KodeKloud Days 5-8: SELinux and Cron Jobs
Source: Dev.to
Day 5: SELinux Configuration – “Wait, this isn’t Ubuntu?”
My confident first attempt:
sudo apt update
sudo apt install -y selinux-basicsResult: Command not found.
Turns out I was on CentOS Stream, not Ubuntu. Different package manager, different everything.
Check your OS first (lesson learned)
cat /etc/os-releaseCentOS uses dnf, not apt:
sudo dnf install -y selinux-policy selinux-policy-targetedEdit the SELinux config:
sudo vi /etc/selinux/config
# Change SELINUX=enforcing to SELINUX=disabledWhy this surprised me: Every DevOps tutorial I’d done uses Ubuntu (AWS, Docker, Kubernetes). Encountering CentOS felt like showing up to a JavaScript class and being handed Assembly code.
Lesson: Always check /etc/os-release before assuming the distro. Package managers are not interchangeable.
Day 6: Cron Jobs – Easier Than Expected
Set up a cron job to echo “hello” to /tmp/cron_text every 5 minutes.
# Install cron daemon
sudo dnf install -y cronie
sudo systemctl enable --now crond
# Add the job (as root)
sudo su -
echo "*/5 * * * * echo hello > /tmp/cron_text" >> /var/spool/cron/root
# Verify
crontab -lCron syntax breakdown for */5 * * * *
| Position | Meaning |
|---|---|
| 1 (*/5) | Every 5 minutes |
| 2 (*) | Every hour |
| 3 (*) | Every day of month |
| 4 (*) | Every month |
| 5 (*) | Every day of week |
Translation: “Run this every 5 minutes until the heat death of the universe.”
Day 7: Passwordless SSH – The Magic of Public Keys
Set up password‑less SSH from a jump host to all app servers.
# Generate SSH key pair
ssh-keygen -t rsa -b 4096
# Copy to servers (the easy way)
ssh-copy-id tony@stapp01
ssh-copy-id steve@stapp02
ssh-copy-id banner@stapp03
# Test it
ssh tony@stapp01 hostname # No password prompt = successCritical permissions
| Path | Mode |
|---|---|
~/.ssh/ | 700 (drwx------) |
~/.ssh/authorized_keys | 600 (-rw-------) |
~/.ssh/id_rsa | 600 (-rw-------) |
~/.ssh/id_rsa.pub | 644 (-rw-r--r--) |
Incorrect permissions cause SSH to silently ignore your keys.
Day 8: Ansible Installation – Version Hell
Install a specific Ansible version globally.
# Wrong: user‑only installation
python3 -m pip install --user ansible
# Right: global installation
sudo python3 -m pip install "ansible==4.8.0"
# Verify
ansible --version
which ansible # Should show /usr/local/bin/ansibleThe difference
--user→ installs to~/.local/bin(current user only)sudo pip install→ installs to/usr/local/bin(all users)
Always quote version specifiers: "ansible==4.8.0"; otherwise shell expansion can break the command.
Week 2 Stats
- Package managers tried: 2 (apt failed, dnf worked)
- Cron jobs created: 3 (one per server)
- SSH key pairs generated: 1 (4096‑bit RSA)
- Ansible installations: 2 (user then global)
- “Not Ubuntu” realizations: 1 (the CentOS surprise)
- Times I typed
apton CentOS: ~5 (muscle memory is stubborn)
Key Takeaways
Commands I now know by heart
cat /etc/os-release # Always check your distro
crontab -l # List cron jobs
ssh user@host hostname # Test passwordless SSH
ansible --version # Verify Ansible installationMistakes that taught me
- Always check your OS before running commands.
- SSH permissions must be exactly right.
- Global vs. user installations matter.
- Version management is not optional.
What’s Next
- Days 9‑12: Ansible playbooks (finally using what I installed)
- Docker fundamentals
- Network configuration
- More troubleshooting (probably)
Full article: For the complete write‑up with more details, all the commands, and the full story of my UI struggles, see the original post 👉 Read the full article