Linux Operating System

Question 1

What is Linux distribution?

Answer 1

The term Linux is commonly used to mean the kernel plus set of software tools and libraries that together make a complete operating system.
In early days of Linux, the user has to assemble all of these software, create file system and correctly place & configure all the software on a system. This demanded considerable time and expertise. As a result, market opened for Linux distributor, who created packages (distributions) to automate most of the installation process, creating a file system and installing the kernel and other required software.

Question 2

What is FIPS?

Answer 2

“Federal Information Processing Standard” is the name of set of standards specified by the USA government for the purchase of its computer systems

Question 3

What is universality of I/O?

Answer 3

The kernel provides just one type of file - “A sequential stream of bytes”. Same set of system calls (open, read, write, close) are used to perform I/O on all types of files including devices. In UNIX systems, there is no end-of-file character. The end-of-file is detecte3d by read that returns no data.
This is called as universality of I/O

Question 4

What is a kernel thread?

Answer 4

A kernel thread is an execution context that can be independently scheduled, it may be associated with a user program or it may run only some kernel functions. Linux uses kernel threads in a very limited way to execute a few kernel functions periodically.

Question 5

What is a file name and hard-link?

Answer 5

A filename included in a directory is called a file hard-link. The same file can have several hard links included in the same directory or different directory i..e it may have several filenames. “ln” command is used to create a hard link
$ ln P1 P2
Hard links cannot be created for directories and can be created only among the files included in the same FS.

Question 6

What is a symbolic link?

Answer 6

Symbolic link is a short file that contains an arbitrary pathname of another file.
$ln -s P1 P2

Question 7

What information is stored in i-node?

Answer 7

1. File type (regular/directory etc.)
2. No of hard links associated with the file
3. File length in bytes
   4 Device-id (ID of device which contains the file)
4. i-node number
5. UID of file owner
6. GID of the group that owns the file
7. Several time-stamps including change time.
8. Access rights and file mode

Question 8

What is the meaning of reentrant kernel?

Answer 8

All UNIX kernels re reentrant. This means that several processes may be executing in the kernel mode at the same time.
One way to achieve reentrancy is to write functions so that they modify only local variables and do not alter global data structures. Such functions are called reentrant functions.

Question 9

What is kernel control path?

Answer 9

Kernel control path denotes the sequence of instructions executed by kernel to handle a system call, an exception or an interrupt. Each process runs in its ow private address space which includes private stack, data and code areas.

Question 10

What is a race condition?

Answer 10

When the outcome of a computation depends on how two or more processes are scheduled, the code is incorrect. This is called ‘race condition’

Question 11

What is a Semaphore?

Answer 11

A semaphore s simply a counter associated with a data structure. It is checked by kernel thread before it tries to access the data structure. Each semaphore may be viewed as an object composed of -

• An integer value
• A list of waiting processes
• Two atomic operations: up and down

The down method decreases the value of semaphore. If the new value is less than 0 (zero), the method adds running process to the semaphore list and then blocks (i.e. invokes the scheduler). The up method increases the value of the semaphore and if its new value is greater than or equal to zero, reactivates one or more processes in the semaphore list.

Question 12

What is a system call and how is it executed?

Answer 12

A ‘system call’ is a controlled entry point into the kernel allowing a process to request that kernel perform some action on the process’s behalf. A system changes the processor state from user mode to kernel mode when a system call is invoked. The set of system calls is fixed and each system call is identified by a unique number.

Steps involved in a system call execution -

1. Application makes a system call by invoking a wrapper function in the ‘c’ library.
2. Wrapper function copies the arguments passed to it in the specific registers since kernel expects it that way.
3. Since all system calls enter the kernel in the same way, the kernel needs some method of identifying the system call. For this, each system call is given a number and wrapper function copies it into a specific CPU register (%EAX)
4. Wrapper function executes a trap machine instruction (int x80) which causes the processor to switch from user mode to kernel mode and execute the trap instruction.
5. In response to trap, the kernel invokes its system call routine to handle the trap.
6. Kernel saves register values on kernel stack and checks validity of system call number
7. kernel invokes appropriate system call service routine, which is found in sys_call_table. The service routine performs the required tasks. Finally service routine returns a result status to the system_call routine.
8. Restores register values from kernel stack and places the system call return value on the stack.
9. Returns to wrapper function, simultaneously returning the processor to user mode.

Question 13

What is the use of ioctl() system call

Answer 13

Most of the file systems are accessed using universal I/O model which includes four system calls (open, read, write and close). When access to specific feature of the file system or device is required, a program can use ‘catchall’ ioctl() system call which proves an interface to features that fall outside the universal I/O model.

Question 14

How to create a sparse file on Linux?

Answer 14

using lseek() API call

Using lseek you can write past end of file. The space in between previous end of file and new end of file is referred as file hole. From programming point of view, bytes in the hole exists and reading from the hole returns a buffer of bytes containing 0 (null bytes). File holes does not take up any disk space. Such a file is called sparse file.

Another way is to use truncate() system call. It sets the size of the file to the value specified by length. If the file is longer than the length then excess data is lost. If file is shorter, it is extended by padding with sequence of null bytes or hole.

Question 15

What is the use of fcntl() system call?

Answer 15

It performs a range of control operations on an open file descriptor. For example - retrieve or modify the access mode and open file status flags of an already open file.

Question 16

What data structures are maintained by kernel for files?

Answer 16

Kernel maintains 3 data structures - PPFT (Per process File descriptor table), FT (File table - System wide table of open file descriptor) and INODE_TABLE (File system inode table)

PPFT table entry records flags controlling the operation f file descriptor (e.g. close-on-exec) and reference to the open file descriptor maintained in FT.

FT actually stores open file ‘description’ where all information about an open file is stored which includes current file offset, flags passed to open() call, file access mode and reference to i-node object of this file.

i-node information is stored in INODE table of the file system which includes - file type (regular, socket etc.), permissions, file size, time stamps etc.

Question 17

Explain memory layout of a process?

Answer 17

Memory allocated to each process is composed of a number of parts, referred as segments
Text segment - Contains source code in machine language.
Initialized data segment - Global and stack variables that are explicitly initialized.
Un-initialized data segment - Global and static variables that are not explicitly initialized. called bss segment.
stack
heap

Question 18

What is kernel stack?

Answer 18

Kernel stack is a per-process memory region maintained in kernel memory that is used as the stack for execution of the functions called internally during the execution of system calls.

Question 19

What is real user-id and group-id?

Answer 19

The real user ID and group ID identify the user and group to which process belongs. As part of login process, a login shell gets its real user and group IDs from the third and fourth field of the user’s password record in /etc/password file. When a new process is created, it inherits these identifiers from its parent.

Question 20

What is effective user-id and group-id?

Answer 20

On most UNIX implementations, the effective user and group ID, in conjunction with supplementary group ID, are used to determine the permissions granted to a process.
Normally the effective user and group IDs have the same values as the corresponding real ID. There are 2 ways in which the effective IDs can assume different values
1. Execution of set-uer-id and set-group-id programs.
2.

Question 21

What is set-user-id program

Answer 21

A set-user-id program allows a process to gain privileges by setting process’s effective user ID to same value as the user ID (owner) of the executable file.
These special permission bits can be set using command
$chmode u+s

Question 22

What is file system user and group ID?

Answer 22

On Linux, file system user and group IDs are used to determine permissions when performing file system operations.
Normally, the file system user and group IDs have the same values as corresponding effective IDs. Whenever effective ID (user/group) is changed either by a system call or execution of set-user-ID program, the corresponding file system id is also changed to the same value. The file system IDs follow the effective Ids in this way.

Question 23

what is buffer cache?

Answer 23

When working with disk files, read() and write() system calls does not directly initiate disk access, rather they simply copy data between a user space buffer and a buffer in the kernel ‘buffer cache’. This increases speed and efficiency.

Question 24

What is direct I/O?

Answer 24

Direct I/O (or raw I/O) bypasses the buffer cache when performing disk I/O thus transferring data directly from user space to a file or disk device.
Direct I/O is sometimes misunderstood as being a means of obtaining fast I/O performance. However, for most applications, using direct I/O can considerably degrade performance as optimizations done by kernel for disk I/O are not used.
Direct I/O is intended only for applications with specialized I/O requirements. For example - database systems that perform their own caching and I/O optimizations don’t need the kernel to consume CPU time and memory performing the same tasks. Direct I/O can be performed on individual file or on a block device (e.g. disk) by opening the file or device using O_DIRECT flag

Question 25

What is the command to create a device file?

Answer 25

mknod

Question 26

what is udev program?

Answer 26

udev program is used to discover and manage devices on a system. The udev program relies on sysfs file system which exports information about devices and other kernel objects into user space via a pseudo file system mounted under /sys.

Question 27

What is a disk partition?

Answer 27

Each disk is divided into one or more (non overlapping) partition. Each partition is treated by the kernel as a separate device residing under /dev directory.
command fdisk -l lists all the partitions on the disk.
A disk partition can either host a FS or swap area.

Question 28

What is FUSE?

Answer 28

FUSE is Filesystem in User mode. This mechanism adds hooks to the kernel that allows a file system to be completely implemented in a user-space program, without needing to patch or recompile kernel.

Question 29

What are different parts of generic file system?

Answer 29

1. Boot block: First block of FS. It is not used by FS but contains info used to boot the operating system.
2. Super block: Contains parameters information about FS including
   - size of i-node table
   - size of logical blocks in FS
   - size of FS in logical blocks
3. i-node table: Each file/directory in the FS has a unique entry in the i-node table.
4. Data blocks - Blocks of data that form files and directories in the file system.

Question 30

What all information is stored in -node for each file?

Answer 30

The information maintained in the i-node includes:

• File type (i.e. regular, directory, symlink etc.)
• Owner of the file.
• Group for the file.
• Access permissions for owner, group and others.
• Three timestamps (last access, last modifications, status change)
• Number of hard links to the file.
• Size of file in bytes.
• Number of blocks actually allocated to file.
• Pointers to data block of file.

Question 31

What is VFS (Virtual File System)?

Answer 31

VFS is a kernel feature that creates an abstraction layer for file system operations. It defines generic interfaces for file system operations and all programs that work files specify their operations in terms of these generic interfaces. VFS interfaces include operations such as open, read, write, lseek, close, stat, mount, mmap, mkdir, link etc.

Question 32

What is journaling file system?

Answer 32

A journaling file system logs all metadata updates to a special on-disk journal file before they are actually carried out. In event of system crash in the middle of a transaction, on system reboot, the logs can be used to rapidly undo any incomplete updates and bring the file system back to a consistent state.
Linux supports following journaling file systems
- Reierfs, Ext3, Ext4, BTRFS (B-Tree FS pronounced as butter FS)

Question 33

How would you gather FS mount information on a system?

Answer 33

/proc/mounts - List of currently mounted file systems. It is an interface to kernel data structure so always contains accurate information.
/etc/mtab - mount and unmount commands automatically maintains this file.
/etc/fstab - Maintained manually by administrator, contains description of all available file systems on a system.

Question 34

What is the difference between bind mount and hard links?

Answer 34

A bind mount allows a directory or file to be mounted at some other location in the file system hierarchy. It is somewhat like hard link but differs in two respects -

• A bind mount can cross file system mount points
• It is possible to make a bind mount for a directory.

Question 35

what is the use of sticky bit which is part of file system permissions

Answer 35

The sticky bit acts as restricted delete flag when applied on directories. It means unprivileged process can unlink files in the directory only if it has write permission on the directory and own either the file or the directory. This makes it possible to create directory that is shared by many users.