Linux interview questions for beginners

[or1k]

▪️ What is Linux?
Answer: Linux is an operating system based on the Linux kernel. It is an open source operating system that can run on a variety of hardware platforms. It provides users with a free and low-cost operating system. It is a user-friendly environment where they can easily modify and create variations in the source code.

▪️ Who invented Linux? Tell us about the history of Linux.
Answer: Linus Torvalds created Linux in 1991. Linus Torvalds was a student at the University of Helsinki, Finland. He started writing code on his own to get a free academic version of Unix.

▪️ What is the Linux operating system kernel?
The Linux kernel is the centerpiece of the Linux computer operating system. The kernel is the basic interface between a computer's hardware and its processes that ensures that free memory is available to run Linux applications, optimizes processor performance, and monitors whether applications are meeting system requirements.

▪️ What is the Linux kernel?
The Linux kernel is the heart of the operating system. It serves as the link between the software and the hardware. If software requests hardware, the kernel passes data between the software and the hardware.

For example, if you want to play a song, you should launch the default player, it requests the kernel to play the song, now the kernel will contact the hardware to request permissions or hardware components, for example if you have connected some headset to the device. Most Android phones use Linux kernels.

The kernel can be edited because it is released under a General Public License. 

[or1k]

▪️ What is the difference between Linux and Unix?
The answer is in the picture. And some other differences:
Linux is a clone of Unix. But if you consider the Portable Operating System Interface Standards (POSIX), Linux can be considered as UNIX.

- Linux is just a kernel
All Linux distributions include a GUI system, GNU utilities, installation and management tools, GNU c / c ++ compilers, editors (vi) and various applications such as OpenOffice, Firefox.

UNIX operating systems are considered a complete operating system because everything comes from a single vendor.

- Security and firewall
Linux comes with open source Netfilter and an IPTables based firewall to protect your server and desktop from intruders and hackers. UNIX operating systems come with their own firewalls.

- Backup and Restore
UNIX and Linux come with their own set of tools for backing up data to tape and other backup media. However, both Linux and UNIX have some common tools such as tar, dump/restore, cpio, etc.

[or1k]

1. How would you diagnose a Linux system that’s unresponsive to user input?

Diagnosing an unresponsive Linux system requires a systematic approach: 

• First, check if the system responds to keyboard shortcuts, such as CTRL+ALT+F1, to switch to a different terminal. 

• If that doesn't work, try accessing the system remotely using Secure Shell Protocol (SSH). 

• If you can access the system, review the system logs in /var/log/messages and use commands like top to see if any specific process is causing the unresponsiveness. 

• Check the system's memory using free -m to identify if it's a memory issue. 

• If you suspect hardware issues, you can check hardware logs and diagnostic tools. 

• When everything else fails, a forced reboot may be necessary, but it should be the last resort. 

You should carefully note the symptoms and messages if the issue recurs, as this information could help with future diagnoses.

2. Describe how you would approach resolving a “disk full” error on a Linux system.

Resolving a “disk full” error on a Linux system involves identifying what’s taking up space and freeing that space up. Here's how you could approach it:

1. Identify the disk usage: Use the df command to check overall disk space and du to find the directories consuming most of the space.

2. Locate unnecessary files: Use commands like find to locate old or unnecessary files, such as logs or temporary files.

3. Clear cache and temporary files using appropriate commands or tools.

4. Evaluate log files and consider implementing log rotation if it’s not already in place.

5. Uninstall unneeded packages or software. 

6. Check for core dumps that can be deleted.

7. Verify trash: Empty the user's trash bin if necessary.

8. Expand disk if necessary: Consider expanding the disk or partition if the issue recurs frequently.

3. Explain the steps you'd take to troubleshoot a network connectivity issue on a Linux server.

Troubleshooting network connectivity on a Linux server involves several steps: 

1. Start by verifying the physical connections if you have access to them.

2. Proceed to examining the network configuration using commands like ifconfig or ip addr. 

3. Check if the network interface is up and has the correct internet protocol (IP) address. 

4. Next, test the connectivity to the local network with ping and inspect routing with route -n or ip route. 

5. Verify the domain name system (DNS) configuration in /etc/resolv.conf and test DNS resolution. 

6. If a firewall is present, review the rules to ensure it's not blocking the necessary traffic. 

7. Analyze the output of the netstat command to reveal potential issues with listening ports. 

8. Lastly, review system and network logs found in /var/log, which might give clues to specific issues. 

4. On Linux, how can you check the status of a service and restart it if it's not running?

To check service status and restart the service if necessary, you can:

1. Use systemctl status serviceName to check the status of a specific service. Look at the output and identify if the service is active or inactive.

2. If the service isn’t running, use systemctl restart serviceName to restart it.

3. Run systemctl status serviceName again to ensure the service is active and running properly.

4. If you want the service to start automatically at boot, use systemctl enable serviceName.

This approach ensures that services essential for the system's functionality are always active.

5. What could be the reasons for a sudden increase in central processing unit (CPU) utilization on a Linux server? How would you identify the culprit process?

A sudden spike in CPU utilization on a Linux server could have multiple causes. For example, it might be due to a rogue process consuming excessive resources, a poorly optimized script or application, a sudden increase in user activity, or even a malware attack. 

To identify the culprit, you could use the top or htop commands, which display real-time system statistics and highlight the processes consuming the most CPU. You can then analyze the specific process to understand its behavior. 

Running the ps command with specific flags can give detailed insights into processes. Analyzing log files may also provide clues if the spike is related to specific scheduled tasks or application behaviors. 

You should handle the diagnosis carefully to optimize the server’s performance without affecting crucial processes or user experience.

6. What Linux commands would you use to diagnose a slow server response time?

Diagnosing a slow server response time on a Linux system involves using several commands to identify the bottleneck. Here's a step-by-step guide:

1. Monitor system resources. Use top or htop to monitor CPU and memory usage.

2. Analyze disk input/output (I/O). Use iostat to check if disk input/output is a bottleneck.

3. Inspect network traffic. Use iftop or nethogs to examine network traffic and look for unusual activities.

4. Check server load. Use uptime to review the server load and compare it with the number of available CPU cores.

5. Evaluate running processes. Use ps with proper flags to view and analyze the running processes.

6. Review logs. Inspect log files in /var/log for error messages or warnings.

7. Profile application. If an application is slow, use profiling tools specific to the application or language.

With these commands, you can pinpoint the root cause of the slow server response time and take appropriate actions to enhance performance.

7. How can you determine which process is consuming the most memory on a Linux system?

You can identify the processes that are using the most memory on a Linux system by using the following steps:

1. Open the terminal.

2. Type the command top and press Enter. This command shows an overview of all active processes.

3. Look for the column labeled “%MEM”. This shows the percentage of total system memory being used by each process.

4. Identify the process consuming the most memory by checking the highest percentage in the “%MEM” column.

Another option is to use the ps command with specific options, like ps aux --sort=-%mem | head -n 10. This command sorts the processes by memory usage, displaying the ten processes using the most memory.

8. Describe the steps you'd take to diagnose and mitigate a security breach on a Linux server.

The first step is to isolate the affected system from the network to prevent the breach from spreading. You analyze the logs to understand the nature and source of the breach using tools like fail2ban or aide. Identifying compromised files and users is crucial. 

Next, you remove malicious files and close any vulnerabilities, which might require patching the system or updating software. In some cases, a complete system rebuild might be necessary. Continuous monitoring is essential to ensure that the issue is entirely resolved.

9. Describe how you'd troubleshoot a situation where a user cannot log in to a Linux system.

When a user is struggling to log in to a Linux system, you can:

1. Verify the user's username and password. Ensure the user is using the correct credentials.

2. Check if the user account is locked. Use the passwd -S username command to see the account status.

3. Inspect the permissions of the user's home directory. The permissions must allow the user to read and write.

4. Examine system logs. Look at the /var/log/auth.log file for error messages related to the login issue.

5. If you’re using SSH for remote login, check the SSH configuration file for any restrictions on the user's access.

Following these steps can identify and fix the login problem's root cause, ensuring smooth access to the Linux system for the user.

10. What could cause intermittent SSH connection failures, and how would you investigate them?

Intermittent SSH connection failures can be a complex issue to diagnose. They may stem from various causes, like network issues, server overload, or configuration errors. Here's how you'd investigate: 

1. Check the network. Verify the network connection between the client and server is stable. Use ping to check if the server is reachable.

2. Examine the server load. If the server is overloaded, it might refuse new connections. Use commands like top to monitor the server's performance.

3. Look at the SSH configuration. Check the SSH configuration file /etc/ssh/sshd_config for any incorrect settings that might be causing the failure.

4. Review the logs. Inspect the server's SSH log files, usually found in /var/log/auth.log, for specific error messages.

5. Test with different clients. If possible, attempt to connect from a different client machine to isolate the issue.

Investigating these areas will help identify the underlying cause of the intermittent failures and lead to a resolution, ensuring reliable remote access to the Linux system. 

11. How would you diagnose and fix the time synchronization problem if a server's clock is consistently incorrect?

A Linux server clock that’s consistently wrong might indicate a time synchronization problem. To diagnose this, you can check the system's connection to a network time protocol (NTP) server. Tools like timedatectl or ntpq can help you analyze the synchronization status. 

If you find the NTP servers are misconfigured, you can reconfigure the NTP daemon by editing the /etc/ntp.conf file and selecting the right NTP servers. Restarting the NTP service will then synchronize the server's clock. 

You should conduct regular monitoring to ensure that the problem doesn't recur.

12. What steps would you take to identify and resolve the issue in which a Linux system fails to boot?

You can diagnose a non-booting Linux system by employing these steps:

1. Check the boot loader. Start by ensuring the boot loader (such as GRUB) is properly configured.

2. Access recovery mode. Reboot the system into recovery mode to access command-line tools.

3. Examine the log files. Check logs like /var/log/syslog to find error messages.

4. Inspect the kernel messages. Use the dmesg command to see kernel-related issues.

5. Test the hardware. Check for hardware failure using tools like smartctl.

6. Perform a file system check. Run fsck on disk partitions to repair corrupted file systems.

7. Reinstall packages. Reinstall necessary packages or update them if they're causing the issue.

 

13. How can you determine if a specific port is open and reachable on a remote Linux server?

To determine if a specific port is open and reachable on a remote Linux server, you'd use tools like telnet, nc (netcat), or nmap. You can check if the port is reachable by running commands like telnet hostname portnumber or nc -zv hostname portnumber. 

For a more comprehensive scan, you can use nmap to find extensive details about open ports and their corresponding services.

Be sure you have proper authorization, as scanning without permission might be considered hostile. 

14. How can you diagnose and address issues related to DNS resolution on a Linux machine?

DNS resolution issues can disrupt network connectivity. Here’s how to diagnose and address them:

1. Check the connection. Ensure network connectivity using commands like ping.

2. Inspect the DNS configuration. View the /etc/resolv.conf file to see the DNS servers.

3. Use diagnostic tools. Tools like nslookup or dig can diagnose DNS queries.

4. Restart the DNS service. Refreshing the DNS service using systemctl restart may fix problems.

5. Flush the DNS cache. Clear the DNS cache with systemd-resolve --flush-caches, which can resolve some conflicts.

6. Consult system logs. Look at logs like /var/log/syslog for detailed error information.

15. Explain the concept of file permissions on a Linux system, and describe how incorrect permissions can lead to issues.

File permissions in Linux govern who can read, write, and execute a file. There are three types of permissions: user (owner), group, and others. You can view permissions using the ls -l command and modified with the chmod command. 

Incorrect permissions can lead to various problems. For example, setting a file to be readable by anyone might expose sensitive information, while unrestricted writability could enable others to modify it unnecessarily. Ultimately, incorrect execution permissions can lead to software malfunctions. 

16. Describe the significance of log files in troubleshooting, and provide examples of important log files on a Linux system.

Log files are essential for troubleshooting as they record system activities and errors. You can use them for:

• Tracking errors. Log files record failures and issues, helping diagnose issues.

• Security monitoring. They help monitor unauthorized access attempts.

• Performance analysis. They can reveal system performance issues.

Some important log files on a Linux system include:

• /var/log/syslog: General system activities and errors.

• /var/log/auth.log: Authentication logs, including successful and failed login attempts.

• /var/log/kern.log: Kernel logs, which are helpful in diagnosing hardware-related problems.

• /var/log/dmesg: Boot and kernel messages.

17. What is a kernel panic, and how would you troubleshoot it on a Linux system?

A kernel panic is a critical error in the Linux system's kernel that causes the operating system to stop abruptly. It’s like a blue screen error in Windows and indicates an unrecoverable condition. 

Troubleshooting a kernel panic involves the following steps:

1. Reboot the system. Simply restart the system, which sometimes solves the issue.

2. Analyze the error message. Note the error message displayed during the panic for further investigation.

3. Check log files. Look into /var/log/kern.log or /var/log/messages to identify specific problems.

4. Update the system. Make sure all software, including the kernel, is up to date.

5. Test hardware. Run diagnostics to rule out faulty components.

18. Describe the steps you'd take to troubleshoot a situation where a user can't access a specific website from a Linux machine.

Troubleshooting access to a website on a Linux machine requires several steps: 

1. First, verify whether the issue is limited to the specific website by trying to access other websites. 

2. Next, use the ping command to check network connectivity. 

3. If network connectivity is fine, use the nslookup or dig commands to diagnose any DNS issues. 

4. If the DNS isn’t the problem, inspect the local firewall rules and proxy settings. 

5. Examine browser-related issues by checking for error messages or trying a different browser. 

6. Examine the /etc/hosts file to see if the site is inadvertently blocked as an alternative solution.

19. Explain the purpose of the strace command and how it can assist in diagnosing problems.

The strace command in Linux is a powerful tool used to trace a particular program's system calls and signals. It helps diagnose issues by providing detailed information about how a program interacts with the operating system. 

Here's how you can use it:

• Identify errors. Run strace followed by a command to see where a program might be failing.

• Analyze performance. Detect where bottlenecks or performance issues occur within the application.

• Debug issues. Uncover unexpected behaviors in programs by using the command to display the sequence of system calls.

• Improve understanding. Gain insights into how programs work and interact with the Linux system (this is especially useful for developers).

• Trace specific activities. Filter specific system calls or files to narrow down the diagnosis.

20. If a user complains about slow file access, what tools and techniques would you use to identify the cause?

Here are tools and techniques for diagnosing the issue:

1. Ask specific questions. Find out which types of files are affected and when the problem started.

2. Use diagnostic tools. Use commands like iotop, vmstat, or iostat to monitor I/O activities.

3. Check disk usage. Ensure the disk isn't full using the df and du commands.

4. Analyze network performance. If files are on a network, use tools like ping and traceroute to determine if network latency is the issue.

5. Review user permissions. Ensure the user has appropriate permissions to access the files.

6. Consult log files. Review system logs for any related errors or warnings.

7. Evaluate disk health. Perform disk checks to ensure no hardware issues are contributing to the problem.

Slow file access can affect productivity, so identifying the cause is vital for a smooth workflow.

How to assess Linux administrators’ troubleshooting skills

While you can use the interview questions above to gain insight into a candidate's Linux troubleshooting knowledge, interviews should serve as only one part of your assessment.