SRE Questions Flashcards
What is the difference between a process and a thread?
- Thread is a light weight process
- threads have their own stack, but share these with the parent process
- text (program code)
- data (program input)
- heap (stores files, locks, sockets)
What is a zombie process?
- has completed execution
- still in the process table so the parent can read the child’s exit status
- it’s dead, but not yet reaped by it’s parent
- when a parent makes a system call to read the exit status, then the process is removed
- kill doesn’t work on zombie processes
- don’t take up system resources
How to get rid of a zombie process?
- killing the parent should work to eliminate a zombie. (pid 1 will own it and then kill it)
How do you end up with zombie processes?
- created if the parent process doesn’t reap the child
- can happen if the parent doesn’t execute the wait() system call after forking
How does the system daemonize a process?
The fork() call is used to create a separate process.
The setsid() call is used to detach the process from the parent (normally a shell).
The file mask should be reset. The reason for this is because we want to create new files with the mask that is needed for the child process.
The current directory should be changed to something benign. We may not want the child to be in the same pwd as the parent.
The standard files (stdin,stdout and stderr) need to be reopened.
Describe ways of process inter-communication
Shared memory - threads share memory inside a process
POSIX mmap - a system call that maps files or devices into memory
Message queues - they allow multiple processes to read/write to the message queue without being directly connected
socket - sends streaming data over a network interface
pipes - these direct input/output of one process to another
Unix domain sockets - similar to an internet socket, but all communication occurs within the kernel. Use the file system as their address space.
RPC - remote procedure call
File - multiple processes can read/write
http://en.wikipedia.org/wiki/Inter-process_communication
What is a system call that maps files or devices into memory? _____ _____
POSIX mmap
Does the OS have message queues?
Yes - they allow multiple processes to read/write to the message queue without being directly connected
____ sends streaming data over a network interface
socket - sends streaming data over a network interface
What does a Unix domain socket do?
They are similar to an internet socket, but all communication occurs within the kernel. Use the file system as their address space.
___ ___ ___ is when a computer program causes a procedure to execute in a different address space (this computer or another computer over a network) which is coded as if it were a normal procedure call without the programmer explicitly coding the details for the remote interaction.
It is also a form of inter-process communication, in that different processes have different address spaces: if on the same host machine, they have distinct virtual address spaces, even though the physical address space is the same; while if they are on different hosts, the physical address space is different.
RPC - remote procedure call
https://en.wikipedia.org/wiki/Remote_procedure_call
Describe how processes executes in a Unix shell
Example /bin/ls
- when you run ‘ls’
- the shell searches the path for an executable named ls
- the shell process forks off a copy of itself
- if the fork succeeds, then it will run the full executable path it found with ‘exec /bin/ls’.
This replaces the copy of the child shell with itself. Parameters passed in are also run by exec.
What are unix signals?
Signals are a way the OS communicates with processes.
The ‘kill’ command is used to send signals to a process.
Example signals:
SIGTERM 15 (optional - default signal to send with kill)
SIGINT 2 Term Interrupt from keyboard
SIGQUIT 3 Core Quit from keyboard
SIGKILL 9 Term Kill signal (not optional)
SIGSTOP 17,19,23 Stop Stop process
SIGPIPE 13 Term Broken pipe: write to pipe with no
readers
The signals SIGKILL and SIGSTOP cannot be caught, blocked, or
ignored.
What does ‘echo $?’ tell you?
This is the exit code from the last run process
When you send a HUP signal to a process, you notice that it has no impact, what could have happened?
During critical section execution, some processes can setup signal blocking. The system call to mask signals is ‘sigprocmask’. When the kernel raises a blocked signal, it is not delivered.
Such signals are called pending. When a pending signal is unblocked, the kernel passes it off to the process to handle. It is possible that the process was masking SIGHUP.
What is TCP slow start?
A congestion control algorithm which balances the speed of a network connection. It starts slowly and gradually increases the amount of data transmitted until it finds the network’s maximum carrying capacity. It knows it’s reached the limit when ACK is no longer recieved.
This is used when two computers over the network start to communicate. During the TCP handshake.
Benefits:
- Users experience uninterrupted connections since packets are no longer dropped due to congestion.
- Users also experience faster downloads since slow start finds and uses the maximum connection speed.
- Enterprises see less network congestion since slow start regulates bandwidth and prevents the sender from having to continuously retransmit data.
List 4 TCP connection states
1) LISTEN – Server is listening on a port, such as HTTP
2) SYN-SENT – Sent a SYN request, waiting for a response
3) SYN-RECEIVED – (Server) Waiting for an ACK, occurs after sending an ACK from the server
4) ESTABLISHED – 3 way TCP handshake has completed
What is DHCP?
Dynamic host configuration protocol
A network management protocol used to automate the process of configuring devices on IP networks. The server doesn’t have an IP at this point, but can also receive either a dynamic IP or static IP (manually configured).
Data assigned:
- subnet mask
- router
- DNS server
- hostname
- domain name
Benefits
- less toil
- IP addresses are automatically freed up
- Don’t need a network admin to setup each server
What are some protocol states of DHCP?
DHCP DISCOVER client->server : broadcast to locate server
DHCP OFFER server->client : offer to client with offer of configuration parameters
DHCP REQUEST client->server : requesting a dhcp config from server
DHCP ACK server->client : actual configuration paramters
DHCP NAK server->client : indicating client’s notion of network address is incorrect
DHCP DECLINE client->server : address is already in use
DHCP RELEASE client->server : giving up of ip address
DHCP INFORM client->server : asking for local config parameters
These are all one word, but I added spaces for readability.
Describe TCP header format
Source port
Destination port
Sequence number
Acknowledgement number
Data offset
Reserved
Control bits
Window
Checksum
Urgent Pointer
Options
Padding
Data
