Most Asked RHCSA Interview Questions [2025 Updated]

System Configuration and Management

1. What is the role of the /etc/fstab file in RHEL?

The /etc/fstab file specifies how filesystems are mounted during boot, defining mount points, types, and options like read-only. It ensures consistent storage setup, enabling automatic mounting of critical filesystems, such as root or external drives, for reliable system operation.

2. Why is the useradd command critical for administrators?

• Creates user accounts with unique IDs.
• Configures home directories and shells.
• Ensures secure user environments.
  The useradd command simplifies user management, setting up tailored accounts for secure access, essential for controlling permissions in multi-user RHEL systems.

3. When should you use the systemctl command?

Use systemctl for service management during configuration or maintenance. It starts, stops, or enables services at boot, ensuring availability. For example, enabling Apache ensures consistent web server functionality, critical for system reliability in RHEL environments.

4. Where are system logs stored in RHEL?

• Located in /var/log directory.
• Includes /var/log/messages for events.
• Contains /var/log/secure for authentication.
  Logs are vital for troubleshooting issues and monitoring security, helping administrators track errors or unauthorized access efficiently.

5. Who can edit the /etc/sudoers file, and what precautions are needed?

Root or sudo-privileged users can edit /etc/sudoers using visudo for syntax validation. Backing up the file and testing changes prevent lockouts. This ensures safe privilege management, allowing secure administrative access without risking system functionality.

6. Which command shows detailed file permissions?

The ls -l command displays permissions, ownership, and metadata, showing read, write, and execute rights. It helps verify access controls, ensuring sensitive files, like configuration scripts, are restricted to authorized users in RHEL systems.

7. How do you set a static IP address in RHEL?

Edit /etc/sysconfig/network-scripts/ifcfg-, setting BOOTPROTO to none, IPADDR, NETMASK, and GATEWAY. Restart networking with nmcli con reload. This ensures consistent connectivity for servers, supporting reliable network access for critical applications in RHEL.

8. What does the dnf command do in RHEL?

The dnf command manages software packages, installing, updating, or removing them while resolving dependencies. It replaced yum in newer RHEL versions, ensuring systems stay updated with the latest tools and security patches for optimal performance.

9. Why is SELinux crucial for system security?

• Enforces mandatory access controls.
• Limits process privileges.
• Protects against exploits.
  SELinux restricts unauthorized actions, even for root users, enhancing RHEL security by ensuring processes operate within defined policies, reducing attack risks.

10. When do you use the chown command?

Use chown to change file or directory ownership for access control. It assigns users or groups to resources, ensuring secure file sharing in collaborative projects where specific users need access to shared data or directories.

11. Where are user home directories located?

• Found in /home, e.g., /home/jdoe.
• Stores user-specific configurations.
• Created during account setup.
  Home directories organize personal files, ensuring data isolation and efficient user management in multi-user RHEL systems.

12. Who manages the /etc/hosts file?

System administrators manage /etc/hosts, mapping IP addresses to hostnames for local resolution. This supports fast, DNS-independent network communication, critical for small networks or systems requiring reliable hostname-to-IP mappings in RHEL.

13. Which command manages disk partitions?

• The fdisk utility creates partitions.
• Sets partition types and sizes.
• Prepares disks for filesystems.
  The fdisk command enables efficient storage allocation, ensuring optimal resource use for RHEL systems.

14. How do you check the current runlevel?

Use systemctl get-default to view the default target, like graphical.target. Alternatively, who -r shows the current runlevel. These commands verify system mode, ensuring alignment with operational needs in RHEL environments.

15. What is the purpose of the crontab command?

• Schedules automated tasks.
• Runs scripts at specific times.
• Reduces manual effort.
  The crontab command automates repetitive tasks like backups, ensuring consistent execution and efficient system maintenance in RHEL.

16. Why do administrators use the grep command?

The grep command searches text patterns in files or outputs, filtering data like error messages. It streamlines troubleshooting by pinpointing issues in logs, enhancing efficiency in diagnosing system or security problems in RHEL environments.

17. When should you reboot an RHEL system?

• Reboot after kernel updates.
• Apply major configuration changes.
• Resolve system hangs.
  Rebooting ensures patches or new kernels take effect, maintaining stability and security without unnecessary service disruptions.

18. Where are kernel modules stored?

Kernel modules reside in /lib/modules/, supporting hardware or filesystems. Administrators access this directory to manage modules, ensuring compatibility with system requirements and enhancing functionality in RHEL environments.

19. Who can access the root environment directly?

• Root or sudo-privileged users.
• Uses su - or sudo -i.
• Requires strict access control.
  Root access grants full system control, restricted to authorized administrators to prevent misuse in RHEL systems.

20. Which command monitors real-time resource usage?

The top command shows CPU, memory, and process usage. It identifies resource-heavy tasks, helping administrators optimize performance and ensure efficient operation in multi-tasking RHEL environments under varying workloads.

21. How do you create a new filesystem?

Identify a partition, format it with mkfs.ext4, and mount it to a directory. This prepares storage for data, ensuring compatibility and reliable access for applications or users in RHEL systems, supporting efficient storage management.

22. What does the passwd command do?

The passwd command updates user passwords, enforcing strong policies. It protects accounts from unauthorized access, ensuring system security. Regular updates via this command maintain authentication integrity across RHEL environments, critical for user account protection.

23. Why was iptables used in older RHEL versions?

• Configured firewall rules.
• Filtered network traffic.
• Secured system communications.
  The iptables command protected systems by allowing specific connections while blocking unauthorized access in older RHEL versions.

24. When is the nmcli command used for networking?

Use nmcli for automating or managing complex network settings. It simplifies tasks like setting static IPs, integrating with NetworkManager to ensure consistent connectivity for servers or critical applications in RHEL environments.

25. Where are DNS settings configured?

• Configured in /etc/resolv.conf.
• Managed via NetworkManager tools.
• Specifies DNS servers.
  DNS settings ensure reliable name resolution for network services, supporting applications in RHEL systems.

26. Who benefits from the visudo command?

• Administrators editing /etc/sudoers.
• Ensures syntax validation.
• Prevents privilege errors.
  The visudo command allows safe sudo configuration, avoiding lockouts and ensuring secure administrative access in RHEL.

27. Which utility checks disk usage?

The df command monitors disk usage, showing sizes in human-readable format. It helps identify full disks, plan capacity upgrades, and maintain system performance by ensuring adequate storage in RHEL environments.

Security and Access Control

28. What is the significance of the /etc/shadow file?

• Stores encrypted passwords.
• Includes account expiration details.
• Restricted to root access.
  The /etc/shadow file secures authentication data, preventing unauthorized access and ensuring user account protection in RHEL systems.

29. Why is the firewalld service essential?

The firewalld service manages firewall rules dynamically, using zones to control traffic. It ensures network security by allowing essential services while blocking unauthorized access, protecting RHEL systems from external threats and maintaining reliable operations.

30. When should you use the setfacl command?

Use setfacl for Access Control Lists when standard permissions are insufficient. It grants specific user access for complex projects, ensuring precise control in collaborative environments where fine-grained permissions are needed in RHEL systems.

31. Where are SELinux policies stored?

• Located in /etc/selinux for configuration.
• Policy files in /var/lib/selinux.
• Defines process restrictions.
  SELinux policies ensure security by preventing unauthorized actions, maintaining compliance in RHEL environments.

32. Who can use sudo privileges?

Users or groups listed in /etc/sudoers can use sudo. This allows controlled administrative actions, ensuring only authorized personnel perform privileged operations, maintaining security and accountability in RHEL systems.

33. Which command audits login activity?

• The last command shows login history.
• Displays users and timestamps.
• Tracks unauthorized access.
  It helps maintain security by providing audit trails for user activity in RHEL environments.

34. How do you lock a user account?

Use usermod -L to lock an account, modifying /etc/shadow to disable login. Unlock with usermod -U. This restricts access while preserving data, ideal for temporary suspensions or security measures in RHEL systems.

35. What does the /etc/ssh/sshd_config file control?

The /etc/ssh/sshd_config file manages SSH daemon settings, like ports and authentication methods. It ensures secure, customized remote access, allowing administrators to configure connections for specific needs in RHEL systems, enhancing security and functionality.

36. Why disable root login via SSH?

• Reduces attack risks.
• Forces standard user logins.
• Minimizes credential compromise damage.
  Disabling root SSH login enhances security by requiring sudo, protecting RHEL systems from targeted attacks.

37. When is the semanage command used?

Use semanage to manage SELinux policies, like file contexts or port mappings. It ensures services comply with security constraints, allowing applications to operate securely within defined boundaries in RHEL environments.

38. Where are failed login attempts logged?

Failed logins are in /var/log/secure or /var/log/auth.log, showing user and failure details. Monitoring these logs detects brute-force attacks, ensuring timely security responses to protect RHEL systems from unauthorized access.

39. Who manages SSH keys for secure access?

• Administrators generate and distribute keys.
• Configures authorized_keys files.
• Ensures secure remote access.
  SSH keys enable passwordless connections, maintaining security for authorized users in RHEL systems.

40. Which command shows open ports?

The ss command lists open ports, showing listening TCP/UDP connections. It verifies service accessibility, ensuring only necessary ports are open to minimize security risks and optimize network performance in RHEL systems.

41. How do you set password expiration policies?

• Use chage for password aging.
• Set validity or warning periods.
• Enforces regular updates.
  Password expiration reduces credential compromise risks, ensuring account security in RHEL systems.

42. What is the purpose of the /etc/pam.d directory?

• Holds PAM configuration files.
• Defines authentication rules.
• Ensures secure service access.
  The /etc/pam.d directory enforces authentication policies for services, maintaining consistent security in RHEL.

43. Why is the restorecon command used?

The restorecon command resets SELinux file contexts to defaults, ensuring compliance with security policies. It corrects contexts after file modifications, preventing service violations and maintaining system integrity in RHEL environments.

44. When should you use the authconfig command?

• Configures authentication in older RHEL.
• Integrates with LDAP or Kerberos.
• Simplifies enterprise user management.
  The authconfig command ensures centralized authentication for RHEL systems in large environments.

45. Where are user group definitions stored?

User group definitions are in /etc/group, listing groups, GIDs, and members. This organizes access control, ensuring proper permissions for shared resources in collaborative or restricted RHEL environments.

46. Who can view /var/log/audit/audit.log?

• Root or permitted users.
• Accesses SELinux audit events.
• Ensures security compliance.
  The /var/log/audit/audit.log helps analyze security incidents, maintaining system integrity in RHEL.

47. Which command restricts file access?

The chmod command, with chown, sets permissions to limit access. It ensures only authorized users read, write, or execute files, securing sensitive data like configuration files in RHEL systems.

48. How do you enable SELinux enforcing mode?

Edit /etc/selinux/config to set SELINUX=enforcing, apply with setenforce 1, and reboot if needed. This activates strict policy enforcement, preventing unauthorized actions and enhancing security in RHEL systems for enterprise environments.

49. What does the getfacl command show?

• Displays Access Control Lists.
• Shows granular permissions.
• Verifies complex access settings.
  The getfacl command ensures precise access control for files or directories in RHEL collaborative setups.

50. Why restart the sshd service after changes?

Restarting sshd applies /etc/ssh/sshd_config updates, like port changes, ensuring secure remote access without rebooting. This maintains continuous operations, critical for RHEL systems requiring consistent SSH functionality in production environments.

51. When do you use the auditctl command?

Use auditctl to configure real-time auditing of critical file changes. It ensures audit trails for security and compliance, tracking modifications to sensitive files like /etc/passwd in RHEL systems to maintain accountability.

52. Where are SSH configuration files stored?

• Located in /etc/ssh.
• Includes sshd_config for server settings.
• Manages client configurations.
  SSH configuration files ensure secure, customized remote access for RHEL systems, controlling connection parameters.

Storage and Filesystem Management

53. What is the purpose of the mkfs command?

The mkfs command formats partitions to create filesystems, like ext4 or XFS, preparing storage for data. It enables administrators to configure disks for specific use cases, ensuring compatibility and reliable access in RHEL systems.

54. Why is LVM used in RHEL?

• Enables dynamic volume resizing.
• Simplifies storage allocation.
• Supports flexible management.
  LVM allows administrators to adjust storage without downtime, optimizing resources for changing needs in RHEL environments.

55. When should you use the fsck command?

• Checks filesystem integrity.
• Repairs errors after crashes.
• Runs on unmounted filesystems.
  The fsck command ensures reliable storage, preventing data corruption in RHEL systems during maintenance.

56. Where are swap spaces defined?

Swap spaces are defined in /etc/fstab, listing devices or files for virtual memory. They ensure system stability during high memory usage, preventing crashes for memory-intensive applications in RHEL environments.

57. Who can create logical volumes?

Root or sudo-privileged users create logical volumes with LVM commands. This restricted access ensures secure storage management, preventing unauthorized changes and optimizing disk usage in RHEL systems for enterprise needs.

58. Which command shows disk usage by directory?

• The du command lists sizes.
• Uses human-readable format.
• Identifies space-consuming directories.
  The du command helps optimize storage and plan cleanup in RHEL systems.

59. How do you extend a logical volume?

Use lvextend to increase volume size, resize the filesystem with resize2fs, and verify with lvs. This dynamically expands storage, ensuring flexibility for growing data needs without disrupting operations in RHEL systems.

60. What does the parted command do?

The parted command manages disk partitions, supporting large disks. It creates or modifies partition tables, offering flexibility for complex storage setups, ensuring efficient resource allocation in RHEL environments for various use cases.

61. Why is the mount command important?

• Integrates filesystems into directories.
• Enables data access.
• Connects devices to mount points.
  The mount command ensures applications or users access required data in RHEL systems.

62. When do you use the blkid command?

Use blkid to display block device attributes, like UUIDs, for /etc/fstab entries. It ensures accurate filesystem mounting during boot or maintenance, supporting reliable storage configuration in RHEL systems.

63. Where are LVM volume group details stored?

• Stored in /etc/lvm.
• Includes lvm.conf for settings.
• Backups in /etc/lvm/backup.
  Volume group details enable storage management and verification in RHEL systems.

64. Who can format disk partitions?

Root or sudo-privileged users format partitions with mkfs, ensuring secure disk preparation. This restricted access prevents unauthorized changes, maintaining data integrity and compatibility in RHEL storage configurations.

65. Which command checks filesystem integrity?

• The fsck command scans filesystems.
• Repairs errors to prevent loss.
• Ensures reliable storage.
  The fsck command maintains filesystem integrity in RHEL, critical after crashes.

66. How do you create a swap partition?

Create a partition with fdisk, set type to 82, format with mkswap, and enable with swapon. Add to /etc/fstab for persistence, ensuring virtual memory for system stability in RHEL environments.

67. What is the role of the /etc/mtab file?

The /etc/mtab file lists mounted filesystems, showing devices and options. Dynamically updated, it helps administrators verify active mounts and troubleshoot issues, ensuring proper storage access in RHEL systems.

68. Why is the xfs_admin command used?

• Manages XFS filesystem attributes.
• Sets UUIDs or labels.
• Ensures storage compatibility.
  The xfs_admin command configures XFS filesystems, maintaining efficient operations in RHEL.

69. When should you resize a filesystem?

Resize filesystems after extending volumes to utilize available space. It accommodates growing data needs without new partitions, ensuring efficient storage management in RHEL systems for dynamic environments.

70. Where are mount options defined?

• Defined in /etc/fstab.
• Specifies settings like noatime.
• Customizes mounting behavior.
  Mount options balance performance and functionality in RHEL storage configurations.

71. Who manages LVM physical volumes?

Root or sudo-privileged users manage LVM physical volumes, initializing disks for storage. This ensures secure configuration, preventing data loss and optimizing resource allocation in RHEL systems for enterprise use.

72. Which command shows mounted filesystems?

The findmnt command lists mounted filesystems, showing devices and options. It provides a clear overview, helping administrators manage and troubleshoot mounts effectively, ensuring reliable storage access in RHEL systems.

73. How do you reduce a logical volume?

• Resize filesystem with resize2fs.
• Shrink volume with lvreduce.
• Verify with lvs.
  Reducing volumes frees space, maintaining data integrity in RHEL storage management.

74. What does the vgcreate command do?

The vgcreate command creates LVM volume groups, organizing disks for logical volume allocation. It supports dynamic resizing, ensuring flexible and efficient storage management in RHEL systems for various use cases.

75. Why is the dumpe2fs command useful?

• Shows ext2/ext3/ext4 details.
• Displays block size and inodes.
• Aids filesystem troubleshooting.
  The dumpe2fs command verifies configurations, ensuring performance and integrity in RHEL.

76. When do you use the swapon command?

Use swapon to enable swap spaces, providing virtual memory during high usage. It prevents system crashes, ensuring stability for memory-intensive applications in RHEL environments, critical for performance.

77. Where are LVM snapshots stored?

• Stored in volume groups.
• Uses same physical volumes.
• Supports backups or testing.
  Snapshots capture volume states, ensuring data protection in RHEL systems.

78. Who can mount filesystems manually?

Root or sudo-privileged users can mount filesystems manually for maintenance or recovery. This restricted access ensures secure storage operations, preventing unauthorized changes in RHEL systems while enabling data access.

Troubleshooting and Performance Tuning

79. What does the dmesg command display?

The dmesg command shows kernel ring buffer messages, like hardware or driver errors. It diagnoses boot issues or system failures, providing insights into events affecting stability and performance in RHEL environments.

80. Why is the top command useful?

• Monitors CPU and memory usage.
• Identifies resource-heavy processes.
• Optimizes system performance.
  The top command ensures efficient operation in multi-tasking RHEL systems.

81. When should you use the journalctl command?

Use journalctl to view systemd logs during troubleshooting. It analyzes service failures, helping resolve issues quickly and ensuring system reliability by providing detailed event data in RHEL environments.

82. Where are kernel panic logs stored?

• Stored in /var/log/messages or /var/log/syslog.
• Contains crash details.
• Diagnoses system failures.
  Kernel panic logs identify causes like hardware issues, aiding troubleshooting in RHEL.

83. Who can modify kernel parameters?

Root or sudo-privileged users modify kernel parameters with sysctl, tuning performance dynamically. This optimizes system behavior, enabling specific functionalities without rebooting, critical for RHEL systems in production environments.

84. Which command checks network connectivity?

• The ping command tests connectivity.
• Measures latency and packet loss.
• Diagnoses network issues.
  The ping command ensures reliable communication in RHEL systems.

85. How do you kill a hung process?

Identify the process ID with ps, terminate with kill -9, and verify with ps. This stops unresponsive processes, freeing resources and restoring stability without rebooting, ensuring efficient operation in RHEL systems.

86. What is the purpose of the strace command?

The strace command traces system calls, diagnosing application failures. It shows process interactions, identifying errors or bottlenecks, helping debug and optimize applications in RHEL systems for improved performance.

87. Why is the sar command used?

• Collects performance data.
• Analyzes CPU and disk usage.
• Identifies resource trends.
  The sar command optimizes resources, ensuring efficient operation in RHEL systems.

88. When do you use the netstat command?

In older RHEL versions, netstat lists network connections and ports. It troubleshoots network issues, verifying service connectivity and ensuring applications run correctly in RHEL environments, critical for network-dependent services.

89. Where are systemd unit files stored?

• Custom units in /etc/systemd/system.
• Defaults in /usr/lib/systemd/system.
• Defines service settings.
  Unit files manage service configurations, ensuring proper operation in RHEL systems.

90. Who can use performance tuning tools like tuned?

Root or sudo-privileged users use tuned to optimize performance for specific workloads. It adjusts CPU, disk, and network settings, ensuring peak efficiency for servers or applications in RHEL environments.

91. Which command monitors memory usage?

• The free command shows memory details.
• Displays total and used memory.
• Optimizes resource allocation.
  The free command ensures efficient performance in RHEL systems.

92. How do you troubleshoot a service failure?

Check service status with systemctl, view logs with journalctl, and restart if needed. This identifies configuration errors or failures, restoring functionality quickly and ensuring reliable operation in RHEL systems.

93. What does the lscpu command show?

The lscpu command displays CPU details, like cores and architecture. It verifies hardware capabilities, helping optimize performance for CPU-intensive tasks in RHEL systems, ensuring efficient resource utilization.

94. Why is the iotop command useful?

• Monitors disk I/O by process.
• Identifies performance bottlenecks.
• Ensures efficient storage operations.
  The iotop command diagnoses slow disk performance in RHEL systems.

95. When should you use the tcpdump command?

Use tcpdump to capture network packets during troubleshooting. It analyzes traffic, detects suspicious activity, and ensures reliable network performance in RHEL systems, critical for diagnosing connectivity issues.

96. Where are core dump files stored?

• Stored in /var/lib/systemd/coredump.
• Configured via /proc/sys/kernel/core_pattern.
• Aids application crash debugging.
  Core dumps diagnose crashes, providing insights for RHEL systems.

97. Who can change the system hostname?

Root or sudo-privileged users change the hostname with hostnamectl, ensuring consistent system identification across networks. This is critical for server management and communication in RHEL environments, maintaining operational clarity.

98. Which command checks system uptime?

• The uptime command shows runtime.
• Displays days since reboot.
• Verifies system stability.
  The uptime command helps plan maintenance in RHEL systems.

99. How do you analyze disk performance?

Use fio to test disk speed, specifying parameters like block size. Review IOPS and latency results to optimize storage for specific workloads, ensuring efficient performance in RHEL systems.

100. What is the role of the /proc filesystem?

The /proc filesystem provides runtime information, like /proc/cpuinfo for CPU details. It’s a virtual filesystem for monitoring and troubleshooting resources, enhancing diagnostics in RHEL systems without additional tools.

101. Why is the nice command used?

• Adjusts process priority.
• Allocates CPU time effectively.
• Optimizes multi-tasking performance.
  The nice command ensures critical tasks get resources in RHEL systems.

102. When do you use the lsof command?

Use lsof to list open files, identifying resource conflicts. It troubleshoots file or network issues, ensuring efficient resource management and system stability in RHEL environments during diagnostics.

103. Where are systemd journal logs stored?

• Stored in /var/log/journal.
• Provides detailed event data.
• Aids service troubleshooting.
  Journal logs help diagnose issues in RHEL systems, ensuring reliability.

104. Who can update the system kernel?

Root or sudo-privileged users update the kernel with dnf, applying security patches and features. A reboot ensures updates take effect, maintaining system reliability and performance in RHEL environments.

105. Which command monitors network traffic?

The iftop command shows real-time bandwidth usage, identifying high-traffic processes. It optimizes network performance and detects issues, ensuring reliable communication in RHEL systems for network-dependent applications.