Low Orbit Flux Logo 2 F

Linux - Unix - Interview Questions

If the ‘ls’ command were removed from a system what is an alternate method that you could use to list files from the command line:

Emergency alternatives for ‘ls’ command:

    find .
    stat *
    echo *

How would you show the slot that a NIC is installed in?


What is swap space?

Swap space is a portion of a hard disk that is reserved as a substitute for RAM ( physical memory ). It can be either a file or an entire dedicated partition.

Swap space will generally be used when the system runs out of memory. This allows the system to keep running but will be much slower since hard disks are significantly slower.

Swap space can also be used to hold applications that are not currently in active use to free up memory for other things.

What is an inode?

An inode or index node is part of a Linux or Unix file system. An inode is a data structure that holds file attributes and locations of disk blocks. It serves as a pointer to actual data on disk. It helps to form the structure of a filesystem.

What is the difference between df and du?

The df command is the disk free command. It gives you an overview of disk space on a system. It will show you the disk size, usage, and available space for each file system on the the host.

The du or disk usage command shows the usage or size of a given file or directory.

The du command will check each object individually and sum up the result. The df command will read only the superblock and trust that by itself.

For more details, check out our Linux Disk Space Usage Guide.

Example of each command:

df -h

du -sh /export/data1

When might the output of df and du be different?

If you delete a file ( ex. log file ) while a process still has a file handle open for that file, disk space used by the file will not be freed right away. The du command will no longer show that usage but the df command will still show the space as having not been freed. See the description of this below in the question about emergency disk space clearing.

If you are in an emergency situation where you are running out of disk space and it needs to be cleared but the server can’t be restarted and processes can’t be stopped what would you do?

Log truncation syntax:

echo > /var/log/server1/output.log

IMPORTANT - If a process is writing to a file ( like a log for example ) and that file is deleted, the space will not be cleared until the process closes the file ( usually when it restarts ). This can be a problem. If you what to free space that is used by a file that is being held open by a running process it is a good idea to truncate the file (basically overwrite it with nothing). See the above command showing how to truncate a file.

How would you check the value of an environment variable for a specific process?

In general, you could check an environment variable like this:

echo $MYVAR1

You can’t always assume that every process was started with the same environment as your current shell. If you want to make sure you can check the environment for a process in the proc filesystem.

Assuming your process has a pid of 261478, you could view environment variables for it with this command:

strings /proc/261478/environ 

You could also grep for a specific variable like this:

strings /proc/261478/environ | grep MYVAR1

How do you exit VI?

To exit when no changes have been made use this key combo followed by [Enter]:


If you have changes to write/save before closing:


If you want to discard any changes made:


How would you limit the memory that a process can use?

ulimit - flags and how to use

How would you limit which CPUs or cores that a process can use?

taskset - pin CPUs

What is a TCP window?

Between TCP and UDP, which supports either error checking or error recovery?

If someone reports that an Apache server is running slow, what things would you check to investigate this?

What is the difference between UDP and TCP?

How does TCP work?

What is the difference between multicast and broadcast?

What is multicast?

How to check which log file a process is using?

How to check which files are open?

How to check which ports are in use?

How to check which port a specific process is using?

How to check which process is using a port?

How would you test a server or port remotely?

If you can’t connect to a server on a port, what does a reject vs hang generally suggest?

How do Jobs work?

What is IPC? Tell me about it.

IPC is inter process communication. It includes the various different methods that processes use to communicate with each other.

Brief / incomplete overview of IPC methods:

Signal Just a signal sent between processes.
Socket Network socket - TCP/UDP/SCTP
Unix domain socket Like a network socket but all local within the kernel
Message queue Multiple processes can read and write to this.(ex: JMS, etc.)
Anonymous pipe Generally created to pipe the output of one process to the input of another.
Named pipe A pipe that is created and can be read/written like a file.
Shared memory A shared section of memory that multiple processes can read and write.
Message passing Passing messages using things like RPC or CORBA.
Memory-mapped file A file that is mapped into RAM.

What is the password file and what is it used for?

The password file is located here: /etc/passwd

It stores users and information about those users including username, user ID, groups, and default shell. It is usually does NOT store the actual password for a user ( but it can ). The password ( really the encrypted password hash ) is usually always stored in the /etc/shadow file.

By default a Linux system will use the /etc/passwd and /etc/shadow file but a system can be configured to use other authentication mechanisms like Kerberos. To do this you would need to configure the appropriate PAM option.

Show me how to print only the third column of the password file:

You can split lines of text with the awk command. Just pipe the output into awk as shown below. By default it splits on spaces but the below command uses the “-F:” parameter to specify that it should be split by colons. The print statement will print only the third column as specified by the variable “$3”.

cat /etc/passwd|awk -F: '{print $3}'

For more details check out our in depth AWK Tutorial HERE.

Show me how you would sort the values from the command in the previous question.

Pipe the output of the previous command to the sort command with a “-n” to sort by numeric string value:

cat /etc/passwd|awk -F: '{print $3}' | sort -n

Show me how you would display only unique values for the previous question.

Pipe the previous command to the uniq command ( which will need sorted input ):

cat /etc/passwd|awk -F: '{print $3}' | sort -n | uniq

What is a semaphore

A semaphore is a variable used to control access to a shared resource. It would commonly be used on multithreaded or concurrent systems. It can be thought of as a lock showing whether or not a resource is available or in use by another process or thread.

Tell me about signals

Here are some of the most common signals. Memorize these first.

Ctrl-C 2 SIGINT interrupt - terminates by default
Ctrl-Z   SIGTSTP suspend / terminal stop ( can be signal handled )
    SIGSTOP stop process for later ( CAN’T be caught )
Ctrl=\ 3 SIGQUIT terminate and core dump
    SIGCONT continue / start stopped job
  1 SIGHUP hangup - controlling terminal closed - reload configs - flush logs
  9 SIGKILL kill process, no ignore, “kill -9” ( int 9 )
  11 SIGSEGV process segfaulted - accessed memory that it can’t
  15 SIGTERM kill process - can be handled allowing resources to be freed

Tell me about system calls

Here are some common system calls:





Device Management:


Information Management:




List 3 Unix/Linux commands.