Intermediate Linux

Question 1

Where are device files generally stored?

Answer 1

/dev

Question 2

Device files are denoted with what characters in the first bit of the ls command?

Answer 2

c - character
b - block
p - pipe
s - socket

Question 3

Devices are characterized using what two numbers?

Answer 3

major device number and minor device number

Question 4

How can you interact with device drivers?

Answer 4

Through special files that look like regular files called device files or device nodes

Question 5

A device takes all of our input and just discards it, so nothing gets returned

Answer 5

/dev/null

Question 6

What are character devices?

Answer 6

These devices transfer data, but one a character at a time. These are pseudo devices (e.g. /dev/null) that aren’t really physically connected to the machine, but they allow the operating system greater functionality.

Question 7

What is a block device?

Answer 7

These devices transfer data in large fixed-sized blocks. Most commonly devices such as harddrives, filesystems, etc.

Question 8

What is a Pipe Device?

Answer 8

They allow two or more processes to communicate with each other, these are similar to character devices, but instead of having output sent to a device, it’s sent to another process.

Question 9

Similar to pipe devices but they can communicate with many processes at once

Answer 9

Socket device

Question 10

What does the major device number represent?

Answer 10

The device driver that is used

Question 11

What does the minor device number represent?

Answer 11

The minor number tells the kernel which unique device it is in this driver class

Question 12

A protocol used for allow communication between disks, printers, scanners and other peripherals to your system

Answer 12

SCSI (pronounced “scuzzy”) protocol.

SCSI stands for Small Computer System Interface

Question 13

What does Linux identify with a prefix of sd?

Answer 13

sd (SCSI disk)

Linux systems correspond SCSI disks with hard disk drives in /dev

Question 14

What is the name of the first and second hard disks in Linux?

Answer 14

First hard disk: /dev/sda
Second hard disk: /dev/sdb

e.g. /dev/sda3 - Third partition on the first hard disk

Question 15

What are some of the most common pseudo devices?

Answer 15

The most common pseudo devices are character devices:

/dev/zero - accepts and discards all input, produces a continuous stream of NULL (zero value) bytes
/dev/null - accepts and discards all input, produces no output
/dev/random - produces random numbers

Question 16

Sometimes in older systems you may see hard drives being referred to with what prefix?

Answer 16

hd

/dev/hda - First hard disk
/dev/hdd2 - Second partition on 4th hard disk

Question 17

What was created to better manage devices on our system than the /dev directory?

Answer 17

A virtual filesystem, Sysfs, most often mounted to the /sys directory

Question 18

What is the difference between /sys and /dev?

Answer 18

/sys gives us more detailed information than what we would be able to see in the /dev directory

The /dev directory is simple, and it allows other programs to access devices and interact with them

The /sys filesystem is used to view detailed information about the devices, and to manage the devices

Question 19

$ mknod /dev/sdb1 b 8 3

Answer 19

This is the old way of creating a device node.

This command will make a device node /dev/sdb1 and it will make it a block device (b) with a major number of 8 and a minor number of 3.

Question 20

How would you remove a device node using old methods?

Answer 20

To remove a device, you would simply rm the device file in the /dev directory

Question 21

Dynamically creates and removes device files for us depending on whether or not they are connected

Answer 21

The udev system

Question 22

What does the udevd daemon do?

Answer 22

It’s a daemon that is running on the system and it listens for messages from the kernel about devices connected to the system

Question 23

What does udevd do when it finds a new device?

Answer 23

Udevd will parse the information and it will match the data with the rules that are specified in /etc/udev/rules.d.

Depending on those rules it will most likely create device nodes and symbolic links for the devices

Question 24

How can you view the udev database and sysfs?

Answer 24

By using the udevadm command

Question 25

Name the tools that list information about devices like the ‘ls’ command lists files and directories.

Answer 25

Listing USB Devices: lsusb
Listing PCI Devices: lspci
Listing SCSI Devices: lsscsi

Question 26

A tool which reads input from a file or data stream and writes it to a file or data stream

Answer 26

dd

e.g. $ dd if=/home/pete/backup.img of=/dev/sdb bs=1024

if - input file
of - output file
bs - bytes

Question 27

What tool can be used to make backups of anything, including whole disk drives?

Answer 27

dd

Question 28

Linux filesystems structure should conform to what?

Answer 28

Filesystem Hierarchy Standard

Question 29

The character for the root directory of the entire filesystem hierarchy

Answer 29

/

Everything is nestled under this directory

Question 30

Essential ready-to-run programs (binaries) including the most basic commands such as ls and cp

Answer 30

/bin

Question 31

Contains kernel boot loader files

Answer 31

/boot

Question 32

Device files directory

Answer 32

/dev

Question 33

Core system configuration directory that should hold only configuration files and not any binaries

Answer 33

/etc

Question 34

Personal directories for users, holds your documents, files, settings, etc.

Answer 34

/home

Question 35

Holds library files that binaries can use

Answer 35

/lib

Question 36

Used as an attachment point for removable media like USB drives

Answer 36

/media

Question 37

Temporarily mounted filesystems

Answer 37

/mnt

Question 38

Optional application software packages

Answer 38

/opt

Question 39

Information about currently running processes

Answer 39

/proc

Question 40

The root user’s home directory

Answer 40

/root

Question 41

Information about the running system since the last boot

Answer 41

/run

Question 42

Contains essential system binaries which usually can only be ran by root

Answer 42

/sbin

Question 43

Site-specific data which are served by the system

Answer 43

/srv

Question 44

Storage for temporary files

Answer 44

/tmp

Question 45

User installed software and utilities

Answer 45

/usr

Inside this directory are sub-directories for /usr/bin, /usr/local, etc.

Question 46

Used for anything that is subject to change all the time like system logging, user tracking, caches, etc.

Answer 46

/var

Question 47

A layer between applications and the different filesystem types, so no matter what filesystem you have, your applications will be able to work with it

Answer 47

Virtual File System (VFS) abstraction layer

Question 48

What is a journaled system?

Answer 48

The system keeps a log file (journal) in order to keep track of tasks. The filesystem is always in a consistent state because of this, so it will know exactly where you left off if your machine shutdown suddenly.

This also decreases the boot time because instead of checking the entire filesystem it just looks at your journal.

Question 49

The most current version of the native Linux filesystems

Answer 49

ext4

Compatible with the older ext2 and ext3 versions

Question 50

A new filesystem for Linux that comes with snapshots, incremental backups, performance increase and much more

Answer 50

Btrfs - “Better or Butter FS”

Question 51

High performance journaling file system, great for a system with large files such as a media server

Answer 51

XFS

Question 52

Windows filesystems

Answer 52

NTFS or FAT

Question 53

Macintosh filesystem

Answer 53

HFS+

Question 54

This command reports file system disk space usage and other details about your disk

Answer 54

df

Question 55

Hard disks can be subdivided into what?

Answer 55

Partitions

This is essentially making multiple block devices

Question 56

What is a partition table?

Answer 56

This table tells the system how the disk is partitioned

Question 57

The two main partition table schemes used

Answer 57

1. ) Master Boot Record (MBR)

2. ) GUID Partition Table (GPT)

Question 58

Space on a disk that is not allocated to a partition

Answer 58

Free space

Question 59

Can partitions overlap?

Answer 59

No

You can have multiple partitions on a disk and they can’t overlap each other

Question 60

What is becoming the new standard for disk partitioning?

Answer 60

GUID Partition Table (GPT)

Question 61

What is a filesystem?

Answer 61

An organized collection of files and directories

It is comprised of a database to manage files and the actual files themselves

Question 62

This is located in the first few sectors of the filesystem

Answer 62

Boot block

This is not really used the by the filesystem. Rather, it contains information used to boot the operating system.

Question 63

This is a single block that comes after the boot block, and it contains information about the filesystem

Answer 63

Super block

It contains information such as the size of the inode table, size of the logical blocks and the size of the filesystem

Question 64

The database that manages our files

Answer 64

Inode (index node) table

Each file or directory has a unique entry in the inode table and it has various information about the file

Question 65

This is the actual data for the files and directories

Answer 65

Data blocks

Question 66

The parts of a Filesystem Structure

Answer 66

1. Boot block
2. Super block
3. Inode table
4. Data blocks

Question 67

Common disk partitioning tools

Answer 67

fdisk - No GPT support
parted - Supports both MBR and GPT
gparted - The GUI version of parted
gdisk - fdisk, but only supports GPT

Question 68

What is the parted command to make a partition?

Answer 68

mkpart

Question 69

This tool allows us to create a filesystem, specify the type of filesystem we want, and where we want it

Answer 69

The mkfs (make filesystem) tool

e.g. $ sudo mkfs -t ext4 /dev/sdb2

Question 70

What happens if you try to create a filesystem on top of an existing one?

Answer 70

You’ll most likely leave your filesystem in a corrupted state

You only want to create a filesystem on a newly partitioned disk or if you are repartitioning an old one

Question 71

A directory on the system where the filesystem is going to be attached

Answer 71

The mount point

Question 72

How to create a mount point?

Answer 72

With the mount command

e.g. $ sudo mount -t ext4 /dev/sdb2 /mydrive

Or to unmount

e. g. $ sudo umount /mydrive
e. g. $ sudo umount /dev/sdb2

Question 73

How do you view the UUIDS on your system for block devices?

Answer 73

With the blkid (block identification) command

Question 74

How can we automatically mount filesystems at startup?

Answer 74

We can add them to a file called /etc/fstab

(pronounced “eff es tab” not “eff stab”)

short for filesystem table

Question 75

What is a swap partition?

Answer 75

Swap is used to allocate virtual memory to our system.

The system uses this partition to “swap” pieces of memory of idle processes to the disk, so you’re not bogged for memory on systems with low memory

Question 76

What commands are used to create a swap partition?

Answer 76

mkswap to initialize swap areas
swapon to enable the swap device
swapoff to remove swap

If you want the swap partition to persist on bootup, you need to add an entry to the /etc/fstab file

Question 77

How much swap space should you allocate compared to memory?

Answer 77

You should generally allocate about twice as much swap space as you have memory

Question 78

Why is swap space not as important on modern systems?

Answer 78

Modern systems have enough RAM and low memory is usually not an issue

Question 79

What command shows you the utilization of your currently mounted filesystems?

Answer 79

disk free: df -h

(h flag gives you a human readable format)

This shows the device, and how much capacity is used and available

Question 80

This command shows you the disk usage of the current directory you are in

Answer 80

disk usage: du -h

h flag gives you a human readable format

Question 81

What is the difference between du and df commands?

Answer 81

To see how much of your disk is free use df

To check disk usage use du

Question 82

What command is used to check the consistency of a filesystem and can even try to repair it for us?

Answer 82

fsck (filesystem check)

Usually when you boot up a disk, fsck will run before your disk is mounted to make sure everything is ok

Question 83

A filesystem is comprised of all our actual files and a database that manages these files? The database is known as what?

Answer 83

The inode table

Question 84

What is an inode?

Answer 84

An inode (index node) is an entry in this table and there is one for every file. It describes everything about the file

inodes store everything about the file, except the filename and the file itself

Question 85

When are inodes created?

Answer 85

When a filesystem is created, space for inodes is allocated as well

Question 86

How can you see how many inodes are left on your system?

Answer 86

df -i

Question 87

How can you view the inode number of a file?

Answer 87

ls -li

Question 88

This command is used to see detailed information about a file

Answer 88

stat

Question 89

How do inodes locate files?

Answer 89

Inodes point to the actual data blocks of your files using 15 pointers. 12 direct pointers and pointers to pointers.

Question 90

In the Windows operating system, there are aliases to files known as shortcuts. What is the Linux equivalent?

Answer 90

symbolic links (or soft links or symlinks)

Question 91

What are Linux hardlinks?

Answer 91

A file with a link to an inode

Question 92

Symbolic links are denoted by what?

Answer 92

myfilelink -> myfile

Question 93

When you modify a symlink what happens to the file it points to?

Answer 93

The file also gets modified

Question 94

What is the link count in the ls command?

Answer 94

The link count is the number of hardlinks that an inode has

Question 95

What is the difference between symlinks and hardlinks?

Answer 95

symlinks are just files that point to filenames so they can be referenced across different filesystems

hardlinks create another file with a link to the same inode. hardlinks do not span filesystems because inodes are unique to the filesystem

Question 96

How do you create a symlink?

Answer 96

With the ln command with -s for symbolic and you specific a target file and then a link name

e.g. $ ln -s myfile mylink

Question 97

How to create a hardlink?

Answer 97

With the ln command, but without the -s flag

e.g. $ ln somefile somelink

Question 98

What are the 4 stages of the Linux boot process?

Answer 98

1. ) BIOS
2. ) Bootloader
3. ) Kernel
4. ) Init

Question 99

What does BIOS stand for?

Answer 99

BIOS stands for “Basic Input/Output System”

Question 100

What happens during the BIOS phase of the boot process?

Answer 100

BIOS is a firmware that comes most common in IBM PC compatible computers

BIOS performs system integrity checks with power-on self test (POST)

BIOS’s main goal is to find the system bootloader. Once the BIOS boots up the hard drive, it searches for the boot block to figure out how to boot up the system. It will look to the master boot record (MBR) or GPT

The MBR contains the code to load another program somewhere on the disk, this program in turn actually loads up our bootloader

Question 101

What does POST stand for?

Answer 101

Power-on self test (POST) which checks that all the hardware is good to go for system startup

Question 102

What does the bootloader do?

Answer 102

Boots into an operating system

Selects a kernel to use

Specifies kernel parameters

Question 103

What is the kernel doing during the boot process?

Answer 103

When the kernel is loaded, it immediately initializes devices and memory using initramfs to get the necessary drivers.

Then it creates a root device and mount the root partition in read-only mode first so that fsck can run safely and check for system integrity. Afterwards it remounts the root filesystem in read-write mode.

Then the kernel locates the init program and executes it

Question 104

What is init?

Answer 104

The init process is the first process that gets started, init starts and stops essential service process on the system

Question 105

The successor to BIOS

Answer 105

UEFI (stands for “Unified extensible firmware interface”)

The GPT format was intended for use with EFI

The first sector of a GPT disk is reserved for a “protective MBR” to make it possible to boot a BIOS-based machine

UEFI stores all the information about startup in an .efi file stored on a special partition called EFI system partition

This partition contains the bootloader

Question 106

The most common bootloader for Linux?

Answer 106

GRUB

Question 107

The kernel manages our systems hardware, however not all drivers are available to the kernel during bootup. How is this resolved?

Answer 107

There is a temporary root filesystem that contains just the essential modules that the kernel needs to get to the rest of the hardware

Question 108

Initrd vs Initramfs

Answer 108

initrd (initial ram disk) has been replaced by initramfs

In older versions of Linux the kernel would mount the initrd, a temporary root filesystem, get the necessary bootup drivers, then when it was done loading everything it needed, it would replace the initrd with the actual root filesystem.

Now we use initramfs, a temporary root filesystem that is built into the kernel itself to load all the necessary drivers for the real root filesystem

Question 109

What are the three major implementations of init in Linux?

Answer 109

1. ) System V init (sysv)
2. ) Upstart
3. ) Systemd

Question 110

System V init (sysv)

pronounced as ‘System Five’

Answer 110

The traditional init system. It sequentially starts and stops processes, based on startup scripts. The state of the machine is denoted by runlevels, each runlevel starts or stops a machine in a different way.

Question 111

Upstart

Answer 111

This is the init you’ll find on older Ubuntu installations. Upstart uses the idea of jobs and events and works by starting jobs that performs certain actions in response to events.

Question 112

Systemd

Answer 112

This is the new standard for init, it is goal oriented. Basically you have a goal that you want to achieve and systemd tries to satisfy the goal’s dependencies to complete the goal.

Question 113

The core of the operating system

Answer 113

The kernel

Question 114

The Linux operating system can be organized into what three different levels of abstraction

Answer 114

1. ) Hardware. The physical layer. CPU, memory, hard disks, networking ports, etc
2. ) Kernel. It handles process and memory management, device communication, system calls, sets up our filesystem, etc. It’s the software / hardware interface.
3. ) User space. This includes the shell, the programs that you run, the graphics, etc.

Question 115

What are the privilege levels (protection rings)?

Answer 115

Ring #0 - Ring #3

1. ) Kernel Mode - the kernel has complete access to the hardware, it controls everything
2. ) User Mode - there is a very small amount of safe memory and CPU that you are allowed to access

Question 116

What allows us to perform a privileged instruction in kernel mode and then switch back to user mode?

Answer 116

System calls (syscall)

Systems calls provide user space processes a way to request the kernel to do something

Question 117

The kernel makes certain services available to user space processes through what?

Answer 117

The system call API

These services allow us to read or write to a file, modify memory usage, modify our network, etc.

Question 118

You can view the system calls that a process makes with this command

Answer 118

strace

e.g. $ strace ls

Question 119

Can you install multiple kernels on your system?

Answer 119

Yes

During the boot process in our GRUB menu we can choose which kernel to boot to

Question 120

This command show what kernel version you have on your system

Answer 120

uname

• r command will print out all of the kernel release version
  e. g. $ uname -r

Question 121

How can you install the Linux kernel?

Answer 121

1. ) Download the source package and compile from source
2. ) Install it using package management tools
3. ) Upgrade kernel version with $ sudo apt dist-upgrade

You’ll need to also install some other linux packages

Question 122

What is the actual linux kernel file named?

Answer 122

vmlinuz

Question 123

Where are kernel related files usually stored?

Answer 123

Usually the /boot directory

Question 124

Pieces of code that can be loaded and unloaded into the kernel on demand

Answer 124

Kernel modules

Modules allow us to extend the functionality of the kernel without actually adding to the core kernel code

Question 125

How can you view a list of currently loaded modules?

Answer 125

lsmod

Question 126

How to load a kernel module?

Answer 126

modprobe

e.g. $ sudo modprobe bluetooth

Question 127

How to remove a kernel module?

Answer 127

modprobe with the -r flag

e.g. $ sudo modprobe -r bluetooth

Question 128

How to load a kernel module on bootup?

Answer 128

Modify the /etc/modprobe.d directory and add a configuration file

Question 129

How to ensure that a kernel module does not load on bootup?

Answer 129

Modify the /etc/modprobe.d directory and add a configuration file to blacklist the module

Question 130

Under this version of init the state of the machine is denoted by runlevels, each runlevel starts or stops a machine in a different way.

Answer 130

System V

Question 131

This is the init that uses jobs and events and works by starting jobs that performs certain actions in response to events. Found on older Ubuntu installations

Answer 131

Upstart

Question 132

The new, goal oriented, standard for init

Answer 132

Systemd

Question 133

The main purpose of init?

Answer 133

To start and stop essential processes on the system

Question 134

The most traditional version of init

Answer 134

System V

Question 135

How to find out if you are using the Sys V init implementation?

Answer 135

If you have an /etc/inittab file you are most likely running System V

Question 136

Why is performance bad with System V?

Answer 136

Usually only one thing is starting or stopping at a time

Question 137

When using this version of init, the state of the machine is defined by runlevels which are set from 0 to 6

Answer 137

System V

Question 138

What scripts are located at /etc/rc.d/rc[runlevel number].d/ or /etc/init.d?

Answer 138

Scripts that are run based on the runlevel of the system (Sys v)

Scripts that start with S(start) or K(kill) will run on startup and shutdown, respectively. The numbers next to these characters are the sequence they run in.

Question 139

How can you see the default runlevel?

Answer 139

In the /etc/inittab file

Question 140

$ service –status-all

Answer 140

List the status of Sys V services

Question 141

$ sudo service networking start

Answer 141

Start the networking service

This could also be stop or restart

Question 142

Who developed Upstart?

Answer 142

Canonical, and it was used in Unbuntu

Question 143

How can you tell if your system is using Upstart?

Answer 143

If you have a /usr/share/upstart directory

Question 144

With Upstart, what’s the difference between jobs and events?

Answer 144

Jobs are the actions that Upstart performs and events are messages that are received from other processes to trigger jobs

Question 145

How can you view a list of jobs (Upstart) and their configurations?

Answer 145

$ ls /etc/init

Question 146

What does this do: initctl list

Answer 146

Lists Upstart jobs

Question 147

initctl status networking

Answer 147

View the Upstart status of the networking job

Question 148

How to manually start a job?

Answer 148

$ sudo initctl start networking

You can also stop, restart, or emit an event

Question 149

How can you tell if your system is using Systemd?

Answer 149

You have a /usr/lib/systemd directory