Part-2: 25 Basic Linux Interview Questions & Answers

In this guide, we have included the most frequently asked 25 basic Linux Interview Questions and detailed answers, which help the candidates to prepare for the Linux interview.

These Linux interview questions and answers will be useful for both freshers and experienced users.

Suggested Read: Part-1: Basic 25 Linux Interview Questions and Answers

Q.1) What’s SELinux?

SELinux (stands for Security Enhanced Linux) is a security feature of the Linux kernel that add additional security layer to the Linux system.

It implements mandatory access control (MAC) that allows users and administrators more control over discretionary access control (DAC).

SELinux defines access control policies for applications, processes, sockets, and files that dictate them what they can or can’t be accessed, which protects the system from malicious or flawed applications that can damage or destroy the system.

When enabled, SELinux can run in one of two modes:

• enforcing
• permissive

Execute one of the following commands to check in which mode SELinux is running.

$ getenforce
or
$ sestatus

The ‘getenforce’ command returns the SELinux status such as Enforcing, Permissive, or Disabled whereas the ‘sestatus’ command returns the SELinux status and the SELinux policy being used.

• Enforcing: It enforces the SELinux policy and denies access based on SELinux policy rules.
• Permissive: In permissive mode, SELinux policy is not enforced and does not deny any actions but only logs AVC messages.
• Disabled: Allow all operations and doesn’t log any events.

To permanently change the SELINUX mode from one to another, you must modify the mode value in the following SELinux configuration file.

$ sudo vi /etc/selinux/config

Q.2) What’s SUID?

SUID is a special file permission that provides elevated privileges to the normal user temporarily during execution. The best example of a SUID is the ‘/usr/bin/passwd’ command. This binary file is owned by root user but anybody can execute this command including root.

$ ls -l /usr/bin/passwd
-rwsr-xr-x. 1 root root 31K Nov 02 2015 /usr/bin/passwd

• s (lowercase) – Indicate SUID permissions set for the user.
• S (uppercase) – Indicate the SUID permissions set for the user, but the executable permission “x” is not applied in that file.

To configure SUID, run:

$ chmod u+s /path/to/file

Q.3) What’s SGID?

SGID is similar to SUID, but allows the file to be executed with the same permission as the group owner.

$ ls -l /usr/bin/passwd
-rwxr-sr-x. 1 root root 33544 Dec 13 2019 /usr/bin/passwd

To configure SUID, run:

$ chmod g+s /path/to/file

Q.4) What’s Sticky Bit?

The last special permission is sticky bit. It’s configured at the directory level, which allows only the root user or owner of the file to delete them.

The best example of a sticky bit is the ‘/tmp’ directory that allows process or application to create or delete files during execution but not by other users. It basically prevents users from deleting other user’s files with in the /tmp directory because everybody has an access to the /tmp directory for read, write and delete.

$ ls -ld /tmp/
drwxrwxrwt. 15 root root 913408 Aug  8 15:16 /tmp/

• t – Indicates that the sticky bit is configured for the directory.

To configure sticky bit, run:

$ chmod +t /path/to/directory

Q.5) What’s Network Bonding in Linux

Bonding is a Linux kernel feature that allows for aggregating two or more network interfaces into a single virtual bonded interface. It offers performance improvements and redundancy by increasing the network throughput and bandwidth.

In simple term, if one physical NIC is down or unplugged, it will automatically move resources to other NIC with help of bonding driver.

The most popular types of bonding methods are as follows:

Mode-0 (balance-rr) : This mode is based on Round-robin policy and it is the default mode. This transmit packets in sequential order from the first available slave through the last, which provides load balancing and fault tolerance.

Mode-1 (active-backup) : This mode is based on Active-backup policy. Only one slave in the bond is active and the other slave becomes active if the active slave fails.

Mode-4 (802.3ad) : This mode is known as a Dynamic Link Aggregation mode. It creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification. It commonly known as Link Aggregation Control Protocol (LACP), which must be enabled on the network switch port as well.

Q.6) What’s Soft link?

A soft link, also known as symbolic links, is a special type of file that points to source file or directory in Linux. It is like a shortcut in Windows that contains the path of the original file and not that contents.

Soft link can be created using the following command

ln -s [path/to/the/source-file] [path/of/the/link_name]

Q.7) What’s Hard link?

Hard link is a mirror copy of the original file. Deleting the original file will not impact anything, because the hard link file, will act as a mirror copy of the original file.

Hard link can be created using the following command

ln [path/to/the/source-file] [path/of/the/link_name]

Q.8) What’s cron job?

The cron daemon is a utility that popularly known as cron job or crontab. It is used to execute a task (command or script) repeatedly at a specified time by reading the crontab (cron tables). It can be monthly, weekly, daily, hourly, every minute, even every second.

cron job is very useful to perform regular tasks such as regular backups, daily scans, /tmp directory cleanup, and restarting the system at a given time.

The Linux crontab has ‘six’ fields, the first ‘five’ fields (1-5) indicate the date and time of execution, and the ‘6’th’ field is used to execute a command or script.

 .-----------------> Minute (0-59)
 |    .--------------> Hour (0-23)
 |    |    .-----------> Day of Month (1-31)
 |    |    |    .--------> Month (1-12) or (jan,feb,mar,apr ...dec)
 |    |    |    |    .-----> Day of Week (0-6) (Sunday=0 or 7) or (sun,mon,tue,wed,thu,fri,sat)
 |    |    |    |    |    .--> Command to be executed
 |    |    |    |    |    |
 *    *    *    *    *    *
MIN HOUR  DOM  MON  DOW  CMD

To add/edit the current user’s crontab entry, run:

$ crontab -e

To list the logged-in user’s crontab entry, run:

$ crontab -l

Predefined crontab directories are as follows:

/etc/cron.d
/etc/cron.daily
/etc/cron.hourly
/etc/cron.monthly
/etc/cron.weekly
/etc/cron.deny

Q.9) What’s anacron?

anacron command is used to execute commands periodically, which is similar to cron. But this tool is specifically designed for a system (Laptop & Desktop) that is not running 24×7.

For instance, you have scheduled a job at ’01 AM’ midnight using crontab, and if your system is powered off at the time then the backup script will not be executed.

This is where anacron comes into picture. It is make sure that the next time you power on the desktop/laptop again, the backup script will be executed.

anacron configuration file is located at ‘/etc/anacrontab’

There are ‘four’ fields for anacron job, and the format is listed below:

$ cat /etc/anacrontab

period   delay   job-identifier   command
   |        |           |             |
   |        |           |             : 
   |        |           |             '--------> command or shell script to be executed.
   |        |           :
   |        |           '--------> It's a anacron job-id, which is used to name the timestamp file created in /var/spool/anacron
   |        :     
   |        '--------> The number of minutes anacron should wait before executing the job (delay in minutes)
   : 
   '--------> Specifies how frequently the job should be executed, in days (@daily, @weekly, @monthly)

Q.10) What’s at command?

at is a command-line utility that is used to schedule commands to be executed at a specific time. Jobs created with at are executed only once and not repeated.

To list the user’s pending jobs, run:

$ at -l
or
$ atq

The below command will execute the “script.sh” at 01.10 am

$ echo "sh /path/to/script.sh" | at 01.10 am

Q.11) What’s Emergency Mode (Target)?

You can boot the system with emergency mode to repair your system when the system cannot enter rescue mode. This provides a very minimal environment for the user.

In emergency mode, the system mounts the root file system for read-only purposes and does not attempt to load any other local file systems. Also, it does not activate network interfaces and only starts some essential services.

How to boot into Emergency mode (target)

• When the GRUB2 menu screen appear, select the kernel that you want to edit and press the ‘e’ key to edit further.
• Add the ‘systemd.unit=emergency.target’ at the end of the ‘linux16’ line.
• Finally press ‘Ctrl+x’ to boot the system with emergency target.

Q.12) What’s Rescue Mode (Target)?

If your system unable to complete a regular booting process due to an issue, you can boot the system into rescue (single-user) mode for further troubleshooting.

In rescue mode, the system tries to mount all local file systems and start only few important system services, but it does not activate network interfaces or allow more users to log into the system at the same time.

Make a note: The rescue mode of the installation program differs from the rescue mode (equivalent to single-user mode) and the emergency mode, which are provided as part of the systemd system and service manager.

Booting into Rescue mode (target)

It can be done in two methods:

Method-1:

You can boot the system directly into rescue mode from the GRUB2 menu because you have the option for that.

Method-2:

• When the GRUB2 menu screen appear, select the kernel that you want to edit and press the ‘e’ key to edit further.
• Add the ‘systemd.unit=rescue.target’ at the end of the ‘linux16’ line.
• Finally press ‘Ctrl+x’ to boot the system with emergency target.

Q.13) What’s Service?

A service is a process or program that runs in the background and does not interact with the user.

The services are also commonly known as daemons, and it supports a variety of options such as Start, Stop, Restart, Enable, Disable and Mask.

For instance, sshd is the daemon that handles the openssh server.

Q.14) What’s su?

su (short form of “substitute” or “switch user”) command allows us to run commands with the privileges of another user.

su is the simplest way of switching over to root account which requires root password to use the ‘su’ command in Linux.

Also, you can use it to switch to any user account. For instance, to switch ‘bob’ user, you’ll be prompted to enter Bob’s password.

$ su - bob

If you wondering what is the difference between ‘su – user’ and ‘su user’, here are the details.

• su – user : It sets the target user environment with HOME, SHELL, USER, LOGNAME and PATH.
• su user: It preserves the current user environment.

Q.15) What’s sudo?

sudo (short form of ‘superuser do’ or ‘substitute user do’) command allows us to temporarily run other commands as root. This is the best way to execute root commands since it records everything which is being performed with the sudo command.

Users does not require the root password to gain root access. Instead, users will enter their own password to avail temporary root access.

Make sure you must always use the sudo command in front of any privilege commands. If not, you will end up with permission denied message.

The sudo permissions are configured in the ‘/etc/sudoers’ file.

Q.16) What’s tty?

TTY stands for teletype that comes from the word ‘teletypewriter’, which is directly connected to the system as a keyboard/mouse or a serial connection to the device (i.e. the console on your system).

The tty command will print the name of the device file that connected to standard input.

$ tty
/dev/pts/0

Q.17) What’s pts?

PTS stands for pseudo terminal slave is a terminal device, which is emulated by another program (i.e. ssh and x-term session to your system).

Q.18) What’s atime?

atime (File Last Access Time) – Access time shows the last time the data was read from a file by any of the process such as command or script, etc, leaving the data unmodified.

Make a note: Time argument consider an input value as ’24 hours’. For example, time 2 = 2*24 hours (2 days).

The below example finds all the files in the root directory, which are accessed within the last 24 hours (1 day).

$ find / -atime -1

Q.19) What’s mtime?

mtime (File Last Modify Time) – mtime shows when you modify, append or update a file content. Most of the times ctime and mtime will be the same, unless the file attributes are updated.

The below example finds all the files in the root directory that are updated in the last 5 days.

$ find / -mtime -1

Q.20) What’s ctime?

ctime (File Last Change Time) – ctime shows when your file metadata got changed. It means when the file attributes are changed like ownership or group, etc.,

To find a list of files in the root directory that have been modified in the last 10 days, run:

$ find / -ctime -10

Q.21) What’s mmin?

mmin shows file data was last modified less than, more than or exactly ‘N’ minutes ago.

To find files that are less than 2 minutes old in the current directory, run:

$ find . -mmin -2

Q.22) What’s amin?

amin shows file was last accessed less than, more than or exactly ‘N’ minutes ago.

To find files that are accessed exactly ’10’ minutes old, run:

$ find . -mmin 10

Q.23) What’s cmin?

camin shows file metadata was last changed less than, more than or exactly ‘N’ minutes ago.

To find files in the current directory and sub-directories that are more than ‘5’ minutes old.

$ find . -cmin +5

Q.24) What’s UUID?

UUID stands for Universally Unique Identifier which helps Linux system to identify a hard drives partition instead of block device file.

The UUIDs are generated by ‘libuuid’ library can be reasonably expected to be unique within a system, and unique across all systems.

UUIDs are represented as 32 hexadecimal (base 16) digits, displayed in five groups separated by hyphens, in the form 8-4-4-4-12 for a total of 36 characters (32 alphanumeric characters and four hyphens).

For example: d92fa769-e00f-4fd7-b6ed-ecf7224af7fa

You can use the ‘blkid’ command to find the UUID of the disk partition:

$ blkid

/dev/sda1: UUID="d92fa769-e00f-4fd7-b6ed-ecf7224af7fa" TYPE="ext4" PARTUUID="eab59449-01"
/dev/sdc1: UUID="d17e3c31-e2c9-4f11-809c-94a549bc43b7" TYPE="ext2" PARTUUID="8cc8f9e5-01"
/dev/sdc3: UUID="ca307aa4-0866-49b1-8184-004025789e63" TYPE="ext4" PARTUUID="8cc8f9e5-03"
/dev/sdc5: PARTUUID="8cc8f9e5-05"

Q.25) What is the use of Ctrl+Alt+Del keys in Linux?

The combination of ‘Ctrl + Alt + Del’ keys is very dangerous in Linux and should be disabled in the production environment.

Don’t use this combination, especially when you are working on the console, because if you accidentally hit it, it restarts the system immediately without any notice.

In the desktop environment, this combination brings you ‘Power Off / Restart / Cancel’ options, which allow you to prevent the power off within 60 seconds if you do not want to power off the system, while the Linux server environment restarts the system immediately without any notice.

Wrapping Up

In this guide, we’ve included the most frequently asked 25 basic Linux Interview Questions and detailed answers for your reference purpose and we hope it will be very useful.

If you have any questions or feedback, feel free to comment below.