless SSH - The Magic of Public Keys

Set up passwordless SSH from jump host to all app servers. Because typing passwords repeatedly builds carpal tunnel, not character.

# Generate SSH key pair
ssh-keygen -t rsa -b 4096

# Copy to servers (the easy way)
ssh-copy-id tony@stapp01
ssh-copy-id steve@stapp02
ssh-copy-id banner@stapp03

# Test it
ssh tony@stapp01 hostname  # No password prompt = success

The critical part: SSH is extremely picky about permissions.

Required permissions:

~/.ssh/                → 700 (drwx------)
~/.ssh/authorized_keys → 600 (-rw-------)
~/.ssh/id_rsa         → 600 (-rw-------)
~/.ssh/id_rsa.pub     → 644 (-rw-r--r--)

Get these wrong and SSH will silently ignore your keys like you ignored the documentation.

Day 8: Ansible Installation - Version Hell

Install Ansible. Sounds simple until they want a specific version available globally on all servers.

# Wrong: User installation
python3 -m pip install --user ansible

# Right: Global installation
sudo python3 -m pip install "ansible==4.8.0"

# Verify
ansible --version
which ansible  # Should show /usr/local/bin/ansible

The difference:

--user → Installs in ~/.local/bin (current user only)
sudo pip install → Installs in /usr/local/bin (all users)

Always use quotes around version specifiers: "ansible==4.8.0" not ansible==4.8.0. Shell expansion will mess you up.

Week 2 Stats

Package managers tried: 2 (apt failed, dnf worked)
Cron jobs created: 3 (one per server)
SSH key pairs generated: 1 (4096-bit RSA)
Ansible installations: 2 (user then global)
"Not Ubuntu" realizations: 1 (the CentOS surprise)
Times I typed apt on CentOS: ~5 (muscle memory is stubborn)

Key Takeaways

Commands I now know by heart:

cat /etc/os-release          # Always check your distro
crontab -l                   # List cron jobs
ssh user@host hostname       # Test passwordless SSH
ansible --version            # Verify Ansible installation

Mistakes that taught me:

Always check your OS before running commands
SSH permissions must be exactly right
Global vs user installations matter
Version management is not optional

What's Next

Days 9-12 coming up:

Ansible playbooks (finally using what I installed)
Docker fundamentals
Network configuration
More troubleshooting (probably)

Full Article

This is a condensed version. For the complete writeup with more details, all the commands, and the full story of my UI struggles:

👉 Read the full article

Following this challenge? Drop your "wrong distro" moment in the comments. The first time you tried Ubuntu commands on CentOS, or vice versa. We've all been there. 😅

Week 1 of KodeKloud’s 100 Days Challenge: Days 1-4 (Or: How I Learned to Stop Worrying and Love the Slow Labs

Elijah — Fri, 19 Dec 2025 19:00:00 +0000

I decided to torture myself with KodeKloud's 100 Days of DevOps challenge. The VMs load slower than continental drift, but the hands-on Linux practice is actually solid.

Here's what I learned (and broke) in my first four days.

**Day 1: Non-Interactive Users**

The challenge was to create a user with a non-interactive shell.

```

bash
sudo useradd -s /usr/sbin/nologin username
getent passwd username

The mistake? I ran all these commands on the wrong host. Spent 10 minutes wondering why validation wasn't working before realizing I was on my local terminal instead of SSH'd into the lab.

Lesson learned: Always double-check which host you're on. Run hostname first.

Day 2: Temporary Users

The challenge was to create a user account with an expiration date.


bash
sudo useradd anita -e 2023-06-05
chage -l anita

This creates a ticking time bomb account—perfect for temporary contractors or intern access.

Bonus trick: Auto-lock account after 20 minutes:


bash
echo "usermod --lock username" | at now + 20 minutes

The mistake? Did it on the wrong host. Again. 🤦

Day 3: Disabling Root SSH

The challenge was to disable root login across multiple servers.

Manual approach:


bash
sudo vi /etc/ssh/sshd_config
# Change: #PermitRootLogin no → PermitRootLogin no
sudo systemctl restart sshd

Problem: I had to do this on three servers manually. Each SSH connection took 30 seconds—enough time to make coffee, question my life choices, and consider farming.

Automation solution:


bash
for server in app1 app2 app3; do
    ssh $server "sudo sed -i 's/#PermitRootLogin no/PermitRootLogin no/' /etc/ssh/sshd_config && sudo systemctl restart sshd"
done

My 30-minute nightmare became a 2-minute coffee break.

Lesson learned: If you're doing something more than twice and it's boring, automate it.

Day 4: File Permissions

The challenge was to make a script executable for all users.


bash
chmod 755 /tmp/xfusioncorp.sh
ls -l /tmp/xfusioncorp.sh

Output: -rwxr-xr-x

Permission breakdown:

7 (rwx) = full access for owner
5 (r-x) = read and execute for group
5 (r-x) = read and execute for others

Common patterns worth memorizing:


bash
chmod 644 file.txt    # Owner: rw, Others: r
chmod 755 script.sh   # Owner: rwx, Others: rx
chmod 600 secret.txt  # Owner: rw, Others: nothing

Week 1 Stats

Commands run: ~50
Wrong host mistakes: 2
Lab loading time: ~5 min/lab
"Why isn't this working?" moments: 7
Times I questioned my career: 3

Key Takeaways

Commands I now know by heart:


bash
useradd -s /usr/sbin/nologin username
chage -l username
chmod 755 script.sh

Mistakes that taught me:

Always check hostname before running commands
Automate anything you do more than twice
Lab speed ≠ learning speed

What's Next

Days 5-8 are coming up:

Package management (yum, apt, dnf)
Service management (systemctl deep dive)
Cron jobs and scheduling
More automation

Full Article

This is a condensed version. For the complete writeup with more details, code examples, and commentary:

👉 Read the full article on my blog

Following this challenge? Drop your biggest "wrong host" moment in the comments. I can't be the only one. 😅