Saturday, July 21, 2012

Unix Linux Interview Questions and Answers

This article is intended to collect information of  few interview questions which are asked during  interview for Linux Admin, pen my opinion on the information gathered. This article not intended to educate any one of the information posted, but are most welcome to share there view on them. Some of  them could be commonly asked, most of them are not so. For questions for which we have a detailed explanation, a link would be provided after the answer for detailed reference. The idea of this article is not just to provide an answer to a question, instead to know of the many different options which are present to solve a particular problem.

Note that this document comes without warranty of any kind. But every effort has been made to provide the information as accurate as possible. I welcome emails from any readers with comments, suggestions, and corrections at webmaster_at

Operating System

Boot Process of Linux

What is lilo ? what is the difference between grub and lilo.

LILO (Linux Loader) is a boot loader for Linux.
GRUB (GRand Unified Boot loader)
GRUB has a more powerful, interactive command line interface

LILO and GRUB do have a number of differences:
* LILO has no interactive command interface, whereas GRUB does. 
* LILO does not support booting from a network, whereas GRUB does.
* LILO stores information regarding the location of the operating systems it can to load physically on the MBR. If you change your LILO config file, you have to rewrite the LILO stage one boot loader to the MBR. Compared with GRUB, this is a much more risky option since a misconfigured MBR could leave the system unbootable. With GRUB, if the configuration file is configured incorrectly, it will simply default to the GRUB command-line interface.

what is initrd image. If you get the error initrd image is corrupted. How will you fix the issue

initial RAM disk (initrd) is a temporary root file system
that is mounted during system boot to support the two-state
boot process. The initrd contains various executables and
drivers that permit the real root file system to be
mounted, after which the initrd RAM disk is unmounted and
its memory freed.

If the initrd image is corrupted than you can reinstall it with 'mkinitrd' command

What is kernel Panic error ? How will you fix it.

kernel panic occurred when linux kernel can not communicate 
with any hardware or any OS related file.
If you get the error while loading grub then login to rescue mode and open grub.conf which reside in /boot/grub/grub.conf and make the entry given below!
title Red Hat Enterprise Linux Server (2.6.18-53.el5)
root (hd0,0)
kernel /vmlinuz-<version> ro root=<root mount drive
ie. /dev/hda2> rhgb quiet
initrd /initrd-<version.img>

you can check your root mount drive by e2label utility!
#e2label /dev/sdan , where n is the no of your partition.

How to recover MBR or GRUB?

i) IN grub prompt ii) /sbin/grub.install <boot device=hd0>
If not working then execute the following commands :
i)grub ii) grub (hd0,0) iii) setup (hd0) iv) quit

How will you recover the password and shadow file,  in case both got deleted ?

Login in single user mode
$cp /etc/passwd~ /etc/passwd
$cp /etc/shadow~ /etc/shadow

Thats it...Linux by default take the backup of these files.

User Management

How to add user if adduser or useradd command is not working ?

---> i) creat entry in /etc/passwd  /etc/group /etc/shadow
mkdir /home/username
chown username:
passwd username

How to add user in a group? How to show the group of a user?

----> usermod -G <groupname> <username> & id <username>

How many types of users in linux? possible to assign uid 500 to a user?

---> 3 types of users in Linux i) Sytem Users, ii) Root User, iii)
Normal Users . UId from 1 to 499 reserved for
System users, so it not possible to give this uid to normal user

How to remove permisson of user for a folder?

---> setfacl -x u:<username> <foldername>

How to give root permission to normal user?

---> i) visudo & enter the <username> All(ALL) ALL
OR <username> ALL=/etc/init.d/httpd

What is the sequence of /etc/passwd fields?

---> <User Name>:<password>:<Uid>:<Gid>:<Gecos/comment field>:<Homedir>:<loggin shell>

How to Force the user to change password at next login ?

1.) Firstly, lock the account to prevent the user from using the login until the change has
been made:
# usermod -L
2.) Change the password expiration date to 0 to ensure the user changes the password
during the next login:
# chage -d 0
3.) To unlock the account after the change do the following:
# usermod -U
example: ssh pankaj@localhost
(current) UNIX password: xxxxxx
Enter new UNIX password: xxxxxxxxx
Retype new UNIX password:  xxxxxxxxx

If you need to implement a policy to have a minimum and maximum password age forcing users to change their passwords.

To easily view the current status of a user account, use the following syntax:
sudo chage -l username

pankaj@testserver:~$ sudo chage -l pankaj

Last password change                    : MAY 30, 2012

Password expires                    : never

Password inactive                   : never

Account expires                     : never

Minimum number of days between password change      : 0

Maximum number of days between password change      : 99999

Number of days of warning before password expires   : 7
To set any of these values, simply use the following syntax, and follow the interactive prompts:
sudo chage username
The following is also an example of how you can manually change the minimum password age (-m) of 5 days, maximum password age (-M) of 90 days, inactivity period (-I) of 5 days after password expiration, and a warning time period (-W) of 14 days before password expiration.
sudo chage  -m 5 -M 90 -I 30 -W 14 pankaj

To verify changes, use the same syntax as mentioned previously:

sudo chage -l pankaj


What is Bonding. How will configure bonding.

What is MTU. How will you change the MTU?

MTU(Maximum Transmission Unit) is related to TCP/IP networking in
Linux/BSD/UNIX oses. It refers to the size (in bytes) of the largest datagram that a given layer of a communications protocol can pass at a time.

To change MTU please refer

How to configure linux system as a router?

---> Enable packet forwarding in /etc/sysctl.conf file
net.ipv4.ip_forward = 1


We will very soon upload questions.


What is difference between SAN DAS NAS and ISCSI Storage

SAN Advantages

1) Share storage among different application servers.
2) Data is stored at a block level.
3) Physical elements of the SAN (servers, switches, storage arrays, etc.) are connected with Fibre Channel.
4) SAN is scalability and flexibility.
5) Storage can be added without disrupting the applications and different types of storage can be added to the pool.
5) Backups is centralized so reducing workload and providing greater assurance that the backups are complete.
6) Backup traffic never impacts users on the LAN.

ISCSI SAN Advantages

1) iSCSI is a lower cost alternative to Fibre Channel SAN infrastructure.
2) Interconnect is Ethernet cable and the switches are Gigabit Ethernet.
3) Protocol used is TCP/IP.

iSCSI presents volumes as a block storage device which makes them ideal for use by enterprise applications such as Microsoft Exchange and Microsoft SQL Server. In particular, the Microsoft iSCSI Software Initiator is the component of the overall iSCSI environment that makes it possible to make the iSCSI SAN attached disks appear to be local attached disks.

DAS (Direct Attached Storage) Advantages

1) The disks may be internal to the server or in an array that is connected directly to the server.
2) Backups must either be performed on each individual server.
3) Storage can only be added by taking down the application server then adding physical disks and then rebuilding the storage. array.
NAS (Network Attached Storage) Advantages

1) NAS accesses data by file.
2) NAS manages its own file system.
3) NAS can be accesses across multiple operating systems.
4) NAS backups are more efficient. (With NAS feature called Snapshot provides an almost instantaneous way for the systems administrator to recover lost, deleted, or corrupted files.)
5) Administrators can assign shares, security settings as they would for a regular file server.

What is LUN ?

A logical unit number (LUN) is a unique identifier used to designate individual or collections of hard disk devices for address by a protocol associated with a SCSI, iSCSI, Fibre Channel (FC) or similar interface. LUNs are central to the management of block storage arrays shared over a storage area network (SAN). 

How will you add a new LUN allocated from SAN ?

How to Find Qlogic or Emulex HBA Card WWN Address on Linux?

$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.3 (Tikanga)
[On Red hat 5]
$ cat /sys/class/scsi_host/host1/device/fc_host:host1/port_name

$ cat /etc/redhat-release
Enterprise Linux Enterprise Linux AS release 3 (Update 9)

[On Red hat 3]
$ cat /proc/scsi/qla2300/1
QLogic PCI to Fibre Channel Host Adapter for QLA2460:
Firmware version: 4.00.23, Driver version 7.07.05
Entry address = f888d060

Request Queue = 0x37280000, Response Queue = 0x37270000

NFS / NIS / FTP / LDAP / samba

How to add ftp users? What port it uses?

---> i) vi /etc/vsftpd/user_list and add the user in this file
ii) vi /etc/vsftpd/vsftpd.conf & change userlist_deny=NO
iii) service vsftpd restart
iv) ftp-data 20 & connection 21

what is the difference between ftp and sftp and how will you configure ftp server and sftp server

When you transfer files from your computer to your server or from one computer to another, you probably use an FTP program.  Some of those programs, like FileZilla, offer support for additional protocols like SFTP.  There is an important difference between FTP and SFTP, and you should know what both are before you start transferring files.
FTP stands for File Transfer Protocol and is the most widely used protocol for file distribution and downloading.  Many public servers, particularly universities may even use anonymous FTP, allowing anyone to login and download their content.  On your own dedicated server, you will most likely have an FTP server, such as ProFTPD or Vsftpd running at all times for you and/or your clients.
The downside to FTP is that it sends files as they are, without any extra security or encryption.  If you are transferring sensitive data, there is a security risk with FTP that you may not want to take.Some FTP clients can use SCP (secure copy) using SSH, which may or may not be supported by your server.  Others use SFTP, which is a secure FTP implementation that also uses SSH encryption.  The obvious benefit of this is that your data cannot be easily intercepted, which is particularly important for businesses, government agencies, and security-conscious individuals.
You should note that SFTP will require you to give users access to SSH, which if unchecked, will give your users the ability to view just about every directory in your server.  You can easily remedy this by using chroot to jail the users into their home directories
For FTP configuration please refer

Important Linux Port

21 => FTP
22 => SSH
23 => Telnet
25 => SMTP Mail Transfer
43 => WHOIS service
53 => name server (DNS)
80 => HTTP (Web server)

443 => HTTP Secure (SSL for https:// )
110 => POP protocol (for email)
995 => POP over SSL/TLS
111 => rpcbind
953 => rndc
143 => IMAP Protocol (for email)
993 => IMAP Secure
3306 = > MysQL Server

5432 = > postgres
3128 = > squid

How to see which port which service is running? What is the /etc/services file?

---> netstat -tunlp (t=tcp,u=udp,n=numeric,l=listening,p=port/program)
/etc/services file having ports & services.

What is root squash and no root squash

no_root_squash - Allows root users on client computers to have root access on the server. Mount requests for root are not be mounted to the anonomous user. This option is needed for diskless clients.
root_squash - Requests from root clients are mapped to the nobody user and group ID so they will only have file privileges associated with other. 

What is the difference in sync and async option in NFS

async means that the NFS server will acknowledge data before it's committed to disk, which can lead to data corruption if the server crashes. sync does the opposite, the server will only acknowledge data after it's written out.

What is stale error in NFS and how will you fix it.

Sometime NFS can result in to weird problems. For example NFS mounted directories sometimes contain stale file handles. If you run command such as ls or vi you will see an error:
$ ls
.: Stale File Handle

How do I fix this problem?
a) The best solution is to remount directory from the NFS client using mount command:
# umount -f /mnt/local
# mount -t nfs nfsserver:/path/to/share /mnt/local
First command (umount) forcefully unmount a disk partition /mnt/local (NFS).
OR try to mount NFS directory with the noac option. However I don't recommend using noac option because of performance issue and Checking files on NFS filesystem referenced by file descriptors (i.e. the fcntl and ioctl families of functions) may lead to inconsistent result due to the lack of consistency check in kernel even if noac is used.

How to create NIS server and NIS client ? Explain with example.

What is Portmap and why it is required

The port mapper (rpc.portmap or just portmap, or rpcbind) is an Open Network Computing Remote Procedure Call (ONC RPC) service that runs on network nodes that provide other ONC RPC services.
The port mapper service always uses TCP or UDP port 111; a fixed port is required for it, as a client would not be able to get the port number for the port mapper service from the port mapper itself.The port mapper must be started before any other RPC servers are started.

How to restrict users from accessing nfs

What port samba used? How to Configure samba

---> 135,139,445/TCP used by smbd & 137,138/UDP used by nmbd
To Configure Samba please refer

Proxy Server

What is reverse proxy and transparent proxy.

How will you block the internet usage for a particular IP Address


What is the Status code 403 & 404 represent in Apache?

--> 403 represents forbidden error & 404 represents there is a cgi scirpt missing or web page missing


We will very soon upload questions.


What are different RAID levels. What are their advantages. Explain with Example

LVM(Logical Volume Managment)

What is the purpose of LVM ? Why it is used?  How to create LVM ?

What is the largest disk size can be used in LVM ?

How will you move volume group from one server to another ?

How will you remove a PV from LVM without any data loss ?

Make sure that the physical volume isn't used by any logical volumes by using then 'pvdisplay' command:  

# pvdisplay /dev/hda1

--- Physical volume ---
PV Name               /dev/hda1
VG Name               myvg
PV Size               1.95 GB / NOT usable 4 MB [LVM: 122 KB]
PV#                   1
PV Status             available
Allocatable           yes (but full)
Cur LV                1
PE Size (KByte)       4096
Total PE              499
Free PE               0
Allocated PE          499
PV UUID               Sd44tK-9IRw-SrMC-MOkn-76iP-iftz-OVSen7

If the physical volume is still used you will have to migrate the data to another physical volume using pvmove.
Then use 'vgreduce' to remove the physical volume:
#vgreduce my_volume_group /dev/hda1

How we can use resize2fs, what is the purpose ?

The resize2fs program will resize ext2, ext3, or ext4 file systems. It can be used to enlarge or shrink an unmounted file system located on device. If the filesystem is mounted, it can be used to expand the size of the mounted filesystem, assuming the kernel supports on-line resizing. (As of this writing, the Linux 2.6 kernel supports on-line resize for filesystems mounted using ext3 only.).

OTHER System Admin Tasks

What is the difference between Ext2 and Ext3 File System ?

Please refer

If the File system is in read only mode, so we cannot create any file. How will you fix it.

mount -o remount /
That fixed it – no longer in read-only mode. Now you can find out bottleneck of the issue

How to find out the dependency required for a package ?

You can finding out what dependencies a rpm file has i.e. it will tell you what you need to install package with following command:rpm -qpR {.rpm-file}
 rpm -qR {package-name}

What is the difference between Ext3 and Ext4 file System ?

What is hard link and soft link

soft or symbolic is more of a short cut to the original file....if you delete the original the shortcut fails and if you only delete the short cut nothing happens to the original.
hard link is more of a mirror something to file1 and it appears in file 2
deleting one still keeps the other ok
Hard links share the same inode. Soft links do not.
Hard links can't cross file systems. Soft links do.

How Do I Find Out CPU is 32bit or 64bit?

Type the following command at the terminal, run:
$ uname -a

root@test-server:~# uname -a
Linux test-server #2 SMP Tue Aug 24 11:24:12 CEST 2010 x86_64 GNU/Linux

x86_64 GNU/Linux indicates that you've a 64bit Linux kernel running. If you use see i386/i486/i586/i686 it is a 32 bit kernel. 

How to block ssh,ftp,telnet using iptables.

iptables -A INPUT -s <sourceIP> -p tcp --dport <port> -j Reject

How to check priority of the process?

Execute top command
Check the nice value of the process (-20 is the highest & 19 is the lowest)

How to Schedule cron backup for 4th saturday of month?

---> * * * * 6 weekdaynum 4 && sh /backup/

How to change the history file limit?

---> Change the history number in /etc/profile file

Which deamon responsible for tracking events on sytem?

---> syslogd

How to find top 10 users to using the Huge space?

---> du -s /home/* | sort -nr | head -10

When creating user why inode number of passwd, shadow & group files is change?

---> ls -i /etc/<filename>; yes it is change because this files are regenerated.

How to delete all the files from home directory which are above 500 MB?

---> find /home -size +500M -exec rm -rf { }\;

How to unmount the file system if not able to unmout them?

---> fuser -cu <filesystem/folder> e.g. / or /home ---> If shows the connected  users to the file system
fuser -k <filesystem/folder>

-k : Kill processes accessing the file.Linux umount command to unmount a disk partition
You can also try umount command with –l option:
# umount -l /mnt
Where,-l : Also known as Lazy unmount. Detach the filesystem from the filesystem hierarchy now, and cleanup all references to the filesystem as soon as it is not busy anymore. This option works with kernel version 2.4.11+ and above only.
If you would like to unmount a NFS mount point then try following command:
# umount -f /mnt
Where,-f: Force unmount in case of an unreachable NFS system

Caution: Using these commands or option can cause data loss for open files; programs which access files after the file system has been unmounted will get an error.

How to recover fstab file it deleted?

---> i) boot the system in rescue mode. ii) fdisk -l shows the
partision of / iii) mount -o rw /dev/sda4?
iv) vi /etc/fstab & put entry of file system manualy. or recover
from /etc/mtab file.

Explain the process of kickstart Installation?

What are the default permission of file & Directory?

---> Permission of file is 644 & Directory is 755

How to kill zombie process?

---> zombie process is already a dead process. May not be deleted by
kill -s SIGCHLD pid

i) ps -aux |grep Z OR ps -aux | awk '{ print $8 " "
$2 }' |grep Z ii) kill -9 <pid>

RDIST: Remotely distributing and installing software/files

The command rdist helps the system administrator install software or update files
across many machines. The process is launched from one computer.
rdist -f instruction-file
Instruction file:
) dest =
computer-node-name )
${files} -> ${dest}
install /fully-qualified-directory-name-of-destination;

What is fstab and what are the different fields in fstab

fstab is a configuration file that contains information of all the partitions and storage devices in your computer. The file is located under /etc, so the full path to this file is /etc/fstab.
/etc/fstab is just a plain text file, so you can open and edit it with any text editor you're familiar with. However, note that you must have the root privileges before editing fstab. So, in order to edit the file, you must either log in as root or use the su command to become root.
Last login: Sun Jun 3 21:44:24 2012 from
root@pankaj:~# cat /etc/fstab
# /etc/fstab: static file system information.
# <file system> <mount point> <type> <options> <dump> <pass>
   proc           /proc        proc    defaults   0      0
  /dev/hda2       /            ext4    defaults   1      1
The first column contains the device name, the second one its mount point, third its filesystem type, fourth the mount options, fifth (a number) dump options, and sixth (another number) filesystem check options. 

If you need to frequently login to some server and you want to implement password less login to that server. How will you do this.

 Step # 1: Generate first ssh key
Type the following command to generate your first public and private key on a local workstation. Next provide the required input or accept the defaults. Please do not change the filename and directory location.
workstation#1 $ ssh-keygen -t dsa
Finally, copy your public key to your remote server using scp
workstation#1 $ scp  /root/.ssh/ 2nd workstation
   Step # 2:
a) Login to 2nd workstation

b) Now you have new public key. APPEND this key to the downloaded authorized_keys file using cat command:
workstation#2 $ cat >> /root/.ssh/authorized_keys2
chmod 600 /root/.ssh/authorized_keys2
Step #3: Test your setup

Now try to login from Workstation #1 to  #2,. You should not be asked for a password:
workstation#1 $ ssh workstation2

what is the difference between DSA and RSA

RSA and DSA are two different algorithms. RSA can be used both for encrypting and signing, while DSA can only be used for signing. I think DSA is considered more secure if you just want to sign stuff.

The difficulty of cracking RSA and DSA with identical key lengths are the same. RSA keys are not allowed to be exported out of the US which makes DSA preferrable for ssh keys if you want to be a law abiding citizen.

How to limit SSH login to specific users

Edit /etc/ssh/sshd_config file and add a line at the bottom of the file

AllowUsers [username]
How can you get info that my last command executed properly

If you want to know the message from system or service, look the /var/adm or /var/log directorys for more information,.but "commands is executed successfully or not?" ,you can check the exit status, if you use bash shell, you can type: echo $? if the result is 0 meaning successful, else will be had a problem.

what is udev

udev is the device manager for the Linux 2.6 kernel series. Its primary function is managing device nodes in /dev. Old UNIX system creates device in the /dev with static files. udev dynamically provides only the nodes for the devices actually present on a system.

what are the permission of /etc/passwd and /etc/shadow files

root@DCOS-71:~# ls -l /etc/passwd
-rw-r--r-- 1 root root 1235 2012-06-06 00:37 /etc/passwd
root@DCOS-71:~# ls -l /etc/shadow
-rw-r----- 1 root shadow 978 2012-06-06 00:37 /etc/shadow


  1. How to lock out a user to login a system after a set number of failed attempts?

    1. On a Linux dedicated server, the “faillog” command will tell you how many failed login attempts a user has. Before you can use faillog, you need to tell PAM, the password manager for Linux, to count failed login attempts. To do this, edit the file /etc/pam.d/system-auth and enable the module:

      auth required no_magic_root
      account required deny=3 no_magic_root lock_time=180

      With “deny=3″, the user’s account will be locked after 3 failed login attempts. The “lock_time” setting tells PAM how long to deny another login after a single failed attempt. The “no_magic_root” setting keeps it from locking the root user.

      To display all failed login attempts, type:

      faillog -a

      To display failed logins for a particular user, type:

      faillog -u username

      To unlock a username after their maximum number of login attempts, type:

      faillog -r -u username

      To manually lock an account, use the “passwd” command:

      passwd -l username

      To unlock the account:

      passwd -u username

  2. What is the difference between soft mount and hard mount?

    1. Hard mount
      -- If the NFS file system is hard mounted the NFS daemons will try repeatedly to contact the server. The NFS daemon retries will not time out will affect system performance and you cannot interrupt them.

      Soft mount
      -- If the NFS file system is soft mounted NFS will try repeatedly to contact the server until either:
      * A connection is established
      * The NFS retry threshold is met
      * The nfstimeout value is reached

  3. if adduser or useradd command not working then one more entry need to be entered manually in a file called /etc/skel ,

  4. How to change load average in linux??

  5. Hello,

    It's Gr8 Post for Linux Admin.

  6. good one due............

  7. nice work keep it up....................

  8. Pankaj (PP) good article.. Regards PA (zenith Infotech)