1. What is Linux?
Linux is an open-source operating system used to manage hardware and software resources. It provides a command-line and graphical interface for users to interact with the system.

2. Difference between Linux and Unix?
Linux is open-source and widely used in modern servers and desktops. Unix is proprietary and mostly found in enterprise and legacy systems. Linux has various distributions like Ubuntu, CentOS, while Unix includes AIX, HP-UX.

3. Explain File System Hierarchy in Linux?
The Linux file system is organized like a tree, starting from the root directory /. Here are some common and important directories:

- /: Root directory (top of the hierarchy)
- /root: Home directory of the root (admin) user
- /etc: Contains all configuration files
- /home: Personal files and folders for users
- /var: Logs and variable data (like print spool, mail, etc.)
- /bin: Basic system commands
- /usr: User-installed software and libraries

Understanding this hierarchy helps in locating files and troubleshooting system issues.

4. What is Shell in Linux?
A Shell is a program that lets you interact with the operating system using commands. It acts as a bridge between the user and the Linux kernel.

You can type commands in the shell to run programs, manage files, and perform system tasks.

Example shells:
\n - bash (most common)
- sh
- zsh

Example command:
echo \"Hello World\" — This tells the shell to print text to the screen.

5. How do you find a file in Linux?
You can use the find command to search for files and directories in Linux.

Basic syntax:
find [path] -name [filename]

Example:
find / -name \"test.txt\"
- /: Search from root directory
- -name: Specify the file name

This command will look for a file named test.txt across the entire system.

6. Explain the use of grep command?
The grep command is used to search for specific text or patterns inside files.

It is very helpful for finding errors, logs, or specific content in large files.

Example:
grep "error" /var/log/syslog
This will show all lines that contain the word error in the syslog file.

Common options:
\n - -i: Ignore case
- -r: Recursive search
- -n: Show line numbers

7. What’s the difference between Soft Link and Hard Link? What is a Symbolic Link in Linux?
- A Soft Link (also called Symbolic Link) is like a shortcut to the original file. If the original file is deleted, the soft link will not work.

- A Hard Link is an exact copy that points to the same inode as the original file. Even if the original file is deleted, the hard link still works.

Example to create a soft link:
ln -s /path/to/original.txt softlink.txt

Example to create a hard link:
ln /path/to/original.txt hardlink.txt

Use soft links when you want to link across directories or file systems. Use hard links when you want a backup-like mirror of the file.

8. How do you manage services in Linux?
Services in Linux are managed using commands like systemctl (for systemd-based systems) and service (for older systems).

Using systemctl:
- Start a service: sudo systemctl start nginx
- Stop a service: sudo systemctl stop nginx
- Check status: sudo systemctl status nginx
- Enable on boot: sudo systemctl enable nginx

Using service:
- Start a service: sudo service nginx start
- Stop a service: sudo service nginx stop
- Status: sudo service nginx status

systemctl is more modern and widely used in most Linux distributions today.

9. Explain the difference between Shell Scripting and a Programming Language?
Shell Scripting is mainly used to automate repetitive tasks in a Linux environment using commands.

Programming Languages (like Python, Java, C++) are designed for building full applications with complex logic, data structures, and object-oriented features.

Key Differences:
- Shell scripts are interpreted directly by the shell (like bash)
- Programming languages usually need compilers or interpreters
- Shell scripts are better for task automation
- Programming languages are better for software development

Example Shell Script:
#!/bin/bash
echo \"Backup starting...\"

10. What is SSH and how is it used?
SSH (Secure Shell) is a protocol used to securely connect to remote Linux systems over a network.

It uses encryption to protect the data being transferred between the client and the server, making it safe to use even over the internet.

Basic SSH command:
ssh username@server_ip
Example:
ssh omkar@192.168.1.10

SSH is commonly used by system administrators to remotely manage servers and execute commands.

11. How do you check system resources in Linux?
You can use several commands in Linux to check the system's resource usage like CPU, memory, disk, and more.

top – Shows real-time CPU and memory usage of processes.
Example: top

free – Displays available and used memory (RAM and swap).
Example: free -h (-h for human-readable format)

df – Shows disk usage of mounted file systems.
Example: df -h

du – Displays the size of files and directories.
Example: du -sh /home/omkar (-s: summary, -h: human-readable)

These commands help you monitor system performance and troubleshoot issues easily.

12. What is a Package Manager in Linux?
A Package Manager is a tool that helps you install, update, configure, and remove software packages in Linux systems.

Different Linux distributions use different package managers:
- apt → for Debian/Ubuntu
- yum or dnf → for RHEL/CentOS/Fedora
- pacman → for Arch Linux

Examples:
- Install a package: sudo apt install nginx
- Update packages: sudo apt update
- Remove a package: sudo apt remove nginx

Package managers handle dependencies automatically and make software management easier.

13. Explain the chmod command?
The chmod command is used to change file or directory permissions in Linux.

Every file has permissions for the owner, group, and others — which control read (r), write (w), and execute (x) access.

Numeric values:
- r = 4
- w = 2
- x = 1

So chmod 755 file.sh means:
- Owner: rwx (7)
- Group: rx (5)
- Others: rx (5)

Example:
chmod 644 myfile.txt → read/write for owner, read-only for group and others.

14. What is Kernel in Linux?
The Kernel is the core part of the Linux operating system. It manages all interactions between the hardware and software.

It handles important tasks like:
- Process management
- Memory management
- Device control
- File system operations

When you run a command, the shell passes it to the kernel, and the kernel communicates with the hardware to execute it.

Example command to check your kernel version:
uname -r

15. How do you archive and compress in Linux?
Use tar to archive multiple files or folders into one file. To compress the archive, combine it with tools like gzip or bzip2.

Example using tar + gzip:
tar -czvf archive.tar.gz folder/
- -c: Create an archive
- -z: Compress using gzip
- -v: Show progress (verbose)
- -f: Specify file name

To extract:
tar -xzvf archive.tar.gz

16. How to create a new user in Linux?
To create a new user, use the useradd or adduser command. These commands help you add a new user account to the system.

Example:
sudo adduser omkar

This will:
- Create a user named omkar
- Create a home directory at /home/omkar
- Ask for a password and other optional details

You can check if the user is created by running:
id omkar

17. What is a Root User or what is Root in Linux?
The root user is the superuser in Linux with full administrative access to the entire system.

The root user can:
- Install or remove software
- Modify system files and settings
- Manage all users and permissions
- Access and control everything on the system

You should use root privileges carefully, because even a small mistake can affect the entire system.

To perform commands as root, use sudo:
sudo apt update

You can switch to the root user (if allowed) using:
sudo su

18. What is File Permission and how to change it in Linux?
File permissions control who can read, write, or execute a file or directory in Linux. There are three types of users:
- Owner
- Group
- Others

And three types of permissions:
- r: Read
- w: Write
- x: Execute

To view permissions:
ls -l
Example output: -rwxr-xr--

To change permissions, use the chmod command:
chmod 755 script.sh
This gives: Owner - full access, Group and Others - read + execute

You can also use symbolic mode:
chmod u+x filename.sh → adds execute permission to the owner

19. What is a Daemon in Linux?
A daemon is a background process that runs automatically without user interaction. It usually starts during system boot and keeps running to perform specific tasks or wait for requests.

Common examples of daemons:
- sshd – handles SSH connections
- cron – schedules tasks
- httpd or nginx – web server processes

Daemons often have a d at the end of their name (which stands for daemon).

You can check running daemons using:
ps -ef | grep d
or
systemctl list-units --type=service

20. What is Inode in Linux?
An inode (Index Node) is a data structure used by the Linux file system to store information about a file or directory, except its name and actual data.

Each file has a unique inode that contains details like:
- File size
- Ownership (user/group)
- Permissions
- Timestamps (created, modified, accessed)
- Disk location

You can view a file’s inode number using:
ls -i filename

Inodes help the system track files efficiently, even if multiple files share the same content (like in hard links).

21. What’s the purpose of crontab?
crontab is used to schedule tasks automatically in Linux at specific times or intervals.

It is commonly used for:
- Running backup scripts daily
- Cleaning up temporary files
- Monitoring system health periodically

To view current crontab entries:
crontab -l

To edit crontab:
crontab -e

Example:
0 2 * * * /home/user/backup.sh
This will run the script every day at 2:00 AM.

Crontab uses a 5-field time format: minute hour day month weekday.

22. How to check the IP of a server?
To check the IP address of a Linux server, you can use the following commands:

1. Using ip command:
ip addr show
or simply:
ip a
This will display all network interfaces and their IP addresses.

2. Using hostname command:
hostname -I
This shows the primary IP address of the system.

These commands are helpful to identify how your server is connected in the network.

23. What’s the purpose of the /etc/passwd file?
The /etc/passwd file stores basic information about all user accounts on the Linux system.

Each line in the file represents one user and contains details like:
- Username
- User ID (UID)
- Group ID (GID)
- Home directory
- Login shell

Example entry:
omkar:x:1001:1001:/home/omkar:/bin/bash

This file is readable by all users, but only the root user can modify it. Passwords are not stored here directly—they are stored securely in /etc/shadow.

24. What is Environment in Linux? Explain with an example.
An environment in Linux is a collection of variables that define the behavior of the shell and other processes. These variables can control things like the default editor, system paths, user info, and more.

Common environment variables:
- PATH: Directories to search for executable files
- HOME: User's home directory
- USER: Current logged-in username

To view all environment variables:
printenv

To see a specific variable:
echo $HOME

To temporarily set a variable:
export MYVAR=hello
echo $MYVAR → Output: hello

Environment variables are useful in scripting and automation.

25. What is the /etc/shadow file?
The /etc/shadow file stores encrypted user passwords and related security information for each account on a Linux system.

It is a more secure companion to /etc/passwd because this file is only accessible by the root user.

Each line in the file corresponds to a user and contains:
- Encrypted password
- Password expiration details
- Account lock status

Example entry:
omkar:$6$...$encryptedpassword:19000:0:99999:7:::

This ensures that even if someone can read /etc/passwd, they cannot see the actual passwords.

26. Why do we use the ping command?
The ping command is used to check the connectivity between your system and another host (like a server or website) over a network.

It sends ICMP echo requests and waits for replies to measure:
- Whether the destination is reachable
- How long it takes to respond (latency)
- If any packets are lost in transit

Example:
ping google.com
This checks if your system can reach Google's server and shows response time.

ping is a very useful tool for basic network troubleshooting.

27. What is the difference between wget and curl?
Both wget and curl are command-line tools used to transfer data over the internet, but they have some differences in usage and capabilities:

wget:
- Mainly used to download files from the web
- Supports downloading recursively (entire websites)
- Automatically resumes interrupted downloads
- Simple and non-interactive

Example:
wget https://example.com/file.zip

curl:
- More flexible and supports a wide range of protocols (HTTP, FTP, SMTP, etc.)
- Can be used for API testing (GET, POST, PUT, DELETE)
- Requires manual options to resume downloads
- Supports uploading as well

Example:
curl -O https://example.com/file.zip

In summary: wget is ideal for simple downloading tasks, while curl is more powerful and script-friendly for APIs and advanced use cases.

28. What’s the purpose of xargs command?
The xargs command is used to build and execute commands from standard input. It takes the output of one command and passes it as arguments to another command.

It’s especially useful when dealing with long lists of items or when the output of a command cannot be directly used as input for another.

Example:
find . -name "*.log" | xargs rm
This finds all .log files in the current directory and deletes them using rm.

Without xargs, you'd need to manually loop or write a script. xargs makes the command execution faster and cleaner.

29. What is the difference between a Process and a Service in Linux?
A process is an instance of a running program. A service is a special kind of process that usually runs in the background and performs specific system functions.

Process:
- Started by the user or system when an application runs
- Can be short-lived or long-running
- Examples: firefox, top, ls
- Viewed using: ps aux, top

Service:
- A background process that usually starts during system boot
- Managed by service managers like systemd or init
- Examples: sshd, cron, nginx
- Managed using: systemctl status servicename

In short, all services are processes, but not all processes are services. Services are meant to run continuously in the background to provide functionality.

30. What is LVM?
LVM stands for Logical Volume Manager. It is a system used in Linux to manage disk space more flexibly than traditional partitioning.

With LVM, you can:
- Combine multiple physical disks into one logical volume
- Resize (extend or reduce) volumes easily
- Create snapshots for backup

Key components:
- PV: Physical Volume (actual disk)
- VG: Volume Group (collection of PVs)
- LV: Logical Volume (usable storage created from VG)

Example commands:
pvcreate /dev/sdb
vgcreate my_vg /dev/sdb
lvcreate -L 5G -n my_lv my_vg

LVM makes disk management more dynamic and efficient, especially in server environments.

31. What is nohup command?
The nohup command is used to run a command or script in the background and make it immune to hangups (like closing the terminal).

It ensures that the process keeps running even after the user logs out or the terminal is closed.

Example:
nohup python script.py &
This runs the script in the background and keeps it running after logout. Output is saved in nohup.out by default.

Useful for:
- Long-running jobs
- Remote execution over SSH
- Background services without a terminal session

nohup is short for “no hangup”.

32. What is the purpose of the /var directory?
The /var directory stands for "variable" and contains files that are expected to change frequently during system operation.

It is used to store:
- Log files → /var/log/
- Mail and print spool data
- Temporary files for system services
- PID files and lock files

Examples:
- /var/log/syslog → stores system logs
- /var/www/ → default directory for web content

The /var directory plays a key role in system monitoring, debugging, and service management.

33. What is the difference between apt update and apt upgrade?
Both commands are used with Debian-based Linux systems (like Ubuntu) to manage software packages, but they serve different purposes:

apt update
- Updates the local package index (list of available versions)
- Doesn’t install or upgrade anything
- Must be run before apt upgrade

Example: sudo apt update

apt upgrade
- Installs the latest versions of currently installed packages
- Doesn’t remove or install new dependencies by default

Example: sudo apt upgrade

In short: apt update refreshes the list, apt upgrade applies the updates.

34. Where are the network configurations located in Linux?
Network configuration files in Linux are located in different places depending on the distribution. Common locations include:

For Debian/Ubuntu:
- /etc/network/interfaces → Traditional config file
- /etc/netplan/ → Modern config system used in newer Ubuntu versions

For RHEL/CentOS/Fedora:
- /etc/sysconfig/network-scripts/ → Contains interface files like ifcfg-eth0
- /etc/sysconfig/network → General network settings

To view active configuration:
ip addr show or nmcli device show

These files and tools are used to set IP addresses, gateways, DNS, and other network settings.

35. How to move a user to a specific group in Linux?
To add (or move) a user to a specific group, use the usermod command.

Command:
sudo usermod -aG groupname username

- -a: Append the user to the group (without removing from other groups)
- -G: Specifies the group

Example:
sudo usermod -aG docker omkar
This adds user omkar to the docker group.

After running the command, the user may need to log out and log in again for changes to take effect.

You can verify group membership using:
groups username

1. What is the difference between a process and a thread?
A process is an independent program in execution with its own memory space, while a thread is the smallest unit of execution within a process that shares the same memory with other threads of the same process.

Key differences:
- Processes are heavy-weight, have their own memory, and switching between processes is slower.
- Threads are light-weight, share memory with the parent process, and are faster to create and switch.

Use cases:
- Use processes for isolated tasks (e.g., different services)
- Use threads for parallel tasks within the same application (e.g., multi-threaded web server)

Example to view processes and threads:
ps -ef → shows processes
ps -eLf → shows threads within processes

2. How does the strace command help in debugging?
strace is a diagnostic tool available in Linux that helps in debugging by tracing system calls and signals used by a program.

It shows every interaction between a process and the Linux kernel, which is useful for understanding what the program is doing in the background.

Common use cases:
- Troubleshooting a program that is hanging or crashing
- Identifying missing files or permission issues
- Checking what files or network resources are accessed

Basic usage:
strace ./my_script.sh
This will show a live trace of system calls made by the script.

To trace an already running process:
strace -p <PID>

strace helps developers and system admins understand low-level behavior without modifying the actual code.

3. How do c-groups (control groups) work in Linux?
cgroups (short for control groups) are a Linux kernel feature that allows you to limit, monitor, and isolate resource usage (CPU, memory, disk, etc.) for a group of processes.

They are very useful for managing resources in large systems or container environments (like Docker and Kubernetes).

Main features:
- Limit CPU or memory usage per group of processes
- Prioritize or restrict I/O bandwidth
- Monitor performance and kill runaway processes

Example: create and assign a memory limit using cgroups v1
mkdir /sys/fs/cgroup/memory/mygroup
echo 100M > /sys/fs/cgroup/memory/mygroup/memory.limit_in_bytes
echo <PID> > /sys/fs/cgroup/memory/mygroup/tasks

Note: In modern systems, cgroups v2 is used, which simplifies the hierarchy and improves management.

cgroups are essential for system administrators, especially in virtualization and containerized environments.

4. What is SELinux and how does it secure Linux?
SELinux (Security-Enhanced Linux) is a security module built into the Linux kernel that provides advanced access control policies to improve system security.

Unlike traditional Linux permissions (like rwx), SELinux enforces mandatory access control (MAC), meaning even root users are restricted by its rules.

How SELinux secures the system:
- Limits what processes can access, modify, or execute
- Prevents unauthorized access to files and services
- Enforces security labels on files, users, and processes

SELinux modes:
- Enforcing: Fully applies policies (default in secure systems)
- Permissive: Logs violations but doesn’t block
- Disabled: SELinux is turned off

To check SELinux status:
sestatus

To temporarily change the mode:
setenforce 0 → Permissive
setenforce 1 → Enforcing

SELinux adds a strong layer of security, especially useful in enterprise and multi-user environments.

5. How do you manage kernel modules in Linux?
Kernel modules are pieces of code that can be loaded or unloaded into the kernel at runtime to extend its functionality (like drivers).

You can manage them using the following commands:

1. lsmod – Lists all currently loaded modules
lsmod

2. modprobe – Loads a module into the kernel
sudo modprobe module_name

3. rmmod – Removes a loaded module from the kernel
sudo rmmod module_name

4. modinfo – Displays information about a module
modinfo module_name

Managing kernel modules is helpful when working with device drivers, security modules, or customizing kernel features.

6. Explain the purpose of the /proc directory in Linux?
The /proc directory is a virtual filesystem in Linux that provides a window into the kernel and the current state of the system.

It doesn’t contain real files but shows real-time system and process information.

Main purposes of /proc:
- View details about running processes (e.g., /proc/1234/)
- Check system-wide configuration and stats (e.g., /proc/meminfo, /proc/cpuinfo)
- Tune kernel parameters via /proc/sys/

Examples:
- cat /proc/cpuinfo → Shows processor info
- cat /proc/meminfo → Shows memory usage
- cat /proc/uptime → Shows system uptime

The /proc directory is essential for monitoring, debugging, and system administration tasks.

7. How to optimize the performance of a Linux OS?
Optimizing Linux performance involves monitoring system resources and tuning configurations for better efficiency and responsiveness.

Key ways to optimize Linux:
- Monitor processes:
Use top, htop, or ps to identify high CPU/memory processes.

- Manage startup services:
Disable unnecessary services using systemctl disable servicename

- Optimize memory usage:
Check free -h and use vmstat to observe memory behavior.
Use swapoff or swapon as needed.

- Clean disk space:
Use du -sh * and df -h to find and remove large or unused files.

- Use tuned or sysctl:
tuned can auto-tune profiles for performance (e.g., throughput-performance)
sysctl -p applies kernel-level tweaks (like TCP stack optimizations).

- Keep the system updated:
Run sudo apt update && sudo apt upgrade regularly for performance and security fixes.

Performance optimization is an ongoing task that depends on system usage and workloads.

8. What is the difference between Hard and Soft Real-Time Systems?
A Real-Time System is designed to respond to inputs or events within a strict time constraint. There are two types: Hard and Soft real-time systems.

Hard Real-Time System:
- Guarantees that critical tasks are completed within a strict deadline
- Missing a deadline can cause system failure
- Used in life-critical systems like medical devices, aircraft control, industrial robots

Soft Real-Time System:
- Tries to meet deadlines, but occasional delays are acceptable
- Performance degrades gracefully if a deadline is missed
- Used in applications like video streaming, gaming, VoIP

Summary:
- Hard real-time = strict & must meet deadlines
- Soft real-time = flexible & tolerates slight delays

Linux is typically used for soft real-time tasks, though special versions (like PREEMPT-RT kernel) can support hard real-time capabilities.

9. How does the iptables command work in Linux?
iptables is a command-line tool used to set up, maintain, and inspect firewall rules in Linux.

It allows system administrators to control incoming and outgoing network traffic based on rules defined for IP addresses, ports, and protocols.

iptables works with 3 main chains:
- INPUT: Controls traffic coming into the system
- OUTPUT: Controls traffic going out of the system
- FORWARD: Controls traffic passing through the system (router/gateway use)

Basic Examples:
- Block incoming traffic from an IP:
iptables -A INPUT -s 192.168.1.10 -j DROP

- Allow SSH (port 22):
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

- View current rules:
iptables -L

Note: Modern Linux systems may use nftables or firewalld as replacements, but iptables is still widely used and supported.

10. What are namespaces in Linux and how are they used?
Namespaces in Linux are a feature of the kernel that isolates system resources for different processes, creating lightweight containers.

They are used to create isolated environments where processes think they are running on their own system. This is a key concept in container technologies like Docker.

Main types of namespaces:
- PID: Isolates process IDs
- NET: Isolates network interfaces
- MNT: Isolates filesystem mount points
- UTS: Isolates hostname and domain name
- IPC: Isolates interprocess communication
- USER: Isolates user and group IDs

How they are used:
- To build containers (e.g., Docker, LXC)
- For process isolation in multi-tenant environments
- To simulate multiple systems on a single host

Example with unshare:
unshare --pid --fork bash
This starts a new shell with a separate PID namespace.

Namespaces are fundamental to modern Linux-based virtualization and containerization.

1. You are unable to SSH into a node – what could be the problem?
Just saying "SSH is not working" is too generic – it's like saying "I have a pain" without saying where. So we need to narrow down the issue.

Step 1: Get GUI access (if possible)
This allows you to log in directly and check logs without needing SSH.

Step 2: Check SSH-related logs
Log file paths may differ based on the Linux distro. Look into:
- /var/log/secure
- /var/log/auth.log
- /var/log/sshd.log
- /var/log/messages

Step 3: Analyze the error message
Based on the logs or the SSH error message, debug accordingly. Here are common causes:

1. Host not allowed: The client IP might be blocked or restricted.
2. Root login disabled: SSH config might not permit direct root access (PermitRootLogin no).
3. AllowUsers / AllowGroups set: If defined in /etc/ssh/sshd_config, only those users/groups are allowed to login.
4. SSH key permission issue: Incorrect permissions on ~/.ssh/ or authorized_keys can block access.

Tips:
- .ssh directory should have 700 permission
- authorized_keys file should have 600 permission

Always start from the error and then dig deeper using logs and configs. This way, you're not guessing — you're analyzing.

2. How do you mount and unmount filesystems in Linux?
In Linux, you use the mount and umount commands to attach and detach storage devices like partitions or external drives.

Step-by-step for Mounting:
1. Identify the partition using:
sudo fdisk -l or lsblk

2. Create a mount point (a folder to mount into):
sudo mkdir /mnt/mountpnt

3. Mount the partition:
sudo mount /dev/sdX1 /mnt/mountpnt
(Replace /dev/sdX1 with the actual device name.)

Unmounting:
- First, ensure the mount point is not in use (no open files)
- Then run:
sudo umount /mnt/mountpnt

Layman’s Example:
Think of it like going camping with your friends:
- Mounting is like setting up your tent — you find a flat spot (partition), make space (mount point), and set up the tent (filesystem).
- Unmounting is packing up the tent before heading home.

Simple and clean!

3. How do you troubleshoot network connectivity issues in Linux?
Troubleshooting network issues requires a step-by-step approach to identify where the problem lies — from physical connectivity to configuration and services.

Step 1: Check Physical Connectivity
- Make sure the network cable is connected properly
- Ensure Wi-Fi or network interface is enabled

Step 2: Verify Network Configuration
- Check if the network interface has an IP address:
ip addr or ifconfig

- Check the default gateway is set:
ip route

- Verify DNS settings:
cat /etc/resolv.conf

Step 3: Test Internet Connectivity
- Ping a public server to check connectivity:
ping 8.8.8.8 (Google DNS)
- Ping a domain name to check DNS resolution:
ping google.com

Step 4: Check Firewall Rules
- Firewall may block access:
sudo ufw status
sudo iptables -L

Step 5: Restart Network Interface
- Bring interface down and up:
sudo ifdown eth0
sudo ifup eth0

Tip: Reboot the system if changes don't apply immediately.

Follow this checklist to trace and resolve network problems effectively.

4. How do you list all the processes running in Linux?
In Linux, you can view running processes using several commands. Each command offers a different level of detail and interactivity.

1. ps Command
- Displays a snapshot of current processes
- Useful options:
ps -f → Full-format output
ps -ef → Shows all running processes
ps auxf → Detailed view with tree structure

2. top Command
- Shows real-time process activity
- Displays CPU, memory usage, and system stats
- Interactive — lets you kill or renice processes

3. htop Command
- Enhanced version of top with color-coded output
- Easier to use with arrow-key navigation
- Supports filtering, sorting, and mouse interaction

These tools help you monitor and manage system performance by showing what's running and how much resource each process is consuming.

5. You can SSH from one Linux box (192.168.10.12) to another (192.168.10.11), but not from a Windows machine (192.169.10.29) — what could be the problem?
This is most likely a network routing issue.

Even though the Linux boxes can communicate (they're in the same subnet), the Windows box is in a different subnet (192.169.x.x instead of 192.168.x.x).

Root Cause:
- The Linux box 192.168.10.11 might be missing a default gateway
- Without a gateway, it can’t respond to systems outside its subnet (like 192.169.10.29)

How to troubleshoot:
- Run ip route or route -n on the Linux node to check if a gateway is defined
- Try ping and traceroute from both sides to observe where the connection fails
- Add the gateway using:
sudo ip route add default via 192.168.10.1

Layman Example:
Imagine two friends (Linux boxes) living in the same neighborhood — they can easily walk to each other’s homes. But another friend (Windows box) lives in a different neighborhood. If there's no connecting road (gateway), they can’t visit each other.

So here, a gateway (road/bridge) must be added to connect across neighborhoods (subnets).

6. How can I change the default shell to ksh and default home directory to /export/home/<username> when using useradd in Linux?
By default, when you run useradd, the shell is set to /bin/bash and the home directory is set to /home/username.

These defaults are picked from the config file:
/etc/default/useradd

Default entries in that file include:
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes

To change defaults:
- Open /etc/default/useradd
- Modify these lines:
SHELL=/bin/ksh
HOME=/export/home

This ensures that the next time you use useradd, the default shell will be ksh and the home directory will be /export/home/<username> without needing extra arguments.

Alternative:
You can also specify these values directly while adding the user:
useradd -s /bin/ksh -d /export/home/username username

Use the file method for permanent changes or command-line options for one-time use.

7. I set up password-less SSH between two Linux boxes, but it's still asking for a password. What could be wrong?
If you’ve created your SSH keys correctly but are still being prompted for a password, here’s what to check:

1. Public Key Placement
- Ensure the public key from your client machine is properly copied to the target server’s ~/.ssh/authorized_keys file.
- It's better to use:
ssh-copy-id user@remote_host
than copying it manually — it avoids format or permission errors.

2. File and Directory Permissions
Permissions must be correct, or SSH will ignore the keys:
- ~/.ssh should be 700
- ~/.ssh/authorized_keys should be 600
- The user’s home directory should not be world-writable

3. Check SSH Logs
Analyze logs on the target machine to see what went wrong:
- /var/log/secure
- /var/log/sshd
- /var/log/auth.log
- /var/log/messages

These logs will help you understand whether it's a permission issue, a wrong key, or something else.

Quick Tip: Debug your connection with:
ssh -v user@remote_host
It gives verbose output to see why the key might be rejected.

8. Why do I get “Authentication failure” when using su even with the correct password?
This error typically suggests that the password doesn’t match the one stored in /etc/shadow — but if you're sure the password is correct, there could be other reasons.

Possible Causes:
1. Account Lock: - After several failed login attempts, Linux may temporarily lock the user.
- Check using:
pam_tally2 --user username
or
faillock --user username

To unlock:
pam_tally2 --reset --user username
or
faillock --reset --user username

2. No Root Access: - If su - root fails and you don't have another user with sudo rights, it may require resetting the root password from recovery mode or using live CD access.

3. PAM Configuration: - Some systems use PAM modules for additional security, and a misconfiguration can lead to auth issues.

Recommended:
- If you have root or sudo access, check logs for detailed errors:
/var/log/secure
/var/log/auth.log

This will help identify whether it's a lockout, misconfigured authentication rule, or something else.

9. You receive a notification that disk space on your Linux server is critically low — what steps would you take?
When disk space runs low, it's important to act quickly to avoid system failure. Here's how to troubleshoot and resolve the issue:

Step 1: Identify Space Usage
- Use df -h to check disk usage per partition
- Use du -sh * inside large directories (like /var, /home) to find which files or folders are using the most space

Step 2: Clean Up Unnecessary Files
- Remove unused packages: sudo apt autoremove
- Clear package cache: sudo apt clean
- Remove old logs: sudo journalctl --vacuum-time=7d

Step 3: Compress or Move Data
- Compress large files using gzip or tar
- Move infrequently used data to external or secondary storage

Step 4: Add or Resize Storage
- If cleanup isn't enough, you may need to extend the disk size or mount additional volumes using LVM or cloud provider tools

Layman Language:
Think of it like your room getting messy —
First, see what's taking the most space. Then, toss out junk, store less-used items in a box (compress/move), and if it’s still packed, get a bigger closet (resize disk or add more storage).

Keep your Linux system clean and tidy, just like your room!

10. Your Linux server is experiencing high CPU usage, causing performance issues — how would you troubleshoot and mitigate it?
High CPU usage can severely impact system performance. Here's how to handle it step-by-step:

Step 1: Identify Resource-Heavy Processes
- Use tools like top or htop to monitor CPU consumption in real-time
- Focus on the top entries consuming CPU under the %CPU column

Step 2: Analyze the Process
- Is it a legitimate application or a runaway process?
- If it’s unnecessary, consider stopping it with:
kill -9 <PID>

Step 3: Optimize or Adjust
- If the process is critical, consider:
  • Optimizing the script or code
  • Reducing concurrency if possible
  • Adjusting priority using nice or renice

Step 4: Scale Resources
- If the load is constant and expected:
  • Add more CPU cores (vertically scale)
  • Use load balancing to distribute work across servers (horizontal scaling)

Layman Language:
Imagine your friend’s birthday party is so crowded that no one can enjoy properly. First, check which game or activity is attracting too many people. Then, either pause it or move it to a bigger area. Or bring in more organizers (servers) to balance the crowd.

That’s how you manage high CPU — detect the cause, act wisely, and balance the load.

11. Your Linux server is vulnerable to a known security exploit — how would you apply patches and ensure security?
Dealing with vulnerabilities is critical to maintaining system integrity and protecting data. Here's how to handle it step-by-step:

Step 1: Identify the Vulnerability
- Use tools like os-prober, lynis, or check security advisories
- Confirm if your server is affected and which CVE or package is vulnerable

Step 2: Check for Patches
- Use your Linux distro's package manager:
sudo apt update && apt list --upgradable
sudo yum check-update
zypper list-updates

Step 3: Plan Maintenance
- Schedule a maintenance window to avoid downtime during peak usage
- Notify users and application owners

Step 4: Backup Before Action
- Always back up critical data and configurations
- Consider using tools like rsync, tar, or snapshot features if on cloud

Step 5: Apply the Patch
- Install updates securely:
sudo apt upgrade
sudo yum update

Step 6: Post-Update Verification
- Reboot if required
- Check service status and logs
- Run security scans again to confirm the vulnerability is patched

Layman Language:
Imagine there’s a hole in the fence around your clubhouse. First, check if a new piece is available to fix it. Plan a time to fix it when no one’s using the clubhouse. Before you fix it, take a picture of everything inside in case something breaks. After the fix, double-check the fence to ensure no one can sneak in again. That’s patching a Linux system securely.

12. A critical application hosted on your Linux server is not responding — how would you diagnose and resolve the issue?
When an application stops responding, quick diagnosis is essential. Here's how to troubleshoot the issue effectively:

Step 1: Check Logs
- Inspect application-specific logs (usually under /var/log/ or app directories)
- Also check system logs like:
/var/log/syslog, /var/log/messages, /var/log/journal

Step 2: Verify Services
- Confirm whether the app and dependent services (e.g., DB, web server) are running:
systemctl status <service-name>
ps aux | grep <process>

Step 3: Check Network and Ports
- Ensure necessary ports are open using:
ss -tuln or netstat -tuln
- Verify firewall rules: sudo ufw status or iptables -L
- Test connectivity with telnet or curl

Step 4: Restart if Needed
- Gracefully restart the service:
sudo systemctl restart <service-name>
- Or reboot the server as a last resort

Layman Language:
Imagine you're playing an online game and suddenly your character freezes. First, check if any error popped up on screen (like logs). Then, make sure the game servers and internet (services and network) are working. If your friends can play but you can’t, restart your game (application service). That’s how you bring it back online smoothly!