Linux Admin Interview Questions & Answers.
Q) Q) What is Linux and why is it so popular?
Answer - Linux is an operating system that uses UNIX like Operating
system.......
Q) Q) What is LILO?
Answer - LILO is Linux Loader is a boot loader for Linux. It is used to
load Linux into the memory and start the Operating system.......
Q) Q) What is the difference between home directory and working
directory?
Answer - Home directory is the default working directory when a user
logs in. On the other hand, working directory is the user’s current
directory.......
Q) Q) What is the difference between internal and external commands?
Answer - Internal commands are commands that are already loaded in the
system. They can be executed any time and are independent.......
Q) Explain the difference between a static library and a dynamic
library.
Answer - Static libraries are loaded when the program is compiled and
dynamically-linked libraries are loaded in while......
Q) What is LD_LIBRARY_PATH?
Answer - LD_LIBRARY_PATH is an environment variable. It is used for
debugging a new library or a non standard library.......
Q) What is the file server in Linux server?
Answer - File server is used for file sharing. It enables the processes
required fro sharing.......
Q) What is NFS? Q) What is its purpose?
Answer - NFS is Network File system. It is a file system used for
sharing of files over a network.......
How do I send email with linux?
Answer - Email can be sent in Linux using the mail command. ......
Q) Explain RPM (Red Hat Package Manager) features.
Answer - RPM is a package managing system (collection of tools to
manage software packages).......
Q) What is Kernel? Q) Explain the task it performs.
Answer - Kernel is used in UNIX like systems and is considered to be
the heart of the operating system.......
Q) What is Linux Shell? Q) What is Shell Script?
Answer - Linux shell is a user interface used for executing the
commands. Shell is a program the user......
Q) What are Pipes? Q) Explain use of pipes.
Answer - A pipe is a chain of processes so that output of one process
(stdout) is fed an input (stdin) to another.......
Q) Explain trap command; shift Command, getopts command of linux.
Answer - Trap command: controls the action to be taken by the shell
when a signal is received. ......
Q) What Stateless Linux server? Q) What feature it offers?
Answer - A stateless Linux server is a centralized server in which no
state exists on the single workstations. ......
Q) What does nslookup do? Q) Explain its two modes.
Answer - Nslookup is used to find details related to a Domain name
server. Details like IP addresses of a machine, MX records,......
Q) What is Bash Shell?
Answer - Bash is a free shell for UNIX. It is the default shell for
most UNIX systems. It has a combination of the C and Korn shell features. ......
Q) Explain some Network-Monitoring Tools in Linux: ping, traceroute,
tcpdump, ntop
Answer - Network monitoring tools are used to monitor the network,
systems present on the network, traffic etc.......
How does the linux file system work?
Answer - Linux file structure is a tree like structure. It starts from
the root directory, represented by '/', and then expands into
sub-directories.......
Q) What are the process states in Linux?
Answer - Process states in Linux.......
Q) What is a zombie?
Answer - Zombie is a process state when the child dies before the
parent process. In this case the structural information of the process is still
in the process table.......
Q) Explain each system calls used for process management in linux.
Answer - System calls used for Process management......
Q) Which command is used to check the number of files and disk space
used and the each user’s defined quota?
repquota command is used to check the status of the user’s quota along
with the disk space and number of files used. This command gives a summary of
the user’s quota that how much space and files are left for the user. Every
user has a defined quota in Linux. This is done mainly for the security, as
some users have only limited access to files. This provides a security to the
files from unwanted access. The quota can be given to a single user or to a
group of users.
Q) What is the name and path of the main system log?
By default the main system log is /var/log/messages. This file contains
all the messages and the script written by the user. By default all scripts are
saved in this file. This is the standard system log file, which contains
messages from all system software, non-kernel boot issues, and messages that go
to 'dmesg'. dmesg is a system file that is written upon system boot.
Q) How secured is Linux? Q) Explain.
Security is the most important aspect of an operating system. Due to
its unique authentication module, Linux is considered as more secured than
other operating systems. Linux consists of PAM. PAM is Pluggable Authentication
Modules. It provides a layer between applications and actual authentication
mechanism. It is a library of loadable modules which are called by the
application for authentication. It also allows the administrator to control
when a user can log in. All PAM applications are configured in the directory
"/etc/pam.d" or in a file "/etc/pam.conf". PAM is
controlled using the configuration file or the configuration directory.
Q) Can Linux computer be made a router so that several machines may share
a single Internet connection? How?
Yes a Linux machine can be made a router. This is called "IP
Masquerade." IP Masquerade is a networking function in Linux similar to
the one-to-many (1: Many) NAT (Network Address Translation) servers found in
many commercial firewalls and network routers. The IP Masquerade feature allows
other "internal" computers connected to this Linux box (via PPP,
Ethernet, etc.) to also reach the Internet as well. Linux IP Masquerading
allows this functionality even if the internal computers do not have IP
addresses.
The IP masquerading can be done by the following steps:
1. The Linux PC must have an internet connection and a connection to
LAN. Typically, the Linux PC has two network interfaces-an Ethernet card for
the LAN and a dial-up PPP connection to the Internet (through an ISP).
2. All other systems on your LAN use the Linux PC as the default
gateway for TCP/IP networking. Use the same ISP-provided DNS addresses on all
systems.
3. Enable IP forwarding in the kernel. By default the IP forwarding is
not enabled. To ensure that IP forwarding is enabled when you reboot your
system, place this command in the /etc/rc.d/rc.local file.
4. Run /sbin/iptables-the IP packet filter administration program-to
set up the rules that enable the Linux PC to masquerade for your LAN.
Q) What is the minimum number of partitions you need to install Linux?
Minimum 2 partitions are needed for installing Linux. The one is / or
root which contains all the files and the other is swap. Linux file system is
function specific which means that files and folders are organized according to
their functionality. For example, all executables are in one folder, all
devices in another, all libraries in another and so on. / or ‘root’ is the base
of this file system. All the other folders are under this one. / can be
consider as C: .Swap is a partition that will be used as virtual memory. If
there is no more available RAM a Linux computer will use an area of the hard
disk, called swap, to temporarily store data. In other words it is a way of
expanding your computers RAM.
Which command is used to review boot messages?
dmesg command is used to review boot messages. This command will
display system messages contained in the kernel ring buffer. We can use this
command immediately after booting to see boot messages. A ring buffer is a
buffer of fixed size for which any new data added to it overwrites the oldest
data in it. Its basic syntax is
dmesg [options]
Invoking dmesg without any of its options causes it to write all the
kernel messages to standard output. This usually produces far too many lines to
fit into the display screen all at once, and thus only the final messages are
visible. However, the output can be redirected to the less command through the
use of a pipe, thereby allowing the startup messages to be viewed on one screen
at a time
dmesg | less
Which utility is used to make automate rotation of a log?
logrotate command is used to make automate rotation of log.
Syntax of the command is:
logrotate [-dv] [-f|] [-s|] config_file+
It allows automatic rotation, compression, removal, and mailing of log
files. This command is mainly used for rotating and compressing log files. This
job is done every day when a log file becomes too large. This command can also be
run by giving on command line. We can done force rotation by giving –f option
with this command in command line. This command is also used for mailing. We
can give –m option for mailing with this command. This option takes two
arguments one is subject and other is recipient name.
Q) What are the partitions created on the mail server hard drive?
The main partitions are done firstly which are root, swap and boot
partition. But for the mail server three different partitions are also done
which are as follows:
1. /var/spool- This is done so that if something goes wrong with the
mail server or spool than the output cannot overrun the file system.
2. /tmp- putting this on its own partition prevents any user item or
software from overrunning the system files.
3. /home- putting this on its own is useful for system upgrades or
reinstalls. It allow not to wipe off the /home hierarchy along with other
areas.
Q) What are the fields in the/etc/passwd file?
It contains all the information of the users who log into the system.
It contains a list of the system's accounts, giving for each account some
useful information like user ID, group ID, home directory, shell, etc. It
should have general read permission as many utilities, like ls use it to map
user IDs to user names, but write access only for the superuser (root). The
main fields of /etc/passwd file are:
1. Username: It is used when user logs in. It should be between 1 and
32 characters in length.
2. Password: An x character indicates that encrypted password is stored
in /etc/shadow file.
3. User ID (UID): Each user must be assigned a user ID (UID). UID 0
(zero) is reserved for root and UIDs 1-99 are reserved for other predefined
accounts. Further UID 100-999 are reserved by system for administrative and
system accounts/groups.
4. Group ID (GID): The primary group ID (stored in /etc/group file)
5. User ID Info: The comment field. It allow you to add extra
information about the users such as user's full name, phone number etc. This
field use by finger command.
6. Home directory: The absolute path to the directory the user will be
in when they log in. If this directory does not exists then users directory
becomes /
7. Command/shell: The absolute path of a command or shell (/bin/bash).
Typically, this is a shell.
Which commands are used to set a processor-intensive job to use less
CPU time?
nice command is used for changing priority of the jobs.
Syntax: nice [OPTION] [COMMAND [ARG]...]
Range of priority goes from -20 (highest priority) to 19
(lowest).Priority is given to a job so that the most important job is executed
first by the kernel and then the other least important jobs. This takes less
CPU times as the jobs are scheduled and are given priorities so the CPU
executes fast. The priority is given by numbers like -20 describe the highest
priority and 19 describe the least priority.
How to change window manager by editing your home directory?
/.xinitrc file allows changing the window manager we want to use when
logging into X from that account. The dot in the file name shows you that the
file is a hidden file and doesn't show when you do a normal directory listing.
For setting a window manager we have to save a command in this file. The syntax
of command is: exec windowmanager.After this, save the file. Next time when you
run a startx a new window manager will open and become default. The commands
for starting some popular window managers and desktop environments are:
-KDE = startkde
-Gnome = gnome-session
-Blackbox = blackbox
-FVWM = fvwm
-Window Maker = wmaker
-IceWM = icewm
Q) How documentation of an application is stored?
When a new application is installed its documentation is also
installed. This documentation is stored under the directory named for
application. For example if my application name is App1 then the path of the
documentation will be /user/doc/App1. It contains all the information about the
application. It contains date of creating application, name of application and
other important module of the application. We can get the basic information of
application from the documentation.
Q) How shadow passwords are given?
pwconv command is used for giving shadow passwords. Shadow passwords
are given for better system security. The pwconv command creates the file
/etc/shadow and changes all passwords to ‘x’ in the /etc/passwd file. First,
entries in the shadowed file which don't exist in the main file are removed.
Then, shadowed entries which don't have `x' as the password in the main file
are updated. Any missing shadowed entries are added. Finally, passwords in the
main file are replaced with `x'. These programs can be used for initial
conversion as well to update the shadowed file if the main file is edited by
hand.
Q) How do you create a new user account?
useradd command is used for creating a new user account. When invoked
without the
-D option, the useradd command creates a new user account using the
values specified on the command line and the default values from the system.
The new user account will be entered into the system files as needed, and
initial files copied, depending on the command line options. This command uses
the system default as home directory. If –m option is given then the home
directory is made.
Q) Which password package is installed for the security of central
password?
Shadow password packages are used for security of central passwords.
Security is the most important aspect of every operating system. When this
package is not installed the user information including passwords is stored in
the /etc/passwd file. The password is stored in an encoded format. These
encoded forms can be easily identified by the System crackers by randomly
encoding the passwords from dictionaries. The Shadow Package solves the problem
by relocating the passwords to another file (usually /etc/shadow). The
/etc/shadow file is set so that it cannot be read by just anyone. Only root
will be able to read and write to the /etc/shadow file.
Q) Which shell do you assign to a POP3 mail-only account?
POP3 mail only account is assigned to the /bin/false shell. However,
assigning bash shell to a POP3 mail only gives user login access, which is
avoided. /bin/nologin can also be used. This shell is provided to the user when
we don’t want to give shell access to the user. The user cannot access the
shell and it reject shell login on the server like on telnet. It is mainly for
the security of the shells. POP3 is basically used for downloading mail to mail
program. So for illegal downloading of emails on the shell this account is
assigned to the /bin/false shell or /bin/nologin. These both shells are same
they both do the same work of rejecting the user login to the shell. The main
difference between these two shells is that false shell shows the incorrect
code and any unusual coding when user login with it. But the nologin shell
simply tells that no such account is available. So nologin shell is used mostly
in Linux.
Q) Which daemon is responsible for tracking events on Linux system?
syslogd is responsible for tracking system information and save it to
the desired log files. It provides two system utilities which provide system
logging and kernel message trapping. Internet and UNIX domain sockets support
enable this utility package to support both local and remote logging. Every
logged message contains at least a time and a hostname field, normally a
program name field, too. So to track these information this daemon is used.
syslogd mainly reacts to the set of signals given by the user. These are the
signals given to syslogd: SIGHUP: This lets syslogd perform a
re-initialization. All open files are closed, the configuration file (default
is /etc/syslog.conf) will be reread and the syslog facility is started again.
SIGTERM: The syslogd will die. SIGINT, SIGQUIT: If debugging is enabled these
are ignored, otherwise syslogd will die. SIGUSR1: Switch debugging on/off. This
option can only be used if syslogd is started with the - d debug option.
SIGCHLD: Wait for Childs if some were born, because of waiting messages.
Q) Which daemon is used for scheduling of the commands?
The crontab command is used for scheduling of the commands to run at a
later time. SYNTAX
crontab [ -u user ] file
crontab [ -u user ] { -l | -r | -e }
Options
-l List - display the current crontab entries.
-r Remove the current crontab.
-e Edit the current crontab using the editor specified by the VISUAL or
EDITOR environment variables.
When user exits from the editor, the modified crontab will be installed
automatically. Each user can have their own crontab, and though these are files
in /var, they are not intended to be edited directly. If the –u option is given
than the crontab gives the name of the user whose crontab is to be tweaked. If
it is given without this then it will display the crontab of the user who is
executing the command.
Q) How environment variable is set so that the file permission can be
automatically set to the newly created files?
umask command is used to set file permission on newly created files
automatically.
Syntax
umask [-p] [-S] [mode]
It is represented in octal numbers. We can simply use this command without
arguments to see the current file permissions. To change the permissions, mode
is given in the arguments. The default umask used for normal user is 0002. The
default umask for the root user is 0022. For calculating the original values,
the values shown by the umask must be subtracted by the default values. It is
mainly used for masking of the file and directory permission. The /etc/profile
script is where the umask command is usually set for all users. The –S option
can be used to see the current default permissions displayed in the alpha
symbolic format.
For example, umask 022 ensures that new files will have at most 755
permissions (777 NAND 022).
The permissions can be calculated by taking the NAND of original value
with the default values of files and directories.
1.When do you need a virtual hosting ?
Update V1.1.
1.When do you need a virtual hosting ?
The term Virtual
Host refers to the practice of maintaining more than one server on one
machine, as differentiated by their apparent hostname. For example, it is often
desirable for companies sharing a web server to have their own domains, with
web servers accessible as www.company1.com and www.company2.com,
without requiring the user to know any extra path information.
2.In which port telnet
is listening?
23
3.How to get the
listening ports which is greater than 6000 using netstat ?
4.How to block and
openrelay ?
Open relays are e-mail
servers that are configured to accept and transfer e-mail on behalf of any user
anywhere, including unrelated third parties.
The qmail-smtpd daemon
will consult the rcpthosts control file to determine valid destination
addresses, and reject anything else.
5.Q) What is sandwitch
configuration in qmail ?
Qmail + Clam +
Spamassassin- This is normally called Sandwitch configuration in qmail.
6.Advantages of Qmail
?
More secure, better designed, modular, faster, more reliable,
easier to configure, don't have to upgrade it every few months or worry about
being vulnerable to something due to some obscure feature being enabled
qmail supports host
and user masquerading, full host hiding, virtual domains, null clients,
list-owner rewriting, relay control, double-bounce recording, arbitrary RFC 822
address lists, cross-host mailing list loop detection, per-recipient
checkpointing, downed host backoffs, independent message retry schedules, etc.
qmail also includes a drop-in ``sendmail'' wrapper so that it will be used transparently
by your current UAs.
7.Q) What is the
difference between POP3 and IMAP ?
The Difference
POP3 works by
reviewing the inbox on the mail server, and downloading the new messages to
your computer. IMAP downloads the headers of the new messages on the server,
then retrieves the message you want to read when you click on it.
When using POP3, your
mail is stored on your PC. When using IMAP, the mail is stored on the mail
server. Unless you copy a message to a "Local Folder" the messages
are never copied to your PC.
POP3
· You only check e-mail
from one computer.
· You want to remove
your e-mail from the mail server.
IMAP
· You check e-mail from
multiple locations.
· You use Webmail.
8.How to drop packets
using iptables ?
Iptables -A INPUT -s xx.xx.xx.xx
-d xx.xx.xx.xx -j DROP
9.Daily routines of
Linux Administrators ?
*.Check the health of
servers
*.Check for updates
*.Check the Backup
*.Check with the
trouble ticketing system for any unread ticket.
*.Troubleshoot if
there any problem
*.Installation of new
servers, if needed.
*.Report to the Boss
10.How to take the
Dump of a MySQL Database ?
Mysqldump databasename
> dumpname
11.How to know the CPU
usage of each process ?
Top, uptime
12.How to bind another
IP in a NIC ?
Copy the contents eth0
to eth1, and change the ipaddress. Restart the network. .
13.Transparently proxy
all web-surfing through Squid box
iptables -t nat -A
PREROUTING -i eth1 -tcp --dport 80 -j DNAT --to
iptables -t nat -A
PREROUTING -i eth1 -tcp --dport 80 -j DNAT --to
14.Transparently
redirect web connections from outside to the DMZ web server.
iptables -t nat -A
PREROUTING -i eth0 -d 192.168.1.1 -dport 80 -j DNAT –to
15 Howto Activate the
forwarding
echo 1
>/proc/sys/net/ipv4/ip_forward
16.Kill spoofed
packets
for f in /proc/sys/net/ipv4/conf/*/rp_filter;
do
echo 1 > $f
done.
$iptables -A LDROP
--proto tcp -j LOG --log-level info \ --log-prefix “TCP Drop”