# Practice Exam Solutions ## Task 1: Company Portal Unreachable ### Diagnosis ```bash # Check nginx status sudo systemctl status nginx # Test nginx configuration sudo nginx -t # Output: nginx: [emerg] unexpected "}" in /etc/nginx/sites-enabled/company.local:8 # View the config file cat /etc/nginx/sites-available/company.local ``` ### Problem The nginx configuration file for company.local has a **missing semicolon** after `index index.html`. ### Solution ```bash # Edit the configuration file sudo nano /etc/nginx/sites-available/company.local # Find this line: index index.html # Change to (add semicolon): index index.html; # Test configuration sudo nginx -t # Output: nginx: configuration file /etc/nginx/nginx.conf syntax is ok # Reload nginx sudo systemctl reload nginx ``` ### Verification ```bash curl http://company.local # Should return HTML with "Company Portal" ``` --- ## Task 2: Online Shop Shows 403 Forbidden ### Diagnosis ```bash # Check nginx error log sudo tail /var/log/nginx/shop_error.log # Output: open() "/var/www/shop/index.html" failed (13: Permission denied) # Check file permissions ls -la /var/www/shop/ # Output: ---------- 1 www-data www-data ... index.html # (No permissions at all!) ``` ### Problem The index.html file has **wrong permissions** (chmod 000 - no read/write/execute for anyone). ### Solution ```bash # Fix the file permissions sudo chmod 644 /var/www/shop/index.html # Verify permissions (should show -rw-r--r--) ls -la /var/www/shop/index.html ``` ### Verification ```bash curl http://shop.local # Should return HTML with "Online Shop" ``` --- ## Task 3: API Returns 502 Bad Gateway ### Diagnosis ```bash # Check nginx error log for API sudo tail /var/log/nginx/api_error.log # Output: connect() to unix:/var/run/php/php8.x-fpm.sock failed (2: No such file or directory) # Check PHP-FPM status sudo systemctl status php*-fpm # Output: Active: inactive (dead) ``` ### Problem The **PHP-FPM service is stopped and disabled**. Nginx cannot forward PHP requests. ### Solution ```bash # Find the PHP-FPM version php -v # or: ls /etc/php/ # Start PHP-FPM (replace 8.3 with your version if different) sudo systemctl start php8.3-fpm # Enable to start on boot sudo systemctl enable php8.3-fpm # Verify it's running sudo systemctl status php8.3-fpm # Should show: Active: active (running) ``` ### Verification ```bash curl http://api.local:8080 # Should return JSON with "status": "success" ``` --- ## Task 4: Docker Application Unreachable ### Diagnosis ```bash # Check if Docker container is running sudo docker ps # Output: practice-webapp is running (HEALTHY) # Check if port is listening sudo ss -tulnp | grep 8888 # Output: Shows docker-proxy listening on 8888 # Check firewall status sudo ufw status # Output: 8888/tcp DENY Anywhere ``` ### Problem The **firewall (UFW) is blocking port 8888**. The Docker container is running correctly, but connections are denied. ### Solution ```bash # Remove the deny rule sudo ufw delete deny 8888/tcp # Allow port 8888 sudo ufw allow 8888/tcp # Verify firewall rules sudo ufw status # Should show: 8888/tcp ALLOW Anywhere ``` ### Verification ```bash curl http://localhost:8888 # Should return HTML with "Docker Application" ``` --- ## Task 5: Database Connection Refused ### Diagnosis ```bash # Try to connect with the user mysql -u webuser -p'WebPass123!' practicedb # Output: ERROR 1045 (28000): Access denied for user 'webuser'@'localhost' # Check which users exist (as root) sudo mysql -e "SELECT user, host FROM mysql.user WHERE user='webuser';" # Output: webuser | 10.0.0.1 # (User is bound to wrong IP, not localhost!) ``` ### Problem The MySQL user `webuser` is bound to **wrong host IP** (10.0.0.1 instead of localhost). ### Solution ```bash # Connect as root sudo mysql # Create user for localhost (or recreate) DROP USER IF EXISTS 'webuser'@'10.0.0.1'; CREATE USER 'webuser'@'localhost' IDENTIFIED BY 'WebPass123!'; GRANT ALL PRIVILEGES ON practicedb.* TO 'webuser'@'localhost'; FLUSH PRIVILEGES; EXIT; ``` Or as a one-liner: ```bash sudo mysql -e "DROP USER IF EXISTS 'webuser'@'10.0.0.1'; CREATE USER 'webuser'@'localhost' IDENTIFIED BY 'WebPass123!'; GRANT ALL PRIVILEGES ON practicedb.* TO 'webuser'@'localhost'; FLUSH PRIVILEGES;" ``` ### Verification ```bash mysql -u webuser -p'WebPass123!' practicedb -e "SELECT * FROM products;" # Should show table with products (Laptop, Mouse, Keyboard, Monitor) ``` --- ## Quick Reference: Problem Summary | Task | Service | Problem | Key Fix | |------|---------|---------|---------| | 1 | company.local | Missing semicolon in nginx config | Add `;` after `index index.html` | | 2 | shop.local | Wrong file permissions (000) | `chmod 644 /var/www/shop/index.html` | | 3 | api.local | PHP-FPM service stopped | `systemctl start php*-fpm` | | 4 | localhost:8888 | Firewall blocking port | `ufw allow 8888/tcp` | | 5 | MySQL | User bound to wrong host | Create user for `'webuser'@'localhost'` | --- ## Diagnostic Approach For each problem, follow this systematic approach: 1. **Check the symptom** - What error do you see? - Connection refused → Service not running or firewall - 403 Forbidden → Permissions issue - 502 Bad Gateway → Backend service (PHP-FPM) down - Connection timeout → Firewall blocking 2. **Check service status** - Is the service running? ```bash systemctl status nginx systemctl status php*-fpm docker ps ``` 3. **Check logs** - What do the logs say? ```bash journalctl -u nginx tail /var/log/nginx/error.log ``` 4. **Check configuration** - Is the config valid? ```bash nginx -t cat /etc/nginx/sites-available/... ``` 5. **Check permissions** - Can the service read the files? ```bash ls -la /var/www/... ``` 6. **Check network** - Is the port accessible? ```bash ss -tulnp ufw status ``` --- *Practice Exam Solutions - Betriebssysteme und Netzwerke*