SRE Questions

Question 1

What is the difference between a process and a thread?

Answer 1

• Thread is a light weight process
• threads have their own stack, but share these with the parent process
  
  • text (program code)
  • data (program input)
  • heap (stores files, locks, sockets)

Question 2

What is a zombie process?

Answer 2

• has completed execution
• still in the process table so the parent can read the child’s exit status
• it’s dead, but not yet reaped by it’s parent
• when a parent makes a system call to read the exit status, then the process is removed
• kill doesn’t work on zombie processes
• don’t take up system resources

Question 3

How to get rid of a zombie process?

Answer 3

• killing the parent should work to eliminate a zombie. (pid 1 will own it and then kill it)

Question 4

How do you end up with zombie processes?

Answer 4

• created if the parent process doesn’t reap the child
• can happen if the parent doesn’t execute the wait() system call after forking

Question 5

How does the system daemonize a process?

Answer 5

The fork() call is used to create a separate process.
The setsid() call is used to detach the process from the parent (normally a shell).
The file mask should be reset. The reason for this is because we want to create new files with the mask that is needed for the child process.
The current directory should be changed to something benign. We may not want the child to be in the same pwd as the parent.
The standard files (stdin,stdout and stderr) need to be reopened.

Question 6

Describe ways of process inter-communication

Answer 6

Shared memory - threads share memory inside a process
POSIX mmap - a system call that maps files or devices into memory
Message queues - they allow multiple processes to read/write to the message queue without being directly connected
socket - sends streaming data over a network interface
pipes - these direct input/output of one process to another
Unix domain sockets - similar to an internet socket, but all communication occurs within the kernel. Use the file system as their address space.
RPC - remote procedure call
File - multiple processes can read/write
http://en.wikipedia.org/wiki/Inter-process_communication

Question 7

What is a system call that maps files or devices into memory? _____ _____

Answer 7

POSIX mmap

Question 8

Does the OS have message queues?

Answer 8

Yes - they allow multiple processes to read/write to the message queue without being directly connected

Question 9

____ sends streaming data over a network interface

Answer 9

socket - sends streaming data over a network interface

Question 10

What does a Unix domain socket do?

Answer 10

They are similar to an internet socket, but all communication occurs within the kernel. Use the file system as their address space.

Question 11

___ ___ ___ is when a computer program causes a procedure to execute in a different address space (this computer or another computer over a network) which is coded as if it were a normal procedure call without the programmer explicitly coding the details for the remote interaction.

It is also a form of inter-process communication, in that different processes have different address spaces: if on the same host machine, they have distinct virtual address spaces, even though the physical address space is the same; while if they are on different hosts, the physical address space is different.

Answer 11

RPC - remote procedure call

https://en.wikipedia.org/wiki/Remote_procedure_call

Question 12

Describe how processes executes in a Unix shell

Answer 12

Example /bin/ls
- when you run ‘ls’
- the shell searches the path for an executable named ls
- the shell process forks off a copy of itself
- if the fork succeeds, then it will run the full executable path it found with ‘exec /bin/ls’.
This replaces the copy of the child shell with itself. Parameters passed in are also run by exec.

Question 13

What are unix signals?

Answer 13

Signals are a way the OS communicates with processes.

The ‘kill’ command is used to send signals to a process.

Example signals:

SIGTERM 15 (optional - default signal to send with kill)
SIGINT 2 Term Interrupt from keyboard
SIGQUIT 3 Core Quit from keyboard
SIGKILL 9 Term Kill signal (not optional)
SIGSTOP 17,19,23 Stop Stop process
SIGPIPE 13 Term Broken pipe: write to pipe with no
readers

The signals SIGKILL and SIGSTOP cannot be caught, blocked, or
ignored.

Question 14

What does ‘echo $?’ tell you?

Answer 14

This is the exit code from the last run process

Question 15

When you send a HUP signal to a process, you notice that it has no impact, what could have happened?

Answer 15

During critical section execution, some processes can setup signal blocking. The system call to mask signals is ‘sigprocmask’. When the kernel raises a blocked signal, it is not delivered.

Such signals are called pending. When a pending signal is unblocked, the kernel passes it off to the process to handle. It is possible that the process was masking SIGHUP.

Question 16

What is TCP slow start?

Answer 16

A congestion control algorithm which balances the speed of a network connection. It starts slowly and gradually increases the amount of data transmitted until it finds the network’s maximum carrying capacity. It knows it’s reached the limit when ACK is no longer recieved.

This is used when two computers over the network start to communicate. During the TCP handshake.

Benefits:
- Users experience uninterrupted connections since packets are no longer dropped due to congestion.
- Users also experience faster downloads since slow start finds and uses the maximum connection speed.
- Enterprises see less network congestion since slow start regulates bandwidth and prevents the sender from having to continuously retransmit data.

Question 17

List 4 TCP connection states

Answer 17

1) LISTEN – Server is listening on a port, such as HTTP
2) SYN-SENT – Sent a SYN request, waiting for a response
3) SYN-RECEIVED – (Server) Waiting for an ACK, occurs after sending an ACK from the server
4) ESTABLISHED – 3 way TCP handshake has completed

Question 18

What is DHCP?

Answer 18

Dynamic host configuration protocol
A network management protocol used to automate the process of configuring devices on IP networks. The server doesn’t have an IP at this point, but can also receive either a dynamic IP or static IP (manually configured).

Data assigned:
- subnet mask
- router
- DNS server
- hostname
- domain name

Benefits
- less toil
- IP addresses are automatically freed up
- Don’t need a network admin to setup each server

Question 19

What are some protocol states of DHCP?

Answer 19

DHCP DISCOVER client->server : broadcast to locate server
DHCP OFFER server->client : offer to client with offer of configuration parameters
DHCP REQUEST client->server : requesting a dhcp config from server
DHCP ACK server->client : actual configuration paramters
DHCP NAK server->client : indicating client’s notion of network address is incorrect
DHCP DECLINE client->server : address is already in use
DHCP RELEASE client->server : giving up of ip address
DHCP INFORM client->server : asking for local config parameters

These are all one word, but I added spaces for readability.

Question 20

Describe TCP header format

Answer 20

Source port
Destination port
Sequence number
Acknowledgement number
Data offset
Reserved
Control bits
Window
Checksum
Urgent Pointer
Options
Padding
Data