Professional Documents
Culture Documents
- Kernel: Linux is a monolithic kernel that is free and opensource software that is
responsible for managing hardware resources forthe users.
- System Library: System Library plays a vital role because application programs
access Kernels feature using system library.
- System Utility: System Utility performs specific and individual level tasks.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are the differences between UNIX and Linux Operating System?
Linux is a UNIX clone, the Kernel of which iscreated by Linus Torvalds. There are
so many differences between Linuxand UNIX operating system which are as follows:
- Open Source Operating System:
- Free of Cost:
- Compatibility and Flexibility:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Describe BASH.
BASH stands for Bourne Again Shell. BASH is the UNIX shell for the GNU operating
system. So, BASH is the commandlanguage interpreter that helps youto enter your
input, and thus youcan retrieve information. In a straightforward language, we can
say that it is a program that will understand the data entered by the user
andexecute the command and gives output.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the similarity and difference between cron and anacron? Which one would you
prefer to use?
Cron and Anacron are used to schedulethe tasks in cron jobs. Both of these are the
daemons that are used toschedule the execution of commands or tasks as per the
informationprovided by the user.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is LILO?
LILO or LinuxLoader is the default boot loader for Linux. It is independent of
aspecific file system and can boot operating system from hard disks.Various
parameters such as root device can be set independently usingLILO.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What does the immutable bit do to a file?
A file with an immutable attribute can not be:
- Modified
- Deleted
- Renamed
- No soft or hard link created by anyone including root user.
Onlythe root (superuser) or a process possessing the CAP_LINUX_IMMUTABLE capability
can set or clear this attribute. Use the lsattr command tolist file attributes on a
Linux second extended file system that you set with the chattr command.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are the steps to add a user to a system without using useradd/adduser?
STEP-I(The system creates a directory with the name of ‘user’ in “/home” directory)
Now we create a user with a username techbrown. So start with the first step
[root@techbrown]mkdir /home/techbrown
Copy
It will create a home directory for user techbrown
STEP-V(Create a file for mail address so that the mail come to thatuser will be
shown in that file which is present in“/var/spool/mail/’username’”)
Now create a entry in the /etc/groups directory.
[root@techbrown]vim /etc/groups
techbrown :x : 501:
1 :2 : 3 :4
Copy
:wq
Here 1:2:3:4 as
Username
Password
Group ID
List of users, which are associated with the group.
STEP-VI(create the bash prompts in its home directory)
[root@techbrown]touch /var/spool/mail/techbrown
Copy
This will create a mail box for the user for techbrown so that the mail generated
for user techbrown comes to this file.
Now use this command to login into user techbrown.
[root@techbrown ~] su - techbrown
-bash-4.1$
Copy
[root@techbrown ~]
Copy
This shows the above error that is a bash error. Means to enter intothe user, you
should have some bash files into the home directory of theuser. So do the following
steps.
[root@techbrown ~] cd /etc/skel/
[root@techbrown skel] cp .bash /home/techbrown
[root@techbrown skel] su - techbrown
[techbrown@techbrown ~]$ [you are in user techbrown ]
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The minor number is used only by the driver specified by the major number; other
parts of the kernel don’t use it, and merely pass it along to the driver. It is
common for a driver to control several devices (as shown in the listing); the minor
number provides a way for the driver to differentiate among them.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Describe a scenario when you get a "filesystem is full" error, but 'df' shows there
is free space.
It's possible that a process has opened a large file which has since been deleted.
You'll have to kill that process to free up the space. Youmay be able to identify
the process by using lsof. On Linux deleted yetopen files are known to lsof and
marked as (deleted) in lsof's output.
When all the inodes are consumed then eventhough you have free space, you will get
the error that filesystem isfull. So, to check whether there is space available, we
have to use thecommand df –i. Sometimes, it may happen file system or storage
unitcontains the substantial number of small files, and each of the filestakes 128
bytes of the inode structure then inode structure fills up,and we will not be able
to copy any more file to the disk. So, torectify the problem, you need to free the
space in inode storage, andyou will be able to save more files.
You can check this with `sudo lsof +L1`
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Describe a scenario when deleting a file, but 'df' not showing the space being
freed.
Deleting the file won't free the space until you delete the processes that have
open handles against that file.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What happens to a child process that dies and has no parent process to wait for it
and what’s bad about this?
It becomes a Zombie process.
Zombie processes don’t use up any system resources. (Actually, each one uses a very
tiny amount of system memory to store its process descriptor.) However, each zombie
process retains its process ID (PID).Linux systems have a finite number of process
IDs – 32767 by default on32-bit systems. If zombies are accumulating at a very
quick rate – for example, if improperly programmed server software is creating
zombie processes under load — the entire pool of available PIDs will eventually
become assigned to zombie processes, preventing other processes fromlaunching.
Zombie Process =
Identify zombie process -
pa -aux | grep defunct
OR
top -b1 -n1 | grep Z
find parent zombie -
ps -A -ostat,ppid | grep -e '[zZ]'| awk '{ print $2 }' | uniq | xargs ps -p
kill -9 pid
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- \- : regular file.
- d : directory.
- c : character device file.
- b : block device file.
- s : local socket file.
- p : named pipe.
- l : symbolic link.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the difference between a process and a thread? And parent and child
processes after a fork system call?
Process:
A process is an instance of a program in execution. It represents a unit of work
within the operating system.
Each process has its own address space, which includes memory, resources, and a
unique process identifier (PID).
Processes are independent of each other and typically do not share memory, except
through explicit inter-process communication (IPC) mechanisms.
Thread:
A thread is the smallest unit of execution within a process. Threads share the same
memory space and resources within the process.
Threads within the same process can communicate directly through shared memory and
synchronization primitives.
When a fork system call is executed in Unix-like operating systems, a new process
(child process) is created as an exact copy of the calling process (parent
process).
After the fork call, both the parent and child processes continue executing from
the point immediately following the fork call.
The child process receives a new unique process ID (PID), while the parent process
retains its original PID.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
exec():
exec() is a family of system calls used to replace the current process's memory
image with a new program.
When exec() is called, the current process is replaced by the new program, and the
new program starts executing from its entry point.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can you get Host, Channel, ID, LUN of SCSI disk?
Using udevadm:
You can also use the udevadm command to get detailed information about SCSI disks =
udevadm info --query=all --name=/dev/xvda
P: /devices/vbd-768/block/xvda
M: xvda
U: block
T: disk
D: b 202:0
N: xvda
L: 0
S: disk/by-diskseq/1
Q: 1
E: DEVPATH=/devices/vbd-768/block/xvda
E: DEVNAME=/dev/xvda
E: DEVTYPE=disk
E: DISKSEQ=1
E: MAJOR=202
E: MINOR=0
E: SUBSYSTEM=block
E: USEC_INITIALIZED=7428161
E: ID_PART_TABLE_UUID=d209c89e-ea5e-4fbd-b161-b461cce297e0
E: ID_PART_TABLE_TYPE=gpt
E: DEVLINKS=/dev/disk/by-diskseq/1
E: TAGS=:systemd:
E: CURRENT_TAGS=:systemd:
bash
$ cat /proc/scsi/scsi
Host: scsi2 Channel: 00 Id: 00 Lun: 29
Vendor: EMCModel: SYMMETRIX
bash
$ ls -ld /sys/block/sd/device
lrwxrwxrwx 1 root root 0 Oct4 12:12 /sys/block/sdaz/device ->
../../devices/pci0000:20/0000:20:02.0/0000:27:00.0/host2/rport-2:0-0/
target2:0:0/2:0:0:29
lrwxrwxrwx 1 root root 0 Oct4 12:12 /sys/block/sdbi/device ->
../../devices/pci0000:20/0000:20:02.2/0000:24:00.0/host3/rport-3:0-0/
target3:0:0/3:0:0:29
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
ulimit are typically temporary and only apply to the current shell session
To make them persistent = /etc/security/limits.conf
<domain> <type> <item> <value>
domain>: Specifies the user or group to which the limit applies. It can be:
A username (e.g., user)
A group name prefixed with @ (e.g., @group)
* to apply the limit to all users.
<type>: Specifies whether the limit is a soft or hard limit. It can be:
soft: Defines the soft limit for the resource. The soft limit can be adjusted by
the user within the constraints of the hard limit.
hard: Defines the hard limit for the resource. The hard limit acts as a maximum
value and cannot be exceeded.
<item>: Specifies the resource being limited. It can be various system resources
like:
core: Maximum size of core files created.
data: Maximum data size.
fsize: Maximum filesize.
memlock: Maximum locked-in-memory address space.
nofile: Maximum number of open files.
nproc: Maximum number of processes.
Example Values =
* soft core 0: Sets the soft limit for core file size to 0 (core files are disabled
for all users).
* hard rss 10000: Sets the hard limit for the resident set size to 10000 for all
users.
@student hard nproc 20: Sets the hard limit for the maximum number of processes to
20 for users in the student group.
@faculty soft nproc 20: Sets the soft limit for the maximum number of processes to
20 for users in the faculty group.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Can you explain to me the difference between block based, and object based storage?
Block-based Storage:
Structure: Data organized into fixed-sized blocks.
Access: Accessed at the block level, requires a file system.
Examples: HDDs, SSDs, SANs.
Advantages: Efficient for structured data, fine-grained control.
Disadvantages: Requires file system, lacks metadata.
Object-based Storage:
Structure: Data stored as objects with metadata.
Access: Accessed at the object level via unique identifiers.
Examples: Amazon S3, Google Cloud Storage.
Advantages: Scalable, metadata-rich, simplified management.
Disadvantages: Overhead for metadata, not ideal for all use cases.
Explain Network Bonding and also explain the different types of Network bonding?
Network Bonding as the name implies that it is the process of bonding or joining
two or more than two network interfaces to create one interface. It helps
inimproving the network throughput, bandwidth, redundancy, load balancingas in case
any of the interfaces is down; the other one will continue towork. Several types of
Network Bonding are available that are based onthe kind of bonding method.
Below are the different bonding types in Linux:
- balance-rr or mode 0 – This is the default mode of network bonding that works on
the round-robin policy that means from the firstslave to the last, and it is used
for fault tolerance and loadbalancing.
- active-backup or mode 1 – This type of network bonding works on the active-backup
policy that means only one slave will be active andother will work just when
another slave fails. This mode is also usedfor fault tolerance.
- balance-xor or mode 2 –This type of network bonding sets anexclusive or mode that
means source MAC address is XOR’d with thedestination address, and thus it provides
fault tolerance and loadbalancing.
- broadcast or mode 3 –This mode sets a broadcast mode toprovide fault tolerance,
and it should be used for particular purposes.In this type of network bonding, all
transmissions are sent to all slaveinterfaces.
- 802.3ad or mode 4 –This mode will create the aggregationgroups, and all the
groups will share the same speed. For this, modesets an IEEE 802.3ad dynamic link
aggregation mode. It is done byparticular switch support that supports IEEE 802.3ad
dynamic link.
- balance-tlb or mode 5 –This mode sets a transmit load balancing mode for fault
tolerance and load balancing and does not require any switch support.
- balance-alb or mode 6 –This mode sets an active load balancing to achieve fault
tolerance and load balancing.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Where is password file located in Linux and how can you improve the security of
password file?
This is animportant question that is generally asked by the interviewers.
Userinformation along with the passwords in Linux is stored in/etc/passwdthat is a
compatible format. But this file is used to get the userinformation by several
tools. Here, security is at risk. So, we have tomake it secured.
To improve the security of the passwordfile, instead of using a compatible format
we can use shadow passwordformat. So, in shadow password format, the password will
be stored assingle “x” character which is not the same file (/etc/passwd).
Thisinformation is stored in another file instead with a file name/etc/shadow. So,
to enhance the security, the file is made word readableand also, this file is
readable only by the root user. Thus securityrisks are overcome to a great extent
by using the shadow passwordformat.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the level of Security that Linux provides in comparison to other Operating
Systems?
If an operating system is not secure then it is not successful. In comparison to
other operating systems, Linux is themost secure operating system as it consists of
Pluggable AuthenticationModules. A secure layer is created between the
authentication processand applications. It is because of PAM only by which an admin
can giveaccess to other users to log into the system. You can find
theconfiguration of PAM applications in the “/etc/pam.d” or “/etc/pam.conf”
directory.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are soft links? Describe some of the features of soft links.
Soft Links or Symbolic Link or Symlink are special files which are used as a
referencefor another directory. Some features of softlinks are:
- They have a different INODE number with respect to source files or original
files.
- If in case the original file is deleted then a soft link of that file is useless.
- We cannot update a soft link.
- Soft links are used to create links between directories.
- Soft links are independent of file system boundaries.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is Puppet?
The Puppet is open source software which is [used for software configuration]
(https://www.educba.com/software-engineering-interview-questions/) management that
runs on systems similar to that of UNIX. It is secureand scalable to use. It
provides automation features in DevOps and Cloud environment.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Which utility can be used to create the partition from a raw disk?
You can use tools like fdisk, lsblk, or lsscsi to identify the newly added disk
To scan= echo "- - -" > /sys/class/scsi_host/host0/scan
fdisk -l = to identity
fdisk /dev/sdX = to start partitioning
Type n and press Enter to create a new partition.
Choose the partition type:
For primary partition, type p.
For extended partition, type e.
Specify the partition number (e.g., 1) and press Enter.
Specify the starting sector (usually, press Enter to use the default).
Specify the ending sector or size of the partition. You can specify the size in
sectors, megabytes (e.g., +100M), gigabytes (e.g., +1G), etc.
Use the t command to set the partition type
use the w command to write the changes
lsblk = to check new partition
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Bypassing an HTTP proxy involves finding ways to access resources on the internet
without going through the proxy server =
Using a VPN (Virtual Private Network): VPNs encrypt your internet connection and
route it through a server located elsewhere, effectively bypassing the proxy
server.
Using SSH Tunneling: Secure Shell (SSH) tunneling involves creating an encrypted
connection between your computer and a remote server, then using that server as a
proxy to access the internet.
Using Proxy Websites: There are websites that act as proxies themselves, allowing
you to access internet resources indirectly through them.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Your freshly configured http server is not running after a restart, what can you
do?
Check Server Configuration
Check Log Files
Verify Port Availability
Restart the Server
Check System Resources
Check for Conflicting Services
Test Connectivity
Review Recent Changes
Check for Firewall Rules
Reinstall or Roll Back
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What kind of keys are in ~/.ssh/authorized_keys and what it is this file used for?
Authorized_keys File in SSH. The authorized_keys file in SSH specifies the SSH keys
that can be used for logging into the user account for which the file is
configured. It is a highly important configuration file, as it configures permanent
access using SSH keys and needs proper management.
I've added my public ssh key into authorized_keys but I'm still getting a password
prompt, what can be wrong?
Make sure the permissions on the ~/.ssh directory and its contents are proper. When
I first set up my ssh key auth, I didn't have the ~/.ssh folder properly set up,
and it yelled at me.
Your home directory ~, your ~/.ssh directory and the ~/.ssh/authorized_keys file on
the remote machine must be writable only by you: rwx------ and rwxr-xr-x are fine,
but rwxrwx--- is no good¹, even if you are the only user in your group (if you
prefer numeric modes: 700 or 755, not 775).
If ~/.ssh or authorized_keys is a symbolic link, the canonical path (with symbolic
links expanded) is checked.
Your ~/.ssh/authorized_keys file (on the remote machine) must be readable (at least
400), but you'll need it to be also writable (600) if you will add any more keys to
it.
Your private key file (on the local machine) must be readable and writable only by
you: rw-------, i.e. 600.
Also, if SELinux is set to enforcing, you may need to run restorecon -R -v ~/.ssh
(see e.g. Ubuntu bug 965663 and Debian bug report 658675; this is patched in CentOS
6).
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
When trying to umount a directory it says it's busy, how to find out which PID
holds the directory?
open a terminal:
fuser -c /media/KINGSTON
It will output something like this:
/media/KINGSTON/: 3106c 11086
This will give you the pid of the processes using this volume. The extra character
at the end of pid will give some extra info. ( c in 3106c)
c - the process is using the file as its current working directory
m - the file is mapped with mmap
o - the process is using it as an open file
r - the file is the root directory of the process
t - the process is accessing the file as a text file
y - this file is the controlling terminal for the process
So to unmount just kill that pids and re-try the unmount
sudo kill -9 3106 11086
sudo umount /media/KINGSTON
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You ran a binary and nothing happened. How would you debug this?
gdb debugger or check the return code `echo $?`
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are cgroups? Can you specify a scenario where you could use them?
Cgroups Allocate resources: Limit and distribute CPU, memory, I/O bandwidth, and
other resources among groups of processes.
cpu, cpuset: CPU usage and scheduling
memory: Memory limits
blkio: Block device I/O limits
devices: Control access to hardware devices
Create cgroup:
sudo cgcreate -g memory:/my_limited_group
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are the default port numbers used for SMTP, FTP,DNS, DHCP, SSH?
ServicePort SMTP25
FTP 20 for data transfer and 21 for Connection established
DNS53
DHCP 67/UDP(for DHCP server, 68/UDPfor DHCP client
SSH22
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
To change the edit level /etc/inittlab and edit the initdefault entry.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can we create a local Yum repository in the location /media with the use of
mounted Linux ISO image?
To create the local yum repository you have to create the files ending with
extension .repo in the location /etc/yum.repos.d
Syntax: [root@localhost yum.repos.d] cat local.repo
[local]
name=RHEL6.5
baseurl=file:///media
enabled=1
gpgcheck=1
gpgkey=file:///media/RPM-GPG-KEY-redhat-release
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mention the methods to check whether using Yum, the package is installed
successfully or not.
There are several methods to check whether the package is installed or not. To
understand, just see the below steps.
Method 1 –If the command is executed successfully then after running the yum
command it will show ‘0’ on checking the exit status.
Method 2-You can run the rpm and –qa test.
Method 3–In the yum log, check if any entry is installed in the directory.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How do you change TCP stack buffers? How do you calculate it?
TCP Tuninghttp://www.linux-admins.net/2010/09/linux-tcp-tuning.html
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is Huge Tables? Why isn't it enabled by default? Why and when use it?
HugePages feature enables the Linux kernel to manage large pages of memory in
addition to the standard 4KB (on x86 and x86_64) or 16KB (on IA64) page size. If
you have a system with more than 16GB of memory running Oracle databases with a
total System Global Area (SGA) larger than 8GB, you should enable the HugePages
feature to improve database performance.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the advantage of executing the running processes in the background? How can
you do that?
The most significant advantage of executing the running process in the background
is that you can do any other tasksimultaneously while other processes are running
in the background. So,more processes can be completed in the background while you
are workingon different processes. It can be achieved by adding a special character
‘&’ at the end of the command.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
If a volume group already exists and we need to extend the volume group to some
extent. How will you achieve this?
Linux providethe facility to increase the size of a volume group even if it
alreadyexists. For this, we need to run a command.
First of all, we have to create a physical volume (/dev/sda1)
Size of the physical volume should be the size you want the size of the logical
volume.
Now, run the below command:
vgextend VG1 /dev/sda1
Here VG1 is the name of the volume group.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What do you understand about Linux Kernel and can you edit it?
Linux Kernel is the component that manages the hardware resources for the user and
that provides essential services and interact with the user commands. Linux Kernel
is an open sourcesoftware and free, and it is released under General Public License
so we can edit it and it is legal.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
BIOS/UEFI Initialization: The boot process begins with the system firmware (BIOS or
UEFI) initializing the hardware components such as CPU, memory, and storage devices
Boot Loader (GRUB): Once the hardware is initialized, the boot loader, usually GRUB
(Grand Unified Bootloader), is loaded into memory from the boot device. GRUB
presents the kernel versions to boot
Kernel Initialization: After the kernel version is selected, GRUB loads the Linux
kernel (vmlinuz) into memory. The kernel initializes system components, scheduler,
memory management, drivers and more
Initramfs: the kernel loads an initial RAM filesystem (initramfs) into memory. The
initramfs has modules and tools required for mounting the root filesystem
Root Filesystem Mounting: The kernel mounts the root filesystem mentioned in the
bootloader configuration. This filesystem has all the necessary files for the
operating system to function
Init Process: Once the root filesystem is mounted, the kernel executes the init
process, which is the user-space process. The init process initializes the rest of
the user-space environment, such as starting system services and daemons
System Initialization: The init process may be replaced by systemd. It brings up
the system services defined in the configuration files, sets up networking, mounts
additional filesystems, and performs other system setup tasks
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The Kernel modules are the set of programs or code which can be loadedas per the
requirement or demand which can be implemented without theprocess of rebooting the
system. Each and every kernel is a module andis easily loadable. There will also be
an automatic module handling.
To check themodules that are already installed inside the kernel, you have to
runthis code: lsmod. When the module has been built, now it is the stage toload it
in the kernel. You can load it by the command “Insmod” or“Modprobe”.
Syntax: Insmod[filename][module-options] //module-options are command line
arguments to kernel objects.
Insmod always accepts only one filename at a time.
Modprobe offers more features thanInsmod like it can decide which module is to be
loaded and is aware ofthe module dependencies.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mention the case when we use “user virtual address” instead of “kernel virtual
address”?
When we run a program in userspace then we use“user virtual address” as we do not
have any access to kernel virtualmemory address. Normally when we are running our
program in kernel modethen we use kernel address but in case we have to run our
program inkernel mode and that program needs an interaction with a userspace thenwe
will use “user virtual address” and be careful to first translate itto user virtual
address.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
There may be the codes for which the hardware is not present in the system and you
have to make your system understand about what are your system’s requirements.
Below are some guiding principles by which you can find the codes to be removed.
- Hardware Networking Drivers:Several ofsystem-on-chips have Wi-Fi drivers, serial
and other hardware that arenot used, you can remove those drivers that are built on
the kernel.
- File Systems:The system has the only requirement offew file systems but in the
kernel you will find many file systemsdrivers that are not in use e.g. Devices
which make use of flash filesystems do not require ext2 or ext3 file system so they
can be removed.Be cautious that do not remove the file systems that are essential
oryou may have the use of the systems in the future.
- Debugging and Profiling:All the systems which come under kernel hacking entry
could be disabled if not in use.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You run a bash script and you want to see its output on your terminal and save it
to a file at the same time. How could you do it?
bash
user@unknown:~$ sudo command -option | tee log.txt
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Explain the command and method to change the file permissions in Linux.
chmod command is used to change the permissions of a file. There are three parts to
consider to set the file permissions.
User (or Owner)
2. Group
3. Other
3 types of file permission that is given to a file.
- r – Reading permission
- w – Writing permission
- x – Execution permission
For example, chmod 751 filename
Then, three number 751 describespermissions given to the user, group and other in
the order. Each numberis the sum of the values,i.e. 4 for reading, 2 for write, 1
forexecute.
Here 751 is the combination of (4+2+1), (4+0+1), (0+0+1).
So, chmod 751 filename will provideread, write and execute permission to the owner;
read and executepermission to the group and only execute permission to the others.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Sed Command-
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
dmesg = gives error messages and info about hardware and kernel
iostat -xmt 1= this gives info on disks, if something been written iostat 1 - to
keep refreshing the disk usage
ss is the replacement utility for netstat
netstat -antup | grep 873
netstat -rvn = gives network information
netstat -tnlup = gives all active listening ports
netstat -i = shows packets information
nmap -A ip = to check the open ports on remote server
vmstat = virtual memory buffer
pidstat = shows all info regarding the pid's and user accessing
mtr ip or hostname = to see packets lost or sent and other network information
mpstat = cpu information that has nice value and idle state of CPU
sar -q = cpu load utilization
sar -r = memory utilization
sar -d = disk utilization
sar -n ALL or network interface = network utilizations
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Write the command to view an existing tar archive and how to extract it?
The command for viewing tar archive that is already existing: $ tar tvf
archive_name.tar
The command to extract an existing tar archive: $ tar xvf archive_name.tar
The command for the creation of new tar archive: $ tar cvf archive_name.tar
dirname/
You may be asked one or more commandbased interview questions in the linux
interview. You should prepareyourself with as many commands as you can. There are
several commandsthat are used for tar archive which are commonly asked in the
linuxinterview, so don’t miss to cover this question while going for thelinux
interview.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
NAME
The name of the command or function and simple explanation of it.
SYNOPSIS
For commands how to run it and parameters it takes. For functions, alist of the
parameters it takes and which header file contains itsdefinition.
DESCRIPTION
A detailed description of command or function we are searching for.
EXAMPLES
Some examples of usages.Most helpful section
SEE ALSO
This section will have a list of related commands or functions.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How to get a list of currently running processes and resource utilization in Linux?
The top is the command used for this. This will give all information about each
process running on a machine like –
Process ID (PID)
Owner of the process(USER)
Priority of process(PR)
Percentage of CPU (%CPU)
Percentage of memory
Total CPU time spends on the process.
Command used to start a process.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is a pipeline operator in Linux?
Pipeline operator in Linux is used to redirect the output of one program or command
to another program/command for further processing. Usuallytermed as redirection.
Vertical bars,’|’ (“pipes” in common [Unix
verbiage](https://www.educba.com/course/unix-1/)) are used for this. For example,
ls -l | grep key, will redirect the output of ls -l command to grep key command
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Explain, in as much detail as you feel comfortable with, what is happening when you
access Google.com
You type maps.google.com into the address bar of your browser.
2. The browser checks the cache for a DNS record to find the corresponding IP
address of maps.google.com.
3. If the requested URL is not in the cache, ISP’s DNS server initiates a DNS query
to find the IP address of the server that hosts maps.google.com.
4. Browser initiates a TCP connection with the server.
5. The browser sends an HTTP request to the web server.
6. The server handles the request and sends back a response.
7. The server sends out an HTTP response.
8. The browser displays the HTML content (for HTML responses which is the most
common).
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is DNS?
The Domain Name System resolves the names ofinternet sites with their underlying IP
addresses adding efficiency andeven security in the process.
DNS is a directory of names that match with numbers. The numbers, inthis case are
IP addresses, which computers use to communicate with each other.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is HTTP?
Stands for "Hypertext Transfer Protocol."HTTP is the protocol used to transfer data
over the web.It is part of the Internet protocol suite and defines commands and
services used for transmitting webpage data.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is SMTP? Give the basic scenario of how a mail message is delivered via SMTP.
SMTP stands for Simple Transfer Email Protocol. Currently, the electronic mail (e-
mail) standard for the Internet isSMTP. SMTP is the Application Levelprotocol that
handlesmessage services over [TCP/IP]. SMTP uses TCP Well Known Port25.
Simple Mail Transfer Protocol (SMTP) is based onend-to-end message delivery. An
Simple Mail Transfer Protocol (SMTP)client contacts the destinationhost's Simple
Mail Transfer Protocol (SMTP) serveron well-known port 25, to deliver the mail. The
client then waitsfor theserver to send a 220 READYFOR MAIL message.
Uponreceiptofthe220 message, theclient sends a HELO command. The server then
responds with a "250Requested mail action okay" message.
After this, the mail transaction will begin with a MAILcommand that gives the
sender identificationas well as a FROM:field that contains the address to which
errors should bereported.
After asuccessful MAILcommand, the sender issues a series of RCPTcommands
thatidentifyrecipientsofthemailmessage.Thereceiver will the acknowledgeeach RCPT
command bysending 250 OK or bysending the error message 550 Nosuch user here.
Afterall RCPTcommands havebeenacknowledged,thesenderissuesa DATAcommand to inform
the receiver thatthe sender isreadytotransferacomplete mail message.The
receiverresponds with message 354Start mail command with an endingsequence that the
sender should use to terminate themessage data. The termination sequence consists
of 5 characters:carriage return, line feed, period, carriage return, and line
feed(<CRLF>.<CRLF>).
The client now sends the data line by line, ending with the 5-character sequence
<CRLF>.<CRLF> line, upon which the receiver will acknowledge with a 250 OK, or an
appropriate error message if anything went wrong.
After the sending is completed, the client can follow any of these actions.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the similarity between "ping" & "traceroute" ? How is traceroute able to
find the hops.
The main difference between the common Ping and Traceroute commands isthat Ping is
a quick and easy way to tell you if the destination serveris online and estimates
how long it takes to send and receive data tothe destination. Traceroute tells you
the exact route you take to reachthe server from your computer (ISP) and how long
each hop takes.
Traceroute makes use of a network mechanism called TTL, or "Time to Live" and
Probing the Hops: Traceroute makes sure that each hop on the way to a destination
device drops a packet, and sends back an ICMP error message.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the command used to show all open ports and/or socket connections on a
machine?
bash
ss -sList currently established, closed, orphaned and waiting TCP sockets
ss -ldisplay all open network ports
ss -plto see process named using open socket:
ss -lp | grep 4949Find out who is responsible for opening socket / port4949 using
the ss command and grep command
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is a VLAN?
A VLAN, or Virtual Local Area Network, is a technology used in networking to
logically segment a single physical network into multiple virtual networks. This
segmentation is achieved by assigning network devices, such as computers, servers,
or switches, to different VLANs based on criteria such as port numbers, MAC
addresses, or protocols.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are the layers of the OSI model?
The seven layers of function are provided by a combination of applications,
operating systems,network card device drivers and networking hardware that enable
asystem to transmit a signal over a network Ethernet or fibber optic cableor
through Wi-Fi or other wireless protocols
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Can you have several HTTPS virtual hosts sharing the same IP?
Yes, you can have several HTTPS (HTTP over SSL/TLS) virtual hosts sharing the same
IP address. This is achieved through the use of Server Name Indication (SNI), which
is an extension to the TLS protocol
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
For example, a wildcard certificate for .(domainname).com, could beused for www.
(domainname).com, mail.(domainname).com,store.(domainname).com, in addition to any
additional sub domain name in the (domainname).com.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A TCP connection on a network can be uniquely defined by 4 things. What are those
things?
A TCP connection on a network can be uniquely defined by the following four
elements:
Source IP address: The IP address of the sender or the source of the TCP
connection.
Source port number: The port number being used by the sender's device for the TCP
connection.
Destination IP address: The IP address of the receiver or the destination of the
TCP connection.
Destination port number: The port number being used by the receiver's device for
the TCP connection.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You have added an IPv4 and IPv6 address to interface eth0. A ping tothe v4 address
is working but a ping to the v6 address gives you theresponse `sendmsg: operation
not permitted`. What could be wrong?
bash
This means that your server is not allowed to send ICMP packets.
Check firewall rules:
$ ip6tables -P INPUT ACCEPT
$ ip6tables -P OUTPUT ACCEPT
$ ip6tables -P FORWARD ACCEPT
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How many NTP servers would you configure in your local ntp.conf?
It is NOT recommended to use only two NTP servers.
If more than one NTP server is required, four NTP servers is therecommended
minimum. Four servers protects against one incorrecttimesource, or "falseticker".
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can you tell if the httpd package was already installed?
Try install it again? Or check it version httpd -v
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Explain how could you ssh login into a Linux system that DROPs all new incoming
packets using a SSH tunnel.
If the Linux system is configured to drop all new incoming packets, you won't be
able to SSH directly into it. However, you can establish an SSH tunnel from another
system that has outbound connectivity to the target Linux system
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can you see content of an ip packet?
` tcpdump -r /tmp/capture -A | grep '10.2.50'`
`-A` option to `tcpdump` gives the packet contents
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Nmap command
Nmap is used to discover hosts and services on a computer network by sending
packets and analyzing the responses. Nmap provides a number of features for probing
computer networks, including host discovery and service and operating system
detection
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is HTTP?
HTTP (hypertext transport protocol) it's a protocol that defines how messages are
formated and transmitted via web, and what actions webservers and browsers should
take in response of various commands.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is SMTP? Give the basic scenario of how a mail message is delivered via SMTP.
SMTP ( Simple Mail transport protocol) works in the application layer, and uses a
process called "store and forward", working close to a MTA (Mail Tranfer Agent),
this MTA service sends via SMTP a package with the messages, when this message
arrives at the destination, the client will use POP3/IMAP to download it.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What commands do you know that can be used to check DNS records?
dig +trace
nslookup
whois
host
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is in /etc/services?
A mapping for services and ports, when a service call a function getportbyname()
usually this function goes in this file to check.
Example the command netstat or ss without the -n parameter
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tee
copies the STDOUT to a file, but continues to show the STDOUT.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
awk
awk it's a programming language designed for text processing.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tr
tr or translate, it's a command to substitute characters.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
cut
cut is a command for text processing and extracts a portion of a text
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tac
tac it's a reverse cat, pritting the file bottom to up.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
curl
curl or cURL is a tool to transfer data from or to a server, using one of the
supported protocols. cURL can be called a CLI browser, you can use to authenticate,
change the HEADER, and do a lot of stuffs with it.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
wget
wget is a tool for retrieving files using HTTP, HTTPS , or FTP.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
watch
Watch it's a tool that runs a specified command repeatedly and displays the result
on standard output.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
head
It's a command that shows the first lines of a file, the default it's 10 lines
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
tail
It's a command that shows the last lines of a file, the default it's 10 lines
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What does an & after a command do?
Makes the command run in a background sub shell, and becomes a job.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Are there any other RRs and what are they used for?
PRT record stands for pointer record and maps an IPV4 address to a CNAME
SOA record stands for State of Authority and is easily one of the most important
DNS records because stores information like when the domain was last updated.
SRV record stands for Service Record, is a record that specifies hostname and port
number for a specific service, it can be used for service discovery.
TXT record stands for Text Information, used by various purposes, as domain
ownership for example.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Describe briefly the steps you need to take in order to create and install a valid
certificate for the site https://foo.example.com.
Create a key file
Uses this key file to create a csr file
Send this csr file to a ssl certificate provider
Get the crt from the certificate provider with the CA chain and configure into the
webserver
Or you can use certbot to simplify.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Can you have several HTTPS virtual hosts sharing the same IP?
Yes using virtualhosts, but the client needs to support http/1, to use name-based
virtual host configuration.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What's happening when the Linux kernel is starting the OOM killer and how does it
choose which process to kill first?
OOM will kill the process that will free more memory and the least important for
the OS.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are cgroups? Can you specify a scenario where you could use them?
Cgroups are a Linux kernel feature that allow limit the resource use for a group of
process(CPU, memory, disk I/O). A scenario to use could be to test a software in a
physical machine that has a big hardware, and make this software run a minimum
configuration, a very common sofware that uses cgroups it's in contairners
( docker, crio).
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the similarity between "ping" & "traceroute" ? How is traceroute able to
find the hops.
Both use ICMP (Internet control message protocol) packets to archive their
proposes, but traceroute sends the packets gradually increasing the TTL value,
starting with TTLThe first router receives the packet, decrements the TTL value and
drops the packet because the TTL has zero. The router sends an ICMP Time Exceeded
message back to the source.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the command used to show all open ports and/or socket connections on a
machine?
lsof -i
netstat -a
ss -a
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is a VLAN?
It's a virtual lan created to separate networks inside a switch, making the
broadcast domain shorter, and for security proposes. Works in the network layer
(OSI Layer 2)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A TCP connection on a network can be uniquely defined by 4 things. What are those
things?
remote-ip-address
remote-port
source-ip-address
source-port
When a client running a web browser connects to a web server, what is the source
port and what is the destination port of the connection?
source port it's dynamic based on net.ipv4.ip_local_port_range defined between
32768 - 61000, destination port 80 or 443.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the equivalent of a file shortcut that we have a window on a Linux system?
Shortcuts are created using "links" on Linux. There are two types of links that can
be used namely "soft link" and "hard link".
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Eg:
if cat fille
ABCD
EFGH
Then O/p should be
EFGH
ABCD
sed '1! G; h;$!d' file1
Here G command appends to the pattern space,
h command copies pattern buffer to hold bufer
and d command deletes the current patternspace.
Given a file,replace all occurrence of wrd "ABC" with "DEF" from 5th line till end
in only those lines that contains word "MNO"
sed –n '5,$p' file1|sed '/MNO/s/ABC/DEF/'
Given a file, write a command sequence to find the count of each word.
tr –s"(backslash)040" <file1|tr –s"(backslash)011"|tr "(backslash)040
(backslash)011" "(backslash)012" |uniq –c
where "(backslash)040" is octal equivalent of "space"
"(backslash)011" is an octal equivalent of "tab character" and
"(backslash)012" is an octal equivalent of the newline character.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How will you find the 99th line of a file using only tail and head command?
tail +99 file1|head -1
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Print the 10th line without using tail and head command.
sed –n '10p' file1
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I want to create a directory such that anyone in thegroup can create a file and
access any person's file in it but noneshould be able to delete a file other than
the one created by himself.
We can create the directory giving read and execute access toeveryone in the group
and setting its sticky bit "t" on as follows:
mkdir direc1
chmod g+wx direc1
chmod +t direc1
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can you find out how long the system has been running?
We can find this by using the command "uptime".
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can any user find out all information about aspecific user like his default
shell, real-life name, default directory,when and how long he has been using the
system?
finger"loginName"…where loginName is the login name of the user whose information
is expected.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I want to monitor a continuously updating log file, what command can be used to
most efficiently achieve this?
We can use tail –f filename. This will cause only the defaultlast 10 lines to be
displayed on std o/p which continuously shows theupdating part of the file.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
want to connect to a remote server and execute some commands, how can I achieve
this?
We can use ssh to do this:
ssh username@serverIP -p sshport
Example: ssh [root@122.52.25171](mailto:root@122.52.25171) -p 22
Once above command is executed, you will be asked to enter the password
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I have 2 files and I want to print the records which are common to both.
We can use "comm" command as follows:
comm -12 file1 file2 ... 12 will suppress the content which are
unique to 1st and 2ndfile respectively.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What will happen to my current process when I execute a command using exec?
"exec" overlays the newly forked process on the current process;so when I execute
the command using exec, the command gets executed onthe current shell without
creating any new processes.
E.g., Executing "execls"on command prompt will execute ls and once ls exits, the
process will shut down
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Given a file find the count of lines containing the word "ABC".
grep –c"ABC" file1
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How will you print the login names of all users on a system?
/etc/shadow file has all the users listed.
awk –F ':' '{print $1} /etc/shadow'|uniq -u
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How will you find the total disk space used by a specific user?
du-s /home/user1 ....where user1 is the user for whom the total disk space needs to
be found.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Write a command sequence to find all the files modified in less than 2 days and
print the record count of each.
find . –mtime -2 –exec wc –l {} \;
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can I set the default rwx permission to all users on every file which is
created in the current shell?
umask 777
This will set default rwx permission for every file which is created for every
user.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can we find the process name from its process id?
We can use "ps –p ProcessId"
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What are the four fundamental components of every file system on Linux?
Bootblock, super block, inode block andDatablock are found fundamental components
of every file system on Linux.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How can I send a mail with a compressed file as an attachment?
ip filezip file1|mailx –s "subject" Recipients email id
mail content
OF
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Important Miscellaneous
Common TCP/IP Protocols and Ports
| Protocol | TCP/UDP | Port Number | Description|
| ------------------------------------------------------------ | ----------- |
--------------- | ------------------------------------------------------------ |
| File Transfer Protocol (FTP) (RFC 959) | TCP | 20/21 | FTP is one of the most
commonly used file transfer protocols on theInternet and within private networks.
An FTP server can easily be set upwith little networking knowledge and provides the
ability to easilyrelocate files from one system to another. FTP control is handled
on TCPport 21 and its data transfer can use TCP port 20 as well as dynamicports
depending on the specific configuration. |
| Secure Shell (SSH) (RFC 4250-4256) | TCP | 22| SSH is the primary method used to
manage network devices securely atthe command level. It is typically used as a
secure alternative toTelnet which does not support secure connections. |
| Telnet (RFC 854) | TCP | 23| Telnet is the primary method used to manage network
devices at thecommand level. Unlike SSH which provides a secure connection,
Telnetdoes not, it simply provides a basic unsecured connection. Many lowerlevel
network devices support Telnet and not SSH as it required someadditional
processing. Caution should be used when connecting to adevice using Telnet over a
public network as the login credentials willbe transmitted in the clear. |
| Simple Mail Transfer Protocol (SMTP) (RFC 5321)| TCP | 25| SMTP is used for two
primary functions, it is used to transfer mail(email) from source to destination
between mail servers and it is usedby end users to send email to a mail system. |
| Domain Name System (DNS) (RFC 1034-1035) | TCP/UDP | 53| The DNS is used widely
on the public internet and on private networksto translate domain names into IP
addresses, typically for networkrouting. DNS is hieratical with main root servers
that contain databasesthat list the managers of high level Top Level Domains (TLD)
(such as.com). These different TLD managers then contain information for thesecond
level domains that are typically used by individual users (forexample, cisco.com).A
DNS server can also be set up within a privatenetwork to private naming services
between the hosts of the internalnetwork without being part of the global system. |
| Dynamic Host Configuration Protocol (DHCP) (RFC 2131)| UDP | 67/68 | DHCP is used
on networks that do not use static IP address assignment(almost all of them). A
DHCP server can be set up by an administratoror engineer with a poll of addresses
that are available for assignment.When a client device is turned on it can request
an IP address from thelocal DHCP server, if there is an available address in the
pool it canbe assigned to the device. This assignment is not permanent and
expiresat a configurable interval; if an address renewal is not requested andthe
lease expires the address will be put back into the poll forassignment. |
| Trivial File Transfer Protocol (TFTP) (RFC 1350) | UDP | 69| TFTP offers a method
of file transfer without the sessionestablishment requirements that FTP uses.
Because TFTP uses UDP insteadof TCP it has no way of ensuring the file has been
properly transferred,the end device must be able to check the file to ensure
propertransfer. TFTP is typically used by devices to upgrade software andfirmware;
this includes Cisco and other network vendors’ equipment. |
| Hypertext Transfer Protocol (HTTP) (RFC 2616)| TCP | 80| HTTP is one of the most
commonly used protocols on most networks.HTTP is the main protocol that is used by
web browsers and is thus usedby any client that uses files located on these
servers. |
| Post Office Protocol (POP) version 3 (RFC 1939)| TCP | 110 | POP version 3 is one
of the two main protocols used to retrieve mailfrom a server. POP was designed to
be very simple by allowing a clientto retrieve the complete contents of a server
mailbox and then deletingthe contents from the server. |
| Network Time Protocol (NTP) (RFC 5905) | UDP | 123 | One of the most overlooked
protocols is NTP. NTP is used tosynchronize the devices on the Internet. Even most
modern operatingsystems support NTP as a basis for keeping an accurate clock. The
use ofNTP is vital on networking systems as it provides an ability to
easilyinterrelate troubles from one device to another as the clocks areprecisely
accurate. |
| NetBIOS (RFC 1001-1002)| TCP/UDP | 137/138/139 | NetBIOS itself is not a protocol
but is typically used in combinationwith IP with the NetBIOS over TCP/IP (NBT)
protocol. NBT has long beenthe central protocol used to interconnect Microsoft
Windows machines. |
| Internet Message Access Protocol (IMAP) (RFC 3501) | TCP | 143 | IMAP version3 is
the second of the main protocols used to retrievemail from a server. While POP has
wider support, IMAP supports a widerarray of remote mailbox operations which can be
helpful to users. |
| Simple Network Management Protocol (SNMP) (RFC 1901-1908, 3411-3418) | TCP/UDP |
161/162 | SNMP is used by network administrators as a method of networkmanagement.
SNMP has a number of different abilities including theability to monitor, configure
and control network devices. SNMP trapscan also be configured on network devices to
notify a central serverwhen specific actions are occurring. Typically, these are
configured tobe used when an alerting condition is happening.In this situation,
thedevice will send a trap to network management stating that an event hasoccurred
and that the device should be looked at further for a sourceto the event. |
| Border Gateway Protocol (BGP) (RFC 4271) | TCP | 179 | BGP version 4 is widely
used on the public internet and by InternetService Providers (ISP) to maintain very
large routing tables andtraffic processing. BGP is one of the few protocols that
have beendesigned to deal with the astronomically large routing tables that
mustexist on the public Internet. |
| Lightweight Directory Access Protocol (LDAP) (RFC 4510)| TCP/UDP | 389 | LDAP
provides a mechanism of accessing and maintaining distributeddirectory information.
LDAP is based on the ITU-T X.500 standard but hasbeen simplified and altered to
work over TCP/IP networks. |
| Hypertext Transfer Protocol over SSL/TLS (HTTPS) (RFC 2818)| TCP | 443 | HTTPS is
used in conjunction with HTTP to provide the same servicesbut doing it using a
secure connection which is provided by either SSLor TLS. |
| Lightweight Directory Access Protocol over TLS/SSL (LDAPS) (RFC 4513) | TCP/UDP |
636 | Just like HTTPS, LDAPS provides the same function as LDAP but over a secure
connection which is provided by either SSL or TLS. |
| FTP over TLS/SSL (RFC 4217)| TCP | 989/990 | Again, just like the previous two
entries, FTP over TLS/SSL uses the FTP protocol which is then secured using either
SSL or TLS. |
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Hardware Issues =
lscpu - Displays CPU information such as the number of CPUs, vendor, and model
number.
lsblk - Shows block device or disk information, including partitions.
lsscsi - Provides information about SCSI devices.
lspci - Lists PCI devices connected to the system.
lsusb - Displays USB devices connected to the system.
dmidecode - Provides BIOS information, including memory information with the -t
memory flag.
dmesg - Shows kernel buffer messages, including hardware-related messages.
yum or dnf - Package managers used to install software packages.
systemctl enable --now mcelog - Enables and starts the mcelog service, which tracks
hardware information.
journalctl -f -u mcelog.service - Views logs related to the mcelog service.
memtest-setup - Sets up memtest86+ for running memory tests.
grub2-mkconfig - Regenerates the GRUB configuration to include memtest86+ as a boot
option.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
In a production-grade environment, there are multiple methods to update kernel
parameters in RHEL 7 and 8 to make them persistent on boot. Here are four commonly
used methods:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
NIC Bonding -
NIC (Network Interface Card) bonding, also known as NIC teaming or link
aggregation, is a technique used to combine multiple physical network interfaces
into a single logical interface. The purpose of NIC bonding is to increase network
bandwidth, provide redundancy, and improve network reliability.
For example, if you have eth0 and eth1 interfaces, you can bond them together.
Install bonding
/etc/sysconfig/network-scripts/ifcfg-bondX - configure bonding interface -
DEVICE=bondX
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
BONDING_OPTS="mode=balance-rr miimon=100"
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
IP Link Show -
The ip link show command is used to display information about the network
interfaces (links) on a Linux system. It provides detailed information about the
status, configuration, and characteristics of each network interface.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT
group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group
default qlen 1000
link/ether cd:ef:12:34:56:78 brd ff:ff:ff:ff:ff:ff
The first column represents the interface index number.
The second column shows the interface name (e.g., lo, eth0, wlan0).
The third column provides flags that indicate the interface's current state, such
as UP (interface is operational), DOWN (interface is inactive), LOOPBACK (loopback
interface), BROADCAST (supports broadcast), and MULTICAST (supports multicast).
The fourth column displays the Maximum Transfer Unit (MTU), which represents the
maximum size of a packet that can be transmitted over the interface without
fragmentation.
The fifth column specifies the queuing discipline (qdisc) used by the interface for
traffic control.
The sixth column indicates the current administrative and operational state of the
interface (e.g., state UP or state DOWN).
The seventh column shows the interface mode and group.
The eighth column provides the queue length (qlen) of the interface.
The last column displays the interface's link layer address (MAC address) and the
broadcast address (brd).
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I/O Redirection -
STDOUT >
STDOUT with appending >>
STDERR 2>
">" is the output redirection operator. ">>" appends output to an existing file
"<" is the input redirection operator
">&"re-directs output of one file to another.
2>&1 Redirects STDERR to the same destination as STDOUT
You can re-direct error using its corresponding File Descriptor 2.
cat brahma | sort | tr [:upper:] [:lower:]
cat brahma | sort | tr [a-z] [A-Z]
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Globbing
ls host*
ls ?ost
ls [hm]ost
ls [!hm]ost
ls script[0-9][0-9]
ls script[0-9][0-9]
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Finding Files -
find / -iname file/dir
find / -type f -size +100M
find / -xdev -size +100M -exec ls -lh {} \;
find / -xdev -size +100M -exec ls -lh {} \; -exec cp {} /tmp \;
find /etc/ -exec grep -l fyre {} \; 2> /dev/null
find / -user anna
find / -type f -size +100M
find / -name most -type f
find / -type f -perm 664
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Copy -
Use cp -a to copy files with the exact permissions and other properties
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Soft link and hard link -
Untar archive
tar -xvf myArchive.tar.gz
tar -xvf myArchive.tar.bz2
multiple files -
tar -xvf Archive.tar "file 1" "file 2"
Using wildcards -
tar -xvf Archive.tar --wildcards txt'
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comression -
tar czvf homesz.tgz /home
xz <file>
xz -d -v <file> - to decompress
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Working with Text files -
cut -f 1 -d : /etc/passwd
cut -d -s " " -f1 <file> = -s says that ignore any line that doesn't have a space
OR delimiter and still give results
cut -b 123 <file> = this will cut the first 3 charcters of the content of the file
cut -b 1-35-7 <file> = this will cut char's 1 to 3 leaves 4th char and again
displays from 5 to 7
cut -c 12 <file> = will cut the file and displays only these 2 char's/
cut -c 1-5 <file> = will cut and displays char's from 1 to 5 chars
Type grep '^#' /etc/sysconfig/sshd. This shows that the file /etc/sysconfig/sshd
contains a number of lines that start with the comment sign #.
To view the configuration lines that really matter type grep -v '^#'
/etc/sysconfig/sshd. This shows only lines that do not start with a #.
Now type grep -v '^#' /etc/sysconfig/sshd -B 5. This shows lines that are not
starting with a # sign but also the five lines that are directly before that line
which is useful because in these lines you’ll typically find comments on how to use
the specific parameters. However you’ll also see that many blank lines are
displayed.
Type grep -v -e '^#' -e '^$' /etc/sysconfig/sshd. This excludes all blank lines and
lines that start with #.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Awk -
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Sed Command-
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Grep -
grep '\<pwpolicy\>' anaconda-ks.cfg = beginning of the line is pwpolicy\
grep '[[:digit:]]\{4\}' <file>
# Sample Output:
/var/log/apache2/example.com.access.log.1:88.87.168.109 - - [12/Oct/2016:21:33:16
+0100] "GET /uploads/2015/08/example.jpg HTTP/1" 200 628726
"http://example.com/about/" "Mozilla/5.0 (Linux; Android 6.0.1; SM-G920F
Build/MMB29K) AppleWebKit/537.36 (KHTML like Gecko) Chrome/53.0.2785.124 Mobile
Safari/537.36"
To suppress the filename. use the -h option. This example shows suppressed
filenames and sends the result output to a file:
grep -h -r "example.com/about" /var/log/apache2 > ~/about-log
# Same:
grep -w "david\|elaine" /var/log/auth.log
# Recursively search apache logs for either specified string:
egrep -Rwi --color 'example.com/about|example.com/contact' /var/log/apache2
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
echo Friday@123 | passwd --stdin <user>
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Usermod Examples -
usermod -c Admin bill - to change comment for user
usermod -d /home/bill bill - to change home dir
usermod -s /bin/nologin bill - to change shell
usermod -aG wheel bill - to add user to secondary group without removing the older
secondary groups
/etc/default/useradd - to check and change user default settings
/etc/login.defs - where password properties are seen
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Permissions -
ACL's -
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Network -
ip addr show - shows the ip addresses information that are connected to the devices
- ip address configuration
ip link show - shows the devices linked
ip -s link - to show statistics
ip route show - showing the routing table
ip route add default via 10.0.0.1 = to add a default routing
ping -c 1 google.com
Network Manager =
NetworkManager stores new network profiles in keyfile format in the
/etc/NetworkManager/system-connections/ directory.
cat ens160.nmconnection -
[connection]
id=ens160
uuid=396cac44-f7d8-3832-bbc7-05ffd58a80a4
type=ethernet
autoconnect-priority=-999
interface-name=ens160
timestamp=1704735144
[ethernet]
[ipv4]
method=auto
[ipv6]
addr-gen-mode=eui64
method=auto
[proxy]
nmtui =
NetworkManager Text User Interface
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Managing Processes -
Zombie Process =
Identify zombie process -
pa -aux | grep defunct
OR
top -b1 -n1 | grep Z
find parent zombie -
ps -A -ostat,ppid | grep -e '[zZ]'| awk '{ print $2 }' | uniq | xargs ps -p
kill -9 pid
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Combining and Splitting files -
wall - this command can be used to broadcast message to all who logged in
write - this command can be used to broadcast a message to a single person
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Some useful commands -
cal 4 1989 - gives the calendar of that time
cal 2020 - gives full calendar of that year
bc - will open calculator
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Systemd -
systemctl restart sshd
systemctl status sshd.service
systemctl stop sshd
systemctl start sshd - this will just start the service but won't enable it at
server boot
systemctl enable sshd - to have this service start everytime the server boots up
systemctl disable sshd - to have this service disable everytime the server boots up
OR
[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/sbin/sshd -D $OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartSec=42s
[Install]
WantedBy=multi-user.target
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Kill -
kill -15 PID - kill gracefully
kill -9 PID - kill forcefully
killall <process name>
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Crontab -
crontab -e = to edit
crontab -l = to list the crontabs
crontab -r = to remove crontabs
crond = crontab daemon/service
systemctl status crond
Example cronjob -
2403 *01 * echo "This is my first crontab entry" > crontab-entry
min hour day of month month dayoftheweek command
In cron if a machine is not running on time of a scheduled job then it will skip
it, but anacron is a bit different as it first checks for timestamp of the job then
decides whether to run it or not
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Process Management -
background - cntl-z
foreground - fg
kill a process by name - pkill <process name>
process priority - nice -n 5 process name OR -5 to prioritize soon(is the command)
list processes - ps
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Network Debug tools -
dmesg = gives error messages and info about hardware and kernel
iostat -xmt 1= this gives info on disks, if something been written iostat 1 - to
keep refreshing the disk usage
ss is the replacement utility for netstat
netstat -antup|grep 873
netstat -rvn = gives network information
netstat -tnlup = gives all active listening ports
netstat -i = shows packets information
nmap -A ip = to check the open ports on remote server
vmstat = virtual memory buffer
pidstat = shows all info regarding the pid's and user accessing
mtr ip or hostname = to see packets lost or sent and other network information
mpstat = cpu information that has nice value and idle state of CPU
sar -q = cpu load utilization
sar -r = memory utilization
sar -d = disk utilization
sar -n ALL or network interface = network utilization
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Sticky Bit -
chmod +t /path
The sticky bit is a permission bit that can be set on a directory in Unix-based
operating systems. When the sticky bit is set on a directory, it restricts deletion
of files within that directory to only the owner of the file, the owner of the
directory, or the root user
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
SUID (Set User ID) is a permission that allows a user to execute a file with the
permissions of its owner, rather than the permissions of the user who is executing
it. This is commonly used for programs that need to perform tasks that require root
privileges, but which cannot be run as the root user for security reasons. When a
user executes a SUID file, it runs with the same privileges as the owner of the
file.
chmod u+s </path/to/the/file>
SGID (Set Group ID) is similar to SUID, but it applies to groups rather than
individual users. When a file is given the SGID permission, it inherits the group
ID of the parent directory. This means that any user who accesses the file becomes
a member of the group associated with the parent directory. This is commonly used
in shared directories where multiple users need access to the same files.
chmod g+s </path/to/the/file>
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Logs Monitoring -
var/log/secure - gives login and logout info of each user
var/log/messages - gives info of all hardware software processes application
messages
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Control Keys -
ctrl+w - deletes 1 word behind
ctrl+u - deletes the complete line on CLI
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Changing root password in single user mode -
reboot the server
edit grub
go to line where i says ro - which means read only line OR add rd.break at the end
of the line that starts with linux
replace ro with rw init=/sysroot/bin/sh
mount -o remount,rw /sysroot
ctrl+x
chroot /sysroot
passwd root
touch /.autorelabel = to update SELinux information
exit
reboot
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
SOS Report
sosreport --batch OR sosreport
redhat-support-tool addattachment -c CASE_NUMBER /path/to/sosreport
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
wget <url> = to get the external files from website or packages
curl <url> = to see if you are able to connect to website
curl -O <url> = to download from website
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
FTP -
vsftpd package is needed to be installed
ftp client is supposed to be installed on dest. server
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
SCP
scp <file> id@ip:/tmp
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
rsync - to send files from your machine to another
rsync -avzh <file/dir> id@ip:/tmp
rsync -aAvzrp <file/dir> id@ip:/tmp
BIOS
BIOS for Basic Input/Output System. The BIOS searches and executes the boot loader
program, which is found in the Master Boot Record (MBR).Once the boot loader
program is detected, it's then loaded into memory.
MBR
MBR stands for Master Boot Record, and is responsible for executing the GRUB boot
loader.
The MBR is located in the 1st sector of the bootable disk. The MBR also contains
information about GRUB, or LILO.
The screen will wait a few seconds to select desired kernel. post that, it will
load the default kernel image.
In many systems we see GRUB configuration file at /boot/grub/grub.conf or
/etc/grub.conf.
Now, the kernel that selected by GRUB first mounts the root file system and it
executes the /sbin/init program
Init - At this point, server executes runlevel programs. It looks for an init file,
usually found at /etc/inittab to decide the Linux run level.
Runlevel programs
Depending on which Linux distribution you have installed, you may be able to see
different services getting starte
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
cat /etc/motd = display message when logged in to server
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
LVM's -
pvcreate /dev/sdb
vgcreate rootvg /dev/sdc
lvcreate -L 40G -n lv_production vg_apps
If you want to use 100% disk space then use - lvcrete -l 100%FREE -n lv_production
vg_app
mkfs.xfs /dev/mapper/vg_app-lv_production
vi /etc/fstab >> /dev/mapper/datavg-data
mkdir /applications
mount -a
pvcreate /dev/sdc
vgextend rootvg /dev/sdc
lvextend -L 20G /dev/mapper/rootvg-root
resize2fs /dev/mapper/rootvg-root
pvcreate /dev/sde
vgextend appvg /dev/sde
lvextend -L +2G /dev/mapper/rootvg-var
xfs_growfs /dev/mapper/rootvg-var
The /etc/exports file controls which file systems are exported to remote hosts
fdisk -
Disk Partition -
fdisk /dev/sda
p to print the current partition table
n for new partition
select primary or extended
define size +100M and w for write and exit
sync
partprobe -s /dev/sdas to show the output
Format partition -
mkfs.xfs /dev/mapper/root-
Another process -
To check nfs stale mounts
#grep -i 'stale' /proc/mounts
to fix the issue if any server have stale mounts . you can follow below steps .
we have activity on 04/29 . Network team will reach you
#!/bin/bash
# Find NFS-mounted file systems that are in a stale state
STALE_FS_LIST=$(grep -i 'stale' /proc/mounts | awk '{print $2}')
# Remount each stale file system to refresh its file handles
for FS in $STALE_FS_LIST; do
umount -l $FS
mount $FS
done
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Memory -
free -m
cat /proc/meminfo
CPU -
uptime
lscpu
cat /proc/cpuinfo
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
TOP Command -
CPU - 17.8 us (user space), 79.6 (system space) kernel processes, 0.0 ni (nice),
0.0 id (idle time), 0.0 wa (waiting)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How do you limit memory usage for commands?
ulimit -Sv 1000 # 1000 KBs = 1 MB
ulimit -Sv unlimited# Remove limit
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
cat /etclogin.defs = to change UID GID umask information
cat /etc/default/useradd = to change default home or shell directory for users
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Change Date - date -s "2 OCT 2006 18:00:00"
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
restart service if it is only running -
systemctl try-restart httpd.service
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
which rpm is responsible for /etc/hosts
setup-2.8.71-1el7.noarch for hosts and other rpm for other files
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
The remote web server supports the TRACE and/or TRACK methods
TRACE and TRACK are HTTP methods that are used to debug web server connections
echo TraceEnable off >>/etc/httpd/conf/httpd.conf ~]#
service httpd reload
Reloading httpd:
fork starts a new process which is a copy of the one that calls it, exec replaces
the current process with another
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
D state process or uninterruptible sleep state are usually waiting on I/O, can't be
killed and need a reboot
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Boot issues on linux -
cat /var/log/boot.log
check if server is using swap space
swapon -s
cat /var/log/messages
dmesg
journalctl
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Cgroups =
cgroups is a feature that limits, accounts for, and isolates the resource usage
(CPU, memory and others
cgcreate, cgexec, and cgclassify are tools that can be used
sudo cgcreate -g cpu:my_cgroup
sudo cgset -r cpu.shares=512 my_cgroup
sudo cgexec -g cpu:my_cgroup ls
sudo cgclassify -g cpu:my_cgroup 1234
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Resource Limits for user -
The /etc/security/limits.conf file is used in Linux systems to set resource limits
for user accounts. It allows system administrators to define specific limits for
different system resources such as the maximum number of open files, maximum memory
usage, CPU time, etc. These limits are applied to individual users or groups
<domain>: Specifies the domain to which the limit applies. It can be either a user
name, a group name, the wildcard @group, or the wildcard * to apply the limit to
all users.
<type>: Specifies the type of resource being limited. It can be soft, hard, or
both.
<item>: Indicates the specific resource being limited, such as core, nofile (number
of open files), cpu, data (maximum data segment size), stack (maximum stack size),
etc.
<value>: Specifies the value of the limit for the resource. It can be a numerical
value or one of the special values like unlimited, infinity, or hard, depending on
the resource type.
Soft Limit: The soft limit is the initial limit set for a resource. It can be
modified by the user within the range of the hard limit. The soft limit acts as a
warning threshold, and the system can generate warnings when it is reached.
Hard Limit: The hard limit is the maximum value that a user can set the soft limit
to. It acts as an absolute limit that cannot be exceeded by the user.
* softnofile1000
* hardnofile1000
l
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
LUKS =
LUKS provides a generic key store on the dedicated area on a disk, with the ability
to use multiple passphrases to unlock a stored key
yum install cryptsetup-luks
Configure LUKS - fdisk -l blkid
cryptsetup -y -v luksFormat /dev/xvdc
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is localhost and why would ping localhost fail?
Yes, iptables can firewall localhost from itself.
iptables -L -n can give us that information
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Ping and traceroute =
Ping: It is a tool that helps one to check if a particular IP address is
accessible. ping sends a packet to the given IP address and waits for a reply.
Traceroute: It is a tool that traces a packet from our computer to the host, and
will also show the number of (hops) required to reach there, along with the time
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Telnet and ssh -
SSH or Secure SHell is a protocol to access the network devices and servers over
the internet and uses pub key authentication
Telnet transfers the data in simple plain text.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A chroot jail is a way to isolate a process and its children from the rest of the
system
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Private IP's =
0 – 10.255.255.255
0 – 172.3255.255
0 – 192.168.255.255
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
VLAN is a custom network which is created from one or more local area networks. It
enables a group of devices available in multiple networks to be combined into one
logical network
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Address Resolution Protocol (ARP)
Computers use logical address (IP address) to send/receive messages, however, the
actual communication happens over the physical address (MAC address)
ARP functionality is to translate IP address to physical addresses
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What is the purpose of a default gateway?
Default Gateway is a point of a Network, through which your network can communicate
with Internet/Other Network.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Ext2 =
mke2fs /dev/sda1
mkfs.ext3 /dev/sda1
Ext2 does not have journaling feature.
Maximum individual file size can be from 16 GB to 2 TB
Overall ext2 file system size can be from 2 TB to 32 TB
Ext3 -
mkfs.ext4 /dev/sda1
journaling is there in this
Maximum individual file size can be from 16 GB to 2 TB
Overall ext3 file system size can be from 2 TB to 32 TB
Ext4 =
xfs =
XFS supports maximum file system size of 8 exbibytes
this is the default for RHEL 7
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A journaling filesystem keeps a journal or log of the changes that are being made
to the filesystem during disk writing'
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How to add IPv6 to a specific interface -
/sbin/ip -6 addr add 2001:0db8:0:f101::1/64 dev eth0
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
What will happen when you bind port 0?
Port 0 is a wildcard port that tells the system to find a suitable port number.
Alternatively, it can provide port 0 to bind() as its connection parameter. That
triggers the operating system to automatically search for and return a suitable
available port in the TCP/IP dynamic port number range
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Can you still SSH to a Linux server if its default gateway is set incorrectly? How?
Hints =>
a). You can SSH in, but only from another device in the same subnet, or in a
network to which the "broken"
server has a static route defined.
b).some static route is there which can route to destination network.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Disk Issues -
Check disk space usage = df
Check disk health = smartctl
Check disk I/O perf = iostat
Check disk errors = dmesg
Check filesystem consistency = fsck
Check disk partitioning = fdisk
So you can use blktrace to trace out the I/O on the machine.
blktrace -d /dev/sda -o -|blkparse -i -
At the same time, on another console launch the following command to generate some
I/O for testing purpose.
dd if=/dev/zero of=/mnt/test1 bs=1M count=1
From the blktrace console you will get an output which will end up as follows
CPU0 (8,0):
Reads Queued: 2, 60KiB Writes Queued: 5,132, 20,524KiB
Read Dispatches:2, 60KiB Write Dispatches: 61, 20,524KiB
Reads Requeued: 0 Writes Requeued: 0
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
mount point usage is 99% however did not find any large files to delete, how did
you clear up the / usage and bring back to normal usage?
NFS Client -
nfs-util package
showmount -e nfs-server-ip = to see if nfs connection is established
create the dir.'s that we want to get from nfs-server
mount 10.10.10.6:/exports/backup /tmp/nfs/backup
df -h = shall show the mount
NFS Autofs -
NFS autofs (also known as autofs or automount) is a feature in Unix-like operating
systems that allows for automatic mounting and unmounting of network file systems
(NFS) on-demand
Autofs works by dynamically mounting NFS shares when they are accessed and
unmounting them when they are no longer in use
Install autofs: Ensure that autofs is installed on your system. The package name
may vary depending on your operating system and distribution.
Configure the autofs master configuration file: The master configuration file for
autofs is typically located at /etc/auto.master or /etc/auto_master. Edit this file
to define the mount points for your NFS shares.
/mnt/nfs/etc/auto.nfs
data-rw,softnfs.example.com:/export/data
sudo service autofs restart # SysV init
sudo systemctl restart autofs # systemd
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
SNMP -
SNMP stands for Simple Network Management Protocol, and it is a widely used
protocol for network management and monitoring. SNMP allows network administrators
to manage and monitor network devices, such as routers, switches, servers, and
printers, from a central management system
Access Control: SELinux enables granular access control policies by defining rules
for processes, files, directories, ports, and other system resources. It uses the
principle of least privilege, allowing only authorized actions and denying
everything else by default. This helps prevent unauthorized access or modification
of critical files and resources.
A. We can introduce TMOUT variable in the profile of the user which should do the
job.
edit .bsh_profile
export TMOUT=SECONDS
export TMOUT=120
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. I created a password less authentication between two linux box but still every
time I try to do ssh, it still prompts me for password, what wrong could I have
done? What all I should check?
A. The very first thing to be done here is to edit the grub menu at boot stage and
make the system boot with alternative kernel (assuming the last kernel is still
installed) or else try booting the system with using the rescue option from the
grub menu.
Once the node is UP then you can analyse the issue of why the node is failing to
boot from new kernel. Many times the kernel is not properly installed and all the
libraries are not available which leads to this problem. or the GRUB can be
corrupted so you can regerate the initramfs using grub2-mkconfig
# grub2-mkconfig -o /boot/grub2/grub.cfg
If there is a kernel panic observed then boot the system with alternate kernel or
rescue and then enable kdump. Share the kdump with the support engineers as they
can then further try to debug the source of the problem
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How do I make sure that the swap memory used by my application is not flushed
away by any other process?
A. To lock memory for application then the application must be running in a cgroup
for which you can assign a low value swappiness so that it's memory is not swapped
out when the system goes out of memory or else in general if you do not wish your
memory to be swapped out then reduce the swappiness via sysctl to a lower value.
For more details on memory, virtual memory and swapping follow below linksWhat is
swappiness and how do we change its value?
4GB of RAM or lessa minimum of 2GB of swap space
4GB to 16GB of RAMa minimum of 4GB of swap space
16GB to 64GB of RAMa minimum of 8GB of swap space
64GB to 256GB of RAMa minimum of 16GB of swap space
256GB to 512GB of RAMa minimum of 32GB of swap space
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
CPU Affinity -
vim /etc/systemd/system/test.service
CPUAffinity=13
Type=forking
Restart=no
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. I have a physical hardware with 10 CPU processors but I want to use only 6 of
them and I do not my application to see the other 4 CPU processor, is it possible?
A. We can use "maxcpus" or "nr_cpus" for this purpose. This will help limit the
number of CPU processor which is visible to the kernel or any other application
running on the system.
use maxcpus=Nin /boot/grub2/grub.cfg
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Port Number Usage
20 - (FTP) Data Transfer
21 - FTP) Command Control
22 - (SSH)
23 - Telnet - Remote login service, unencrypted text messages
25 - Simple Mail Transfer Protocol (SMTP) E-mail Routing
53 - Domain Name System (DNS) service
80 - Hypertext Transfer Protocol (HTTP) used in World Wide Web
110 - Post Office Protocol (POP3) used by e-mail clients to retrieve e-mail from a
server
119 - Network News Transfer Protocol (NNTP)
123 - Network Time Protocol (NTP)
143 - Internet Message Access Protocol (IMAP) Management of Digital Mail
161 - Simple Network Management Protocol (SNMP)
194 - Internet Relay Chat (IRC)
443 - HTTP Secure (HTTPS) HTTP over TLS/SSL
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How will you restrict IP so that the restricted IP’s may not use the FTP Server?
Answer: We can block suspicious IP by integrating tcp_wrapper. We need to enable
the parameter “tcp_wrapper=YES” in the configuration file at ‘/etc/vsftpd.conf’.
And then add the suspicious IP in the ‘host.deny’ file at location
‘/etc/host.deny’.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Network Troubleshooting -
If server seems offline, login to the console
ping a public dns server or dig
ip addr show
if down and if up
tcdump - to check and analyze network traffic
check /etc/sysconfig/network-scripts and the network file
check cat /etc/resolv.conf to see if dns records exists
restart network service
check traceroute and mtr maybe to see if there is a loss in the data packets
check iptables firewall might be blocking
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Server hardening Linux -
UDP -
UDP is the Datagram-oriented protocol. This is because there is no overhead for
opening a connection, maintaining a connection, and terminating a connection. UDP
is efficient for broadcast and multicast types of network transmission.
Reliability - The delivery of data to the destination cannot be guaranteed in UDP.
Error checking mechanism - UDP has only the basic error checking mechanism using
checksums.
Acknowledgment - No acknowledgment segment.
Sequence - There is no sequencing of data in UDP. If the order is required, it has
to be managed by the application layer.
Speed - UDP is faster, simpler, and more efficient than TCP.
Handshaking Techniques - It’s a connectionless protocol i.e. No handshake
Protocols - UDP is used by DNS, DHCP, TFTP, SNMP, RIP, and VoIP.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Performance Tuning -
Performance tuning on Red Hat Enterprise Linux 7.9 has strategies, depending on the
needs of our system and the applications running on it -
Monitor system performance: before starting tuning performance, we need to know
where the bottlenecks are. we can use monitoring tools like top, sar, iostat, and
vmstat to identify resource usage on our system.
Update system packages: Ensure that the system is up-to-date with the latest
software updates and patches. You can use the "yum update" command to update all
packages.
Optimize disk I/O: Disk I/O can be a big bottleneck on Linux systems. we can use
tools like iostat to monitor disk activity and identify any performance issues.
disk partitioning can be implemented
Adjust CPU scheduling
Optimize memory usage - consider adjusting swappiness
Optimize application settings - adjusting aplication cache to improve performance
Disable unnecessary services
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Securing Linux in Large Environments -
Strong Password Policy
Access controls like ACL's, sticky bits
Harden the OS
Up to date with the packages and kernel
Server logs to be monitored regularly and perform vulnerability audits
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Automating Linux Deployments -
To block incoming traffic on a specific port, you can use the following command:
sudo iptables -A INPUT -p tcp --dport 22 -j DROP
Save the firewall rules using the command sudo iptables-save. This command saves
the current firewall rules to a file, which is typically located in the
/etc/sysconfig/iptables directory.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How do you configure a network bridge in Linux?
sudo yum install bridge-utils
sudo ifconfig eth0 down
sudo brctl addbr br0
sudo brctl addif br0 eth0
sudo ifconfig br0 192.168.100 netmask 255.255.255.0 up
sudo ifconfig eth0 up
sudo ifconfig br0 up
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
After patching unable to see new kernel =
Check the boot order: Make sure that the new kernel is set as the default boot
option in the bootloader configuration file. On RHEL systems, this is typically
GRUB2. You can edit the /etc/default/grub file to set the default kernel.
Regenerate the GRUB configuration file: After editing the /etc/default/grub file,
you need to regenerate the GRUB configuration file by running the command grub2-
mkconfig -o /boot/grub2/grub.cfg.
Check for errors during installation: Check the output of the patching process to
see if there were any errors during the installation of the new kernel. If there
were errors, you may need to troubleshoot them before the new kernel can be used.
Check the kernel version: Make sure that the new kernel version is higher than the
currently installed kernel. You can check the installed kernel version by running
the command uname -r.
Check the kernel package: Make sure that the new kernel package was installed
correctly and is not corrupted. You can check the integrity of the package by
running the command rpm -V kernel.
If none of these steps resolve the issue, you may need to seek further assistance
from the RHEL support team or a qualified Linux system administrator.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Kernel panic =
Reboot in single-user mode: Restart the system and interrupt the boot process by
pressing any key. Then edit the kernel line and append "single" or "1" to the end
of the line. Press Enter to boot into single-user mode. This mode provides a
minimal environment and allows you to perform troubleshooting steps.
Review the kernel panic message: When the system boots into single-user mode, it
might display a kernel panic message on the console. The error message provides
valuable information about the cause of the panic. Look for any specific error
codes, module names, or other relevant details.
Check boot logs: Use the command dmesg to review the system boot logs and look for
any errors or warnings related to the kernel panic. Additionally, check the
contents of the file /var/log/messages for any relevant information.
Inspect previous kernel versions: If the new kernel version is not visible in the
kernel list, it suggests that the patching process might not have completed
successfully. Reboot the system and select an older kernel version from the boot
menu. Once the system boots, you can investigate the cause of the issue with the
new kernel.
Roll back the patch: If you determine that the new kernel is causing the panic, you
can try rolling back the patch. To do this, reboot into single-user mode and use
the package management tool (e.g., yum or dnf) to remove the recently installed
kernel package. For example, if the new kernel version is 4.18.0-10, you can use
the command yum remove kernel-4.18.0-10 to uninstall it.
Check hardware compatibility: Ensure that the patched kernel is compatible with
your hardware. Verify if any hardware-specific modules are causing the panic. You
can try booting the system with specific kernel parameters, such as disabling
certain modules or enabling specific hardware-related options
Kernel Panic -
Reboot the server and boot with the recover mode kernel
check on which partition root is
$ sudo mount /dev/sda2 /mnt
$ sudo mount --bind /dev /mnt/dev
$ sudo mount --bind /dev/pts /mnt/dev/pts
$ sudo mount --bind /proc /mnt/proc
$ sudo mount --bind /sys /mnt/sys
$ sudo chroot /mnt
update-initramfs -u -k 4.15.0-54-generic
update-grub
Check file permissions: Make sure that you have permission to write to the
directory or file you are trying to write to. Check the ownership and permissions
of the file or directory using the ls -l command. If necessary, change the
ownership or permissions using the chown or chmod commands.
Check for df -i if the inodes are full in number
Check disk quotas: If disk quotas are enabled on the filesystem, you may have
exceeded your quota limit. Check the disk quota limits using the quota command. If
necessary, adjust the quota limits using the edquota command.
Check filesystem integrity: If the filesystem has become corrupted, it may prevent
you from writing to it. Run a filesystem check using the fsck command to check and
repair any errors on the filesystem.
Check for disk errors: If there are errors on the disk itself, it may prevent you
from writing to it. Check the disk for errors using the smartctl command or other
disk checking tools.
Check for full filesystems: Make sure that the filesystem is not full or nearly
full. Even if there is space available on the filesystem, individual directories or
partitions may have filled up. Use the df command to check disk usage.
Mount and re-mount
Check for read-only filesystems: If the filesystem has been mounted as read-only,
you will not be able to write to it. Check the mount options using the mount
command and make sure that the filesystem is mounted as read-write.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
If there is enough disk space, but a user is unable to write to the disk on a Red
Hat Enterprise Linux (RHEL) server
Check Disk Permissions: Ensure that the user has the necessary permissions to write
to the disk. Use the ls -ld
Check User Quota = quota -u username
Check Filesystem Mount Options = mount | grep /mount/point
Check Disk Ownership = chown username:groupname /path/to/directory
Check SELinux Contexts: If SELinux is enabled, check if the file or directory has
the correct SELinux context that allows writing = ls -Z /path/to/file_or_directory
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How do you troubleshoot network connectivity issues in Linux?
Use the ifconfig, ip addr, route, cat /etc/resolv.conf, and ping commands to check
the network configuration.
Use the systemctl status, systemctl start, and systemctl enable commands to check
the status and start/enable the network services.
Use the iptables, ufw, firewalld, or shorewall commands to check the firewall
configuration.
Use the journalctl, dmesg, and /var/log/messages commands to check the system logs.
Use the tcpdump command to capture and analyze network traffic
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
How do you configure RAID in Linux?
mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sda1 /dev/sdb1
mount /dev/md0 /mnt/data
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
User space and kernel space are two distinct areas of memory in an operating
system, with different levels of privilege and access to system resources.
User space is the area of memory where user-level applications and programs
execute. Applications in the user space do not have direct access to the hardware
and other low-level system resources. Instead, they rely on system calls to request
services from the kernel. The system calls are the interface between the user space
and kernel space. Applications running in user space have limited permissions and
are not allowed to access the kernel's memory or execute privileged instructions.
Kernel space, on the other hand, is the area of memory where the kernel of the
operating system executes. It has complete access to the hardware and other system
resources, and can execute privileged instructions. The kernel space provides
services to the user space, such as memory management, process management, file
systems, and device drivers. The kernel space is a highly privileged area, and only
the kernel and certain trusted system processes are allowed to access it.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Kernel Module =
In the Linux kernel, a module is a piece of code that can be dynamically loaded and
unloaded into the kernel at runtime. Modules are a way of adding functionality to
the kernel without the need to recompile the entire kernel.
Modules are typically implemented as object files that can be compiled separately
from the main kernel code. When a module is loaded into the kernel, it becomes part
of the running kernel and can interact with other parts of the kernel, including
device drivers, file systems, and networking protocols.
Loading a module into the kernel is typically done using a command such as insmod
or modprobe. The kernel checks the module's dependencies and verifies that it is
compatible with the running kernel before loading it. Once the module is loaded, it
becomes part of the kernel and can be used like any other kernel component.
Modules can be unloaded from the kernel using the rmmod command. When a module is
unloaded, its memory and resources are released, and any dependent modules are also
unloaded if they are no longer needed.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
/proc filesystem =
/proc is a virtual filesystem that provides a way for the kernel to show
information about the system and running processes
The /proc filesystem has directories and files, each representing a different
information of the system. The files and directories in /proc are created
dynamically by the kernel when a user requests access to them. Each file in /proc
is a virtual file that contains information about a specific aspect of the system
or a running process.
Here are some examples of the files and directories available in /proc:
/proc/cpuinfo: Contains information about the CPU(s) in the system, such as the
model, clock speed, and cache size.
/proc/meminfo: Contains information about the system's memory usage, including
total memory, free memory, and used memory.
/proc/net: Contains information about the system's network interfaces and
connections.
/proc/PID: Contains information about a specific process with the process ID (PID)
specified in the directory name. Each process directory contains files with
information about the process, such as its memory usage, open files, and command
line arguments.
Accessing files in /proc is similar to accessing regular files in the file system,
but the contents of the files are dynamically generated by the kernel. Applications
can read from and write to files in /proc to retrieve information about the system
or modify kernel parameters.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Can you explain the difference between a journaled and a non-journaled filesystem?
In a non-journaled filesystem, file changes are written directly to the disk
without any additional record-keeping. When the system crashes or loses power, the
filesystem may be left in an inconsistent state with incomplete or corrupted files.
To recover from such situations, the filesystem must perform a lengthy and
resource-intensive file system check (fsck) to scan the entire disk and repair any
errors.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
Identify the Bottleneck: I started by using tools like top, htop, vmstat, and
iostat to quickly assess which resource was the limiting factor: CPU, memory, disk
I/O, or network. In this case, iostat showed extremely high disk wait times.
Pinpoint the Process: I used iotop to identify the specific processes generating
heavy disk activity. It turned out that a recently deployed log rotation script had
a bug, causing it to write massive amounts of data to disk without proper
compression.
Resolve: I immediately stopped the faulty log rotation script. Then, I investigated
and fixed the buggy script, implementing compression and more efficient log
management.
Monitor: I closely monitored the server's disk I/O performance over time to ensure
the issue was truly resolved and that no similar problems arose.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain how you would set up a high availability cluster using Linux for
mission-critical applications.
Approach:
Choose a Clustering Technology: Select a suitable high availability (HA) technology
like Corosync/Pacemaker, or Linux-HA. This choice depends on factors like
application requirements, complexity, and existing infrastructure.
Design Architecture: Plan the cluster configuration – number of nodes (at least two
for redundancy), resource failover strategy (active/passive or active/active),
shared storage (iSCSI, SAN, or distributed storage), and a virtual IP address for
clients to connect to.
Hardware and Network Setup: Configure the required hardware and ensure robust
network connectivity between the nodes. This often includes redundant network paths
and heartbeat mechanisms to detect node failures.
Install and Configure HA Software: Install the chosen cluster software on all
nodes. Configure cluster resources (services, IP addresses, storage) and define
failover rules and policies.
Implement Shared Storage: Set up shared storage accessible by all the cluster
nodes.
Thorough Testing: Rigorously test failover scenarios by simulating node failures
and ensuring that services seamlessly switch to healthy nodes, minimizing downtime.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
Baseline Audit: Assessed the current security posture using tools like Lynis or
OpenSCAP to identify potential vulnerabilities and misconfigurations.
Firewall: Configured iptables or nftables for strong network filtering, allowing
only essential ports and services.
SSH Hardening: Enforced key-based authentication, disabled password logins, changed
the default SSH port, and implemented Fail2ban for brute-force protection.
Updates: Installed all security patches and updates.
Access Control: Strict user account management. Enforced least privilege principles
and strong password policies. Implemented sudo with granular permissions.
File Integrity Monitoring: Used tools like AIDE or Tripwire for file integrity
checks.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you handle a situation where a Linux server is running out of disk
space?
Approach:
Identify Space Consumers: Use tools like df (filesystem overview) and du (directory
usage) to drill down into which directories and files are consuming the most space.
Example: du -sh /var/* to check usage under /var.
Temporary Cleanup: Delete unnecessary log files, clear old package caches (apt-get
clean or yum clean all), and empty user trash directories.
Analyze Application Data: Inspect application directories for excessive log
generation, temporary files, or old backups that might be taking up space.
Find Large Files: Use the find command to locate large files that might be
unnecessary. For example: find /home -type f -size +100M to find files larger than
100MB in /home.
Consider Expansion: If cleanup is insufficient, explore options to add more storage
capacity or move data to external storage or cloud-based solutions.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Physical Check: Verify cabling and link lights on the server and network switches.
Basic Network Tools: Use ping to test connectivity to the gateway, then external
targets (like 8.8.8.8) to isolate the issue.
Check IP Configuration: Use ip addr or ifconfig (older) to ensure the server has
the correct IP address, subnet mask, and default gateway.
Route Verification: Examine the routing table with ip route or route -n. Address
misconfigured routes if needed.
DNS Troubleshooting: Use nslookup or dig to check if the server can resolve domain
names. Verify /etc/resolv.conf for correct DNS settings.
Firewall: Check iptables or nftables rules to ensure firewall policies are not
blocking access.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you automate repetitive tasks on Linux using shell scripting or
configuration management tools like Ansible?
Approach:
Complex, Orchestrated Tasks: Ideal for managing multiple servers, enforcing desired
states, and infrastructure as code.
Create Playbooks: Write YAML playbooks to define tasks, modules, and variables.
Execution: Run ansible-playbook to execute playbooks against a defined inventory of
hosts.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain the steps you would take to secure SSH access to a Linux server.
Approach:
Disable Root Login: Edit /etc/ssh/sshd_config and set PermitRootLogin no. Enforce
user-based logins for better auditing.
Key-Based Authentication: Generate SSH key pairs for users. Disable password-based
authentication by setting PasswordAuthentication no in sshd_config. Enforce strong
key management.
Change Default Port: Modify the SSH port in sshd_config to a non-standard value to
reduce the visibility of the SSH service to automated port scans.
Firewall: Use iptables or nftables to limit SSH access to only trusted IP addresses
or networks. Reduce the attack surface.
Fail2ban: Install and configure Fail2ban to automatically ban IP addresses that
exhibit brute-force attempts. Mitigate automated password guessing attacks.
Strong Password: Enforce strong password policies if password-based authentication
cannot be completely disabled.
Regular Updates: Keep the OpenSSH server software updated with the latest security
patches.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you monitor system performance and resource utilization on a Linux
server? What tools would you use?
Approach:
Real-time Monitoring:
top or htop: Interactive views of processes, CPU, memory, load average.
vmstat: System-wide overview of memory, swap, CPU, I/O.
iostat: Disk input/output statistics.
sar: Collect and report historical system activity data.
Network Monitoring:
netstat: Network connections, routing table, interface statistics.
iftop or nethogs: Per-process network bandwidth usage
Logging and Visualization:
Centralized Logging: Tools like rsyslog or syslog-ng to aggregate logs.
Visualization: Grafana with datasources like Telegraf or InfluxDB to build custom
dashboards, graph metrics, and set alerts.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain how you would set up and configure a Linux server to host a web
application securely.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you had to implement user management and access
control on a Linux server.
Scenario: A new development team needed access to a Linux server, with individual
user accounts and restrictions based on their roles.
Approach:
User Creation: Add user accounts with useradd, setting appropriate home directories
and default shells. Enforce strong password policies.
Group Management: Create groups (groupadd) for different roles (e.g., 'developers',
'admins'). Assign users to their respective groups.
File Permissions: Use chown and chmod to set ownership and permissions on files and
directories. Apply the principle of least privilege:
Developers: Grant read/write access in project directories.
Admins: Allow broader access for system management.
sudo: Configure the /etc/sudoers file (using visudo) to provide granular sudo
permissions for specific commands to specific groups, for administrative tasks
where needed.
Logging: Ensure user logins and sudo activity are logged for auditing purposes.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you handle a situation where a Linux server is experiencing a high CPU
usage spike?
Scenario: A production server suddenly experiences sustained high CPU utilization,
impacting performance.
Approach:
Top or htop: Quickly identify the processes responsible for the high CPU
consumption.
System Metrics: Use vmstat to check if high CPU usage is related to system-wide
issues (high I/O wait, excessive context switching).
Profiling (if needed): For deeper analysis, use tools like perf or strace to
profile the misbehaving processes and pinpoint code-level bottlenecks.
Application Issue: If caused by a specific application, address the issue within
the application (bugs, inefficient code, runaway processes). May need developer
involvement.
Resource Limits: Consider using cgroups or ulimit to temporarily limit resources
available to resource-intensive processes, mitigating the impact on the entire
system.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Discuss a scenario where you had to deploy and manage Docker containers on a
Linux server.
Scenario: A web application with multiple dependencies needed to be packaged in a
portable way for deployment across different development and production
environments.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you had to configure and manage a MySQL or PostgreSQL
database server on Linux.
Scenario: A new web application required a relational database backend to store
data.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you ensure data integrity and reliability on a Linux server hosting
critical data?
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Discuss a scenario where you had to patch and update a Linux server while
minimizing downtime.
Scenario: Critical security patches were released for a production web server.
Applying them while minimizing service disruption was crucial.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain the steps you would take to secure Apache or Nginx web servers on Linux.
Approach:
Regular Updates: Keep the web server software updated with the latest security
patches.
Least Privilege: Run the web server process as a non-root user with limited
permissions.
Secure Configuration:
Disable directory listings.
Restrict access to sensitive configuration files.
Enable strong TLS configurations and enforce HTTPS.
Hide web server version information.
Set appropriate HTTP security headers (X-Frame-Options, X-Content-Type-Options,
etc.).
Firewall: Use iptables or nftables to restrict incoming traffic to only necessary
ports (usually 80 and 443).
File Permissions: Ensure strict file and directory permissions to prevent
unauthorized modifications.
Input Validation: Implement input validation in web applications residing on the
server to mitigate XSS and SQL injection vulnerabilities.
Logging and Monitoring: Enable access and error logging. Consider intrusion
detection systems (IDS) or file integrity monitoring solutions.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you had to configure and troubleshoot a mail server
(e.g., Postfix, Sendmail) on Linux.
Scenario: A company needed to set up an internal mail server for employee emails.
Approach:
Choice of MTA: Choose a Mail Transfer Agent (MTA) like Postfix or Sendmail based on
familiarity and features required.
Installation and Basic Configuration: Install and configure the MTA with domain
name and hostname information.
DNS Setup: Configure DNS records (MX records) to point to the mail server for
domain-based email routing.
Firewall: Adjust firewall rules to allow SMTP traffic (port 25), and potentially
IMAP/POP3 for mail clients.
Authentication: Implement authentication mechanisms (SASL) to prevent unauthorized
relaying.
Spam Filtering: Install and configure spam filtering solutions like SpamAssassin or
Rspamd.
Testing: Thoroughly test sending and receiving email internally and externally.
Troubleshoot using mail logs.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you set up and configure a backup solution for Linux servers? What
factors would you consider?
Approach:
Factors:
Data Criticality: How important is the data and what's the impact of its loss?
RPO and RTO: Recovery Point Objective (how much data loss is acceptable) and
Recovery Time Objective (how fast the systems need to be restored).
Budget and Resources: Available budget and IT personnel expertise.
Backup Tools:
rsync: For simple file-level backups with flexibility.
tar: Archive type backups.
Bareos / Bacula: Enterprise-level backup solutions with scheduling, client
management, and various backup types.
Strategy:
Backup Types: Full, incremental, differential backups.
Location: Local, external drives, cloud-based (AWS S3, etc.).
Encryption: Ensure backup data is encrypted for security.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
Identify Bottleneck: Analyze performance metrics (CPU, memory, disk I/O, network)
to determine the primary bottleneck.
Load Balancer: Introduce a load balancer (software like HAProxy, Nginx, or a
hardware appliance) to distribute requests across multiple web servers.
Provision Additional Servers: Add identical web server instances either on-premises
or in the cloud (depending on your infrastructure). Configure them identically to
existing servers.
Application Optimization: Ensure the application itself is optimized and can handle
distributed workloads.
Database Scaling: If the database is the bottleneck, consider replication (master-
slave) or sharding strategies for scaling databases.
Caching: Implement caching layers (e.g., Redis, Memcached) in front of the web
servers to reduce load on the backend.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain how you would configure and manage RAID arrays for data redundancy and
performance on Linux.
Approach:
RAID Level Choice: Select RAID level based on redundancy, performance, and capacity
needs:
RAID 0: Striping for performance (no redundancy)
RAID 1: Mirroring for redundancy
RAID 5: Striping with parity for redundancy and read performance
RAID 6: Striping with double parity for enhanced redundancy
RAID 10: Combination of mirroring and striping for both redundancy and performance
Tools:
mdadm: Software RAID management tool. Use commands like mdadm --create to create
arrays, mdadm --assemble to assemble existing arrays, and mdadm --detail to view
the array status.
Hardware RAID: If using a hardware RAID controller, its dedicated configuration
utility.
File System Creation: Create a file system on the assembled RAID device using tools
like mkfs.
Monitoring: Regularly monitor RAID array health and address any reported issues.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you implemented log rotation and retention policies
for a Linux server.
Scenario: Log files on a busy web server were consuming excessive disk space and
becoming difficult to manage.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you set up and configure a Linux server to host a secure FTP service?
Approach (I'll focus on VSFTPD as an example):
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Discuss a scenario where you had to configure and manage network bonding or
teaming on a Linux server.
Scenario: A server required increased network throughput and redundancy for
critical network links.
Approach:
Verify Hardware Compatibility: Ensure network cards support bonding and provide
compatible drivers.
Bonding Mode: Choose a bonding mode (active-backup, round-robin, load balancing)
based on requirements.
Configuration:
Distribution Tools: Use ip link, ifenslave (older), or distribution-specific tools
to create and configure the bond interface (check your Linux distribution's
documentation).
Network Settings: Assign IP addresses, network configuration to the bond interface.
Testing: Thoroughly test network connectivity and failover scenarios by simulating
cable disconnections.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you had to recover from a compromised Linux server.
What steps did you take?
Scenario: A web server was hacked due to an unpatched vulnerability, and the
attacker gained access.
Approach:
Contain the Breach: Immediately isolate the compromised server from the network to
prevent further spread.
Preserve Evidence: If possible, make a forensic image of the system before further
changes, for potential legal or investigative purposes.
Identify the Attack Vector: Analyze logs, system files, and network traffic to
determine how the attacker gained access and the extent of the compromise.
Remediate:
Patch the vulnerability that allowed the intrusion.
Change all passwords (root, user accounts, SSH keys).
Carefully examine system configuration files for modifications.
Review installed packages for malware.
Clean Install (If Necessary): In severe compromise, a full system reinstall from
trusted backups might be the safest option.
Monitoring: Implement enhanced logging and monitoring to identify future intrusion
attempts.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you automate server provisioning and configuration management using
tools like Puppet, Chef, or SaltStack?
Approach (I'll use Puppet as an example):
Master-Agent Setup: Install Puppet Server (master) and Puppet agent on nodes to be
managed.
Manifests: Write Puppet manifests (code files) that define the desired state of the
servers:
Packages: Define what packages should be installed or removed.
Services: Manage services (running, stopped, configuration).
Files: Manage file contents and permissions.
Modules: Organize your manifests into reusable modules for easier management.
Node Classification: Assign nodes to specific roles by creating node definitions
within Puppet.
Apply Changes: The Puppet agent on each node regularly communicates with the master
to fetch its configuration and enforce the desired state.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain how you would configure and manage DNS services (e.g., BIND) on a Linux
server.
Approach (using BIND as an example):
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you had to optimize memory usage and manage swap space
on a Linux server.
Scenario: A Linux server with limited RAM was experiencing performance issues due
to excessive swapping.
Approach:
Identify Memory-Intensive Processes: Use tools like top, htop, or free -m to check
memory usage and pinpoint the processes consuming the most memory.
Optimize Applications: If possible, address memory leaks or excessive usage within
applications causing the high memory consumption.
Add Swap (If Necessary): If you can't reduce memory usage, increase the swap space
to provide temporary relief but be aware this can degrade performance if overused.
Adjust Swappiness: Configure the kernel's swappiness parameter (e.g., in
/etc/sysctl.conf) to control how aggressively the system uses swap (lower values
favor keeping more data in memory).
Consider More RAM: If optimizing applications and managing swap proves
insufficient, the best long-term solution might be to add more physical RAM to the
server.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you set up and configure a Linux server to support IPv6 networking?
Approach:
Kernel Support: Ensure your Linux kernel has IPv6 support compiled in (most modern
kernels do).
Interface Configuration:
Static: Assign IPv6 addresses to your interfaces manually using ip addr add or by
editing network configuration files.
DHCPv6: If your network provides DHCPv6, configure the client to obtain an IPv6
address automatically.
Routing: Ensure IPv6 routing is configured if the server needs to forward IPv6
traffic. Update your routing table using ip -6 route.
Firewall: Adjust firewall rules (iptables or ip6tables) to allow necessary IPv6
traffic.
DNS: Configure DNS so that your systems can resolve IPv6 addresses (AAAA records).
Testing: Verify IPv6 connectivity using ping6 and other network tools.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Discuss a scenario where you had to troubleshoot kernel panic or system crashes
on a Linux server.
Scenario: A critical server periodically experienced kernel panics, leading to
downtime.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain the steps you would take to secure containerized applications running on
Linux (e.g., Kubernetes).
Approach:
Secure Base Images: Start with hardened and minimal base images for containers.
Regularly update them with security patches.
Least Privilege: Run containers with the least privileges required. Avoid running
containers as root.
Image Scanning: Scan container images for vulnerabilities using tools like Clair or
Trivy.
Network Segmentation: Use network policies (e.g., in Kubernetes) to control
communication between containers and external networks.
Secrets Management: Use a secrets management solution (like Vault) to securely
store and distribute sensitive data (passwords, tokens) to containers.
RBAC: Implement Role-Based Access Control (RBAC) within Kubernetes to enforce
permissions for interacting with the Kubernetes API and resources.
Pod Security Policies: Apply Kubernetes Pod Security Policies to restrict
containers' capabilities.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you implemented automated monitoring and alerting for
Linux servers.
Scenario: An organization needed to proactively monitor servers and get alerted
about critical issues.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Approach:
Hardware and Network: Plan hardware (number of nodes, disks, network) considering
performance, redundancy, and capacity needs. Ensure robust networking for Ceph's
communication.
Installation: Install Ceph packages on the selected nodes that will act as storage
nodes (OSDs).
Ceph Configuration: Create the Ceph configuration file (ceph.conf):
Monitor Nodes: Set up monitor nodes for cluster management.
OSD Creation: Prepare and add OSDs (disks or partitions) to the Ceph cluster.
Pools: Define storage pools with tailored replication or erasure coding levels
based on workload requirements.
Client Access: Provide access methods for clients:
Block Devices (RBD): For use as virtual machine block storage.
CephFS: For a distributed file system.
Object Storage (RADOSGW): For S3/Swift compatible object storage.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain how you would set up and configure a reverse proxy (e.g., Apache or
Nginx) on Linux.
Approach (using Nginx as an example):
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you had to configure and manage SSL/TLS certificates
for secure communication on Linux.
Scenario: A company website needed to implement HTTPS to secure user traffic and
improve search engine rankings.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you implement and manage kernel upgrades on Linux servers?
Approach:
Check Compatibility: Verify that the new kernel is compatible with your hardware
and software. Look for changelogs, release notes, and vendor information.
Backup: Create a full system backup before making any major kernel changes.
Installation Method:
Package Updates: Use your Linux distribution's package manager (apt, yum) to
install the latest kernel package.
Manual: If needed, download, compile, and install a kernel directly from the
source.
Update Bootloader: Update your bootloader configuration (e.g., GRUB) to include the
new kernel.
Reboot: Reboot the server to load the new kernel.
Testing: Thoroughly test the server under the new kernel to identify any
compatibility issues or regressions.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Discuss a scenario where you had to set up and configure a Linux server as a
caching DNS resolver (e.g., using dnsmasq).
Scenario: A small office network wanted to improve DNS lookup speeds and reduce
external DNS traffic.
Approach:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Explain the process of setting up and configuring network file sharing (e.g.,
NFS or Samba) on Linux.
Approach (I'll focus on NFS):
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Describe a scenario where you had to migrate data and applications from one
Linux server to another?
Scenario: A company needed to upgrade their primary web server to a newer, more
powerful machine, while minimizing downtime for their website.
Approach:
Planning:
Inventory: Thoroughly document the applications, configurations, and dependencies
on the existing server.
Migration Method: Choose between live migration (minimal downtime) or downtime-
based migration.
Compatibility: Ensure applications can run on the new server's OS and software
versions.
Data Migration:
rsync: For efficient file-level synchronization. Best for live migrations to keep
data updated in real-time.
Database Replication: If substantial database changes occur during the migration,
set up replication to the new database server in advance.
Application Migration:
Packaging: If possible, package applications and their dependencies for easy
redeployment.
Configuration Files: Carefully migrate configuration files, adjusting paths and
settings as needed.
Testing: Rigorously test all migrated applications and services on the new server
in a staging environment.
Cutover:
DNS Updates: Switch DNS records to point to the new server's IP address for a
seamless transition.
Monitoring: Closely monitor the new server post-migration for performance issues.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. How would you handle a situation where a Linux server is experiencing memory
leaks?
Scenario: A production server was gradually slowing down, and investigations
pointed towards increasing memory usage over time, indicating a potential memory
leak.
Approach:
Identify the Leaking Process: Use tools like top, htop, or ps to observe processes
over time to identify those with steadily increasing memory usage.
Profiling Tools: Use memory profiling tools for deeper analysis:
Valgrind: Detects memory leaks and errors within applications.
Heaptrack: Analyzes heap memory usage in applications over time.
Application-Level Fix: If the leak is in application code, work with developers to
identify the faulty code sections and implement fixes.
Restarting Services: Temporarily mitigate the impact by restarting the leaky
process. However, this is not a permanent solution.
Resource Limits (Temporary): Use tools like ulimit or cgroups to limit memory
available to a leaky process. This prevents it from consuming all server memory but
doesn't fix the root cause.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Q. Discuss a scenario where you had to implement role-based access control (RBAC)
using sudo or other tools on Linux servers?
Scenario: A development company needed to enforce separation of duties by providing
developers with elevated permissions to manage specific web applications without
granting them full root access.
Approach:
Groups: Create Linux groups representing the roles (e.g., "webdevs"). Add users to
their respective groups.
Sudoers Configuration: Edit the /etc/sudoers file (using visudo for safe editing)
to configure granular permissions:
Allow Groups: Grant the "webdevs" group permission to execute specific commands
with sudo.
Command Restrictions: Limit which commands they can run, and potentially which
paths those commands can operate on.
Alternative Tools (if needed): For finer-grained RBAC, consider:
SELinux: For mandatory access controls, if your environment supports it.
RBAC Systems: Tools like FreeIPA provide centralized RBAC management.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
!/usr/bin/env bash
NAME="John"
echo "Hello $NAME!"
Variables
NAME="John"
echo $NAME
echo "$NAME"
echo "${NAME}!"
String quotes
NAME="John"
echo "Hi $NAME"=> Hi John
echo 'Hi $NAME'=> Hi $NAME
Shell execution
Conditional execution
get_name() {
echo "John"
}
Conditionals
Strict mode
Brace expansion
echo {A,B}.js
| `{A,B}`| Same as `A B` |
| ---------- | ------------------- |
| `{A,B}.js` | Same as `A.js B.js` |
| `{.5}` | Same as `1 2 3 4 5` |
Parameter expansions
Basics
name="John"
echo ${name}
echo ${name/J/j}=> "john" (substitution)
echo ${name:0:2}=> "Jo" (slicing)
echo ${name::2} => "Jo" (slicing)
echo ${name::-1}=> "Joh" (slicing)
echo ${name:(-1)} => "n" (slicing from right)
echo ${name:(-2):1} => "h" (slicing from right)
echo ${food:-Cake}=> $food or "Cake"
length=2
echo ${name:0:length}=> "Jo"
STR="/path/to/foo.cpp"
echo ${STR%.cpp} /path/to/foo
echo ${STR%.cpp}.o /path/to/foo.o
echo ${STR/foo/bar}/path/to/bar.cpp
STR="Hello world"
echo ${STR:6:5}"world"
echo ${STR:-5:5} "world"
SRC="/path/to/foo.cpp"
BASE=${SRC/} => "foo.cpp" (basepath)
DIR=${SRC%$BASE}=> "/path/to/" (dirpath)
Substitution
Comments
: '
This is a
multi line
comment
'
Substrings
Length
| `${FOO}` | Length of `$FOO` |
| --------- | ---------------- |
| ||
Default values
Loops
for i in /etc/rc.; do
echo $i
done
Ranges
for i in {.5}; do
echo "Welcome $i"
done
for i in {5..50..5}; do
echo "Welcome $i"
done
Reading lines
Forever
while true; do
···
done
Functions
Defining functions
myfunc() {
echo "hello $1"
}
myfunc "John"
Returning values
myfunc() {
local myresult='some value'
echo $myresult
}
result="$(myfunc)"
Raising errors
myfunc() {
return 1
}
if myfunc; then
echo "success"
else
echo "failure"
fi
Arguments
Conditionals
Conditions
Note that `[[` is actually a command/program that returns either `0` (true) or `1`
(false). Any program that obeys the same logic (like all base utils, such as
`grep(1)` or `ping(1)`) can be used as condition, see examples.
File conditions
Example
String
if [[ -z "$string" ]]; then
echo "String is empty"
elif [[ -n "$string" ]]; then
echo "String is not empty"
fi
Combinations
if [[ X ]] && [[ Y ]]; then
...
fi
Equal
if [[ "$A" == "$B" ]]
Regex
if [[ "A" =~ "." ]]
Arrays
Defining arrays
Fruits[0]="Apple"
Fruits[1]="Banana"
Fruits[2]="Orange"
Operations
Iteration
for i in "${arrayName[@]}"; do
echo $i
done
Dictionaries
Defining
declare -A sounds
sounds[dog]="bark"
sounds[cow]="moo"
sounds[bird]="tweet"
sounds[wolf]="howl"
Iteration
Options
Options
Glob options
History
Commands
Expansions
Operations
Slices
| `!!:n` | Expand only `n`th token from most recent command (command is `0`; first
argument is `1`) |
| -------- | ------------------------------------------------------------ |
| `!^` | Expand first argument from most recent command |
| `!$` | Expand last token from most recent command |
| `!!:n-m` | Expand range of tokens from most recent command|
| `!!:n-$` | Expand `n`th token to last from most recent command|
`!!` can be replaced with any valid expansion i.e. `!cat`, `!-2`, `!42`, etc.
Miscellaneous
Numeric calculations
Subshells
Redirection
Inspecting commands
command -V cd
=> "cd is a function/alias/whatever"
Trap errors
or
traperr() {
echo "ERROR: ${BASH_SOURCE[1]} at about ${BASH_LINENO[0]}"
}
set -o errtrace
trap traperr ERR
Case/switch
case "$1" in
start | up)
vagrant up
;;
)
echo "Usage: $0 {start|stop|ssh}"
;;
esac
Source relative
source "${0%/}/../share/foo.sh"
printf
Directory of script
DIR="${0%/}"
Getting options
Heredoc
cat <<END
hello world
END
Reading input
Special variables
Go to previous directory
pwd/home/user/foo
cd bar/
pwd/home/user/foo/bar
cd -
pwd/home/user/foo
3. Linux Commands:
File Commands
| Command | Description|
| --------------- | ------------------------------------------------------------ |
| ls| directory listing|
| ls -al| formated listing with hidden files |
| cd dir| change directory to dir|
| cd| change to home |
| pwd | show current directory |
| mkdir dir | create directory dir |
| rm file | delete file|
| rm -r dir | delete directory dir |
| rm -f file| force remove file|
| rm -rf dir| force remove directory dir |
| cp file1 file2| copy file1 to file2|
| cp -r dir1 dir2 | copy dir1 to dir2; create dir2 if it doesn't exist |
| mv file1 file2| rename or move file1 to file2 if file is an existing directory,
moves file1 to sirectory file2 |
| ln -s file link | create symbolic link to file |
| touch file| create or update file|
| cat > file| places standard input into file|
| more file | output the contents of file|
| head file | output the first 10 lines of file|
| tail file | output the last 10 lines of file |
| tail -f file| output the contents of file as it grows starting with the last 10
lines |
System Info
| Command | Description |
| ----------------- | ------------------------------------- |
| date| show the current date and time|
| cal | show this month's calendar|
| uptime| show current uptime |
| w | display who is online |
| whoami| who you are logged in as|
| finger user | display info about user |
| uname -a| show kernel info|
| cat /proc/cpuinfo | cpu info|
| cat /proc/meminfo | memory info |
| man command | show the manual for command |
| df| show disk usage |
| du| show directory space usage|
| free| show memory and swap usage|
| whereis app | show possible locations of app|
| which app | show which app will be run by default |
| Command| Description|
| ---------------- | ------------------------------------------------------------ |
| chmod octal file | change the permissions of file to octal, which can be found
separately for user, group, and world by adding: 4 – read (r), 2- write(w), execute
(x) |
| chmod 777| read, write execute for all|
| chmod 755| rwx for owner, rx for group and world|
| Command| Description|
| ------------ | ------------------------------------------------------------ |
| ps | display currently active processes |
| top| display all running processes|
| kill pid | kill process id pid|
| killall proc | kill al processes named proc |
| bg | lists stopped or background jobs; resume a stopped job in the background |
| fg | brings the most recent job to the foreground |
| fg n | brings job n to the foreground |
SSH commands
| Command | Description|
| --------------------- |
------------------------------------------------------------ |
| ssh user@host | connect to host as user|
| ssh -p port user@host | connect to host on port as user|
| ssh-copy-id user@host | add your key to host for user to enable a keyed
passwordless login |
Searching Commands
| Command | Description |
| ----------------------- | ------------------------------------------- |
| grep pattern files| search for pattern in files |
| greo -r pattern dir | search recursively for pattern in dir |
| command \| grep pattern | search for pattern in the output of command |
| locate file | find all instances of file|
Compression commands:
| Command | Description |
| ------------------------- | --------------------------------------------- |
| tar cf file.tar files | created a tar named file.tar containing files |
| tar xf file.tar | extract the files from file.tar |
| tar czf file.tar.gz files | create a tar with Gzip compression|
| tar xzf file.tar.gz | extract a tar using Gzip|
| tar cjf file.tar.bz2| create a tar with Bzip2 compression |
| tar xjf file.tar.bz2| extract a tar using Bzip2 |
| gzip file | compresses file and renames it to file.gz |
| gzip -d file.gz | decompresses file.gz back to file |
Networking commands
| Command| Description|
| ---------------------------- |
------------------------------------------------------------ |
| ping host| ping host and output results |
| whois domain | get whois information for domain |
| dig domain | get DNS information for domain |
| dig -x host| reverse lookup host|
| wget file| download file|
| wget -c file | continue a stopped download|
| Nmap Scan TypeOptionstarget. | scan a host|
| ifconfig ||
| traceroute domain/ip | traceroute prints the route packets take to network host.|
| telnet host <port> | talk to “hosts” at the given port number. By default, the
telnet port is port 23. |
| netstat –r | Print routing tables.|
| route add| Used for setting a static (non-dynamic by hand route) route path in
the route tables |
| nslookupdomain | Makes queries to the DNS server to translate IP to a name, or
vice versa. |
Installation Commands
| Command | Description|
| --------------------------------------- | -------------------------- |
| make<br />./configure<br />make install | Install from source|
| dpkg -i pkg.deb | install a package (Debian) |
| rpm -Uvh pkg.rpm| install a package(RPM) |
Shortcuts
| Command | Description|
| ------- | ------------------------------------------------------------ |
| Ctrl+C| halts the current command|
| Ctrl+Z| stops the current command, resume with fg in the foreground or bg in the
background |
| Ctrl+D| log out of current session, similar to exit|
| Ctrl+W| erases one word in the current line|
| Ctrl+U| erases the whole line|
| Ctrl+R| type to bring up a recent command|
| !!| repeats the last command |
| exit| log out of current session |