Chassing Sysadmin Interview Questions (Easy)

Working through these questions. Any question I could not answer immediately has a citation.

Linux System Administrator/DevOps Interview Questions

Simple Questions

The link to these questions can be found here

  • What is the name and the UID of the administrator user?

Root. 0.

  • How to list all files, including hidden ones, in a directory?

ls -a

  • What is the Unix/Linux command to remove a directory and its contents?

rm -r ./directory/

  • Which command will show you free/used memory? Does free memory exist on Linux?

htop

Does free memory exist on Linux? Yes, but we can dig deeper.

In the man page for free we can see the definition of each column that is output by the command.

The ones we care about for this question are:

free          Unused memory (MemFree and SwapFree in /proc/meminfo)
available     Estimation  of  how  much memory is available for starting new applications, without
              swapping. Unlike the data provided by the cache or free  fields,  this  field  takes
              into  account  page  cache  and  also  that not all reclaimable memory slabs will be
              reclaimed due to items being in use (MemAvailable  in  /proc/meminfo,  available  on
              kernels 3.14, emulated on kernels 2.6.27+, otherwise the same as free)

This explains that free memory is the sum of MemFree and SwapFree in /proc/meminfo. Sounds simple, but what is the difference between MemFree and MemAvailable?

In this Linux kernel git commit we can see that the definition of MemAvailable is a calculation based on MemFree, Active(file), Inactive(file), and Sreclaimable. Which poses yet more questions on what the definition of the rows in /proc/meminfo actually mean.

Luckily, there is already a well written stackoverflow answer by Prabu Konchada which answers this exact question. There is also a RHEL Knowledgebase article on the same topic here.

The particular definitions which will interest us in answering this question will be:

MemFree — The amount of physical RAM, in kilobytes, left unused by the system. Active(file) — Pagecache memory that has been used more recently and usually not reclaimed until needed. Inactive(file) — Pagecache memory that can be reclaimed without huge performance impact. SReclaimable — The part of the Slab that might be reclaimed (such as caches). That’s great, we’re starting to get closer to an actual answer for this question. What we can gather from those four definitions is that Active/Inactive(file) are easily claimable memory space, and MemFree is pretty self explanatory. The things that will need further clarifiaction are pagecache memory and Slab. I haven’t a clue what those things are so let us find out.

In the same RHEL Knowledgebase article we can see that they conveniently defined these as well:

Slab — In-kernel data structures cache Cached — Memory in the pagecache (Diskcache and Shared Memory) Slab is probably not going to get claimed particularly easy as it is kernel level stuff keeping the whole OS running. Pagecache is a combination of Diskcache and Shared Memory. Shared Memory is data kept in memory which is being used by multiple processes. As such it is a fair assumption to make that it is a portion of currently used memory that is less likely to be reclaimed. Here is an amusing writeup on linuxatemyram on what Disk Cache memory does https://linuxatemyram.com/play.html. The tl; dr of it is that Disk Cache is memory space dedicated to the running of the OS. It is very impermanent though, and should an application require the memory occupied by the Disk Cache it will be immediately be given to the application.

It was a hell of a journey to answer this one question, but the pieces are all there to thoroughly answer it now.

Does free memory exist on Linux?

Yes, free memory does exist on Linux, however the definition is a little bit unintuitive from a layman’s perspective. The only portion of memory considered “free” by Linux is that which is not used for anything at all. This does not include the memory space which is used, but readily available. So when using a command like free we will see very different outputs for the free memory and the available memory.

In order to make it easy from a health checking perspective, in /proc/meminfo we have an entry for MemAvailable. This entry combines the free memory with any memory that is easily reclaimable. So if you are every wondering “How much memory does my system have left?” The MemAvailable statistic is the most accurate one.

Sources: 1, 2, 3, 4

  • How to search for the string “my konfu is the best” in files of a directory recursively?

grep -R "my konfu is the best" ./directory/

  • How to connect to a remote server or what is SSH?

SSH standards for Secure Shell. It’s a way to remotely connect to a server via command line over an encrypted connection.

The basic syntax for ssh’ing into a server is:

ssh username@servername

  • How to get all environment variables and how can you use them?

Running the command env will print all currently used environment variables.

As a beginner to Linux, the most useful environment variable is the PATH variable. This is where one can put their executable files, and is useful for installing programming languages like Java or Go.

The PATH variable is a colon delimited list of directories in which the user can find executable files without needing to specify the fully qualified path to them.

That is to say instead of needing to run /bin/cat in order to read a file, there is an entry for /bin in the PATH variable. Linux will check for the existence of that executable in the /bin directory so all the user needs to do is run the cat command.

  • I get “command not found” when I run ifconfig -a. What can be wrong?

It can mean a handful of things:

  1. The program is not installed.
  2. The executable is not found anywhere in the PATH.
  3. The program was configured by the System Administrator to only be executable by root. The cruelty. So a non-sudo user will not be able to execute it.
  • What happens if I type TAB-TAB?

The first TAB press will attempt to autocomplete whatever command is being written in the terminal. On the second TAB press, if the command cannot be further autocompleted due to more than one possible matching command, a prompt will appear on the terminal to list all possibble suggestions. If no autocomplete is possible at all, then the second TAB press will do nothing.

  • What command will show the available disk space on the Unix/Linux system?

df -h

This command will print filesystem usage in a human readable form.

  • What commands do you know that can be used to check DNS records?
  1. nslookup
  2. dig
  3. Though not the intended use for it, ping
  • What Unix/Linux commands will alter a files ownership, files permissions?

chmod will change the permissions of a file. chown will change the owner of a file.

  • What does chmod +x FILENAME do?

This command will add the executable bit for every user on that particular file.

  • What does the permission 0750 on a file mean?

This permission list will set full permissions to the owner of a file, read and execute permissions to those in the group of the file, and no permissions for other users.

The prepended 0 means that there is no sticky bits set.

  • What does the permission 0750 on a directory mean?

This permission list will allow the owner of a directory to do whatever operation they want within it, grant read and execute permissions to files within the directory to members of the group of the directory, and no permissions to other users.

  • How to add a new system user without login permissions?

There are a couple of ways to do this:

  1. Create a user with the default shell set to /bin/false
  2. Create a system user
  • How to add/remove a group from a user?

usermod -G groupname username

  • What is a bash alias?

A bash alias is a way to reference an executable file in a different (usually shorthand) notation.

A common alias is to set an alias on ls -l to map to ls -al as the two flags are almost never used without one another.

  • How do you set the mail address of the root/a user?

If you have a service like postfix installed on the server, one can change the mail address of any user by making an entry in /etc/aliases that looks like so:

thaniri some@email.com

Then, any mail sent to the user thaniri will be sent to some@email.com.

Source: 1

  • What does CTRL-c do?

Interrupt the process currently being run by sending a SIGINT to the process.

  • What does CTRL-d do?

Sends an exit() to whatever process is running, but doesn’t interupt it. Commonly used to exit a shell.

Source: 1

  • What does CTRL-z do?

Instead of interrupting the process like CTRL-c, CTRL-z will suspend the process and put it into the background. Be careful with this, as it may leave inactive processes lying around!

Source 1

  • What is in /etc/services?

A human readable mapping of what port common networked services typically listen on.

Source: 1

  • How to redirect STDOUT and STDERR in bash? (> /dev/null 2>&1)

STDOUT goes to output 1. STDERR goes to output 1.

So one can run a command like cat file.txt 1> output.txt to redirect the standard output of the cat command to output.txt. Running cat file.txt > output.txt does the same thing.

If one wants to ignore an errors their command may throw, they can do something like command 2> /dev/null to not see any errors printed out.

Interestingly, STDERR can be redirected into STDOUT using 2>&1. That notation will take some explaining.

What 2>&1 means, is to make a copy of file descriptor 1 using file descriptor 2. So whenever the command outputs to STDERR the user will receive it in STDOUT.

The example shows a clever way to get STDERR and STDOUT to swap.

Source: 1

  • What is the difference between UNIX and Linux.

Linux is built on top of an older operating system called UNIX by a bloke by the name of Linus Torvalds. With the combined efforts of Richard Stallman, and Linus Torvalds, Linux was created as an open source alternative to UNIX.

  • What is the difference between Telnet and SSH?

They are both commands used to remotely manage servers, but telnet is unencrypted and shouldn’t be used as a result.

I still use it from time to time to debug connections between servers. To see if a remote TCP port is listening and reachable from another server.

  • Explain the three load averages and what do they indicate. What command can be used to view the load averages?

The load averages can be seen with htop.

The three load averages are 1 minute, 5 minute, and 15 minute intervals of how heavily the CPU of a server is being used.

A rule of thumb is that the load average of a server should not exceed the number of cores its processor has.

  • Can you name a lower-case letter that is not a valid option for GNU ls?o When running man ls I can see there is no option for -e. However I don’t like this question. Who cares about knowing this kind of trivia which is useless?
  • What is a Linux kernel module?

What exactly is a kernel module? Modules are pieces of code that can be loaded and unloaded into the kernel upon demand. They extend the functionality of the kernel without the need to reboot the system. As a reminder on what the kernel is. The kernel is the low level code that bridges between the operating system and underlying hardware of a server. It is why we can say both RHEL and Ubuntu are “Linux” distros, but the OS is different.

What a kernel module would do in that case then, is to extend the default Linux kernel to add some extra feature that one might want.

Source: 1

  • Walk me through the steps in booting into single user mode to troubleshoot a problem.

If the server does not boot correctly, one can boot into a shell using GRUB. When the server is booting up and the BIOS is still loading, press whatever key is prompted on the screen to enter the GRUB menu.

Once in the GRUB menu you can select “Advanced options” and select a kernel to boot into recovery mode. From here you can accept the prompt to open a root shell session.

If not even GRUB can save you, please make a YUMI key

  • Walk me through the steps you’d take to troubleshoot a 404 error on a web application you administer.

It depends on the type of content being served, and the type of web application being run.

If it is simple HTML files, or other static content, behind an Apache/NGiNX webserver, then I will simply see if the file exists in the directory being requested, and that the permissions are readable.

If it is a web application written in an interpretted language like PHP or Python, it is often the same problem of files not existing or being readable, but it introduces the complexity of code which includes other code.

If the webserver is acting as a reverse proxy to an application listening elsewhere on a TCP port, such as a Java of Go web program, then the best thing to do is to go into the application logs to see what resource it was trying to access and was unable to do.

  • What is ICMP protocol? Why do you need to use?

ICMP stands for Internet Control Message Protocol. It is mostly used to send error messages and operational information between network devices.

I use it to ping and traceroute servers.

Source: 1