yum repolist all                                        #List all repos
/etc/yum.repos.d                                        #Repo folder
yum repolist all |grep enabled                          #List active repos
yum repolist
yum makecache 
yum-config-manager --enable repository-xy
yum-config-manager --disable repository-xy
subscription-manager repos --disable repository-xy      #RHEL7 
subscription-manager repos --disable repository-xy      #RHEL7
yum check-update
yum check-update --security
yum clean all
rm -rf /var/cache/yum
yum updateinfo
yum update
yum update -y
yum update --skip-broken
yum update --security
yum-complete-transaction
zypper dist-upgrade
zypper clean -a
rpm -qa --last                                          #shows last applied packages

To solve a broken rpm-database:

yum info expat
mkdir /var/lib/rpm/backup
cp -a /var/lib/rpm/__db* /var/lib/rpm/backup/
rm -f /var/lib/rpm/__db.[0-9][0-9]*
rpm --quiet -qa
rpm --rebuilddb
yum clean all
yum info expat
rm -rf /var/lib/rpm/backup

or

mv /var/lib/rpm/__db* /tmp/
rpm --rebuilddb
yum clean all

lsb_release -d                                          #>= RHEL7
cat /etc/redhat-release                                 #<= RHEL6

yum search package
yum search all package
yum list java*                                                                                                       #search versions, getting also repos which contain the package
yum list java-1.8.0-ibm*
yum reinstall package
yum install package
yum erase httpd httpd-tools
yum -y --nogpgcheck install nrpe nagios-plugins-disk nagios-plugins-load nagios-plugins-swap nagios-plugins-procs
yum reinstall --downloadonly --downloaddir=/tmp kernel-debuginfo glibc-langpack-de-2.28-225.el8.x86_64.rpm
pkcon search name package                                                                                            #shows all available versions of a package

/etc/init.d/taskomatic restart 
rhn_check -vvvv

Add Channel:

cdn-sync --list-channels |grep dotnet
cdn-sync --channel rhel-x86_64-server-7-dotnet-1

rhn_check -vvvvv
/usr/sbin/rhn_check -vvvvv
rhnsd               #Service to interact with Satellite
rhn-profile-sync    #Sync package list with Satellite

engine-upgrade-check 
yum update ovirt\*setup\* 
engine-setup 

Open http(s):

firewall-cmd --zone=public --add-service=http --permanent
firewall-cmd --zone=public --add-service=https --permanent

Activate:

firewall-cmd --reload

Test:

iptables -L | grep https
iptables -L | grep http

Example-Output:

[root@testhost ~]# iptables -L |grep https
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https ctstate NEW

Open firewall port tcp/2888 to zone “public” to anybody:

firewall-cmd --zone=public --add-port=2888/tcp --permanent
firewall-cmd --reload

Open firewall port for zone “public” to particularry IP:

firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="136.230.49.56/30" port protocol="tcp" port="9200" accept'
firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="136.230.49.56/32" port protocol="tcp" port="9200" accept'

List zones:

firewall-cmd --list-all-zones

Show zone content:

firewall-cmd --info-zone=public

Remove a rule, without restriction:

firewall-cmd --zone=public --remove-port=80/tcp

Remove a rule, with restriction:

firewall-cmd --permanent --zone=public --remove-rich-rule='rule family="ipv4" source address="136.230.49.56/30" port protocol="tcp" port="8480" accept'
firewall-cmd --permanent --zone=public --remove-rich-rule='rule family="ipv4" source address="136.230.230.196/32" port protocol="tcp" port="8480" accept'

Remove a servicebased rule:

firewall-cmd --zone=public --remove-service=http

Activate:

firewall-cmd --reload

If a rule can´t be removed (even if firewall-cmd shows “success”) it´s possible to remove it inside the configuration file:

/etc/firewalld/zones/public.xml

Afterwards you have to restart the firewall service:

systemctl restart firewalld.service

lokkit --port=80:tcp --update
lokkit --port=443:tcp --update

Config file:

/etc/sysconfig/system-config-firewall
# Configuration file for system-config-firewall

--enabled
--port=80:tcp

Or:

/etc/sysconfig/iptables

Restart iptables:

/etc/init.d/iptables restart

Check:

iptables -L -n |grep 80
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80

Related files:

/etc/hosts
/etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/resolv.conf

/etc/sysconfig/network-scripts/ifcfg-eth0:

DEVICE=eth0
HWADDR=00:0c:29:9c:37:ba
TYPE=Ethernet
UUID=a23f59eb-0246-451f-bb56-5a256403b722
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=192.168.0.5
NETMASK=255.255.255.0
DNS2=8.8.8.8
GATEWAY=192.168.0.2
DNS1=10.2.206.102
IPV6INIT=no

/etc/sysconfig/network:

NETWORKING=yes
HOSTNAME=RHEL6-6

/etc/hostname
systemctl restart systemd-hostnamed
hostnamectl set-hostname name
hostnamectl status

subscription-manager config --server.proxy_hostname=proxy.example.com --server.proxy_port=8080 --server.proxy_user=admin --server.proxy_password=secret
subscription-manager register --username user@test.de --password mysecret
subscription-manager attach --auto

To add a certificate in the simple PEM or DER file formats to the list of CAs trusted on the system, copy the certificate file to the /usr/share/pki/ca-trust-source/anchors/ or /etc/pki/ca-trust/source/anchors/ directory. To update the system-wide trust store configuration, use the update-ca-trust command, for example:

cp ~/certificate-trust-examples/Cert-trust-test-ca.pem /usr/share/pki/ca-trust-source/anchors/
update-ca-trust

Check:

chronyc tracking
chronyc sources
chronyc -n sourcestats     #show IP of ntp-server
chronyc sourcestats        #show dns-name of ntp-server

Service:

systemctl status chronyd.service

Sync oneshot:

chronyd -q 'server NTPname-DNS-or-IP iburst'                 #chronyd.service has to be stopped before!