Linux Interview Questions

What is LILO?

LILO stands for Linux boot loader. It will load the MBR, master boot record, into the memory, and tell the system which partition and hard drive to boot from.

What is the main advantage of creating links to a file instead of copies of the file?

A: The main advantage is not really that it saves disk space (though it does that too) but, rather, that a change of permissions on the file is applied to all the link access points. The link will show permissions of lrwxrwxrwx but that is for the link itself and not the access to the file to which the link points. Thus if you want to change the permissions for a command, such as su, you only have to do it on the original. With copies you have to find all of the copies and change permission on each of the copies.

Write a command to find all of the files which have been accessed within the last 30 days.

find / -type f -atime -30 > December.files

This command will find all the files under root, which is ‘/’, with file type is file. ‘-atime -30′ will give all the files accessed less than 30 days ago. And the output will put into a file call December.files.

What is the most graceful way to get to run level single user mode?

A: The most graceful way is to use the command init s.
If you want to shut everything down before going to single user mode then do init 0 first and from the ok prompt do a boot -s.

What does the following command line produce? Explain each aspect of this line.

$ (date ; ps -ef | awk ‘{print $1}’ | sort | uniq | wc -l ) >> Activity.log

A: First let’s dissect the line: The date gives the date and time as the first command of the line, this is followed by the a list of all running processes in long form with UIDs listed first, this is the ps -ef. These are fed into the awk which filters out all but the UIDs; these UIDs are piped into sort for no discernible reason and then onto uniq (now we see the reason for the sort - uniq only works on sorted data - if the list is A, B, A, then A, B, A will be the output of uniq, but if it’s A, A, B then A, B is the output) which produces only one copy of each UID.

These UIDs are fed into wc -l which counts the lines - in this case the number of distinct UIDs running processes on the system. Finally the results of these two commands, the date and the wc -l, are appended to the file "Activity.log". Now to answer the question as to what this command line produces. This writes the date and time into the file Activity.log together with the number of distinct users who have processes running on the system at that time. If the file already exists, then these items are appended to the file, otherwise the file is created.


  • Give an example of set of shell commands that will give you the number of files in a directory
  • How do you tell what process has a TCP port open in Linux
  • On a Red Hat Linux Variant how do you control whether a service starts when the system boots
  • How do you tell the amount of free disk space left on a volume
  • Give an example of a set of shell commands to tell how many times “bob” has logged on to the system this month
  • Give an example of a recursively copying a directory from one location to another.
  • How do you modify the IP and Net mask of a system running a Red Hat Variant of Linux
  • Give an example of a set of shell commands that will give you the number of “httpd” processes running on a Linux box.
  • On CentOS or Fedora based system using the package management application, how do you tell what package provided the file “libnss_ldap.so”
  • What is the difference between VTP client, server, and transparent
  • What is the maximum length of CAT6
  • How does one set up a layer two link to share VLANs
  • How does one implement redundant links at Layer 2
  • What is the difference between a hub, switch, and a router? What are the security advantages of switch vs. hub?
  • Show an example of using telnet to learn the headers of an http server.
  • In what OSI layer does PPP exist
  • What’s the difference between TCP and UDP
  • Given a DNS server that has just started (with an empty cache) and host contacting this DNS server (using it’s OS setting) to learn an address for google.com, list the steps the DNS server will take to learn it with IP addresses (each step will have multiple possible IP addresses – you need choose only one per step).
  • Why are layer 2 loops bad, and what protocol was designed to prevent them
  • Given a radius server at 10.0.0.2 and a shared key of ‘abc123′ show the IOS commands necessary to authenticate switch users against the radius server, while still allowing the use of local username / password pairs
Labels: