LF

Question 1

Difference between terminal, console and shell

Answer 1

Terminal and console are similar, piece of equipment through which you could interact with a computer.
Terminal is a device file.
A shell is the primary interface that users see when they log in, whose primary purpose is to start other programs.

Question 2

How does a process receive input from keyboard?

Answer 2

keyboard generates interrupt
kernel looks for the IRQ handler
interrupt handler converts into keycode
The input layer uses kernel keyboard layout tables to map the scan code (position of the key on the keyboard) to a key code (like A) and interprets Shift, Alt, etc. The result of this interpretation is made available via /dev/input/event* to userland processes. You can use evtest so those events.
Xserver or terminal reads from /dev/input/event* and

Question 3

What is an inode number?

Answer 3

An inode is a unique number assigned to files and directories while it is created. The inode number will be unique to entire filesystem.

Question 4

What information is stored in inode?

Answer 4

File type: regular file, directory, pipe etc.
Permissions to that file: read, write, execute
Link count: The number of hard link relative to an inode
User ID: owner of file
Group ID: group owner
Size of file: or major/minor number in case of some special files
Time stamp: access time, modification time and (inode) change time
Attributes: immutable’ for example
Access control list: permissions for special users/groups
Link to location of file
Other metadata about the file

Question 5

How to check inode in Linux

Answer 5

stat hello
File: ‘hello’
Size: 66 Blocks: 8 IO Block: 4096 regular file
Device: fd01h/64769d Inode: 530461 Links: 2
Access: (0774/-rwxrwxr–) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2017-05-15 20:12:32.540352591 +0000
Modify: 2017-05-15 20:12:16.901527357 +0000
Change: 2017-05-19 17:41:37.394470321 +0000
Birth: -

ls -il
total 140984
520170 dr-xrw-rw- 2 linoadmin linoadmin 4096 Mar 9 2013 asciiquarium_1.1
263206 -rwxr-xr-x 1 linoadmin linoadmin 15436 Mar 9 2013 asciiquarium.tar.gz
519187 drwxr—– 2 root root 4096 Apr 13 01:35 baba
258717 -rwSr–r– 1 root root 5747 Apr 25 01:45 bootstrap
655799 drwxr-xr-x 2 root root 4096 May 16 17:46 course
528927 drwxr-xr-x 3 root root 4096 Apr 29 00:29 environments

df -i
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/vda1 1292800 126091 1166709 10% /
devtmpfs 60205 319 59886 1% /dev
tmpfs 62556 1 62555 1% /dev/shm
tmpfs 62556 367 62189 1% /run
/dev/vda2 128 13 115 11% /mnt/vda2
tmpfs 62556 1 62555 1% /run/user/0

Question 6

Symbolic links (or soft links) and does sym link have inode information?

Answer 6

If we delete or move the original file, the link will be broken and our ‘filesync’ file will not be longer available.

permissions on the symbolic link are completely open. This is because the permissions are not managed

Question 7

What are Hard Links?

Answer 7

when you create a hard link for a file, all you really do is add a new name to an inode.

The interesting thing about hard links is that there is no difference between the original file and the link: they are just two names connected to the same inode.

The directories cannot be hard linked. Linux does not permit this to maintain the acyclic tree structure of directories.

A hard link cannot be created across filesystems. Both the files must be on the same filesystems, because different filesystems have different independent inode tables (two files on different filesystems, but with same inode number will be different).

Question 8

Linux move files changes inode number?

Answer 8

Will not change the inode number

It will only change if it is in another file partition

Question 9

Where is Inode table stored?

Answer 9

there’s a table of inodes on each filesystem, and there’s a separate filesystem on each partition

But, on the Internet, I found that each directory has its own table of the inodes and names associated to the files inside it.
That’s a table that maps file names to inode numbers. That is, the directory is a list of entries (or some more sophisticated data structure), and each element of the list contains a file name and an inode number. To find the file’s metadata and contents, the system reads the inode number from the directory, then reads the designated entry in the inode table. To find a file given its path, the system starts with the root inode, finds that it’s a directory, finds the directory entry for the first element, reads its inode, and so on.

Question 10

Linux Performance Tools

Answer 10

http: //www.brendangregg.com/linuxperf.html
http: //www.brendangregg.com/Slides/Velocity2015_LinuxPerfTools.pdf

Question 11

Different linux commands to debugging an issue?

Answer 11

top (checks CPU and memory)
iotop (monitor Linux Disk I/O usage)
iostat (iostat command is used for monitoring system input/output device loading by observing the time the devices are active in relation to their average transfer rates)

sar (system activity report contains cpu, memory, netrwork interfaces)
vmstat (vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity)

strace (captures and records all system calls made by a process and the signals received by the process)

Question 12

What is Anti-method?

Answer 12

1) Searching for problem when not sure what the problem is (ask user what are they experiencing)
2) Wrong fix by guessing, without understanding problems just fix it by guess and it works
3) Blame someone else without understanding the problem

Question 13

What is USE method?

Answer 13

utilization - busy time
saturation - queueing
error

Question 14

uptime command used for?

Answer 14

prints average load on the cpu 5, 15, 30

Question 15

Types of DNS

Answer 15

Authoritative Nameserver
Recursive Resolver

https://serverfault.com/questions/422288/what-is-the-difference-between-authoritative-nameserver-and-recursive-resolver

Question 16

How does DNS traversal happen for a domain name (www.example.com)

Answer 16

It starts with (.) which is the root DNS Name Server, it redirects to com NS to ask for more details, similarly it keeps doing for every dot it encounters

Question 17

DNS Zone Levels

Answer 17

The Domain Name System (DNS) defines a domain namespace, which specifies Top Level Domains (such as “.com”), second-level domains, (such as “acme.com”) and lower-level domains, also called subdomains (such as “support.acme.com”). Each of these levels can be a DNS zone.

For example, the root domain “acme.com” may be delegated to a Acme Corporation. Acme assumes responsibility for setting up an authoritative DNS server that holds the correct DNS records for the domain.

At each hierarchical level of the DNS system, there is a Name Server containing a zone file, which holds the trusted, correct DNS records for that zone.

Question 18

Secondary DNS Zones

Answer 18

DNS servers can be deployed in a master/slave topology, where a secondary DNS server holds a read-only copy of the primary DNS server’s DNS records. The primary server holds the master zone file, and the secondary server constitutes an identical secondary zone; DNS requests are distributed between primary and secondary servers. A DNS zone transfer occurs when the primary server zone file is copied, in whole or in part, to the secondary DNS server.

Question 19

What is a DNS Zone File?

Answer 19

A DNS Master File which authoritatively describes a zone

A DNS Cache File which lists the contents of a DNS cache—this is only a copy of the authoritative DNS zone

Question 20

What constitutes DNS Zone Records?

Answer 20

In a zone file, each line represents a DNS resource record (RR). A record is made up of the following fields:

name

ttl

record class

record type

record data

Name is an alphanumeric identifier of the DNS record. It can be left blank, and inherits its value from the previous record.

TTL (time to live) specifies how long the record should be kept in the local cache of a DNS client. If not specified, the global TTL value at the top of the zone file is used.

Record class indicates the namespace—typically IN, which is the Internet namespace.

Record type is the DNS record type—for example an A record maps a hostname to an IPv4 address, and a CNAME is an alias which points a hostname to another hostname.

Record data has one or more information elements, depending on the record type, separated by a white space.

For example an MX record has two elements—a priority and a domain name for an email server.

Question 21

DNS cache poisoning

Answer 21

DNS cache poisoning is the act of entering false information into a DNS cache, so that DNS queries return an incorrect response and users are directed to the wrong websites. DNS cache poisoning is also known as ‘DNS spoofing.’

Question 22

Different type of interrupts an OS can get

Answer 22

I/O, Timer and Inter Processor

Question 23

How can an interrupt be passed to different process.

Answer 23

https://unix.stackexchange.com/questions/116629/how-do-keyboard-input-and-text-output-work/116630#116630

Question 24

What is Anycast?

Answer 24

Anycast, also known as IP Anycast, is a networking technique that allows for multiple machines to share the same IP address. Based on the location of the user request, the routers send it to the machine in the network that is closest. This is beneficial since, among other things, it reduces latency and increases redundancy. If a particular data center were to go offline, an Anycasted IP would choose the best path for users and automatically redirect them to the next closest data center. The following outlines some of the pros and cons that are associated with configuring Anycast.

Question 25

Routing protocol

Answer 25

Routers route with known networks or reach out to default network until TTL

Question 26

ARP

Answer 26

Broadcasts to get MAC address of the other machine at layer 2(data link)

Question 27

HTTPS

Answer 27

Server responds with certificate which is CA signed along with public key
Browser checks if the certificate is valid by contacting the CA
Browser creates symmetric key which will be used for future communication and encrypts it with server’s public key
Server decrypts the message and obtains the symmetric key
Now the communication happens using this symmetric key

Question 28

What happens when a new process is created?

Answer 28

New process is forked from the parent process which has exactly the same memory 3GB.

After the fork, the two processes, the parent and the child, have the same memory image, the same environment strings, and the same open files. That is all there is. Usually, the child process then executes execve or a similar system call to change its memory image and run a new program.

In both UNIX and Windows systems, after a process is created, the parent and child have their own distinct address spaces, no writable memory is shared

Question 29

Where are man pages stored?

Answer 29

/usr/share/man

Question 30

Where look for error messages?

Answer 30

-dmesg (display message/driver message)

dmesg displays messages from kernel ring buffer. Can view messages about specific devices like:
#dmesg | grep -i memory
# dmesg | grep -i dma
# dmesg | grep -i usb
# dmesg | grep -i tty
The dmesg messages are grouped into categories called “facilities.” The list of facilities is:

kern: Kernel messages.
user: User-level messages.
mail: Mail system.
daemon: System daemons.
auth: Security/authorization messages.
syslog: Internal syslogd messages.
lpr: Line printer subsystem.
news: Network news subsystem.

We can ask dmesg to filter its output to only show messages in a specific facility. To do so, we must use the -f (facility) option:

sudo dmesg -f daemon

-other logs in /var/log

Question 31

What to check for slow performance?

Answer 31

• “top” (shows cpu, ram usage)
• “vmstat”
• “sar” (part of sysstat package - system activity report) history of performance for comparison
• • “sar -r” ram performance
• • “sar -u” cpu performance
• • “sar - d” disk i/o performance
• nload/iftop to check network traffic

Question 32

What are common RAID levels?

Answer 32

• RAID 0 - striping (fast, not fault tolerant)
• RAID 1 - mirroring (good but uses double the drives)
• RAID 5 - striping with parity (fast read, slow write)
• RAID 10 - striping and mirroring (fast rebuilds but still uses twice the drives).

Question 33

What is anycast?

Answer 33

Anycast is a network addressing and routing methodology in which a single destination address has multiple routing paths to two or more endpoint destinations. Routers will select the desired path on the basis of number of hops, distance, lowest cost, latency measurements or based on the least congested route. Anycast networks are widely used for content delivery network (CDN) products to bring their content closer to the end user.

Question 34

What is BGP?

Answer 34

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet.[1] The protocol is classified as a path vector protocol.[2] The Border Gateway Protocol makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator and is involved in making core routing decisions.

BGP may be used for routing within an autonomous system. In this application it is referred to as Interior Border Gateway Protocol, Internal BGP, or iBGP. In contrast, the Internet application of the protocol may be referred to as Exterior Border Gateway Protocol, External BGP, or eBGP.

Question 35

What is a VIP and what are the common scenarios where VIP can be used?

Answer 35

Virtual IPs (VIP) are one to many mappings of IP address that distinguish traffic based on port number to determine what IP address to send the traffic to. A common application of VIPs is to have one public IP address represent the Web server, email server and FTP server, each of which has a unique private IP address. This sharing of one external IP address provides a good way to conserve public IP addresses.

A Virtual IP can also be used for port forwarding. For example, assume you want to open web access to the Internet to a web server you have that is listening on port 80. However, due to security concerns, you only want users to be accessing this site using port 8080. You can use Virtual IP to accomplish this. Specify the Virtual IP, which is the IP address that the Internet will be using to access the web site. Then, specify the external port, and this combination of external IP and port will be mapped to an internal IP address and port.

Question 36

kernel mode and user mode?

Answer 36

The operating system, the most fundamental piece of soft- ware, runs in kernel mode (also called supervisor mode). In this mode it has complete access to all the hardware and can execute any instruction the machine is capable of executing.

The rest of the software runs in user mode, in which only a subset of the machine instructions is available.

Question 37

BIOS

Answer 37

Basic Input Output System

The BIOS contains low-level I/O software, including procedures to read the keyboard, write to the screen, and do disk I/O, among other things. Now- adays, it is held in a flash RAM, which is nonvolatile but which can be updated by the operating system when bugs are found in the BIOS

Question 38

DMA

Answer 38

Direct Memory Access (DMA) is a capability provided by some computer bus architectures that allows data to be sent directly from an attached device (such as a disk drive) to the memory on the computer’s motherboard. The microprocessor is freed from involvement with the data transfer, thus speeding up overall computer operation.

Question 39

init process?

Answer 39

First process launched as part of OS. When it starts running, it reads a file telling how many terminals there are. Then it forks off a new process for each terminal.

Question 40

How can process get into blocked state?

Answer 40

In some systems the process can execute a system call, such as pause, to get into blocked state. In other systems, including UNIX, when a process reads from a pipe or special file (e.g., a terminal) and there is no input available, the process is automatically blocked.

Question 41

What is Process table or process control blocks?

Answer 41

entry contains important information about the process’ state, including its program counter, stack pointer, memory allocation, the status of its open files, its accounting and scheduling information, and everything else about the process that must be saved when the process is switched from running to ready or blocked state so that it can be restarted later as if it had never been stopped.

Question 42

What is shared between process and threads and what is not?

Answer 42

Shared
Address space
Global variables
Open files
Child processes
Pending alarms
Signals and signal handlers Accounting information

Non-shared
Program counter Registers
Stack
State

Question 43

How does SMTP work?

Answer 43

SMTP is the Application Level protocol that handles message services over TCP/IP networks.

SMTP uses TCP Well Known port 25.

Question 44

What is RAID?

Answer 44

RAID (redundant array of independent disks) is a setup consisting of multiple disks for data storage. They are linked together to prevent data loss and/or speed up performance. Having multiple disks allows the employment of various techniques like disk striping, disk mirroring, and parity.

Make sure to remember RAID 0, RAID 1, RAID 5, RAID 10

Question 45

Level 0, level 1 and full backup ?

Answer 45

Full backup: A full backup backs up all data files in the database, block-by-block, a standalone backup with everything you need to recover to the point in time when the full backup was collected.

· Level 1 backup: A level 1 backup includes only those blocks that have been changed since the “parent” backup was taken. Remember a parent backup may be either a level 0 or a level 1 backup.

· Level 0 backup: A level 0 incremental backup is physically identical to a full backup and it includes every data block in the file except empty blocks. The only difference is that the level 0 backup is recorded as an incremental backup in the RMAN repository, so it can be used as the parent for a level 1 backup.

· Incremental backup: An incremental backup can be either level 0 or level 1.

Question 46

What are pages in respect to memory?

Answer 46

To make this translation easier, virtual and physical memory are divided into handy sized chunks called pages.

In this paged model, a virtual address is composed of two parts; an offset and a virtual page frame number. If the page size is 4 Kbytes, bits 11:0 of the virtual address contain the offset and bits 12 and above are the virtual page frame number. Each time the processor encounters a virtual address it must extract the offset and the virtual page frame number. The processor must translate the virtual page frame number into a physical one and then access the location at the correct offset into that physical page. To do this the processor uses page tables.

Question 47

Dirty buffer or delayed write?

Answer 47

The kernel does attempt to minimize the risks of deferred writes. To ensure that data is written out in a timely manner, the kernel institutes a maximum buffer age, and writes out all dirty buffers before they mature past the given value. Users can configure this value via /proc/sys/vm/dirty_expire_centiseconds. The value is specified in centiseconds (one hundredths of a second).

It is also possible to force the writeback of a given file’s buffer, or even to make all writes synchronous. These topics are discussed in the next section, “Synchronized I/O.”

Question 48

How many system file tables are there?

Answer 48

There is a file descriptor table that maps file descriptors (small integers) to entries in the open file table. Each entry in the open file table contains (among other things) a file offset and a pointer to the in-memory inode table. Here’s a picture:
(source: rich at www.cs.ucsb.edu)

So there is neither just one file table entry for an open file nor is there just one per process … there is one per open() call, and it is shared if the file descriptor is dup()ed or fork()ed.

Answering your questions:

1) When two or more processes open a file for reading, there’s an entry in the open file table per open. There is even an entry per open if one process opens the file multiple times.
2) A single entry is not created in the open file table for different processes opening same file (but there is just one entry in the in-memory inode table).
3) If file1.txt is opened twice, in the same or two different processes, there are two different open file table entries (but just one entry in the in-memory inode table).

Question 49

every process by convention has at least three file descriptors open

Answer 49

0, 1, and 2. File descriptor 0 is standard in (stdin), file descriptor 1 is standard out (stdout), and file descriptor 2 is standard error (stderr).

Question 50

O_NONBLOCK

Answer 50

If possible, the file will be opened in nonblocking mode. Neither the open( ) call, nor any other operation will cause the process to block (sleep) on the I/O. This behavior may be defined only for FIFOs.

Question 51

What does exec command do?

Answer 51

One system call (actually, one call from a family of calls) loads a binary program into memory, replacing the previous contents of the address space, and begins execution of the new program. This is called executing a new program, and the functionality is provided by the exec family of calls.

Its run after fork to continue program execution.

Question 52

Idle process

Answer 52

The idle process—the process that the kernel “runs” when there are no other runnable processes—has the pid 0. The first process that the kernel executes after booting the system, called the init process, has the pid 1.

Question 53

The Linux kernel tries four executables, in the following order for init

Answer 53

1. /sbin/init: The preferred and most likely location for the init process.
2. /etc/init: Another likely location for the init process.
3. /bin/init: A possible location for the init process.
4. /bin/sh: The location of the Bourne shell, which the kernel tries to run if it fails to find an init process.

Question 54

Linux File Hierarchy Structure

Answer 54

In the FHS, all files and directories appear under the root directory /, even if they are stored on different physical or virtual devices.
Some of these directories only exist on a particular system if certain subsystems, such as the X Window System, are installed.
Most of these directories exist in all UNIX operating systems and are generally used in much the same way; however, the descriptions here are those used specifically for the FHS, and are not considered authoritative for platforms other than Linux.

Question 55

What is a page fault?

Answer 55

A program cannot use a page that is present in secondary storage rather than in physical memory until it is associated with a page in physical memory. When a process tries to access an address on such a page, the memory management unit (MMU) generates a page fault.