200+ Linux Interview Questions and Answers [System Administration – 2025]

Linux Fundamentals

1. What is Linux, and what are its core components?

Linux is an open-source, Unix-like operating system known for its stability, security, and flexibility. Its core components include:

• Kernel: The heart of Linux, managing hardware, processes, and system resources (e.g., memory, CPU).
• Shell: A command-line interface (e.g., Bash, Zsh) for user interaction with the kernel.
• File System: Organizes data (e.g., ext4, XFS) on storage devices.
• Utilities: Tools like ls, grep, and awk for system tasks.
• Libraries: Shared code for applications (e.g., glibc).
  These components work together to provide a robust environment for servers, desktops, and embedded systems, widely used in enterprise environments for their cost-effectiveness and customization.

2. What are the advantages of Linux over other operating systems?

Linux offers:

• Open Source: Free to use, modify, and distribute, with access to source code for customization.
• Stability: Known for long uptimes, ideal for servers (e.g., running years without reboot).
• Security: Strong permissions, frequent updates, and a modular design reduce vulnerabilities.
• Flexibility: Supports diverse hardware and use cases, from IoT to supercomputers.
• Community Support: Backed by a global community and extensive documentation.
  Compared to Windows, Linux is less resource-intensive and more secure; compared to macOS, it’s more customizable and cost-free, though it may require more technical expertise.

3. What is the Linux kernel, and why is it critical?

The Linux kernel is the core software managing hardware interactions, process scheduling, memory management, and system calls. It acts as a bridge between applications and hardware, ensuring efficient resource allocation. For example, it handles CPU scheduling to prioritize tasks or manages disk I/O for file access. Without the kernel, Linux cannot function, as it provides the foundation for all operations, from running server applications to managing network connections.

4. What are the different types of Linux distributions, and how do they differ?

Linux distributions (distros) are customized versions of Linux with varying kernels, package managers, and tools. Common distros include:

• Ubuntu: User-friendly, Debian-based, with APT package manager, ideal for beginners and servers.
• CentOS/RHEL: Enterprise-focused, stable, RPM-based, used in production environments.
• Debian: Robust, community-driven, with extensive package repositories, known for stability.
• Fedora: Cutting-edge, Red Hat-backed, for testing new features.
• Arch Linux: Lightweight, highly customizable, rolling-release model for advanced users.
  Differences lie in package management (APT vs. RPM vs. Pacman), release cycles (stable vs. rolling), and target use cases (desktop, server, or embedded).

5. What is a shell in Linux, and what are common types?

A shell is a command-line interface that interprets user commands and interacts with the kernel. It processes scripts and commands for system tasks. Common shells include:

• Bash (Bourne Again Shell): Default on most distros, feature-rich for scripting.
• Zsh: Extends Bash with advanced autocomplete and customization.
• Fish: User-friendly with syntax highlighting, less scripting-focused.
• Tcsh: C-style syntax, used in legacy systems.
  For example, running ls -l in Bash lists files with details, while Zsh might auto-suggest options.

6. How do you check the Linux distribution and version?

Use commands like:

• cat /etc/os-release: Displays detailed distro info (e.g., Ubuntu 22.04).
• lsb_release -a: Shows release details (if lsb-release is installed).
• uname -r: Shows kernel version (e.g., 5.15.0-73-generic).
  Example output: PRETTY_NAME="Ubuntu 22.04.3 LTS". These commands help admins verify system compatibility or troubleshoot issues.

7. What is the difference between a process and a thread in Linux?

• Process: An independent program with its own memory space, PID, and resources (e.g., a running nginx server).
• Thread: A lightweight unit within a process, sharing memory and resources, used for parallel tasks (e.g., handling multiple HTTP requests).
  Processes are isolated, while threads share data, making threads faster but riskier if one crashes. Use ps -eLf to view processes and threads.

8. What is the purpose of the /etc directory?

The /etc directory stores system-wide configuration files, such as:

• /etc/passwd: User account details.
• /etc/fstab: Filesystem mount configurations.
• /etc/hosts: Local DNS mappings.
  These files define system behavior, user settings, and service configurations, critical for administration tasks like setting up services or users.

9. How does Linux handle multitasking?

Linux uses preemptive multitasking, where the kernel schedules processes and threads, allocating CPU time slices based on priority. The scheduler (e.g., CFS) ensures fair resource distribution, using tools like nice or chrt to adjust priorities. For example, a high-priority database process gets more CPU than a background backup.

10. What is the role of the root user in Linux?

The root user (UID 0) has unrestricted system access, allowing full control over files, processes, and configurations. It’s used for critical tasks like installing software or modifying kernel settings. For security, admins use sudo to execute root commands safely, minimizing risk of accidental damage.

File System and Storage Management

11. What is the Linux filesystem hierarchy, and why is it important?

The Filesystem Hierarchy Standard (FHS) organizes Linux directories:

• /root: Root user’s home.
• /home: User home directories.
• /bin: Essential binaries (e.g., ls, cp).
• /var: Variable data (logs, caches).
• /tmp: Temporary files.
• /etc: Configuration files.
  This structure standardizes file locations, ensuring consistency across distros and simplifying management, backups, and troubleshooting.

12. What are the common Linux filesystem types, and their use cases?

• ext4: Default for most distros, reliable for general use (servers, desktops).
• XFS: High-performance for large files, used in enterprise storage.
• Btrfs: Supports snapshots, compression, ideal for advanced storage needs.
• NFS: Network file sharing for distributed systems.
• FAT32/NTFS: For compatibility with Windows or removable drives.
  For example, ext4 is chosen for its balance of speed and reliability, while XFS excels in high-throughput environments.

13. How do you check disk space usage in Linux?

Use:

• df -h: Shows disk usage in human-readable format (e.g., GB). Example: Filesystem Size Used Avail /dev/sda1 100G 60G 40G.
• du -sh /path: Summarizes directory/file usage (e.g., du -sh /var/log shows log size).
  These commands help admins monitor storage and identify space hogs.

14. What is Logical Volume Manager (LVM), and how does it work?

LVM manages disk space dynamically, allowing resizing of logical volumes without downtime. Components:

• Physical Volumes (PVs): Disks or partitions (e.g., /dev/sda1).
• Volume Groups (VGs): Pools of PVs.
• Logical Volumes (LVs): Virtual partitions for filesystems.
  Example: Create a VG with vgcreate, then an LV with lvcreate, and resize with lvresize. LVM enables flexible storage management, ideal for servers needing scalable partitions.

15. How do you create a new filesystem in Linux?

Steps:

1. Partition disk (e.g., fdisk /dev/sdb).
2. Create filesystem: mkfs.ext4 /dev/sdb1.
3. Mount: mount /dev/sdb1 /mnt.
4. Update /etc/fstab for persistence: /dev/sdb1 /mnt ext4 defaults 0 2.
   This process formats and mounts storage, enabling data storage, verified with df -h.

16. What is the difference between a hard link and a soft link?

• Hard Link: Points to the same inode as the original file, sharing data (e.g., ln file1 file2). Cannot cross filesystems or link directories.
• Soft Link: A shortcut to the file’s path (e.g., ln -s file1 link1). Can span filesystems but breaks if the original file is moved.
  Example: Deleting a hard-linked file doesn’t affect data, but a broken soft link becomes invalid.

17. How do you repair a corrupted filesystem?

Use fsck:

1. Unmount: umount /dev/sda1.
2. Run: fsck /dev/sda1 to check and repair errors.
3. For ext4, use fsck.ext4 -y to auto-fix.
   Always back up data first, as fsck may cause data loss in severe cases. Reboot and verify with mount.

18. What is the purpose of the /proc filesystem?

/proc is a virtual filesystem providing runtime system info (e.g., /proc/cpuinfo for CPU details, /proc/meminfo for memory). It’s used for monitoring processes, kernel parameters, and hardware status without physical storage.

19. How do you mount a network filesystem like NFS?

Steps:

1. Install NFS client: apt install nfs-common (Debian/Ubuntu).
2. Mount: mount -t nfs server:/export /mnt.
3. Add to /etc/fstab: server:/export /mnt nfs defaults 0 0.
   NFS enables file sharing across networks, verified with df -h or mount.

20. What is swap space, and how do you configure it?

Swap space is disk space used when RAM is full, acting as virtual memory. To configure:

1. Create partition: fdisk /dev/sdb (e.g., /dev/sdb1).
2. Format: mkswap /dev/sdb1.
3. Enable: swapon /dev/sdb1.
4. Add to /etc/fstab: /dev/sdb1 swap swap defaults 0 0.
   Check with free -h. Swap prevents crashes but is slower than RAM, so size it appropriately (e.g., 1-2x RAM).

System Administration

21. How do you check the system’s uptime in Linux?

Run uptime or cat /proc/uptime. Example: uptime shows 12:34:56 up 5 days, 2:15, 3 users, load average: 0.10, 0.12, 0.15. This helps assess system stability and load.

22. What is the purpose of the /etc/passwd file?

/etc/passwd stores user account details: username, UID, GID, home directory, and shell (e.g., user:x:1000:1000:/home/user:/bin/bash). It’s readable by all but edited with useradd or usermod for security.

23. How do you add a new user in Linux?

Use useradd:

sudo useradd -m -s /bin/bash username
sudo passwd username

-m creates a home directory, -s sets the shell. Verify with id username or cat /etc/passwd. This ensures secure user creation.

24. How do you change file permissions in Linux?

Use chmod:

• Numeric: chmod 755 file (owner: rwx, group/others: r-x).
• Symbolic: chmod u+x file (adds execute for owner).
  Example: chmod 644 file.txt sets owner read/write, others read-only. Verify with ls -l.

25. What are the default permissions for files and directories?

• Files: 664 (rw-rw-r--), allowing owner/group read/write, others read.
• Directories: 775 (rwxrwxr-x), adding execute for navigation.
  Set by umask (e.g., umask 002 subtracts from 666/777). Check with ls -l.

26. How do you manage services using systemd?

Use systemctl:

• Start: systemctl start nginx.
• Stop: systemctl stop nginx.
• Enable at boot: systemctl enable nginx.
• Check status: systemctl status nginx.
  Example: systemctl restart sshd restarts SSH. Systemd is the modern init system for service management.

27. What is cron, and how do you schedule a task?

Cron is a time-based scheduler. Edit crontab with crontab -e:

0 2 * * * /backup.sh

Runs /backup.sh daily at 2 AM. Format: minute, hour, day, month, weekday. Verify with crontab -l. Useful for automating backups or updates.

28. How do you check running processes in Linux?

Use:

• ps aux: Lists all processes with details (PID, CPU, memory).
• top or htop: Real-time process monitoring.
  Example: ps aux | grep nginx finds nginx processes. This helps identify resource usage or rogue processes.

29. How do you kill a process in Linux?

Use kill:

• By PID: kill 1234 (sends SIGTERM).
• Forceful: kill -9 1234 (SIGKILL).
• By name: killall nginx.
  Check with ps to confirm. Use cautiously to avoid data loss.

30. What is the difference between kill and killall?

• kill: Targets a specific PID (e.g., kill 1234).
• killall: Targets all processes by name (e.g., killall httpd).
  killall is broader, useful for stopping services, but riskier if multiple processes share a name.

Networking and Security

31. How do you check network configuration in Linux?

Commands:

• ip addr: Shows IP addresses and interfaces (e.g., eth0: 192.168.1.10).
• ip route: Displays routing table.
• nmcli or /etc/network/interfaces: Manages network settings.
  Example: ip addr show eth0 verifies interface config. Critical for troubleshooting connectivity.

32. What is the purpose of the /etc/hosts file?

Maps IP addresses to hostnames locally (e.g., 127.0.0.1 localhost). Used before DNS, it’s edited with nano /etc/hosts for local resolution, like testing web servers.

33. How do you configure a static IP address?

For Ubuntu (NetworkManager):

1. Edit /etc/netplan/01-netcfg.yaml:

network:
  ethernets:
    eth0:
      addresses: [192.168.1.100/24]
      gateway4: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8]

2. Apply: sudo netplan apply.
   For CentOS: Edit /etc/sysconfig/network-scripts/ifcfg-eth0. Verify with ip addr.

34. What is iptables, and how do you configure it?

iptables manages firewall rules for packet filtering. Example:

iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -j DROP

Allows SSH (port 22) and drops other incoming traffic. Save with iptables-save. Replaced by nftables in modern distros, but still widely used.

35. How do you secure SSH access on a Linux server?

Steps:

1. Change port: Edit /etc/ssh/sshd_config (e.g., Port 2222).
2. Disable root login: Set PermitRootLogin no.
3. Use key-based authentication: Generate keys with ssh-keygen, copy with ssh-copy-id.
4. Restrict users: Set AllowUsers username.
5. Restart: systemctl restart sshd.
   This reduces brute-force risks and enhances security.

36. What is SELinux, and how does it enhance security?

Security-Enhanced Linux (SELinux) enforces mandatory access controls (MAC) using policies to restrict processes/users. Modes:

• Enforcing: Blocks unauthorized actions.
• Permissive: Logs violations without blocking.
• Disabled: No enforcement.
  Check with getenforce. Example: setsebool -P httpd_can_network_connect 1 allows Apache network access. SELinux adds a security layer beyond standard permissions.

37. How do you check open ports on a Linux system?

Use:

• netstat -tuln: Lists listening TCP/UDP ports.
• ss -tuln: Modern alternative, faster.
• nmap localhost: Scans for open ports.
  Example: ss -tuln shows tcp 0 0 0.0.0.0:22, indicating SSH is open. Critical for security audits.

38. What is the purpose of the /etc/resolv.conf file?

/etc/resolv.conf defines DNS servers for name resolution (e.g., nameserver 8.8.8.8). Managed by NetworkManager or manually edited. Incorrect settings cause DNS failures, verifiable with dig google.com.

39. How do you configure a Linux firewall with firewalld?

firewalld is a dynamic firewall manager. Example:

firewall-cmd --add-port=80/tcp --permanent
firewall-cmd --reload

Opens port 80 for HTTP. Zones (e.g., public, trusted) control rules. Check with firewall-cmd --list-all. Simpler than iptables for dynamic environments.

40. What is Network Time Protocol (NTP), and how do you set it up?

NTP synchronizes system clocks with time servers. Install: apt install ntp. Configure: Edit /etc/ntp.conf (e.g., server pool.ntp.org). Restart: systemctl restart ntp. Verify with ntpstat or timedatectl. Accurate time is critical for logs and security protocols.

System Performance and Monitoring

41. How do you monitor CPU and memory usage in Linux?

Tools:

• top/htop: Real-time CPU/memory usage (e.g., htop shows 20% CPU for mysql).
• free -h: Memory details (e.g., used: 2G, free: 6G).
• vmstat: CPU, memory, and I/O stats.
  Example: top identifies high-CPU processes for optimization. Critical for diagnosing performance bottlenecks.

42. What is the role of the top command?

top displays real-time system metrics: CPU, memory, processes, and load averages. Key columns:

• %CPU: Process CPU usage.
• %MEM: Memory usage.
• PID: Process ID for killing.
  Press q to exit. Use htop for a more user-friendly interface.

43. How do you check disk I/O performance?

Use:

• iostat -x: Shows disk read/write rates (e.g., r/s: 100, w/s: 50).
• iotop: Real-time I/O per process.
  Install: apt install sysstat iotop. High I/O wait indicates bottlenecks, often due to heavy database loads.

44. What is the load average, and how do you interpret it?

Load average (seen in uptime or top) shows CPU demand over 1, 5, and 15 minutes (e.g., 0.50, 0.30, 0.20). Values above CPU core count (e.g., >4 on a 4-core system) indicate overload. Investigate with top or ps.

45. How do you identify a memory leak in Linux?

Symptoms: Increasing memory usage without release. Steps:

1. Monitor with free -h or top.
2. Check process memory with pmap -x .
3. Use valgrind for debugging apps.
   Example: A web server consuming 80% RAM over time may need restarting or patching.

46. What is the purpose of the sar command?

sar (System Activity Reporter) collects historical performance data (e.g., CPU, memory, I/O). Install: apt install sysstat. Example: sar -u 1 5 shows CPU usage every second for 5 iterations. Useful for trend analysis.

47. How do you monitor network traffic in Linux?

Tools:

• iftop: Real-time bandwidth per connection.
• nload: Interface traffic overview.
• tcpdump: Captures packets (e.g., tcpdump -i eth0).
  Example: iftop -i eth0 shows top connections, helping identify bandwidth hogs.

48. What is the role of journalctl in system monitoring?

journalctl queries systemd’s journal for logs. Examples:

• journalctl -u sshd: SSH service logs.
• journalctl -p 3: Error-level logs.
• journalctl --since "2025-09-01": Logs since a date.
  Critical for troubleshooting service failures or security events.

49. How do you tune system performance with nice and renice?

nice sets process priority (-20 high, 19 low): nice -n 10 command. renice adjusts running processes: renice 5 -p 1234. Lower values prioritize CPU access. Example: nice -n -10 mysql boosts database performance.

50. What is vmstat, and how do you use it?

vmstat reports virtual memory, CPU, and I/O stats. Example: vmstat 1 5 runs every second for 5 iterations, showing si/so (swap in/out) and wa (I/O wait). High wa indicates disk bottlenecks.

Shell Scripting and Automation

51. What is a shell script, and why is it useful?

A shell script is a file containing commands (e.g., Bash) to automate tasks. Example:

#!/bin/bash
echo "Checking disk space"
df -h

Saved as script.sh, run with bash script.sh. Scripts automate repetitive tasks like backups or monitoring, saving time.

52. How do you make a shell script executable?

Steps:

1. Add shebang: #!/bin/bash.
2. Set permissions: chmod +x script.sh.
3. Run: ./script.sh.
   Example: chmod 755 script.sh allows execution by all users. Verify with ls -l.

53. What is the difference between source and ./ for running scripts?

• source script.sh or . script.sh: Runs in the current shell, modifying its environment (e.g., variables).
• ./script.sh: Runs in a new shell, not affecting the parent.
  Example: source ~/.bashrc applies changes to the current session.

54. How do you use variables in a shell script?

Define: name="value". Use: echo $name. Example:

#!/bin/bash
path="/var/log"
echo "Logs in $path"

Variables store dynamic data, making scripts flexible for paths or configs.

55. What are exit codes, and how do you use them?

Exit codes indicate command success (0) or failure (non-zero). Check with echo $?. Example:

ls /nonexistent
echo $?  # Outputs 2 (error)

Scripts use exit codes for conditionals: if [ $? -eq 0 ]; then echo "Success"; fi.

56. How do you create a cron job with a shell script?

Write a script (e.g., backup.sh), make it executable, then add to crontab:

crontab -e
0 3 * * * /path/to/backup.sh

Runs daily at 3 AM. Verify with crontab -l. Useful for automated maintenance.

57. What is the purpose of grep in shell scripting?

grep searches text for patterns. Example: grep "error" /var/log/syslog finds lines with “error”. Use in scripts:

if grep "failed" /var/log/auth.log; then
  echo "Login issues detected"
fi

Filters logs or files for automation logic.

58. How do you use awk in Linux?

awk processes text by fields/columns. Example: awk '{print $1}' /etc/passwd prints usernames. In scripts:

awk -F: '{if ($3 > 1000) print $1}' /etc/passwd

Lists users with UID > 1000. Powerful for log parsing or data extraction.

59. What is a pipe (|) in Linux, and how is it used?

Pipes pass output from one command to another. Example: ls -l | grep ".txt" lists only text files. In scripts, pipes chain commands for complex workflows, like ps aux | grep nginx | awk '{print $2}' to get nginx PIDs.

60. How do you handle errors in a shell script?

Use conditionals and exit codes:

#!/bin/bash
cp file.txt /backup || { echo "Copy failed"; exit 1; }
echo "Copy successful"

|| runs the error block if cp fails. Log errors to files (e.g., >> error.log) for debugging.

Package Management

61. What is a package manager, and how does it work?

A package manager installs, updates, and removes software. Examples:

• APT (Debian/Ubuntu): apt install nginx.
• YUM/DNF (CentOS/RHEL): dnf install httpd.
• Pacman (Arch): pacman -S vim.
  It resolves dependencies and fetches packages from repositories, simplifying software management.

62. How do you install a package in Ubuntu?

Use APT:

sudo apt update
sudo apt install package-name

Example: apt install apache2 installs Apache. apt update ensures the latest package lists. Verify with dpkg -l | grep apache2.

63. How do you remove a package in CentOS?

Use DNF:

sudo dnf remove package-name

Example: dnf remove httpd removes Apache. Use --autoremove to clear unused dependencies. Check with rpm -qa | grep httpd.

64. What is the difference between apt-get and apt?

• apt-get: Older, low-level tool for package management.
• apt: Modern, user-friendly wrapper for apt-get and other tools, with progress bars and simplified commands.
  Example: apt install vs. apt-get install. Use apt for interactive tasks, apt-get for scripts.

65. How do you add a new repository in Linux?

For Ubuntu:

1. Add to /etc/apt/sources.list or /etc/apt/sources.list.d/:

deb http://repo.url focal main

2. Update: apt update.
   For CentOS: Edit /etc/yum.repos.d/repo.repo. Example: Adding EPEL: dnf install epel-release. Verifies with apt-cache policy or dnf repolist.

66. What is a PPA in Ubuntu, and how do you use it?

Personal Package Archive (PPA) provides third-party software. Add with:

sudo add-apt-repository ppa:user/ppa-name
sudo apt update
sudo apt install package

Example: add-apt-repository ppa:deadsnakes/ppa for Python versions. Verify with apt-cache policy.

67. How do you check installed packages?

• Ubuntu: dpkg -l or apt list --installed.
• CentOS: rpm -qa or dnf list installed.
  Example: dpkg -l | grep nginx confirms nginx installation. Useful for audits or troubleshooting.

68. What is the difference between a source package and a binary package?

• Source Package: Contains code to compile (e.g., .tar.gz).
• Binary Package: Precompiled, ready to install (e.g., .deb, .rpm).
  Binaries are faster to install, while source packages allow customization but require compilation.

69. How do you update all packages in Linux?

• Ubuntu: sudo apt update && sudo apt upgrade.
• CentOS: sudo dnf update.
  Example: apt upgrade -y auto-confirms updates. Schedule via cron for automation.

70. What is yum vs. dnf in CentOS?

• yum: Older package manager, reliable but slower.
• dnf: Modern replacement, faster with better dependency resolution.
  Example: dnf update vs. yum update. DNF is preferred in CentOS 8+.

User and Permission Management

71. How do you modify a user’s group in Linux?

Use usermod:

sudo usermod -aG groupname username

-aG adds to a group (e.g., sudo usermod -aG sudo user1 grants sudo access). Verify with groups username.

72. What is the purpose of the /etc/group file?

/etc/group lists groups and their members (e.g., sudo:x:27:user1,user2). Each line includes group name, GID, and members. Edited with groupadd or gpasswd for security.

73. How do you lock a user account?

Use:

• passwd -l username: Locks password.
• usermod -L username: Alternative method.
  Example: passwd -l user1 prevents login. Unlock with passwd -u user1. Useful for suspending accounts.

74. What are sticky bits, and how do you set them?

Sticky bits restrict file deletion in shared directories (e.g., /tmp). Set with:

chmod +t directory

Example: chmod 1777 /tmp (sticky bit = 1). Only owners can delete files. Verify with ls -ld.

75. How do you set default permissions for new files?

Use umask:

umask 022

Subtracts from 666 (files) or 777 (directories), resulting in 644/755. Set in ~/.bashrc or /etc/profile. Check with umask.

76. What is the difference between su and sudo?

• su: Switches to another user (e.g., su root), requiring their password.
• sudo: Runs a command as another user (e.g., sudo ls), using the caller’s password if authorized.
  sudo is safer, with configurable access via /etc/sudoers.

77. How do you delegate specific commands to a user with sudo?

Edit /etc/sudoers with visudo:

username ALL=(ALL) /usr/bin/apt

Allows username to run apt. Verify with sudo -l. Ensures limited privilege escalation.

78. What is the purpose of the /etc/shadow file?

/etc/shadow stores encrypted passwords and account details (e.g., expiry). Format: username:encrypted_password:expiry. Readable only by root for security, unlike /etc/passwd.

79. How do you change a user’s shell?

Use chsh:

sudo chsh -s /bin/zsh username

Sets Zsh as the shell. Verify with cat /etc/passwd. Useful for user preferences or security (e.g., /sbin/nologin).

80. What is setuid, and when is it used?

Setuid allows users to run executables with the owner’s permissions (e.g., passwd). Set with:

chmod u+s file

Example: ls -l /usr/bin/passwd shows rwsr-xr-x. Use cautiously to avoid security risks.

Backup and Recovery

81. How do you create a full system backup in Linux?

Use tar:

tar -cvpzf /backup/full_backup.tar.gz --exclude=/backup / --exclude=/proc --exclude=/sys

Creates a compressed archive, excluding virtual filesystems. Restore with tar -xpzf. Schedule via cron for regular backups.

82. What is rsync, and how do you use it for backups?

rsync synchronizes files efficiently, copying only changes. Example:

rsync -avh /source /backup

-a preserves permissions, -v is verbose. Use --delete to mirror source. Ideal for incremental backups.

83. How do you restore a deleted file from a backup?

For tar backup:

tar -xpzf /backup/full_backup.tar.gz -C /restore path/to/file

For rsync: Copy from backup directory. Always verify restored files with ls or diff.

84. What is a snapshot in LVM, and how do you create one?

An LVM snapshot captures a volume’s state, useful for backups. Create:

lvcreate -s -n snap -L 5G /dev/vgname/lvname

Mount and back up the snapshot, then remove with lvremove. Snapshots ensure consistent data during backups.

85. How do you back up a running database?

For MySQL:

mysqldump -u root -p database > backup.sql

For PostgreSQL: pg_dump database > backup.sql. Schedule with cron and store off-site. Restore with mysql < backup.sql or psql.

86. What is the role of /etc/fstab in recovery?

/etc/fstab defines mount points (e.g., /dev/sda1 / ext4 defaults 0 1). Incorrect entries prevent booting. Edit in recovery mode to fix mount issues.

87. How do you recover a system from a corrupted boot loader?

Boot from a live USB, chroot into the system:

mount /dev/sda1 /mnt
chroot /mnt
grub-install /dev/sda
update-grub

Reinstalls GRUB. Verify with grub-probe. Critical for restoring bootability.

88. What is dd, and how do you use it for disk backups?

dd copies raw disk data. Example:

dd if=/dev/sda of=/backup/disk.img bs=64K

Restores with dd if=/backup/disk.img of=/dev/sda. Use cautiously to avoid overwriting data.

89. How do you automate backups with a script?

Example:

#!/bin/bash
rsync -av /data /backup
tar -czf /backup/data_$(date +%F).tar.gz /data

Schedule with crontab -e: 0 1 * * * /backup.sh. Log errors to /var/log/backup.log.

90. What is the difference between incremental and differential backups?

• Incremental: Backs up changes since the last backup (faster, complex restore).
• Differential: Backs up changes since the last full backup (slower, simpler restore).
  Use rsync for incremental, tar for differential.

Troubleshooting and Diagnostics

91. How do you troubleshoot a system that fails to boot?

Steps:

1. Boot into GRUB rescue mode or live USB.
2. Check logs: cat /mnt/var/log/syslog.
3. Verify /etc/fstab and fsck /dev/sda1.
4. Reinstall GRUB: grub-install.
   Example: A corrupted kernel may require apt install linux-image in chroot.

92. What is the role of dmesg in troubleshooting?

dmesg displays kernel logs (e.g., hardware errors). Example: dmesg | grep disk shows disk issues. Use with journalctl for comprehensive diagnostics.

93. How do you troubleshoot network connectivity issues?

Steps:

1. Check interface: ip link (e.g., eth0: UP).
2. Test connectivity: ping 8.8.8.8.
3. Verify DNS: dig google.com.
4. Check firewall: iptables -L or firewall-cmd --list-all.
   Example: No DNS resolution may indicate a missing nameserver in /etc/resolv.conf.

94. How do you identify a high CPU usage process?

Use top or htop to find processes with high %CPU. Example: top shows mysql at 90%. Investigate with strace -p or kill with kill -9 .

95. What is the purpose of strace?

strace traces system calls of a process. Example: strace -p 1234 shows calls made by PID 1234, helping diagnose hangs or errors in applications.

96. How do you troubleshoot a failed service?

Steps:

1. Check status: systemctl status nginx.
2. View logs: journalctl -u nginx.
3. Restart: systemctl restart nginx.
   Example: Logs may show a port conflict (e.g., port 80 in use), resolved by killing the conflicting process.

97. What is lsof, and how do you use it?

lsof lists open files, including network sockets. Example: lsof -i :80 shows processes using port 80. Useful for finding port conflicts or file locks.

98. How do you recover a deleted file still in use?

Find the process with lsof | grep filename, then copy from /proc//fd/ to a new file. Example: cp /proc/1234/fd/3 /restore/file.txt. Prevents data loss for open files.

99. What is the role of netstat in network troubleshooting?

netstat displays network connections and stats. Example: netstat -tuln lists listening ports, netstat -rn shows routing tables. Replaced by ss in modern systems.

100. How do you diagnose a slow system?

Steps:

1. Check CPU/memory: top or free -h.
2. Monitor disk I/O: iostat.
3. Review logs: journalctl -p 3.
4. Check network: iftop.
   Example: High I/O wait in iostat may indicate a failing disk or heavy load.

Advanced System Administration

101. What is RAID, and what are its common levels?

RAID (Redundant Array of Independent Disks) improves storage reliability/performance. Levels:

• RAID 0: Striping, fast but no redundancy.
• RAID 1: Mirroring, duplicates data for fault tolerance.
• RAID 5: Striping with parity, balances speed and redundancy (minimum 3 disks).
• RAID 10: Combines mirroring and striping, high performance/reliability.
  Example: mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/sd[b-d] creates RAID 5. Check with cat /proc/mdstat.

102. How do you configure a software RAID in Linux?

Steps:

1. Install: apt install mdadm.
2. Create: mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb /dev/sdc.
3. Format: mkfs.ext4 /dev/md0.
4. Mount: mount /dev/md0 /mnt.
5. Save config: mdadm --detail --scan >> /etc/mdadm/mdadm.conf.
   Verify with mdadm --detail /dev/md0. Ensures data redundancy.

103. What is the Linux boot process in detail?

Steps:

1. BIOS/UEFI: Initializes hardware, loads bootloader.
2. GRUB: Loads kernel and initramfs.
3. Kernel: Initializes drivers, mounts root filesystem.
4. Init (systemd): Starts services, sets runlevel/target.
   Example: Boot failure at GRUB may require grub-install. Logs in /var/log/boot.log help diagnose issues.

104. How do you update the Linux kernel?

Steps:

1. Check current: uname -r.
2. Install new kernel: apt install linux-image-5.15.0 (Ubuntu) or dnf install kernel (CentOS).
3. Update GRUB: update-grub.
4. Reboot: reboot.
   Verify with uname -r. Backup /boot to avoid boot failures.

105. What is chroot, and how is it used?

chroot changes the root directory for a process, isolating it. Example:

mount /dev/sda1 /mnt
chroot /mnt

Used in recovery to fix boot issues or test environments. Exit with exit. Verify mounts with df.

106. How do you configure a cron job for a specific user?

Edit user’s crontab:

crontab -u username -e
0 4 * * * /script.sh

Runs script.sh at 4 AM for username. Verify with crontab -u username -l.

107. What is the purpose of ulimit?

ulimit sets resource limits for users (e.g., file descriptors, memory). Example: ulimit -n 4096 sets max open files. Configure in /etc/security/limits.conf:

username hard nofile 4096

Prevents resource exhaustion in high-load systems.

108. How do you manage kernel modules?

• List: lsmod.
• Load: modprobe module_name.
• Unload: rmmod module_name.
  Example: modprobe vfat enables FAT filesystem support. Check with lsmod | grep vfat.

109. What is systemctl, and how does it differ from service?

• systemctl: Manages systemd services (e.g., systemctl start nginx).
• service: Legacy wrapper for init scripts (e.g., service nginx start).
  systemctl is preferred for modern systems, offering detailed control (e.g., systemctl is-enabled nginx).

110. How do you configure a systemd service?

Create /etc/systemd/system/myservice.service:

[Unit]
Description=My Service
After=network.target
[Service]
ExecStart=/usr/bin/myscript.sh
Restart=always
[Install]
WantedBy=multi-user.target

Reload: systemctl daemon-reload, enable: systemctl enable myservice. Start: systemctl start myservice. Ensures persistent services.

Server and Service Management

111. How do you install and configure Apache on Linux?

Steps (Ubuntu):

1. Install: apt install apache2.
2. Start: systemctl start apache2.
3. Enable: systemctl enable apache2.
4. Configure: Edit /etc/apache2/sites-available/000-default.conf (e.g., set DocumentRoot).
5. Test: curl http://localhost.
   Verify with apachectl -t for config errors. Apache serves web content, critical for hosting.

112. What is Nginx, and how do you set it up?

Nginx is a high-performance web server. Steps (CentOS):

1. Install: dnf install nginx.
2. Start: systemctl start nginx.
3. Configure: Edit /etc/nginx/nginx.conf or /etc/nginx/conf.d/.
4. Test: nginx -t.
   Example: Add a server block for a domain. Nginx excels in load balancing and reverse proxying.

113. How do you configure a DNS server with BIND?

Install: apt install bind9. Configure:

1. Edit /etc/bind/named.conf.local: Define zones.
2. Create zone file (e.g., /etc/bind/db.example.com):

$TTL 86400
@ IN SOA ns.example.com. admin.example.com. (
  2025090801 ; Serial
  3600 ; Refresh
  1800 ; Retry
  604800 ; Expire
  86400 ) ; Minimum
@ IN NS ns.example.com.
ns IN A 192.168.1.10

3. Restart: systemctl restart named.
   Test with dig @localhost example.com. BIND resolves domain names for networks.

114. What is the role of /etc/exports in NFS?

/etc/exports defines directories shared via NFS. Example:

/data 192.168.1.0/24(rw,sync)

Shares /data with read/write access to the 192.168.1.0 subnet. Apply with exportfs -ra. Verify with showmount -e.

115. How do you set up a Samba file server?

Install: apt install samba. Configure:

1. Edit /etc/samba/smb.conf:

[share]
path = /srv/share
read only = no
browsable = yes

2. Add user: smbpasswd -a username.
3. Restart: systemctl restart smbd.
   Test with smbclient -L localhost. Samba enables cross-platform file sharing.

116. How do you configure an FTP server with vsftpd?

Install: apt install vsftpd. Configure:

1. Edit /etc/vsftpd.conf: Enable write_enable=YES, anonymous_enable=NO.
2. Restart: systemctl restart vsftpd.
3. Test: ftp localhost.
   Secure with SSL or restrict users via userlist_enable. Vsftpd is lightweight for file transfers.

117. What is the purpose of a reverse proxy, and how do you configure it with Nginx?

A reverse proxy forwards client requests to backend servers, improving load balancing and security. Configure in Nginx:

server {
  listen 80;
  server_name example.com;
  location / {
    proxy_pass http://backend:8080;
    proxy_set_header Host $host;
  }
}

Restart: systemctl restart nginx. Test with curl http://example.com. Enhances scalability.

118. How do you monitor a web server’s performance?

Use:

• apachectl status or nginx -s reload for basic stats.
• htop for CPU/memory.
• ab (Apache Benchmark): ab -n 100 -c 10 http://localhost/ tests load.
• Logs: /var/log/apache2/access.log or /var/log/nginx/access.log.
  Identifies bottlenecks or high traffic.

119. How do you secure a web server?

Steps:

1. Enable HTTPS: Use Let’s Encrypt (certbot).
2. Restrict ports: firewall-cmd --add-port=443/tcp.
3. Update software: apt upgrade apache2.
4. Disable unused modules: a2dismod status.
5. Set permissions: chmod 750 /var/www/html.
   Regular audits with nmap or lynis ensure security.

120. What is a load balancer, and how do you configure HAProxy?

A load balancer distributes traffic across servers. Install: apt install haproxy. Configure /etc/haproxy/haproxy.cfg:

frontend http_front
  bind *:80
  default_backend http_back
backend http_back
  server server1 192.168.1.10:80
  server server2 192.168.1.11:80

Restart: systemctl restart haproxy. Test with curl http://localhost. Improves availability.

Virtualization and Containers

121. What is virtualization, and how does it work in Linux?

Virtualization runs multiple OSes on one host using a hypervisor (e.g., KVM, VirtualBox). KVM uses /dev/kvm to manage VMs, leveraging CPU virtualization extensions. Example: virt-install creates VMs. Enhances resource utilization and isolation.

122. How do you set up a KVM virtual machine?

Install: apt install qemu-kvm libvirt-daemon. Steps:

1. Create disk: qemu-img create -f qcow2 vm_disk.qcow2 20G.
2. Install VM:

virt-install --name vm1 --ram 2048 --vcpus 2 --disk path=vm_disk.qcow2 --os-type linux --cdrom /path/to/iso

3. Manage: virsh list --all.
   KVM is efficient for server virtualization.

123. What is Docker, and how do you run a container?

Docker runs applications in isolated containers. Install: apt install docker.io. Run:

docker run -d -p 80:80 nginx

Maps port 80 to nginx container. Verify with docker ps. Containers are lightweight for microservices.

124. How do you create a Docker image?

Write a Dockerfile:

FROM ubuntu:22.04
RUN apt update && apt install -y nginx
CMD ["nginx", "-g", "daemon off;"]

Build: docker build -t myimage .. Run: docker run -d myimage. Images enable consistent deployments.

125. What is the difference between a VM and a container?

• VM: Emulates full OS with hardware, heavier (e.g., KVM).
• Container: Shares host kernel, lightweight, isolates apps (e.g., Docker).
  Containers are faster for microservices, VMs for full OS isolation.

126. How do you manage Docker containers?

Commands:

• List: docker ps -a.
• Stop: docker stop container_id.
• Remove: docker rm container_id.
• Logs: docker logs container_id.
  Example: docker ps shows running containers. Simplifies container lifecycle management.

127. What is Kubernetes, and how does it relate to Docker?

Kubernetes orchestrates containers, managing scaling, deployment, and failover. Docker runs containers, while Kubernetes schedules them across nodes. Example: kubectl run nginx --image=nginx deploys an nginx pod. Critical for large-scale containerized apps.

128. How do you set up a basic Kubernetes cluster?

Install kubeadm, kubectl, kubelet. Steps:

1. Initialize master: kubeadm init.
2. Join nodes: kubeadm join :.
3. Apply CNI (e.g., kubectl apply -f weave.yaml).
   Verify with kubectl get nodes. Simplifies container orchestration.

129. What is a namespace in Docker or Kubernetes?

Isolates resources (e.g., containers, pods). In Docker: docker run --network ns1. In Kubernetes: kubectl create namespace dev. Example: kubectl get pods -n dev lists pods in dev. Enhances resource organization.

130. How do you back up a Docker container?

Steps:

1. Export: docker export container_id > backup.tar.
2. Save image: docker save -o image.tar image_name.
   Restore: docker import backup.tar. Use volumes for persistent data backups.

Security Hardening

131. How do you harden a Linux server?

Steps:

1. Update system: apt update && apt upgrade.
2. Disable unused services: systemctl disable bluetooth.
3. Configure firewall: firewall-cmd --add-port=22/tcp.
4. Secure SSH: Disable root login, use keys.
5. Use SELinux/AppArmor: Enforce policies.
6. Regular audits: lynis audit system.
   Reduces attack surface for servers.

132. What is AppArmor, and how does it work?

AppArmor confines applications with profiles, restricting file/network access. Example:

aa-genprof /usr/bin/nginx

Creates a profile for nginx. Check with aa-status. Complements SELinux for security.

133. How do you configure SSH key-based authentication?

Steps:

1. Generate key: ssh-keygen -t rsa.
2. Copy to server: ssh-copy-id user@server.
3. Disable password login: Edit /etc/ssh/sshd_config (PasswordAuthentication no).
4. Restart: systemctl restart sshd.
   Enhances SSH security by eliminating passwords.

134. What is a chroot jail, and how do you set it up?

A chroot jail isolates processes to a directory. Setup:

mkdir /jail
cp /bin/bash /jail/bin
chroot /jail

Copy required libraries with ldd /bin/bash. Used for secure environments like FTP servers.

135. How do you audit system security with Lynis?

Install: apt install lynis. Run: lynis audit system. Reviews configurations, permissions, and services, generating a report with hardening suggestions (e.g., disable unused ports). Regular audits ensure compliance.

136. What is the role of /etc/login.defs?

Defines login policies (e.g., password length, expiry). Example: PASS_MAX_DAYS 90 sets 90-day password expiry. Edit with nano /etc/login.defs. Enhances user security.

137. How do you restrict root login to specific IPs?

Edit /etc/ssh/sshd_config:

AllowUsers [email protected]

Restart: systemctl restart sshd. Limits root access to trusted IPs, reducing attack risks.

138. What is fail2ban, and how do you configure it?

fail2ban bans IPs after failed login attempts. Install: apt install fail2ban. Configure /etc/fail2ban/jail.local:

[sshd]
enabled = true
maxretry = 5
bantime = 3600

Restart: systemctl restart fail2ban. Protects against brute-force attacks.

139. How do you encrypt a file in Linux?

Use gpg:

gpg -c file.txt

Creates file.txt.gpg. Decrypt: gpg file.txt.gpg. Enter passphrase. Ensures data confidentiality.

140. What is the purpose of auditd?

auditd logs system events for security auditing. Install: apt install auditd. Configure rules in /etc/audit/audit.rules:

-w /etc/passwd -p wa -k passwd_changes

Monitors file changes. Check logs with ausearch -k passwd_changes.

Performance Tuning

141. How do you optimize disk performance in Linux?

Steps:

1. Use fast filesystems (e.g., XFS).
2. Enable TRIM: fstrim -v / for SSDs.
3. Adjust I/O scheduler: echo deadline > /sys/block/sda/queue/scheduler.
4. Monitor with iostat.
   Example: deadline scheduler improves database performance.

142. What is ionice, and how do you use it?

ionice sets I/O priority for processes. Example:

ionice -c3 cp largefile /backup

-c3 sets low priority, reducing impact on other tasks. Check with iotop.

143. How do you optimize memory usage?

Steps:

1. Check usage: free -h.
2. Adjust swappiness: echo 10 > /proc/sys/vm/swappiness (prefers RAM over swap).
3. Drop caches: echo 3 > /proc/sys/vm/drop_caches (use cautiously).
   Improves performance for memory-intensive apps.

144. What is the role of sysctl in performance tuning?

sysctl modifies kernel parameters. Example:

sysctl -w net.ipv4.tcp_rmem="4096 87380 6291456"

Adjusts TCP buffer sizes. Persist in /etc/sysctl.conf. Enhances network performance.

145. How do you limit CPU usage for a process?

Use cpulimit:

cpulimit -p 1234 -l 50

Limits PID 1234 to 50% CPU. Install: apt install cpulimit. Prevents resource hogging.

146. What is nice vs. chrt for process scheduling?

• nice: Sets CPU priority (-20 to 19). Example: nice -n 5 command.
• chrt: Sets real-time scheduling. Example: chrt -r -p 20 1234.
  chrt is for latency-sensitive tasks, nice for general prioritization.

147. How do you optimize network performance?

Steps:

1. Increase buffers: sysctl -w net.core.rmem_max=16777216.
2. Enable TCP Fast Open: sysctl -w net.ipv4.tcp_fastopen=3.
3. Monitor: iperf3 -c server for throughput.
   Improves high-traffic server performance.

148. What is the role of vm.swappiness?

Controls RAM vs. swap usage (0-100). Lower values (e.g., 10) prioritize RAM. Set:

sysctl -w vm.swappiness=10

Persist in /etc/sysctl.conf. Reduces disk I/O for better performance.

149. How do you benchmark system performance?

Tools:

• sysbench: sysbench cpu run for CPU.
• fio: fio --name=test --rw=write --size=1G for disk.
• iperf3: Network throughput.
  Example: sysbench results guide hardware upgrades.

150. What is numactl, and how does it optimize performance?

numactl controls CPU/memory affinity in NUMA systems. Example:

numactl --cpunodebind=0 --membind=0 command

Binds to node 0, reducing latency in multi-CPU servers.

Advanced Networking

151. How do you configure a VLAN in Linux?

Steps:

1. Install: apt install vlan.
2. Load module: modprobe 8021q.
3. Create VLAN: ip link add link eth0 name eth0.10 type vlan id 10.
4. Assign IP: ip addr add 192.168.10.1/24 dev eth0.10.
5. Activate: ip link set eth0.10 up.
   Verify with ip link. VLANs segment traffic for security and efficiency.

152. What is iproute2, and how does it differ from net-tools?

• iproute2: Modern suite (ip, ss) for network management, more powerful.
• net-tools: Legacy (ifconfig, netstat), deprecated.
  Example: ip addr vs. ifconfig. iproute2 supports advanced features like policy routing.

153. How do you set up a network bridge?

Steps:

1. Install: apt install bridge-utils.
2. Create bridge: brctl addbr br0.
3. Add interfaces: brctl addif br0 eth0.
4. Activate: ip link set br0 up.
   Verify with brctl show. Used in virtualization for VM networking.

154. What is tcpdump, and how do you use it?

tcpdump captures network packets. Example:

tcpdump -i eth0 port 80

Captures HTTP traffic. Save to file: tcpdump -w capture.pcap. Analyze with Wireshark. Critical for network diagnostics.

155. How do you configure policy-based routing?

Use ip rule and ip route:

ip rule add from 192.168.1.0/24 table 100
ip route add default via 192.168.2.1 table 100

Routes specific traffic through a different gateway. Verify with ip rule show.

156. What is nftables, and how does it replace iptables?

nftables is a modern firewall framework with simpler syntax. Example:

nft add table inet mytable
nft add chain inet mytable input { type filter hook input priority 0 \; policy drop \; }
nft add rule inet mytable input tcp dport 22 accept

Replaces iptables with better performance and flexibility. Check with nft list ruleset.

157. How do you set up a VPN with OpenVPN?

Install: apt install openvpn. Configure:

1. Generate keys: /usr/share/easy-rsa.
2. Edit /etc/openvpn/server.conf:

port 1194
proto udp
dev tun
server 10.8.0.0 255.255.255.0

3. Start: systemctl start openvpn@server.
   Test with a client. OpenVPN secures remote connections.

158. What is ethtool, and how do you use it?

ethtool manages network interfaces. Example:

ethtool eth0
ethtool -s eth0 speed 1000 duplex full

Shows status or sets speed/duplex. Useful for optimizing network performance.

159. How do you configure a static route?

Add with ip route:

ip route add 10.0.0.0/24 via 192.168.1.1

Persist in /etc/network/interfaces or /etc/sysconfig/network-scripts. Verify with ip route.

160. What is the role of sshd_config?

/etc/ssh/sshd_config configures the SSH daemon (e.g., port, authentication). Example: Port 2222 changes the default port. Restart: systemctl restart sshd.

Advanced Troubleshooting

161. How do you troubleshoot a kernel panic?

Steps:

1. Boot into single-user mode or live USB.
2. Check logs: /var/log/syslog or dmesg.
3. Verify kernel modules: lsmod.
4. Reinstall kernel: apt install linux-image.
   Example: A driver issue may require modprobe -r faulty_module.

162. What is kdump, and how do you configure it?

kdump captures kernel crash dumps. Install: apt install kdump-tools. Configure /etc/kdump-tools/kdump-tools.conf:

crashkernel=512M

Enable: systemctl enable kdump-tools. Analyze dumps with crash tool.

163. How do you recover a corrupted /etc/fstab?

Boot from live USB, mount root:

mount /dev/sda1 /mnt
nano /mnt/etc/fstab

Restore from backup or fix entries. Test with mount -a. Prevents boot failures.

164. What is the role of lscpu in troubleshooting?

lscpu displays CPU details (e.g., cores, architecture). Example: lscpu shows 4 cores, helping diagnose CPU-related performance issues.

165. How do you troubleshoot a failed mount?

Steps:

1. Check dmesg for disk errors.
2. Verify /etc/fstab: Correct device and options.
3. Test: mount /dev/sdb1 /mnt.
   Example: fsck /dev/sdb1 fixes filesystem errors.

166. What is strace vs. ltrace?

• strace: Traces system calls (e.g., strace ls).
• ltrace: Traces library calls (e.g., ltrace ls).
  Example: strace -p 1234 diagnoses a hung process.

167. How do you identify a network bottleneck?

Use iperf3 for throughput, iftop for real-time traffic, and netstat -s for packet errors. Example: Low iperf3 results indicate link saturation.

168. What is the role of perf in performance analysis?

perf profiles system performance. Example: perf stat sleep 1 measures CPU cycles. Install: apt install linux-tools-common. Identifies bottlenecks in CPU-intensive apps.

169. How do you troubleshoot a DNS issue?

Steps:

1. Test: dig google.com.
2. Check /etc/resolv.conf: Ensure valid nameservers.
3. Verify connectivity: ping 8.8.8.8.
   Example: No response may indicate a firewall blocking port 53.

170. What is coredumpctl, and how do you use it?

coredumpctl manages core dumps for crashed processes. Example: coredumpctl gdb 1234 debugs PID 1234’s dump. Useful for application crash analysis.

Cloud and Automation

171. What is Ansible, and how do you use it for Linux administration?

Ansible automates tasks using YAML playbooks. Example:

- hosts: servers
  tasks:
    - name: Install nginx
      apt:
        name: nginx
        state: present

Run: ansible-playbook playbook.yml. Simplifies server configuration across multiple hosts.

172. How do you set up a basic Ansible playbook?

Create playbook.yml:

- hosts: all
  become: yes
  tasks:
    - name: Update packages
      apt:
        update_cache: yes
        upgrade: dist

Run: ansible-playbook -i hosts playbook.yml. Automates updates on all hosts.

173. What is Terraform, and how does it work with Linux?

Terraform provisions infrastructure using code. Example:

resource "aws_instance" "server" {
  ami           = "ami-12345678"
  instance_type = "t2.micro"
}

Run: terraform apply. Deploys Linux VMs on cloud platforms like AWS.

174. How do you integrate Linux servers with a cloud provider?

Steps:

1. Install SDK: pip install boto3 (AWS).
2. Configure credentials: ~/.aws/credentials.
3. Use tools like aws ec2 describe-instances or Terraform.
   Example: Launch an Ubuntu EC2 instance with aws ec2 run-instances.

175. What is a configuration management tool, and why use it?

Tools like Ansible, Puppet, or Chef automate server configs, ensuring consistency. Example: Ansible ensures all servers have identical nginx configs, reducing manual errors.

176. How do you monitor cloud-based Linux servers?

Use tools like:

• Prometheus: Collects metrics (e.g., CPU usage).
• Grafana: Visualizes data.
• CloudWatch (AWS): Monitors EC2 instances.
  Example: prometheus.yml scrapes /metrics endpoint for nginx stats.

177. What is the role of /etc/cloud/cloud.cfg?

Configures cloud-init for cloud instances, setting hostname, users, or packages. Example: Add package_update: true for automatic updates. Critical for cloud deployments.

178. How do you automate server provisioning with cloud-init?

Create /etc/cloud/cloud.cfg.d/custom.cfg:

users:
  - name: user1
    ssh-authorized-keys:
      - ssh-rsa AAA...
runcmd:
  - apt update

Applies on first boot. Simplifies instance setup in clouds like AWS.

179. What is a CI/CD pipeline, and how does it relate to Linux?

CI/CD automates code testing and deployment. On Linux, tools like Jenkins or GitLab CI run pipelines. Example: A Jenkins pipeline deploys a web app to a Linux server, using ssh for updates.

180. How do you secure a cloud-based Linux server?

Steps:

1. Use security groups (e.g., AWS: allow port 22 only).
2. Enable MFA for SSH.
3. Install fail2ban and lynis.
4. Encrypt disks: cryptsetup luksFormat /dev/sdb.
   Ensures cloud server compliance with security standards.

High Availability and Clustering

181. What is high availability (HA) in Linux?

HA ensures systems remain operational during failures using redundancy. Example: Pacemaker/Corosync clusters manage failover for services like Apache. Critical for mission-critical systems.

182. How do you set up a basic HA cluster with Pacemaker?

Install: apt install pacemaker corosync. Configure:

1. Edit /etc/corosync/corosync.conf: Set node IPs.
2. Start: systemctl start corosync pacemaker.
3. Add resource: pcs resource create webserver apache.
   Verify with pcs status. Ensures service continuity.

183. What is DRBD, and how does it work?

Distributed Replicated Block Device (DRBD) mirrors disk data across nodes. Configure /etc/drbd.d/resource.res:

resource r0 {
  on node1 { device /dev/drbd0; disk /dev/sdb1; }
  on node2 { device /dev/drbd0; disk /dev/sdb1; }
}

Enable: drbdadm create-md r0. Used in HA for data redundancy.

184. How do you configure Keepalived for load balancing?

Install: apt install keepalived. Configure /etc/keepalived/keepalived.conf:

vrrp_instance VI_1 {
  state MASTER
  interface eth0
  virtual_router_id 51
  priority 100
  virtual_ipaddress {
    192.168.1.100
  }
}

Restart: systemctl restart keepalived. Provides VIP failover for HA.

185. What is the role of a quorum in clustering?

Quorum ensures cluster decisions (e.g., failover) require a majority of nodes, preventing split-brain. Configure in Corosync: quorum { provider: corosync_votequorum }.

186. How do you monitor a cluster’s health?

Use:

• pcs status: Checks Pacemaker resources.
• crm_mon -1: Real-time cluster status.
• corosync-cfgtool -s: Node connectivity.
  Example: pcs status shows failed resources for troubleshooting.

187. What is a floating IP, and how is it used in HA?

A floating IP is a virtual IP that moves between nodes during failover (e.g., via Keepalived). Example: 192.168.1.100 switches to a backup node if the primary fails.

188. How do you set up a Galera cluster for MySQL?

Install: apt install mariadb-server galera. Configure /etc/mysql/mariadb.conf.d/galera.cnf:

wsrep_on=ON
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_cluster_address="gcomm://node1,node2"

Start: galera_new_cluster on first node, systemctl start mariadb on others. Ensures database HA.

189. What is the difference between active-passive and active-active HA?

• Active-Passive: One node serves, another waits (e.g., Pacemaker failover).
• Active-Active: All nodes serve simultaneously (e.g., Galera).
  Active-active maximizes resource use but is complex.

190. How do you test failover in a cluster?

Steps:

1. Stop primary node: systemctl stop pacemaker.
2. Check VIP/resources: pcs status.
3. Verify service: curl http://vip.
   Example: Failover should move services to the backup node seamlessly.

Miscellaneous

191. What is systemd-analyze, and how do you use it for system optimization?

systemd-analyze is a tool that profiles and analyzes the boot process to identify performance bottlenecks. It provides detailed insights into service startup times and system initialization. Key commands:

• systemd-analyze: Shows total boot time (e.g., "Startup finished in 5.234s").
• systemd-analyze blame: Lists services and their startup durations (e.g., 2.123s networking.service).
• systemd-analyze critical-chain: Displays the critical path affecting boot time.
  Example: If networking.service takes 2 seconds, disable unnecessary services with systemctl disable networking.service to optimize boot. Use cautiously to avoid breaking dependencies. This tool is critical for reducing server startup times in high-availability environments.

192. How do you configure log rotation in Linux to manage disk space?

Log rotation, managed by logrotate, prevents log files from consuming excessive disk space by rotating, compressing, and deleting old logs. Configure in /etc/logrotate.conf or /etc/logrotate.d/ for specific services:

/var/log/app.log {
    daily
    rotate 7
    compress
    missingok
    notifempty
}

• daily: Rotates logs daily.
• rotate 7: Keeps 7 rotations.
• compress: Compresses old logs (e.g., .gz).
• missingok: Ignores missing logs.
  Run manually: logrotate -f /etc/logrotate.conf. Schedule via cron (/etc/cron.daily/logrotate). Verify with ls /var/log. This ensures logs remain manageable, critical for long-running servers.

193. What is rsyslog, and how do you configure it for centralized logging?

rsyslog is a high-performance logging system that collects and forwards system logs. It supports local storage and remote logging for centralized management. Configure in /etc/rsyslog.conf:

*.* @192.168.1.100:514  # UDP forwarding
*.* @@192.168.1.100:514 # TCP forwarding

• @: Sends logs via UDP to a remote server (e.g., 192.168.1.100).
• @@: Uses TCP for reliability.
  Enable modules: module(load="imudp") and input(type="imudp" port="514") for receiving logs. Restart: systemctl restart rsyslog. Verify with logger "Test message" and check /var/log/syslog on the remote server. Centralized logging simplifies monitoring in multi-server environments.

194. How do you use journalctl for advanced log analysis?

journalctl queries systemd’s journal for detailed system and service logs, offering powerful filtering. Examples:

• journalctl -u sshd: Shows SSH service logs.
• journalctl -p 3: Filters error-level logs (0=emergency, 7=debug).
• journalctl --since "2025-09-08 10:00" --until "2025-09-08 12:00": Logs for a time range.
• journalctl -f: Tails logs in real-time.
• journalctl --disk-usage: Checks journal size.
  Example: journalctl -u nginx -b shows nginx logs since the last boot. Use --output=json for integration with monitoring tools. This is essential for diagnosing service failures or security incidents.

195. What is the purpose of at for scheduling one-time tasks?

The at command schedules a one-time task, unlike cron’s recurring jobs. Install: apt install at. Example:

echo "backup.sh" | at 10:00 PM tomorrow

• Schedules backup.sh for 10 PM tomorrow.
• View queue: atq.
• Remove job: atrm .
  Useful for tasks like one-off maintenance or reboots. Verify execution in /var/spool/cron/atjobs.

196. How do you manage environment variables in Linux?

Environment variables configure system/user settings (e.g., PATH, HOME). Examples:

• Set temporary: export MYVAR=value.
• Persist for user: Add to ~/.bashrc or ~/.bash_profile (e.g., export PATH=$PATH:/new/path).
• System-wide: Edit /etc/environment or /etc/profile.d/custom.sh.
  Check: printenv MYVAR or env. Example: export PATH=$PATH:/usr/local/bin adds a directory to executable search paths. Critical for scripting and application configs.

197. What is tmux, and how do you use it for session management?

tmux is a terminal multiplexer for persistent sessions, multiple windows, and panes. Install: apt install tmux. Usage:

• Start: tmux.
• Create session: tmux new -s mysession.
• Detach: Ctrl-b d.
• Reattach: tmux attach -t mysession.
• Split pane: Ctrl-b % (vertical) or Ctrl-b " (horizontal).
  Example: Run top in a tmux session, detach, and reconnect later. Ideal for remote servers to maintain workflows during disconnects.

198. How do you configure a cron job with environment variables?

Add variables in the crontab (crontab -e):

PATH=/usr/local/bin:/usr/bin
0 2 * * * MYVAR=value /script.sh

Ensures script.sh uses the specified PATH and MYVAR. Verify with crontab -l and check script logs. Useful for scripts requiring specific environments.

199. What is screen, and how does it compare to tmux?

screen is a terminal multiplexer like tmux, allowing persistent sessions. Install: apt install screen. Usage:

• Start: screen.
• Detach: Ctrl-a d.
• Reattach: screen -r.
  Comparison:
• tmux: More modern, with better scripting and customization (e.g., status bars).
• screen: Simpler, widely available, less resource-intensive.
  Example: Use screen for basic remote tasks, tmux for complex multi-pane setups. Both ensure session continuity.

200. How do you use find for advanced file searches?

find locates files based on criteria. Examples:

• By name: find / -name "config.conf".
• By size: find / -size +100M.
• By modification: find / -mtime -7 (last 7 days).
• Execute action: find /tmp -name "*.log" -exec rm {} \;.
  Use -type f for files, -type d for directories. Example: find /var/log -name "*.log" -size +1G finds large logs. Combine with xargs for batch processing. Critical for system cleanup.

201. What is rsnapshot, and how do you configure it for backups?

rsnapshot automates incremental backups using rsync and hard links. Install: apt install rsnapshot. Configure /etc/rsnapshot.conf:

snapshot_root /backup/
backup /home/ localhost/
interval daily 7
interval weekly 4

Run: rsnapshot daily. Creates daily/weekly snapshots, saving space with hard links. Verify with ls /backup. Ideal for efficient, versioned backups.

202. How do you configure a Linux system for IPv6?

Steps:

1. Check support: ip -6 addr (shows IPv6 addresses).
2. Enable in /etc/sysctl.conf:

net.ipv6.conf.all.disable_ipv6=0

3. Configure interface (e.g., /etc/network/interfaces):

iface eth0 inet6 static
    address 2001:db8::1/64
    gateway 2001:db8::ff

4. Restart networking: systemctl restart networking.
   Test: ping6 ipv6.google.com. Ensures compatibility with modern networks.

203. What is logwatch, and how do you use it?

logwatch summarizes system logs for monitoring. Install: apt install logwatch. Run:

logwatch --detail High --mailto [email protected] --service all

Generates a report of all services. Configure in /etc/cron.daily/ for daily emails. Simplifies log analysis for admins.

204. How do you use curl for network diagnostics?

curl fetches data from URLs, useful for testing APIs or servers. Examples:

• curl http://example.com: Checks web server response.
• curl -I http://example.com: Shows headers (e.g., HTTP 200).
• curl -o file.txt http://example.com: Downloads file.
  Example: curl -v https://api.example.com debugs connection issues. Critical for API or web troubleshooting.

205. What is zfs, and how do you set it up?

ZFS is an advanced filesystem with snapshots and compression. Install: apt install zfsutils-linux. Create pool:

zpool create mypool /dev/sdb
zfs create mypool/data
zfs set compression=on mypool/data

Snapshot: zfs snapshot mypool/data@snap1. Check: zfs list. ZFS excels in data integrity and backup management.

Tips to Ace Your Linux Interview

• Hands-On Practice: Use tools like VirtualBox or AWS to set up Linux labs for practicing commands, scripting, and service configs.
• Master Key Commands: Be fluent in grep, awk, sed, find, and systemctl for quick problem-solving.
• Understand Systemd: Most modern distros use systemd; know how to manage services and analyze boot performance.
• Scripting Skills: Write Bash scripts for automation tasks (e.g., backups, monitoring) to demonstrate practical knowledge.
• Stay Updated: Follow 2025 trends like containerization (Docker, Kubernetes), cloud integration, and IPv6 adoption.
• Certifications: Consider certifications like RHCSA or LFCS to validate skills.
• Explain Clearly: Break down complex concepts (e.g., LVM, SELinux) as if teaching a beginner, showcasing communication skills.