1. What is Linux?
Linux is an operating system created by Linus Torvalds. Modeled after UNIX systems, it is a re‑implementation of its kernel. Linux includes many technical improvements that UNIX lacks, making it more than just a clone. The system consists of:
Kernel.
System libraries.
Built‑in tools.
These environments can run on various hardware platforms produced by different manufacturers. The first version of the Linux kernel was released on September 17 1991. The term “LINUX”, despite its colloquial use to refer to the operating system, actually refers more closely to the kernel itself, which together with the other components makes up a full operating system.
2. How does Linux differ from UNIX?
UNIX is an operating system written in 1969 at Bell Labs by Dennis Ritchie and Ken Thompson. The first version written in C set the standard for the programming language used to create other operating systems. The name UNIX is copyrighted, so only large companies have the right to use it. Linux is a creation modeled after UNIX, as noted even in the kernel’s README:
"Linux is a Unix clone written from scratch by Linus Torvalds with assistance from a loosely‑knit team of hackers across the Net. It aims towards POSIX compliance."
The creator of Linux is Linus Torvalds; his code, released to the community, has spawned many versions and variants. Linux became an alternative to commercial UNIX flavors such as Solaris, HP‑UX, and AIX.
3. What is BASH?
BASH stands for “Bourne Again SHell”. It was created by Steve Bourne. It is a system shell that succeeds the earlier /bin/sh. Bash supports interactive and batch modes, allows defining aliases and functions, and includes flow‑control constructs (if, while, for).
4. What is the Linux kernel?
The core component of Linux/Unix operating systems. The first release occurred on August 26 1991. It is low‑level system software. The Linux kernel handles communication with hardware and memory operations. It acts as an intermediary (kernel layer) between the user space (applications) and the physical devices of the machine.
5. What is LILO?
A bootloader for Linux that loads the Linux system into RAM. It is a boot program. Today LILO’s role is largely replaced by GRUB.
6. What is GRUB?
GRUB is a GNU project bootloader. It can start multiple operating systems installed on a computer or available over the network. It loads the operating‑system kernel and supports password protection with an MD5 checksum.
7. What is SWAP?
A swap partition. Disk space reserved for temporarily storing data when RAM is exhausted. Typically the SWAP size is about twice the amount of RAM.
8. What is the advantage of Open Source?
The Open Source license allows free distribution of software together with its source code to anyone interested. This enables many users to collaborate on a project, accelerating bug fixing and shortening development time.
9. What are the basic components of a Linux system?
Linux, like other operating systems, consists of:
the kernel
the system shell
graphical interface
system utilities
10. Is it worthwhile to install multiple GUIs on a Linux system?
In most cases one GUI (usually KDE or GNOME) is sufficient, but there are situations where a particular program runs only on a specific desktop, requiring an additional GUI installation.
11. What are the basic differences between BASH and DOS?
Differences appear in three areas:
In BASH, case matters; in DOS it does not.
In BASH the “/” character separates directories; in DOS it separates commands. Conversely, “\” is the directory separator in DOS and the escape character in BASH.
DOS uses the convention filename.ext (three‑character extension); BASH has no such convention.
12. What is the root account?
The root account has the highest privileged permissions. It is the superuser used to manage other accounts and configure the operating system. All system parameters unavailable to regular users are configured from the root level.
13. What is CLI?
CLI stands for Command Line Interface. It lets the user type declarative commands to be executed.
14. What is GUI?
GUI stands for Graphical User Interface. It provides a visual way to interact with the system via icons, shortcuts, windows, and menus. Linux GUIs include KDE, GNOME, Cinnamon, and many others.
15. How to check RAM usage on Linux?
You can simply read the file:
cat /proc/meminfo
or use one of the following tools:
free -m
vmstat
top
htop
16. What is a symbolic link?
A symbolic link works like a shortcut in GUI environments. It can be invoked by its name but points to the full path of the target.
17. What is the difference between a hard link and a soft link?
A symbolic (soft) link is a reference to the original file, whereas a hard link is a true duplicate from the file system’s point of view. Deleting the original file does not affect a hard link; a soft link becomes broken.
18. How can you refer to a parallel device port such as a printer?
In Windows the port is called LPT; in Linux you can use /dev/lp0, /dev/lp1, etc.
19. How are disk resources identified in Linux?
Disk resources are represented as:
Floppy drives: /dev/fd0, /dev/fd1, …
IDE disks: /dev/hda, /dev/hdb, …
20. What is /dev/shm in Linux?
It implements the traditional shared‑memory concept, providing an efficient way for processes to exchange data. One process creates a memory segment that other processes can access (if permitted), speeding up inter‑process communication.
21. How to view current shared‑memory limits?
Command: # ipcs -lm
Typical output:
------ Shared Memory Limits --------
max number of segments = 4096
max seg size (kbytes) = 268435456
max total shared memory (kbytes) = 68719476736
min seg size (bytes) = 1
# ulimit -a
22. How to see which processes use shared memory?
Command: # ipcs -pm
------ Shared Memory Creator/Last-op --------
shmid owner cpid lpid
107741184 root 29293 29293
108429313 root 29412 29412
108986370 root 25690 25657
108396547 root 29396 29396
109019140 root 25709 25657
109051909 root 25709 25657
23. What is KERBEROS?
Kerberos is a network authentication and authorization protocol that uses a key‑distribution center (KDC) designed at MIT. First, the client authenticates to the server, which sends its username to the KDC. The KDC creates a unique identifier, encrypts it with a secret key, and returns the encrypted token to the client.
24. What is the difference between TCP and UDP?
UDP is used by user‑level programs to send datagrams to other programs, distinguishing them by port numbers. Each UDP packet contains the destination and source ports. UDP relies on the underlying IP protocol and provides no acknowledgment, ordering, or flow control. Packets may be lost, duplicated, delayed, or reordered; handling these issues is the responsibility of the application.
TCP, on the other hand, verifies that data reach the destination and maintains correct ordering. It includes positive acknowledgment with retransmission: data are resent until an acknowledgment is received. TCP segments carry checksums for integrity verification. Before any data are exchanged, both endpoints must establish a connection.
Both protocols serve similar purposes, but UDP offers far fewer features. Its only reliability mechanism is optional retransmission. UDP’s main advantage is speed, but its use should consider possible data loss. TCP provides a full‑duplex connection with flow‑control.
In short, TCP guarantees delivery and ordering; UDP is connectionless and does not provide acknowledgment, timeout, or retransmission.
UDP operates on a “best‑effort” basis. It performs checksum error detection, but if an error is found the packet is simply discarded. UDP is typically used for time‑sensitive applications such as games or voice transmission, where retransmission would be useless.
TCP uses both error detection and recovery. Errors are detected via checksum; if a packet is corrupted and not acknowledged, the sender retransmits it. This mechanism is called Positive Acknowledgment with Retransmission (PAR).
25. What is the difference between hashing and encryption?
Hashing is a one‑way function. Input data (e.g., a password) are processed to produce a hash—a fixed‑length string. For password verification, the user‑provided password is hashed and compared with the stored hash; the original password is never stored in clear text. Hashing often includes a “salt” – a random string concatenated to the input before hashing.
Encryption, by contrast, is reversible. Data are encrypted with a key, and the key must be stored somewhere, potentially exposing it to attackers.
Hash security relies on the attacker having to try many possible passwords, each hashed with the same algorithm and salt. Encryption attacks focus on obtaining the encryption key.
26. What is curl?
CURL is a C‑written network library used on the client side and compatible with many programming languages. It can send HTTP requests, download web pages and files, and submit form data.
27. What is NMAP?
Nmap is an Open Source tool for network exploration and security auditing. It implements many techniques for scanning TCP, UDP, and SCTP ports and can also identify operating systems on scanned hosts (e.g., nmap -O ip_address). Useful scan options include:
-sV – service detection
-A – service detection plus OS detection
--allports – do not skip ports
-sR – RPC scan
-O – OS version detection
-S – set source address
-e – use a specific interface
-oN – write results to a file
-sn – ping scan
Brief option list – https://nmap.org/man/pl/man-briefoptions.html
More information is available at nmap.org
28. How do you set, change, or remove file permissions in Linux and what are the permission types?
Permissions are managed with the chmod command. Using “+” adds permissions, “-” removes them. The letters u (user), g (group), o (others), and a (all) select the target class. The letters r (read), w (write), and x (execute) specify the permission type. Types of access:
read (r)
write (w)
execute (x)
Example:
# chmod go+rw file
grants read and write rights to the group and others.
You can also use numeric modes:
-rw------- 600 – read/write for owner only
-rw-r--r-- 644 – read/write for owner, read‑only for everyone else
-rw-rw-rw- 666 – read/write for all users
-rwx------ 700 – all rights for owner only
-rwxr-xr-x 755 – full rights for owner, read/execute for others
-rwxrwxrwx 777 – all rights for everyone (dangerous)
-rwx--x--x 711 – full rights for owner, execute only for others
drwx------ 700 – directory: read/write/execute for owner only (execute is required on directories)
drwxr-xr-x 755 – owner has full rights; others can only read the directory contents.
drwx--x--x 711 – owner has full rights; others can traverse the directory but cannot list its contents (they must know file names).
29. What does it mean when a filename in Linux starts with a dot?
Files whose names begin with a dot are hidden. They are usually configuration files or important data, and hiding them prevents accidental deletion. To list hidden files, use the -a switch:
# ls -la
# ll -la
30. How do you find out which directory you are currently in?
Use the command:
# pwd
31. What do we call a “daemon” in Linux?
A daemon is a process or program that runs in the background without user interaction. It typically listens on a network port for incoming connections. In Windows the equivalent is a service. Linux daemon names usually end with “d”, e.g.:
ftpd
httpd
sftpd
sshd
32. What are environment variables?
An environment variable is a named value that can be reused by the shell. They are passed to programs as additional data. They are set during system boot or user login to define defaults such as:
HOME – home directory
SHELL – command interpreter
In bash you can list the current environment variables with:
# env
33. What is cron in Linux?
Cron is a tool that schedules tasks to run at specified times. The user defines the execution time and the command/script to run. Scheduling can be based on minutes, hours, days of the month, months, or days of the week, and can be one‑time or recurring. Common crontab commands:
crontab -e – edit the user’s crontab
crontab -l – list current jobs
crontab -r – remove jobs
34. What is the difference between cron and anacron?
Both automate task execution, but they differ in timing granularity. Cron’s smallest unit is a minute; anacron works with days. Anacron does not care what time of day a job runs, only that it runs on a given day. Cron is suited for servers; anacron is better for desktops that may be powered off for periods, ensuring tasks run at least once per day when the machine is turned on.
35. What is meant by redirection in Linux and how do you use pipelines?
Every command has stdin, stdout, and stderr. Redirection determines where input comes from and where output goes. Symbols used:
> – redirect stdout to a file (overwrite)
>> – append stdout to a file
Example:
# find / -size +100M &> large-files-over-100M.txt
To use a file as input, reverse the direction:
# nslookup < domain-list
Pipelines connect the stdout of one command to the stdin of the next:
command1 | command2 | command3 | …
Example:
ls -l /etc | grep host
Summary:
Standard output (stdout) redirection:
to console – default
> to file (overwrite)
» append to file
| to stdin of another command (pipeline)
Standard input (stdin) redirection:
< from a file
Standard error (stderr) redirection:
to console – default
2> to file (overwrite)
2» append to file
Redirect both stdout and stderr:
&> to file (overwrite)
&» append to file
Redirect one stream to the other:
1>&2 – send stdout where stderr is going
2>&1 – send stderr where stdout is going
| – pipeline, redirect stdout to stdin of another command
36. What is nohup in Linux?
The nohup command runs a program in the background so it continues even after the terminal is closed or the user logs out.
# nohup ./start_program.sh &
The ampersand at the end puts the process in the background.
37. What is “grep” in Linux?
Grep is a command‑line utility that searches text and extracts lines matching a pattern.
# grep [options] [pattern] file
Common options:
c – show the count of matching lines instead of the lines themselves
-L – list files that do NOT contain the pattern
-l – list files that contain the pattern
-n – show line numbers
-w – match whole words only
-x – match whole lines only
-v – invert the match
-f file – take patterns from a file, one per line
-h – suppress filename output when searching multiple files
-i – ignore case
-r – recursively search directories
38. How do you stop a running process in Linux?
Each process has a PID. List processes with:
# ps
Then terminate a process with the kill command and its PID:
# kill -9 95487
39. How to find out how much disk space a folder occupies?
Use du:
# du -sh /folderX
40. Which command creates a directory in Linux?
Use mkdir:
# mkdir directory_name
Or create nested directories at once:
# mkdir -p test/test1/test2/
41. Explain “Network bonding” and describe its modes.
Bonding (link aggregation) combines multiple network interfaces to increase bandwidth, provide redundancy, or balance traffic. If one interface fails, the others continue working. Modes include:
balance-rr (mode 0) – default round‑robin load‑balancing.
active-backup (mode 1) – only one interface is active; the other is standby.
balance-xor (mode 2) – XOR‑based failover using MAC address.
broadcast (mode 3) – transmits data on all slave interfaces (may reduce performance).
802.3ad (mode 4) – LACP aggregation group.
balance-tlb (mode 5) – adaptive transmit load balancing; outgoing traffic is distributed based on current load, incoming traffic uses the active interface. If the receiving interface fails, another takes over its MAC address.
balance-alb (mode 6) – adaptive load balancing combining TLB with receive load balancing (RLB) for IPv4. ARP negotiation is used to distribute incoming traffic across interfaces.
42. How to resolve a “filesystem is full” error when df shows free space?
The situation occurs when all inodes are exhausted. Even though df reports free space, the system reports a full disk. Check inode usage with:
# df -i
Inode exhaustion typically happens when many small files consume the inode table (each inode occupies ~128 bytes). Free up inode space to resolve the issue.
43. Which service logs system events in Linux?
The syslogd daemon records events to log files.
44. What does sar do and where are its logs stored?
Sar collects, reports, or records system activity information. Logs are stored in /var/log/sa/sadd where “dd” denotes the day of the month.
45. Which command creates an archive from a file or directory for transfer?
Use tar to create archives:
tar -cvf /home/archive.tar directory_or_file
To extract:
tar -xvf archive.tar
gzip can also be used for compression.
46. Provide example commands for viewing file contents.
Common utilities:
cat – display a file on standard output.
less – view a file page by page, scroll forward and backward.
tail – show the end of a file (use options to set line count).
head – show the beginning of a file (use options to set line count).
more – view a file page by page.
47. List and discuss basic network configuration and analysis commands.
Every machine is connected to a network. Troubleshooting is a core task for administrators. Useful commands include:
hostname – display or set the host name.
ping – test reachability of another host.
ifconfig – show network interface configuration (deprecated in favor of ip).
ip – display and configure network interfaces, routes, and tunnels.
netstat – show active TCP connections, listening ports, and protocol statistics (ss is a modern replacement).
traceroute – trace the path packets take to a destination (uses UDP/ICMP). mtr provides similar functionality.
tracepath – like traceroute but does not require root.
dig – query DNS servers.
nslookup – retrieve detailed DNS information.
route – display and modify routing tables.
ifup / ifdown – bring network interfaces up or down.
48. Write a Bash script that reverses the order of its arguments.
#!/bin/bash
for (( i = ${#}; i > 0; i-- )); do
echo ${!i}
done
Example output:
# ./revers.sh 1 2 3 4 5
5
4
3
2
1
49. Write a Bash script that ensures only one instance can run for a given user.
LOCKFILE=/tmp/lock-`whoami`
if [ -e ${LOCKFILE} ] && kill -0 `cat ${LOCKFILE}`; then
echo "This script is already running!"
exit 1
fi trap "rm -f ${LOCKFILE}; exit" INT TERM EXIT
echo $$ > ${LOCKFILE}
Running the script creates /tmp/lock‑username. The script then checks whether the lock file exists and whether the PID stored in it is still active. If both conditions are true, it reports that an instance is already running.
50. What is the purpose of the lsof command in Linux?
lsof lists open files and the programs that are using them.
Common options:
# lsof -u [username] – list files opened by a specific user
# lsof -i -u^username – list open files excluding a specific user
# lsof -p 1234 – list files used by the process with PID 1234
lsof is handy when an “unmount” fails because files are still open on the target.
If you know other questions that could appear in the next “popular questions …” series, feel free to leave them in the comments.
Comments