1. What is initrd image and what is its function in the linux booting process ?

The initial RAM disk (initrd) is an initial root file system that is mounted prior to when the real root file system is available.The initrd is bound to the kernel and loaded as part of the kernel boot procedure. The kernel then mounts this initrd as part of the two-stage boot process to load the modules to make the real file systems available and get at the real root file system. Thus initrd image plays a vital role in linux booting process.

2. Explain the terms suid, sgid and sticky bit ?

In addition to the basic file permissions in Linux, there are few special permissions that are available for executable files and directories.

SUID : If setuid bit is set, when the file is executed by a user, the process will have the same rights as the owner of the file being executed.

SGID : Same as above, but inherits group previleges of the file on execution, not user previleges. Similar way when you create a file within directory,it will inherit the group ownership of the directories.

Sticky bit : Sticky bit was used on executables in linux so that they would remain in the memory more time after the initial execution, hoping they would be needed in the near future. But mainly it is on folders, to imply that a file or folder created inside a stickybit enabled folder could only be deleted by the owner. A very good implementation of sticky bit is /tmp ,where every user has write permission but only users who own a file can delete them.

3. List out few of the differences between Softlink and Hardlink ?

a) Hardlink cannot be created for directories. Hard link can only be created for a file.

b) Symbolic links or symlinks can link to a directory.

c) Removing the original file that your hard link points to does not remove the hardlink itself; the hardlink still provides the content of the underlying file.

d) If you remove the hard link or the symlink itself, the original file will stay intact.

e) Removing the original file does not remove the attached symbolic link or symlink, but without the original file, the symlink is useless

4. How do you sent a mail attachment via bash console ?

“mutt” is an opensource tool for sending emails with attachments from the linux bash command line. We can install “mutt” from the binary rpm or via packagemanager.

For Ubuntu / Debian based destros.

# apt-get install mutt

For Redhat / Fedor based destros,

# yum install mutt

Usage :

# mutt -s “Subject of Mail” -a “path of attachment file” “email address of recipient” < “message text containing body of the message”

Eg : mutt -s “Backup Data” -a /home/backup.tar.gz admin@mywebsite.com < /tmp/message.txt

5. What is the difference between umask and ulimit ?

umask stands for ‘User file creation mask’, which determines the settings of a mask that controls which file permissions are set for files and directories when they are created. While ulimit is a linux built in command which provides control over the resources available to the shell and/or to processes started by it.

You can limit user to specific range by editing /etc/security/limits.conf at the same time system wide settings can be updated in /etc/sysctl.conf

6. What are the run levels in linux and how to change them ?

A run level is a state of init and the whole system that defines what system services are operating and they are identified by numbers.There are 7 different run levels present (run level 0-6) in Linux system for different purpose. The descriptions are given below.

0: Halt System (To shutdown the system)
1: Single user mode
2: Basic multi user mode without NFS
3: Full multi user mode (text based)
4: unused
5: Multi user mode with Graphical User Interface
6: Reboot System

To change the run level, edit the file “/etc/inittab” and change initdefault entry ( id:5:initdefault:). If we want to change the run level on the fly, it can be done using ‘init’ command.

For example, when we type ‘init 3′ in the commandline , this will move the system from current runlevel to runlevl 3. Current level can be listed by typing the command ‘who -r’

7. What is the functionality of a Puppet Server ?

Puppet is an open-source and enterprise application for configuration management toll in UNIX like operating system. Puppet is an IT automation software used to push configuration to its clients (puppet agents) using code. Puppet code can do a variety of tasks from installing new software, to check file permissions, or updating user accounts and lots of other tasks.

8. What is SeLinux?

SELinux is an acronym for Security-enhanced Linux. It is an access control implementation and security feature for the Linux kernel. It is designed to protect the server against misconfigurations and/or compromised daemons. It put limits and instructs server daemons or programs what files they can access and what actions they can take by defining a security policy.

9. What is crontab and explain the fields in a crontab ?

The cron is a deamon that executes commands at specific dates and times in linux. You can use this to schedule activities, either as one-time events or as recurring tasks. Crontab is the program used to install, deinstall or list the tables used to drive the cron daemon in a server. Each user can have their own crontab, and though these are files in /var/spool/cron/crontabs, they are not intended to be edited directly. Here are few of the command line options for crontab.

crontab -e Edit your crontab file.
crontab -l Show your crontab file.
crontab -r Remove your crontab file.

Traditional cron format consists of six fields separated by white spaces:

<command/program to execute>

The format is explained in detail below.

* * * * * *
| | | | | |
| | | | | +– Year (range: 1900-3000)
| | | | +—- Day of the Week (range: 1-7, 1 standing for Monday)
| | | +—— Month of the Year (range: 1-12)
| | +——– Day of the Month (range: 1-31)
| +———- Hour (range: 0-23)
+———— Minute (range: 0-59)

10. What are inodes in Linux ? How to find the inode associated with a file ?

An inode is a data structure on a filesystem on Linux and other Unix-like operating systems that stores all the information about a file except its name and its actual data. When a file is created, it is assigned both a name and an inode number, which is an integer that is unique within the filesystem. Both the file names and their corresponding inode numbers are stored as entries in the directory that appears to the user to contain the files. The concept of inodes is particularly important to the recovery of damaged filesystems. When parts of the inode are lost, they appear in the lost+found directory within the partition in which they once existed.

The following will show the name of each object in the current directory together with its inode number:

# ls -i

The avialble number inodes in a filesystem can be found using the below command :

# df -i

The other way we can get the inode details of a file by using the stat commmand.

Usage : # stat

Example :

-sh-4.1$ stat note.txt
File: `note.txt’
Size: 4 Blocks: 8 IO Block: 4096 regular file
Device: fd05h/64773d Inode: 8655235 Links: 1
Access: (0644/-rw-r–r–) Uid: (69548/nixuser) Gid: (25000/ UNKNOWN)
Access: 2014-06-29 15:27:56.299214865 +0000
Modify: 2014-06-29 15:28:28.027093254 +0000
Change: 2014-06-29 15:28:28.027093254 +0000

Apart from the above basic questions, be prepared for answers for the below questions

1. How to set linux file/directory permissions ?

2. How to set ownership for files/directories ?

3. How to create user/group and how to modify it ?

4. How to find kernel / OS version and its supported bit (32/64) version ?

5. How to set / find interface ip address ?

6. How to find linux mount points and disk usage ?

7. What command to find memory and swap usage ?

8. Have a look on ps, top, grep, find, awk and dmesg commands ?

Linux Scenario Questions

11. What is the difference between name based virtual hosting and IP based virtual hosting ? Explain the scenario where name based virtual hosting seems useful ?

Virtual hosts are used to host multiple domains on a single apache instance. You can have one virtual host for each IP your server has, or the same IP but different ports, or the same IP, the same port but different host names. The latter are called “name based vhosts”.

n IP-based virtual hosting, we can run more than one web site on the same server machine, but each web site has its own IP address while In Name-based virtual hosting, we host multiple websites on the same IP address. But for this to succeed, you have to put more than one DNS record for your IP address in the DNS database.

In the production shared webhosting environment, getting a dedicated IP address for every domains hosted in the server is not feasible in terms of cost. Most of the customers wont be able to afford the cost of having a dedicated IP address. Here is the place where the concepts of Name based virtual hosting find its place.

12. What is network bonding in Linux and where the important configuration files involved? What is the advantage of Network Bonding ?

Network Bonding is a Linux kernel feature that allows to aggregate multiple network interfaces into a single virtual link. This is a great way to achieve redundant links, fault tolerance or load balancing networks in production system. If one of the physical NIC is down or unplugged, it will automatically move traffic to the other NIC card. Similar way the bonding will increase the interface throughput to handle the traffic it it is configured in active-active mode.

There are 7 modes starting from 0 to 6 which decides how the bonding configuration behaves.

mode=0 (balance-rr) – Round-robin policy

It the default mode. It transmits packets in sequential order from the first available slave through the last.
This mode provides load balancing and fault tolerance.

mode=1 (active-backup)

Active-backup policy: In this mode, only one slave in the bond is active. The other one will become active, only when the active slave fails. The bond’s MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance.

mode=2 (balance-xor)

Transmit the traffic based on [(source MAC address XOR’d with destination MAC address) modulo slave count]. This selects the same slave for each destination MAC address. This mode provides load balancing and fault tolerance.

mode=3 (broadcast)

Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.

mode=4 (802.3ad)

Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.

mode=5 (balance-tlb) – Adaptive transmit load balancing

channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave.

mode=6 (balance-alb) – Adaptive load balancing

It includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation.

Important Configuration Files involved :

/etc/sysconfig/network-scripts/ifcfg-eth[0-4] /proc/net/bonding/bond0

13. Explain briefly the procedure for re-installing Grub in Linux ?

1) Download Ubuntu Installation / Live cd

2) Boot from Ubuntu Installation / Live cd – usb, burned cd etc.
3) During boot select “Try Ubuntu” , Don’t select install !
4) Mount your Linux root partition
sudo mount /dev/sda6 /mnt ( Assuming /dev/sda6 is the Linux root partition)
5) Install / reinstall grub
$ sudo grub-install –root-directory=/mnt/ /dev/sda ( where /dev/sda is your primary disk)
Installation finished. No error reported.

6) Reboot your system, remove bootable CD and we should have the boot menu ready when the system starts.

Note : There would be slight difference when using with other distros.

14. Explain the fields in /etc/passwd and /etc/shadow ?

The /etc/shadow file stores actual password in encrypted format with some additional properties related to user password.It mainly holds athe account aging parameters. All fields are separated by a colon (:) symbol. It contains one entry per line for each user listed in /etc/passwd file Generally, shadow file entry looks as below.


Here is the explanation of each field.

User name : Your login name

Password: Your encrypted password.

Last password change : Days since Jan 1, 1970 that password was last changed

Minimum: The minimum number of days required between password changes.

Maximum: The maximum number of days the password is valid.

Warn : The number of days before password is to expire that user is warned that his/her password must be changed

Inactive : The number of days after password expires that account is disabled

Expire : days since Jan 1, 1970 that account is disabled. It indicates an absolute date specifying when the login may no longer be used

The /etc/passwd file stores essential information, which is required during login /etc/passwd is a text file, that contains a list of user account related parameters like user ID, group ID, home directory, shell, etc.

Here is the sample entry from /etc/passwd file


Username: User’s login name.

Password: An x character indicates that encrypted password is stored in /etc/shadow file.

User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root.

Group ID (GID): The primary group ID

User Info: The comment field. It allow you to add extra information about the user.

Home directory: The absolute path to the directory the user will be in when they log in.

Command/shell: The absolute path of a command or shell (/bin/bash).

15. How do you boot your system into the following modes, when you are in some trouble ?

a) Rescue mode
b) Single user mode
c) Emergency mode

Rescue mode provides the ability to boot a small Linux environment from an external bootable device like a CD-ROM, or USB drive instead of the system’s hard drive.Rescue mode is provided to help you with your system from repairing the file system or fixing certain issues which prevent your normal operations.

In order to get into the rescue mode, change the BIOS settings of the machine to boot from the external media. Once the system started booting using bootable disk, add the keyword rescue as a kernel parameter or else you can give the parameter “linux rescue” in the graphical boot interface.

In single-user mode, the system boots to runlevel 1, but it will have many more additional functionalities compared to switching to runlevel 1 from other levels.

The local file systems can be mounted in this mode, but the network is not activated.

Use the following steps to boot into single-user mode:

1) At the GRUB splash screen during the booting process, press any key to enter the GRUB interactive menu.
2) Select the proper version of kernel that you wish to boot and type “a” to append the line.
3) Go to the end of the line and type “single” as a separate word.
4) Press Enter to exit edit mode and type “b” to boot into single usermode now.

In emergency mode, you are booting into the most minimal environment possible. The root file system is mounted read-only and almost nothing is set up. The main advantage of emergency mode over single-user mode is that the init files are not loaded. If the init is corrupted , you can still mount file systems to recover data that could be lost during a re-installation. To boot into emergency mode, use the same method as described for single-user mode, with one exception, replace the keyword single with the keyword “emergency”.

16. In the ps results few of the processes are having process state as “D” . What does it mean ? Briefly explain different process states ?

To have a dynamic view of a process in Linux, always use the top command. This command provides a real-time view of the Linux system in terms of processes. The eighth column in the output of this command represents the current state of processes. A process state gives a broader indication of whether the process is currently running, stopped, sleeping etc.

A process in Linux can have any of the following four states…

Running – A process is said to be in a running state when either it is actually running/ executing or waiting in the scheduler’s queue to get executed (which means that it is ready to run). That is the reason that this state is sometimes also known as ‘runnable’ and represented by (R).

Waiting or Sleeping – A process is said to be in this state if it is waiting for an event to occur or waiting for some resource-specific operation to complete. So, depending upon these scenarios, a waiting state can be subcategorised into an interruptible (S) or uninterruptible (D) state respectively.

Stopped – A process is said to be in the stopped state when it receives a signal to stop. This usually happens when the process is being debugged. This state is represented by (T).

Zombie – A process is said to be in the zombie state when it has finished execution but is waiting for its parent to retrieve its exit status. This state is represented by (Z).

Apart from these four states, the process is said to be dead after it crosses over the zombie state; ie when the parent retrieves its exit status. ‘Dead’ is not exactly a state, since a dead process ceases to exist.

17. What is drop cache in Linux and how do you clear it ?

Cache in Linux memory is where the Kernel stores the information it may need later, as memory is incredible faster than disk.

It is great that the Linux Kernel takes care about that.Linux Operating system is very efficient in managing your computer memory, and will automatically free the RAM and drop the cache if some application needs memory.

Kernels 2.6.16 and newer provide a mechanism to have the kernel drop the page cache and/or inode and dentry caches on command, which can help free up a lot of memory. Now we can throw away that script that allocated a ton of memory just to get rid of the cache.

To free pagecache:

# echo 1 > /proc/sys/vm/drop_caches

To free dentries and inodes:

# echo 2 > /proc/sys/vm/drop_caches

To free pagecache, dentries and inodes:

echo 3 > /proc/sys/vm/drop_caches

This is a non-destructive operation in normal scenarios and will only free things that are completely unused. Dirty objects will continue to be in use until written out to disk and are not freeable. However it is always preferred to run “sync” first to flush useful things out to disk.

18. Password based authentication is disabled in your infrastructure. So how do you login to the servers ?

To improve the system security even further, most of the organizations turned to use keybased authentications instead of Password based authentication. We can enforce the key-based authentication by disabling the standard password authentication, which involves a public key private key pair. The public key is added in the server configuration file while private key is kept kept confidential on the client side.

Below listed is the procedure, to set up keybased authentication.

1) Generating Key Pairs

a) Generate an RSA key pair by typing the following at a shell prompt:

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/steve/.ssh/id_rsa):

b) Press Enter to confirm the default location (that is, ~/.ssh/id_rsa) for the newly created key.

c) Enter a passphrase, and confirm it by entering it again when prompted to do so.

d) Copy the content of ~/.ssh/id_rsa.pub into the ~/.ssh/authorized_keys on the machine to which you want to connect,
appending it to its end if the file already exists.

e) Change the permissions of the ~/.ssh/authorized_keys file using the following command:

$ chmod 600 ~/.ssh/authorized_keys

2) Now on your client side, open the remote connection agent like putty and browse your public key and try SSH to the server, you should be able to login without a password now.

# ssh server1.myserver.com
The authenticity of host ‘server1.myserver.com (’ can’t be established.
RSA key fingerprint is e3:c3:89:37:4b:94:37:d7:0c:d5:6f:9a:38:62:ce:1b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘server1.myserver.com’ (RSA) to the list of known hosts.
Last login: Tue July 13 12:40:34 2014 from server2.myserver.com

3) Public key authentication can prevent brute force SSH attacks, but only if all password-based authentication methods are disabled. Once public key authentication has been confirmed to be working, disable regular password authentication by editing /etc/ssh/sshd_config and set the following option to “no”.

PasswordAuthentication no

19. Explain the different Scenarios involved in TCP 3 way handshake ?

The TCP three way handshake is the process for establishing a TCP connection.We can explain 3 way handshake with a simple scenario where we assume a client computer is contacting a server to send it some information.

a) The client sends a packet with the SYN bit set and a sequence number of N.
b) The server sends a packet with an ACK number of N+1, the SYN bit set and a sequence number of X.
c) The client sends a packet with an ACK number of X+1 and the connection is established.
d) The client sends the data.

The first three steps in the above process is called the three way handshake.

20. As the disk space utilization was so high in the server, the Administrator has removed few files from the server but still the disk utilization is showing as high. What would be the reason ?

In Linux even if we remove a file from the mounted file system, that will still be in use by some application and for this application it remains available. Its because file descriptor in /proc/ filesystem is held open..So if there are such open descriptors to files already removed, space occupied by them considered as used. You find this difference by checking them using the “df” and “du” commands. While df is to show the file system usage, du is to report the file space usage. du works from files while df works at filesystem level, reporting what the kernel says it has available.

You can find all unlinked but held open files with:

# lsof | grep ‘(deleted)’

This will list the filename which is open witht he pid in which it is running. We can kill those Pids and which will stop these process and will recover the disk space responsible for this file.

21. What is rDNS and explain its benefits in the Linux Domain Name Systems ?

A typical DNS lookup is used to determine which IP address is associated with a hostname, and this is called Forward DNS lookup. A reverse DNS lookup is used for the opposite, to determine which hostname is associated with an IP address. Sometimes reverse DNS lookups are required for diagnostic purposes. Today, reverse DNS lookups are used mainly for security purposes to trace a hacker or spammer. Many modern mailing systems use reverse mapping to provide simple authentication using dual lookup: hostname-to-address and address-to-hostname. The rDNS ( reverse DNS ) is implemented using a specialized zone record for reverse lookups called PTR record. PTR records always resolve to names, never IP addresses.

22. What is sosreport, how do you generate it while working with your Redhat Support Team in production ?

Sosreport is a command-line utility in Redhat based linux destros (RHEL / CentOS) which collects system configuration and diagnostic information of your linux box like running kernel version, loaded modules, and system and service configuration files. This command also runs external programs to collect further information, and stores this output in the resulting archive. Sosreport is required when you have open a case with redhat for technical support. Redhat support Engineers will require sosreport of your server for troubleshooting purpose. To run sosreport, sos package should be installed. Sos package is part of default installation in most of linux. If for any reason this package is no installed , then use below yum command to install it manually :

# yum install sos

Generate the report

Open the terminal type sosreport command :

# sosreport

This command will normally complete within a few minutes. Depending on local configuration and the options specified in some cases the command may take longer to finish. Once completed, sosreport will generate a compressed a file under /tmp folder. The file should be provided to Redhat support representative as an attachment to open a support case.

23. What is swappiness in Linux Memory Management and how do we configure that ?

The swappiness parameter controls the tendency of the kernel to move processes out of physical memory and onto the swap disk. Because disks are much slower than RAM, this can lead to slower response times for system and applications if processes are too aggressively moved out of memory.

swappiness can have a value of between 0 and 100

swappiness=0 tells the kernel to avoid swapping processes out of physical memory for as long as possible

swappiness=100 tells the kernel to aggressively swap processes out of physical memory and move them to swap cache

The default setting in Redhat/Ubuntu based Linux distros is swappiness=60. Reducing the default value of swappiness will probably improve overall performance for a typical Ubuntu desktop installation.

~$ cat /proc/sys/vm/swappiness

If we have enough RAM, we can turn that down to 10 or 15. The swap file will then only be used when the RAM usage is around 80 or 90 percent.

To change the system swappiness value, open /etc/sysctl.conf as root. Then, change or add this line to the file:

vm.swappiness = 10

Reboot for the change to take effect

You can also change the value while your system is still running

sysctl vm.swappiness=10

We can also clear swap by running swapoff -a and then swapon -a as root instead of rebooting to achieve the same effect.

24. What is git ?

Git is a very popular and efficient open source Version Control System. It tracks content such as files and directories. It stores the file content in BLOBs – binary large objects. The folders are represented as trees. Each tree contains other trees (subfolders) and BLOBs along with a simple text file which consists of the mode, type, name and Secure Hash Algorithm of each blob and subtree entry. During repository transfers, even if there are several files with the same content and different names, the GIT software will transfer the BLOB once and then expand it to the different files.

25. What is inode ? Briefly explain the structure ?

Inode is a data structure that keeps track of all the information about a file. When we keep our information in a file and the OS stores the information about a file in an inode. Information about files is sometimes called metadata. We can say that an inode is metadata of the data. In a file system, inodes consist roughly of 1% of the total disk space, whether it is a whole storage unit or a partition on a storage unit. The inode space is used to ?track? the files stored on the hard disk. The inode entries store metadata about each file, directory or object, but only points to these structures rather than storing the data. Each entry is 128 bytes in size. The metadata contained about each structure can include the following:

Inode number
Access Control List (ACL)
Extended attribute
Direct/indirect disk blocks
Number of blocks
File access, change and modification time
File deletion time
File generation number
File size
File type
Number of links
Status flags

Inode structure of a directory consists of a name to inode mapping of files and directories in that directory.In a directory, You can find the inode number corresponding to the files using the command “ls -i”

786727 -rw——- 1 root root 4226530 May 29 13:17 sudo.log
786437 -rw——-. 1 root root 32640 Jun 23 20:11 tallylog
786440 -rw-rw-r–. 1 root utmp 276096 Jul 20 06:45 wtmp
786741 -rw——- 1 root root 9653 Jul 17 09:38 yum.log

Similar way, the number of inodes allocated, used and free in a Filesystem can be listed using “df -i” command

# df -i /root
Filesystem Inodes IUsed IFree IUse% Mounted on
524288 80200 444088 16% /

1.Which version of RHEL officially supports LUKS encryption?

From version 6 or higher LUKS encryption is officially supported by RHEL.

2.What is the default virtualization technology for RHEL6 ?

Default virtualization technology is KVM.

3.Can you configure KVM Virtual machine on 32 bit system ?

No, KVM virtualization requires at least 64 bit system.

4.What is default mode of SELinux during the installation of RHEL ?

In RHEL5 you have to choose the mode which you want.
From RHEL6 default mode is Enforcing during the installation.

However you can change the mode of SELinux after installation, only difference between RHEL5 and RHEL6 is that in RHEL5 asks you to choose the mode while RHEL6 does not let you to choose the mode during the installation.

5.Which remote management service is allowed through the default firewall and by default installed in RHEL?

By default SSH is always installed in RHEL. SSH uses port 22 which is allowed through the default firewall rules.

6.Which standard directory is used by vsFTP server for file sharing ?

Default Standard directory for ftp is /var/ftp/pub.

7.Which standard directory is used by Apache web server for HTML files ?

standard directory for HTML files is /var/www/html

8.What is the default partition layout during the installation ?

Default partition Layout is the LVM.

9.Which necessary partition cannot be a part of logical volume group ?

boot partition cannot be a part of logical volume group. You must have create it as a regular partition.

10.Which partitions are recommended for custom layout of partition ?


11.What step during the installation could you take to prevent a program from creating temporary files that fill up the entire space ?

You can create a separate /tmp partition prevents a program from creating temporary files that fill up the entire filesystem.

12.What is the kickstart ?

kickstart is a installation method used in RHEL. A kickstart installation is started from a kickstart file, which contains the answers to all the questions in the installation program.

13.Name any of two third party distribution based on RHEL6 source code.

CentOS and Scientific Linux

14.Which Log file contains all installation message?

install.log.syslog file contains all messages that were generated during the installation.

In this tutorial we will discuss most frequently asked linux system admin interview questions for Beginners. Below are the list of L1 level linux interview questions..

Q:1 How To check the uptime of a Linux Server ?

Ans: Using uptime command we can determine how long a linux box has been running , also uptime can be viewed by the top & w command.

Q:2 How to check which Redhat version is installed on Server ?

Ans: Use the command cat /etc/redhat-release , output of this command will tell you the redhat version.

Q:3 How to install rpm packages in Redhat & CentOS linux ?

Ans: rpm and yum command are used to install packages in redhat linux and CentOS.

Q:4 How to check the ip address of LAN Card ?

Ans: Using ‘ifconfig’ & ‘ip address’ command we can determine the ip address of LAN Card.

Q:5 How to determine the hostname of a linux box ?

Ans: On typing the hostname command on terminal we can determine the hostname of a linux server.

Q:6 How To check the default gatway ?

Ans: Using ‘route -n’ command we can determine the default gateway in linux.

Q:7 Which Command is used to check the kernel Version ?

Ans: ‘uname -r’

Q:8 How to check the current runlevel of a linux box ?

Ans : ‘who -r’ and ‘runlevel’ , both of these command are used to find current run level.

Q:9 What is Initrd ?

Ans: Initrd stands for initial ram disk , which contains the temporary root filesystem and neccessary modules which helps in mounting the real root filesystem in read mode only.

Q:10 What is Bootloader ?

Ans: Bootloader is a program that boots the operating system and decides from which kernel OS will boot.

Q:11 How to list hidden files from the command line ?

Ans: ‘ls -a’

Q:12 What is soft link ?

Ans: Soft link is a method to create short cuts in linux. It is similar to windows short cut feature.

Q:13 How to create a blank file in linux from command line ?

Ans: Using the command ‘touch ’

Q:14 What is run level 2 ?

Ans: Run level 2 is the multi-user mode without networking.

Q:15 Why linux is called OpenSource ?

Ans: Because One can customize the existing code and can redistribute it.

Q:16 How to check all the installed Kernel modules ?

Ans: Using the Command ‘lsmod’ we can see the installed kernel modules.

Q:17 What is the default uid & gid of root user ?

Ans: Default uid & gid of root user is 0.

Q:18 How To change the password of user from the Command Line ?

Ans: ‘passwd ’

Q:19 What is a Process ?

Ans: Any program in execution is called a process.

Q:20 What is name of first process in linux ?

Ans: ‘init’ is the first process in linux which is started by kernel and whose pid is 1.

In this article we will discuss top 30 linux system admin interview questions with the answers for experience professionals. Below mentioned questions may help the readers to clear Linux interviews. If you like these questions , please don’t hesitate to share on Facebook, google+ and Twitter.

Q:1 Why LVM is required ?

Ans: LVM stands for Logical Volume Manager , to resize filesystem’s size online we required LVM partition in Linux. Size of LVM partition can be extended and reduced using the lvextend & lvreduce commands respectively.

Q:2 How To check Memory stats and CPU stats ?

Ans: Using ‘free’ & ‘vmstat’ command we can display the physical and virtual memory statistics respectively.With the help of ‘sar’ command we see the CPU utilization & other stats.

Q:3 What does Sar provides and at which location Sar logs are stored ?

Ans: Sar Collect, report, or save system activity information. The default version of the sar command (CPU utilization report) might be one of the first facilities the user runs to begin system activity investigation, because it monitors major system resources. If CPU utilization is near 100 percent (user + nice + system), the workload sampled is CPU-bound.

By default log files of Sar command is located at /var/log/sa/sadd file, where the dd parameter indicates the current day.

Q:4 How to increase the size of LVM partition ?

Ans: Below are the Logical Steps :
– Use the lvextend command (lvextend -L +100M /dev/ , in this example we are extending the size by 100MB.
– resize2fs /dev/
– check the size of partition using ‘df -h’ command

Q:5 How to reduce or shrink the size of LVM partition ?

Ans: Below are the logical Steps to reduce size of LVM partition :
-Umount the filesystem using umount command,
-use resize2fs command , e.g resiz2fs /dev/mapper/myvg-mylv 10G
-Now use the lvreduce command , e.g lvreduce -L 10G /dev/mapper/myvg-mylv

Above Command will shrink the size & will make the filesystem size 10GB.

Q:6 How to create partition from the raw disk ?

Ans: Using fdisk utility we can create partitions from the raw disk.Below are the steps to create partition from the raw dsik :
– fdisk /dev/hd* (IDE) or /dev/sd* (SCSI)
– Type n to create a new partition
– After creating partition , type w command to write the changes to the partition table.

Q:7 Where the kernel modules are located ?

Ans: The ‘/lib/modules/kernel-version/’ directory stores all kernel modules or compiled drivers in Linux operating system. Also with ‘lsmod’ command we can see all the installed kernel modules.

Q:8 What is umask ?

Ans: umask stands for ‘User file creation mask’, which determines the settings of a mask that controls which file permissions are set for files and directories when they are created.

Q:9 How to set the umask permanently for a user?

Ans: To set this value permanently for a user, it has to be put in the appropriate profile file which depends on the default shell of the user.

Q:10 How to change the default run level in linux ?

Ans: To change the run level we have to edit the file “/etc/inittab” and change initdefault entry ( id:5:initdefault:). Using ‘init’ command we change the run level temporary like ‘init 3’ , this command will move the system in runlevl 3.

Q:11 How to share a directory using nfs ?

Ans: To share a directory using nfs , first edit the configuration file ‘/etc/exportfs’ , add a entry like
‘/ (Options)’ and then restart the nfs service.

Q:12 How to check and mount nfs share ?

Ans: Using ‘showmount’ command we can see what directories are shared via nfs e.g ‘showmount -e ’.Using mount command we can mount the nfs share on linux machine.

Q:13 What are the default ports used for SMTP,DNS,FTP,DHCP,SSH and squid ?
Ans: Service Port
DNS 53
FTP 20 (data transfer) , 21 ( Connection established)
DHCP 67/UDP(dhcp server) , 68/UDP(dhcp client)
SSH 22
Squid 3128

Q:14 What is Network Bonding ?

Ans: Network bonding is the aggregation of multiple Lan cards into a single bonded interface to provide fault tolerance and high performance. Network bonding is also known as NIC Teaming.

Q:15 What are the different modes of Network bonding in Linux ?

Ans: Below are list of modes used in Network Bonding :

balance-rr or 0 – round-robin mode for fault tolerance and load balancing.
active-backup or 1 – Sets active-backup mode for fault tolerance.
balance-xor or 2 – Sets an XOR (exclusive-or) mode for fault tolerance and load balancing.
broadcast or 3 – Sets a broadcast mode for fault tolerance. All transmissions are sent on all slave interfaces.
802.3ad or 4 – Sets an IEEE 802.3ad dynamic link aggregation mode. Creates aggregation groups that share the same speed & duplex settings.
balance-tlb or 5 – Sets a Transmit Load Balancing (TLB) mode for fault tolerance & load balancing.
balance-alb or 6 – Sets an Active Load Balancing (ALB) mode for fault tolerance & load balancing.

Q:16 How to check and verify the status the bond interface.

Ans: Using the command ‘cat /proc/net/bonding/bond0’ , we can check which mode is enabled and what lan cards are used in this bond. In this example we have one only one bond interface but we can have multiple bond interface like bond1,bond2 and so on.

Q:17 How to check default route and routing table ?

Ans: Using the Commands ‘netstat -nr’ and ‘route -n’ we can see the default route and routing tables.

Q:18 How to check which ports are listening in my Linux Server ?

Ans: Use the Command ‘netstat –listen’ and ‘lsof -i’

Q:19 List the services that are enabled at a particular run level in linux server ?

Ans: With the help of command ‘chkconfig –list | grep 5:on’ we can list all the service that are enabled in run level5. For other run levels just replace 5 with the respective run level.

Q:20 How to enable a service at a particular run level ?

Ans: We can enable a service using the Command ‘chkconfig on –level 3’

Q:21 How to upgrade Kernel in Linux ?

Ans: We should never upgrade Linux Kernel , always install the new New kernel using rpm command because upgrading a kenel can make your linux box in a unbootable state.

Q:22 How To scan newly asssigned luns on linux box without rebooting ?

Ans: There are two ways to scan newly assigned luns :
Method:1 if sg3 rpm is installed , then run the command ‘rescan-scsi-bus.sh’
Method:2 Run the Command , echo ” – – – ” > /sys/class/scsi_host/hostX/scan

Q:23 How to find WWN numbers of HBA cards in Linux Server ?

Ans: We can find the WWN numbers of HBA cards using the command ‘systool -c fc_host -v | grep port_name’

Q:24 How to add & change the Kernel parameters ?

Ans: To Set the kernel parameters in linux , first edit the file ‘/etc/sysctl.conf’ after making the changes save the file and run the command ‘sysctl -p’ , this command will make the changes permanently without rebooting the machine.

Q:25 What is Puppet Server ?

Ans: Puppet is an open-source & enterprise software for configuration management toll in UNIX like operating system. Puppet is a IT automation software used to push configuration to its clients (puppet agents) using code. Puppet code can do a variety of tasks from installing new software, to check file permissions, or updating user accounts & lots of other tasks.

Q:26 What are manifests in Puppet ?

Ans: Manifests in Puppet are the files in which the client configuration is specified.

Q:27 Which Command is used to sign requested certificates in Puppet Server ?

Ans: ‘puppetca –sign hostname-of-agent’ in (2.X) & ‘puppet ca sign hostname-of-agent’ in (3.X)

Q:28 At which location Puppet Master Stores Certificates ?

Ans: /var/lib/puppet/ssl/ca/signed

Q:29 How to find all the regular files in a directory ?

Ans: using the command ‘find /

Q:30 What is load average in a linux ?

Ans: Load Average is defined as the average sum of the number of process waiting in the run queue and number of process currently executing over the period of 1,5 and 15 minutes. Using the ‘top’ and ‘uptime’ command we find the load average of a linux sever.

VMware infrastructure become very large day by day and VMware is keep on integrating new technologies to their newer vSphere releases. Its becoming quite difficult for VMware newbies to understand the technology and product completely. This article will answer many questions for VMware beginners about the VMware vSphere product offerings and features.I have not explained the products and features very deeply but this one line answers will help you on interviews to keep your answer short and sweet.

1.What are the products included in VMware vSphere 5.5 Bundle ?

VMware ESXi
VMware vCenter Server
VMware vSphere Client and Web Client
vSphere Update Manager
VMware vCenter Orchestrator

2.What type of Hyper-visor VMware ESXi is ?

VMware ESXi is Bare-metal hypervisor. You can directly install on server hardware.

3.What is the role of VMware vCenter server?

vCenter provides a centralized management platform and framework for all ESXi hosts and their respective VMs. vCenter server allows IT administrators to deploy, manage, monitor, automate, and secure a virtual infrastructure in a centralized fashion. To help provide scalability , vCenter Server leverages a back-end database (Microsoft SQL Server and Oracle are both supported, among others) that stores all the data about the hosts and VMs.

vCenter Server – Overview
vCenter Server – Overview

4. Is it possible install vCenter server on Linux hosts ?

No.But Pre-build vCenter appliance is available in VMware portal which is Linux based.You can import the appliance as virtual machine.

5.How to update the VMware ESXi hosts with latest patches ?

We can update the ESXi hosts using VMware Update Manager(VUM). We can use this VUM add-on package on Windwos based vCenter server and Linux based vCenter server (vCenter appliance)

6.What is the use of VMware vSphere Client and vSphere Web Client ?

vCenter Server provides a centralized management framework to VMware ESXi hosts.To access vCenter server, you need vSphere client or vSphere Web client service enabled.

vSphere Client
vSphere Client

7.What is the difference between vSphere Client and vSphere web client ?

vSphere Client is traditional utility which provides user interface to vCenter server. But from VMware vSphere 5 onwards,vSphere web client is a primary interface to manage vCenter server.For vSphere client, you need install small utility .But vSphere Web client doen’t require any software. You can directly connect using web browser.But still VUM is managed through vSphere Client .

vSphere Client:
vSphere Client – Login
vSphere Client – Login

vSphere web-client:
vSphere web client
vSphere web client

8.What is the use of VMware vCenter Orchestrator ?

vCneter Orchestrator is used for automation on various vSphere products.

9.What are the features included in VMware vSphere 5.5 ?

vSphere High Availabitliy (HA)
vSphere Fault Tolerance
vSphere vMotion
vSphere Storage vMotion
vSphere Distributed Resource Scheduler (DRS)
virtual SAN (VSAN)
Flash Read Cache
Storage I/O Control
Network I/O Control
vSphere Replication

10.What is the use of vSphere High Availability(HA)? Where it can be applied ?

VMware vSphere HA minimize the VM’s unplanned downtime by restarting the VM guests on next available server ESXi node inacase of failure on current ESXI node. VMware HA must be enabled to reduce the VM unplanned downtime.

11. Will vSphere HA help on VM failures too ?

In an order to detect the VM failures, you need to enable VM Failure Monitoring. So that it detects the Disk I/O and sends the internal heartbeat to check the VM all the time. If the VM is stopped functioning, VM will be restarted automatically by vSphere HA.

12.What is the use of vMotion ?

Using vMotion feature,we can move the running VM’s from one ESXi host to another ESXi host without any downtime. vMotion copies the VM’s in-memory contents to the destination server and freeze the operation on current ESXi host and resumes the VM’s on remote ESXI node.
VMware vMotion
VMware vMotion

13.What is the use of Storage vMotion ?

vMotion is possible only when you have Shared storage like FC-SAN,ISCSI-SAN or NFS. If you want to move the VM from one datastore to another datastore without any downtime,then you need to perform storage vMotion.

vMotion and Storage vMotion
vMotion and Storage vMotion

Note: You can perform the vMotion and Storage vMotion together without any downtime.

14.Why vMotion feature is not used/can’t use in vSphere HA ?

vMotion is used for planned migrations and possible only where the source and destination ESXI hosts are running properly.vSPhere HA is used to reduce the downtime due to failures of physical ESXi hosts.So When the failure accours on ESXi nodes, there is no time to perform vMotion and can’t be used.

15.Is there any way to prevent the VM’s unplanned downtime using vSphere HA ?

Yes.You can prevent the unplanned downtime using vSphere falut tollerance along with vSphere HA.

16.How the vSphere Fault tolerance(FT) works ?

Using vLockstep technology , vSphere FT maintains the mirrored secondary VM on different ESXi physical host that is kept in lockstep with the primary.So when the primary ESXi node goes down due to hardware issue, secondary VM will immediately step-in and provide the service. At this point, this VM will become primary and secondary aka mirrored VM will be created on possible ESXI host to prevent the further ESXi failure.

VMware Fault Tolerance (FT)
VMware Fault Tolerance (FT)

17.What is vSphere DRS(Distributed Resource Scheduler) ? How it works ?

vSphere DRS is an intelligent frame works which always monitors the cluster nodes health check and performs the vMotion automatically whenever required. For an example ,if one of the ESXI cluster host memory has been utilized more than 90% and due to that lot of paging happening on that server. vSphere DRS detects such things in quick time and moves few VM’s to another ESXi cluster to least-balance the cluster nodes without any downtime by leveraging vMotion functionality. It applies for high contention for CPU utilization too. So vSphere DRS helps to balance the CPU & Memory utilization across the ESXi cluster nodes.

Vmware DRS
Vmware DRS

18. What is vSphere storage DRS ? How it works ?

vSphere Storage DRS like vSphere DRS but it applies to storage.It helps to balance storage utilization and performance between data-stores on same ESXi clusters.

`19.What is VSAN ? How it works ?

VSAN forms the storage pools across the multiple nodes using internal disks and allows you to create a datastores that spans multiple ESXI hosts. VSAN also protect the data using VM storage profiles and you can configure it according to your requirement. You need SSD’s(Solid State Drive) to configure VSAN. Click here to learn more about VSAN.