Linux Interview Preparation Notes

What do the three values in ‘load average’ represent in the top command?

Definition: Load average represents the average system load over 1, 5, and 15 minute periods.

Key Points:

• Values show CPU demand: processes running + processes waiting
• Value of 1.0 per CPU core means 100% utilization
• Higher than your core count indicates system overload

Example:

# Sample output from top showing load averages
top - 14:23:56 up 37 days, 20:13, 1 user, load average: 0.52, 0.58, 0.59

# Check number of cores for context
nproc

Commands Used to Monitor Ubuntu Servers

Definition: Tools and utilities used to track server performance, resource usage, and system health.

Key Points:

• Real-time and historical monitoring options
• Can monitor CPU, memory, disk, network, and processes
• Crucial for troubleshooting performance issues

Example:

# Real-time system monitoring
top            # Basic system monitor
htop           # Enhanced version of top
atop           # For system resources and process activity
glances        # Advanced, cross-platform system monitor

# Resource specific monitoring
free -m        # Memory usage
df -h          # Disk space usage
iostat         # I/O statistics
vmstat         # Virtual memory statistics
netstat -tuln  # Network connections

# Log monitoring
tail -f /var/log/syslog       # Follow system logs
journalctl -f                 # Follow systemd journal

# Service monitoring tools
systemctl status apache2      # Service status
ps aux | grep mysql           # Process checking

File Permissions and Security

What are SUID, SGID, and Sticky Bit?

Definition: Special permission bits that modify the behavior of files and directories.

Key Points:

• SUID (Set User ID): Allows file to be executed with owner’s permissions
• SGID (Set Group ID): Allows file to be executed with group’s permissions
• Sticky Bit: Restricts file deletion in directories to file owners

Example:

# Set SUID (4)
chmod u+s myfile    # or chmod 4755 myfile

# Set SGID (2)
chmod g+s mydir     # or chmod 2755 mydir

# Set Sticky Bit (1)
chmod +t /tmp       # or chmod 1777 /tmp

# View special permissions
ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 68208 Apr 16 15:36 /usr/bin/passwd

How to add a user to the sudo group?

Definition: Granting a user administrative privileges by adding them to the sudo group.

Key Points:

• Sudo group members can execute commands with root privileges
• Different commands depending on Linux distribution
• Changes take effect after user logs out and back in

Example:

# Debian/Ubuntu
sudo usermod -aG sudo username

# CentOS/RHEL
sudo usermod -aG wheel username

# Verify group membership
groups username

File Transfer and Synchronization

What is the difference between scp and rsync?

Definition: Both are tools for copying files, but with different features and use cases.

Key Points:

• scp: Simple, secure file copying based on SSH protocol
• rsync: More advanced, transfers only differences between files
• rsync is more efficient for large files and repeated transfers

Example:

# Using scp to copy a file
scp file.txt user@remote:/path/to/destination/

# Using rsync with common options
rsync -avz --progress source/ user@remote:/path/to/destination/

Explain ext4 and XFS

Definition: Both are journaling filesystems used in Linux, with different characteristics.

Key Points:

• ext4: Default in many Linux distributions, evolved from ext2/ext3
• XFS: High-performance filesystem designed for large files/systems
• ext4 has better compatibility, XFS excels with large files/volumes

Example:

# Create ext4 filesystem
mkfs.ext4 /dev/sdb1

# Create XFS filesystem
mkfs.xfs /dev/sdc1

# Check filesystem type
df -T

SSH Configuration and Security

Changing the default SSH port

Definition: Modifying the SSH server configuration to use a non-standard port.

Key Points:

• Can reduce automated attacks targeting default port 22
• Requires updating the Port directive in sshd_config
• Need to restart SSH service for changes to take effect

Example:

# Edit SSH configuration
sudo vi /etc/ssh/sshd_config
# Change: Port 22
# To: Port 2222

# Restart SSH service
sudo systemctl restart sshd

# Connect to non-standard port
ssh user@hostname -p 2222

How to Harden SSH

Definition: Implementing security measures to protect SSH from unauthorized access and attacks.

Key Points:

• Combines multiple security practices for comprehensive protection
• Balance between security and usability
• Essential for public-facing servers

Example:

# Edit SSH configuration file
sudo vi /etc/ssh/sshd_config

# Key hardening configurations
Port 2222                        # Change default port
Protocol 2                       # Use SSH protocol 2 only
PermitRootLogin no               # Disable direct root login
MaxAuthTries 3                   # Limit authentication attempts
PubkeyAuthentication yes         # Enable key-based authentication
PasswordAuthentication no        # Disable password authentication
PermitEmptyPasswords no          # Disallow empty passwords
AllowUsers user1 user2           # Specify allowed users
LoginGraceTime 60                # Limit login time
X11Forwarding no                 # Disable X11 forwarding if not needed
ClientAliveInterval 300          # Client timeout (5 minutes)
ClientAliveCountMax 2            # Maximum times to check client alive

# Restart SSH service
sudo systemctl restart sshd

# Configure fail2ban for additional protection
sudo apt install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Give Separate Access to Separate Users for SSH

Definition: Configuring SSH to allow different access levels for different users.

Key Points:

• Can be done with AllowUsers, AllowGroups in sshd_config
• Can restrict access to specific commands with authorized_keys
• Can use Match blocks for user-specific configurations

Example:

# In /etc/ssh/sshd_config
AllowUsers admin1 admin2 dev1
DenyUsers guest

# Match block for specific users
Match User dev1
    PasswordAuthentication no
    AllowTcpForwarding no
    X11Forwarding no
    ForceCommand /bin/restricted-shell

Private and Public Key in SSH

Definition: A secure authentication method using cryptographic key pairs instead of passwords.

Key Points:

• Public key goes on server, private key stays on client
• More secure than password authentication
• Keys can be password-protected for additional security

Example:

# Generate key pair
ssh-keygen -t rsa -b 4096

# Copy public key to server
ssh-copy-id user@hostname

# Connect without password
ssh user@hostname

# Disable password authentication in /etc/ssh/sshd_config
PasswordAuthentication no

FTP Configuration and Management

FTP Package and Configuration (PORT 21)

Definition: File Transfer Protocol service setup and configuration on Linux.

Key Points:

• vsftpd is a common FTP server on Linux
• FTP uses port 21 for control and port 20 for data (active mode)
• SFTP (SSH File Transfer Protocol) is more secure than FTP

Example:

# Install vsftpd
sudo apt install vsftpd  # Debian/Ubuntu
sudo yum install vsftpd  # CentOS/RHEL

# Basic configuration in /etc/vsftpd.conf
anonymous_enable=NO
local_enable=YES
write_enable=YES
chroot_local_user=YES

# Restart service
sudo systemctl restart vsftpd

User Access in FTP and Tracking Activity

Definition: Managing user accounts and monitoring user actions on an FTP server.

Key Points:

• FTP can use system users or virtual users
• Logging is essential for security and troubleshooting
• Can restrict users to home directories and set permissions

Example:

# Configure user access in /etc/vsftpd.conf
local_enable=YES            # Allow local users
userlist_enable=YES         # Enable user list
userlist_deny=NO            # Allow only users in list
userlist_file=/etc/vsftpd.allowed_users  # List file

# Create allowed users list
echo "ftpuser1" > /etc/vsftpd.allowed_users
echo "ftpuser2" >> /etc/vsftpd.allowed_users

# Create FTP user with restricted home directory
sudo useradd -m -d /home/ftpuser1 -s /bin/false ftpuser1
sudo passwd ftpuser1

# Configure chroot (jail) for users
chroot_local_user=YES
allow_writeable_chroot=YES

# Enable logging for tracking activity
xferlog_enable=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
log_ftp_protocol=YES        # Detailed logging

# Monitor FTP activity
tail -f /var/log/vsftpd.log

Version Control with Git

Commonly Used Git Commands

Definition: Essential Git commands for version control workflow.

Key Points:

• Different commands serve different stages of the workflow
• Understanding the differences prevents common mistakes
• Commands can be combined with options for specific behaviors

Example:

# git pull - Fetch from remote and merge into current branch
git pull origin main
# Equivalent to: git fetch origin + git merge origin/main

# git push - Send local commits to remote repository
git push origin feature-branch
# Push to different remote branch
git push origin local-branch:remote-branch

# git fetch - Download from remote without merging
git fetch origin
# Fetch specific branch
git fetch origin feature-branch
# View fetched but not merged branches
git branch -r

# git merge - Combine branches
git merge feature-branch
# No-fast-forward merge (creates merge commit)
git merge --no-ff feature-branch
# Abort a merge with conflicts
git merge --abort

# Other important Git commands
git status                  # Check working tree status
git add file.txt            # Stage changes
git commit -m "Message"     # Commit changes
git log                     # View commit history
git checkout branch-name    # Switch branches
git branch -a               # List all branches
git diff                    # Show changes
git remote -v               # List remotes
git reset HEAD file.txt     # Unstage changes
git stash                   # Temporarily store changes

Additional Important Linux Topics

What is the difference between soft and hard links?

Definition: Different types of file references in Linux filesystems.

Key Points:

• Hard links: Reference same inode as original file, can’t span filesystems
• Soft links (Symbolic links): Point to file path, can span filesystems
• Deleting original file affects soft links but not hard links

Example:

# Create hard link
ln original.txt hardlink.txt

# Create soft link
ln -s original.txt softlink.txt

# View links
ls -l

Explain Linux process states and how to view them

Definition: Different operational states a process can be in during its lifecycle.

Key Points:

• Common states: Running (R), Sleeping (S), Stopped (T), Zombie (Z)
• ps command shows current state of processes
• Zombies are terminated processes waiting for parent to read exit status

Example:

# View process states
ps aux

# More detailed view
ps -eo pid,ppid,stat,cmd

# Fields in STAT column
# R: running
# S: interruptible sleep
# D: uninterruptible sleep
# T: stopped
# Z: zombie

How to troubleshoot high CPU usage?

Definition: Identifying and resolving processes consuming excessive CPU resources.

Key Points:

• Use top/htop to identify high CPU processes
• Consider load averages and context
• Check system logs for errors or clues

Example:

# Check current CPU usage
top
# or
htop

# Find CPU-intensive processes
ps aux --sort=-%cpu | head -10

# Check specific process CPU history
pidstat -p PID 1

Explain inodes in Linux

Definition: Index nodes that store metadata about files in a filesystem.

Key Points:

• Each file has one inode containing metadata (not the filename)
• Limited number of inodes per filesystem
• Running out of inodes prevents file creation even with free space

Example:

# Check inode usage
df -i

# View inode information for a file
ls -i filename

# Find directories with many inodes
find / -xdev -type d -print0 | xargs -0 stat -c "%h %i %n" | sort -nr | head -10

What is a zombie process and how do you handle it?

Definition: A terminated process that still has an entry in the process table.

Key Points:

• Child process that has terminated but parent hasn’t read exit status
• Not consuming resources except for process table entry
• Many zombies can indicate a bug in parent process

Example:

# Find zombie processes
ps aux | grep 'Z'

# Kill parent to clean up zombies
kill -9 $(ps -o ppid= -p zombie_pid)

# System-wide zombie count
ps aux | grep -c 'Z'

Explain Linux boot process

Definition: The sequence of steps that occurs when a Linux system is powered on.

Key Points:

• BIOS/UEFI: Initial hardware check and bootloader location
• Bootloader (GRUB): Loads kernel and initramfs
• Kernel: Initializes hardware and mounts root filesystem
• Init System (systemd/SysVinit): Starts system services

Example:

# View kernel boot messages
dmesg

# Check boot time
systemd-analyze

# View systemd boot services
systemd-analyze blame

How to schedule tasks in Linux?

Definition: Automating repetitive tasks to run at specific times.

Key Points:

• cron: Schedule recurring tasks
• at: Schedule one-time tasks
• systemd timers: Modern alternative to cron

Example:

# Edit user's crontab
crontab -e

# Run script every day at 3am
0 3 * * * /path/to/script.sh

# Schedule a task to run once
at 2am tomorrow
> /path/to/script.sh
> Ctrl+D