Linux Admin In-depth interview questions

What are the basic elements of LINUX?

Linux is an operating system that is built on the Unix operating system. It is open source and is made up of various components that work together to create a functional operating system. The basic elements of Linux include:

Kernel: The kernel is the heart of the Linux operating system. It provides a connection between the software and the hardware of the system. The kernel controls the input/output devices, manages memory, and handles all system calls.
Shell: The shell is a command-line interface that allows users to interact with the operating system. The shell interprets the commands entered by the user and executes them.
Filesystem: The filesystem is responsible for organizing and storing data on the hard disk. Linux supports various filesystems such as ext2, ext3, ext4, and others.
Libraries: Libraries are collections of pre-written code that can be used by developers to create new software applications.
Utilities: Utilities are programs that perform specific tasks. Linux has many built-in utilities such as text editors, file managers, and network tools.
Applications: Applications are software programs that are built on top of the Linux operating system. There are thousands of open-source applications available for Linux, including web browsers, office suites, media players, and more.

Overall, the basic elements of Linux work together to provide a stable, secure, and customizable operating system.

Can you explain what LILO is?

LILO (LInux LOader) is a bootloader that was widely used on Linux systems until the mid-2000s. A bootloader is a program that is loaded into a computer’s memory when it starts up, and its primary job is to load the operating system into memory and start its execution. LILO was responsible for loading the Linux kernel and any necessary device drivers at startup.

LILO works by reading the configuration file /etc/lilo.conf, which contains information about the system’s partitions, where the kernel image is located, and other boot parameters. When the system is booted, LILO presents a boot menu that allows the user to choose which operating system to load (if multiple operating systems are installed).

One of the advantages of LILO was its simplicity and ease of use. It was also very stable and reliable, and it worked well on a wide range of hardware. However, it had some limitations, such as the inability to boot from filesystems other than the traditional EXT filesystem, and it was not able to handle advanced features like dynamic disk resizing.

Today, most Linux systems use GRUB (GRand Unified Bootloader) as their bootloader, which is more flexible and supports a wider range of features than LILO. However, LILO remains an important part of Linux history and is still used on some older systems.

Describe a service that you might disable on a LINUX server.

There are several services that might be disabled on a Linux server, depending on the specific requirements of the server and the applications running on it. One example of a service that might be disabled is the graphical user interface (GUI).

Most Linux servers are run in headless mode, which means that they do not have a GUI installed and are managed entirely through a command-line interface (CLI). Disabling the GUI frees up system resources and reduces the attack surface of the server by eliminating unnecessary services that could potentially be exploited.

To disable the GUI on a Linux server, you would typically stop the display manager service. The specific commands to do this would depend on the Linux distribution being used, but for example, on a server running Ubuntu, you could run the following command:

sudo systemctl stop gdm

This command would stop the Gnome display manager (gdm), which is responsible for launching the GUI. To ensure that the display manager service does not start automatically on boot, you could run the following command:

sudo systemctl disable gdm

This would prevent the gdm service from starting automatically when the server is booted up.

It is important to note that disabling services should only be done after careful consideration of the server’s requirements and the potential impact of disabling the service. In some cases, disabling a service could cause unintended consequences or break applications that depend on that service. Therefore, it is recommended that any changes to a server’s configuration be made with caution and with proper testing and validation.

How would you check memory and CPU statistics?

There are several ways to check memory and CPU statistics on a Linux system, depending on the level of detail and the specific information needed. Here are some commonly used commands:

top: The top command displays real-time information about system processes, including CPU usage, memory usage, and other system statistics. To run top, simply open a terminal window and type “top”. The top display updates continuously and can be sorted by various fields by pressing the corresponding keys.
free: The free command displays information about system memory usage, including total memory, used memory, free memory, and swap space. To run free, open a terminal window and type “free”. The output shows the memory statistics in kilobytes (KB), megabytes (MB), and gigabytes (GB).
vmstat: The vmstat command displays virtual memory statistics, including memory usage, swap activity, and CPU usage. To run vmstat, open a terminal window and type “vmstat”. The output shows statistics for each process and a summary of the system’s memory usage and CPU activity.
htop: The htop command is a more advanced version of top that provides a more detailed view of system processes and resource usage. To run htop, open a terminal window and type “htop”. The display is updated in real-time and provides color-coded information about CPU usage, memory usage, and other system statistics.

These are just a few examples of the many commands available for checking memory and CPU statistics on a Linux system. Depending on the specific requirements and tools available on the system, there may be other commands or utilities that can be used for this purpose.

Why would Logical Volume Manager (LVM) be required?

Logical Volume Manager (LVM) is a software-based disk management system that provides a layer of abstraction between the physical storage devices (such as hard disks or solid-state drives) and the file systems that reside on them. LVM allows you to create logical volumes (LVs) that can span multiple physical disks, and can be resized, moved, and even mirrored or striped for performance or redundancy.

Here are some reasons why LVM might be required on a Linux system:

Flexible storage management: LVM allows you to create logical volumes that can be resized, moved, or even merged, without requiring any downtime or data loss. This makes it easier to manage storage resources and adapt to changing requirements.
Improved performance: LVM can be used to create striped volumes that can increase read/write performance by distributing data across multiple disks. It can also be used to create mirrored volumes that provide redundancy in case of disk failure.
Snapshots: LVM allows you to create snapshots of logical volumes, which are read-only copies of the original volume at a specific point in time. Snapshots can be used for backups, testing, or other purposes, without affecting the original data.
Encryption: LVM can be used in combination with encryption to provide additional security for data on the system. This allows you to encrypt specific logical volumes, without encrypting the entire disk, which can be useful for systems with multiple users or applications.

Overall, LVM provides a flexible and powerful tool for managing storage resources on Linux systems, and can be particularly useful in enterprise environments where data storage requirements are complex and dynamic. However, it is important to note that LVM does add some complexity to the system, and requires some additional knowledge and skill to manage effectively.

Where are SAR logs stored?

SAR (System Activity Reporter) is a Linux utility that collects and records system performance data over a period of time, which can be used for troubleshooting and performance analysis. The SAR logs are typically stored in the /var/log/sa directory.

The SAR utility generates a separate log file for each day, with the file name indicating the date on which the data was collected. For example, the SAR log file for February 28, 2023, would be named sa28. The SAR logs are binary files that can be viewed using the sar command, which is part of the sysstat package on most Linux distributions.

To view the SAR logs for a specific date, you can use the following command:

sar -f /var/log/sa/sa28

This command would display the system performance data for February 28, 2023, using the SAR log file sa28. You can also use the sar command to generate reports from the SAR logs, by specifying the appropriate options.

It is important to note that SAR is not enabled by default on most Linux distributions, and may need to be installed and configured separately. Additionally, SAR logs can take up significant disk space over time, so it may be necessary to rotate and archive them periodically to avoid filling up the disk.

Describe how you would reduce the size of an LVM partition?

To reduce the size of an LVM partition, you will need to perform the following steps:

Backup your data: Before resizing any partition, it is always recommended to back up your data to avoid data loss in case of any errors or failures.
Identify the logical volume: Determine the logical volume that you want to shrink. You can use the lvdisplay command to list all logical volumes and their sizes.
Unmount the partition: Make sure that the partition is unmounted before shrinking it. You can use the umount command to unmount the partition if it is currently mounted.
Check the file system: After unmounting the partition, use the appropriate file system tool (e.g., e2fsck for ext4 file systems) to check the file system for errors and correct them if necessary.
Shrink the logical volume: Use the lvreduce command to shrink the logical volume. For example, if you want to shrink a logical volume named data by 10GB, you can use the following command:

lvreduce -L -10G /dev/mapper/vg-data

This will reduce the size of the data logical volume by 10GB.
Resize the file system: Once you have shrunk the logical volume, you need to resize the file system to match the new size of the volume. The specific command to use will depend on the type of file system being used. For example, for ext4 file systems, you can use the following command:

bash

resize2fs /dev/mapper/vg-data

This will resize the ext4 file system on the data logical volume to match the new size of the volume.
Mount the partition: Finally, mount the partition to make it accessible again using the mount command.

It is important to note that resizing a logical volume can be a complex and potentially risky process, and should be performed with caution. Always make sure to back up your data, and double-check all commands before executing them to avoid data loss or other issues.

Describe how you would increase the size of an LVM partition?

To increase the size of an LVM partition, you will need to perform the following steps:

Backup your data: Before resizing any partition, it is always recommended to back up your data to avoid data loss in case of any errors or failures.
Identify the logical volume: Determine the logical volume that you want to expand. You can use the lvdisplay command to list all logical volumes and their sizes.
Check for available space: Check if there is enough free space available on the physical volume group (PV) that the logical volume (LV) is associated with. You can use the vgdisplay command to see the available free space on the PV.
Expand the physical volume: If there is not enough free space available on the PV, you will need to add a new physical volume to the volume group or expand the existing physical volume. This can be done using the pvcreate, vgextend, and pvresize commands, depending on the specific situation.
Expand the logical volume: Once there is enough free space available on the PV, use the lvextend command to expand the logical volume. For example, if you want to increase the size of a logical volume named data by 10GB, you can use the following command:
lvextend -L +10G /dev/mapper/vg-data This will increase the size of the data logical volume by 10GB.
Resize the file system: Once you have expanded the logical volume, you need to resize the file system to match the new size of the volume. The specific command to use will depend on the type of file system being used. For example, for ext4 file systems, you can use the following command:
resize2fs /dev/mapper/vg-data
This will resize the ext4 file system on the data logical volume to match the new size of the volume.
Mount the partition: Finally, mount the partition to make it accessible again using the mount command.

Where would you locate kernel modules?

ernel modules are located in the /lib/modules directory on a Linux system. This directory contains subdirectories for each version of the Linux kernel installed on the system. Within each kernel version directory, there are several subdirectories containing various kernel modules.

The specific location of kernel modules may vary depending on the distribution and version of Linux being used. In some cases, the kernel modules may also be stored in an initramfs file or another compressed file format.

You can use the lsmod command to list all currently loaded kernel modules, and the modprobe command to load or unload specific kernel modules. To install new kernel modules, you can use the package manager provided by your Linux distribution, or manually compile and install the modules from source code.

Explain the different network bonding modes used in LINUX.

Network bonding, also known as link aggregation, is a technique used to combine multiple physical network interfaces into a single logical interface, which provides increased bandwidth, fault tolerance, and load balancing.

There are several bonding modes available in Linux, each with its own characteristics and benefits:

Mode 0 (balance-rr): This mode provides load balancing by transmitting packets in a round-robin fashion across all available interfaces. This is the simplest mode and provides the best overall performance when all interfaces are of the same speed.
Mode 1 (active-backup): This mode provides fault tolerance by using one interface as the primary and another interface as a backup. If the primary interface fails, traffic is automatically routed through the backup interface.
Mode 2 (balance-xor): This mode provides load balancing by transmitting packets based on the selected transmit hash policy, which can be either Layer 2 (MAC address) or Layer 3/4 (IP address and port number). This mode is best suited for environments with similar interface speeds and low latency.
Mode 3 (broadcast): This mode transmits all packets to all interfaces, which is useful for applications that require broadcasting or multicasting.
Mode 4 (802.3ad): This mode provides dynamic link aggregation by using the Link Aggregation Control Protocol (LACP). This mode requires support from both the switch and the network interface card (NIC).
Mode 5 (balance-tlb): This mode provides load balancing by dynamically adjusting the transmission rate of each interface based on the current network traffic load.
Mode 6 (balance-alb): This mode provides load balancing and fault tolerance by transmitting packets in a round-robin fashion across all available interfaces, and also uses ARP negotiation to dynamically balance the traffic across the interfaces based on their link speed and availability.

It is important to note that the specific bonding modes available may vary depending on the Linux distribution and version being used, and that the optimal bonding mode for a particular network environment may depend on several factors such as network topology, bandwidth requirements, and latency constraints.

What would you do to enhance the security of password files stored in LINUX?

Password files stored in Linux contain sensitive information and should be protected to ensure the security of the system. Here are some steps that can be taken to enhance the security of password files in Linux:

Use strong passwords: Strong passwords should be used for all user accounts, and password policies should be enforced to ensure that passwords meet minimum length and complexity requirements.
Encrypt password files: Password files should be encrypted to prevent unauthorized access. This can be done using the crypt or sha256crypt utilities, which are built into most Linux distributions.
Use file permissions: File permissions should be set appropriately to prevent unauthorized access to password files. The password file should be readable only by the root user, and other users should not have access to it.
Use password aging: Password aging policies should be enforced to require users to change their passwords periodically. This can be done using the chage command in Linux.
Use two-factor authentication: Two-factor authentication can be used to add an extra layer of security to password files. This can be done using tools such as Google Authenticator or YubiKey.
Use intrusion detection: Intrusion detection systems (IDS) can be used to monitor for suspicious activity on the system and alert administrators if any unauthorized access attempts are detected.

By implementing these security measures, the security of password files in Linux can be significantly enhanced, reducing the risk of unauthorized access and potential security breaches.

Describe which shell you would assign to POP3 mail-only account.

The shell is a command-line interface that provides an environment for users to interact with the Linux system. It allows users to execute commands, run scripts, and perform other tasks.

In the case of a POP3 mail-only account, the user does not require access to a shell since they will only be accessing their email via a mail client application such as Thunderbird or Outlook. Therefore, it is common practice to assign a restricted shell or a non-interactive shell to such accounts to prevent users from accessing the system’s command-line interface.

One common example of a restricted shell that can be used for POP3 mail-only accounts is rbash (restricted bash), which limits the user’s ability to execute certain commands and access specific directories. Another option is to use the nologin shell, which simply displays a message to the user that they are not allowed to log in and then terminates the session.

To assign a specific shell to a user account in Linux, the chsh (change shell) command can be used. For example, to assign the nologin shell to a user account named user1, you would run the following command as root:

chsh -s /usr/sbin/nologin user1

This will prevent the user from accessing a shell and limit them to only accessing their email via POP3.

Explain how you would create a partition from a raw disk.

.Creating a partition from a raw disk in Linux involves several steps:

Identify the disk: Use the fdisk command to identify the raw disk that you want to partition. For example, if the raw disk is /dev/sdb, you would run the following command as root:
fdisk /dev/sdb
Create a new partition: Once you are in the fdisk command prompt, use the n command to create a new partition. You will be prompted to specify the partition type (primary or logical), the starting sector, and the ending sector. You can use the default values for the starting and ending sectors to use the entire disk for the partition.
Save the partition table: Once you have created the partition, use the w command to write the changes to the disk and exit fdisk.
Format the partition: Use the appropriate file system command to format the partition with the desired file system. For example, to format the partition as an ext4 file system, you would run the following command as root:
mkfs.ext4 /dev/sdb1
Mount the partition: Once the partition is formatted, create a mount point and mount the partition using the mount command. For example, to mount the partition at /mnt/data, you would run the following command as root:

mkdir /mnt/data
mount /dev/sdb1 /mnt/data

Make the mount permanent: To ensure that the partition is mounted automatically at boot time, add an entry to the /etc/fstab file. For example, you could add the following line to the file:
/dev/sdb1 /mnt/data ext4 defaults 0 0

This will mount the partition at /mnt/data with the ext4 file system using the default mount options. The 0 0 at the end specifies the file system dump and file system check order, respectively.

By following these steps, you can create a partition from a raw disk in Linux and make it available for use in your file system.

How is the umask command used in a LINUX system?

The umask command is used in Linux to set the default permissions for newly created files and directories. It is used to control the permissions that are automatically assigned to new files and directories when they are created by a user or a process.

The umask value is a 3-digit octal number that represents the permissions that will be removed from the default permissions for newly created files and directories. Each digit corresponds to a different set of permissions: the first digit corresponds to the owner permissions, the second digit corresponds to the group permissions, and the third digit corresponds to the permissions for other users.

For example, if the umask value is set to 022, then the default permissions for new files will be rw-r--r-- (i.e., read and write for the owner, and read-only for group and other users), and the default permissions for new directories will be rwxr-xr-x (i.e., read, write, and execute for the owner, and read and execute for group and other users).

To set the umask value, you can use the umask command followed by the desired octal value. For example, to set the umask value to 022, you would run the following command:

umask 022

You can also use the umask command to display the current umask value by running the command without any arguments:

umask

The output will be the current umask value in octal format.