admin tools Flashcards
1
Q
What tool is used to install software?
A
rpm - Red hat package manager
2
Q
what web site provides more details about rpm?
A
rpm.org
3
Q
rpm option for applying upgrades
A
–upgrade
4
Q
uninstall a software package
A
rpm –erase
5
Q
find out what is installed
A
rpm -qa
6
Q
find out where a software package is installed
A
get the full name of the package you are lookng for:
rpm –query –all |grep <searchtoken></searchtoken>
List all the files associated with the package install
rpm -ql rpm -q <name></name>
to get a complete listing of all apps installed
rpm –query –all
7
Q
what command would provide a detailed list of all install applications?
A
rpm -qig Applications/System
- g show all groups for the provided string
- i show detailed information about each
8
Q
what tells you the DHCP server being used by a linux workstation?
A
cat /var/lib/dhclient/dhclient-eth0.leases
9
Q
what command will renew a DHCP lease?
A
dhclient -r
10
Q
what authentication schemes are available?
A
using PAM (Pluggable Authentication Modules) the following can be used:
flat files
NIS
LDAP
Samba
Kerberos
11
Q
What are the typical partitions on a linux server?
A
/ or root
/boot
/usr (program app files)
/home (user docs)
/var (system procs and logs)
/tmp
/swap (virtual memory)
12
Q
how big should the swap partition be?
A
The swap file for virtual storage should be double the physical memory
13
Q
what partition is /dev/sdb4 ?
A
the 4th partition on the disk with ID 2 (b)
14
Q
what is used to install or remove applications?
A
Red Hat Package Manager RPM
15
Q
how do you get a list of configuration files associated with an application?
A
rpm -qc <name></name>
rpm -qc bash
16
Q
what command will show all apps installed with all details?
A
rpm -q -i –all
17
Q
how do you get a list of installed shells?
A
rpm -qa –queryformat ‘%10{name} %20{GROUP}\n’ |grep -i shells
18
Q
what is stored in the passwd file
A
login
encrypted password
UID
default GID
name
home directory
login shell
19
Q
what appears in the passwd file if shadow passwords are being used?
A
an x appears in the encrypted password field in /etc/passwd
20
Q
what command is used to change the system run level?
A
init { 0 1 2 3 4 5 6 }
0 — Halt
1 — Single-user text mode
2 — Multiuser but no NFS
3 — Full multi-user text mode
4 — Not used (user-definable)
5 — Full multi-user with X11
6 — Reboot
21
Q
where are the default environment configuration template files stored?
A
/etc/skel
22
Q
what file holds a list of available shells?
A
/etc/shells
23
Q
what are the fields in the shadow file?
A
Login name
encrypted password
last passwd change
days until change allowed
days before change required
days warning for expire
days before account inactive
days before account disabled
reserved field
24
Q
what are the fields in the group file?
A
group name
group password (optional: if set allows users to join group)
group ID
group members
(comma separated list)
25
what are the user management command line tools?
useradd
userdel
usermod
groupadd
groupdel
groupmod
26
what sh script command is used to process the files of a directory?
assuming the directory name is in the variable $SCRIPTS:
## Footnote
for file in ${SCRIPTS}/\* do
echo ${file}
blah . . .
blah . . .
done
27
what sh command loads the current directory location value into a variable?
SCRIPTS=`pwd`;export SCRIPTS
28
what file configures dhcp daemon?
/etc/dhcpd.conf
and any other files which the "include" statement specifies
29
what command checks the dhcp configuration file?
/etc/rc.d/init.d/dhcpd configtest
30
what cisco command enables a DHCP helper to allow DHCP requests to pass to the next network?
ip helper-address 123.456.789.1
(the ip address of the DHCP server on the other network)
must be a config entry for the router interface facing the network where the DHCP server is located.
31
where does a DHCP server store information about clients?
/var/lib/dhcpd/dhcpd.leases
32
what does the service command actually do?
it executes the specified service init script from the /etc/init.d directory with the optional action parameter supplied. Such as:
service iscnamed status
33
what command will list all services?
service --status-all
34
where are the service init script stored?
/etc/init.d
35
what command will restart a service?
service --full-restart
OR
service restart
which will issue a stop and then start command to the service init script
36
what command will show the configured status of a service at each run level?
chkconfig --list
37
what command can change or manage how a service is started?
chkconfig --add (returns true if the service is configured to start in the current runlevel)
38
what is auditd?
a daemon that provides the Linux Auditing System.
It provides kernel-resident logging of system calls and user space tools to collect and view the Linux system logs.
39
what command will show a tree of processes and their children?
pstree -A
40
What command is used to add or remove modules from the kernel?
mobprobe
41
what command will show the modules present in the kernel?
lsmod
42
what command can be used to copy a file between two hosts?
rcp
43
what command can be used to change the current user's login shell?
chsh
44
what command can be used to change a file attributes and do so recursively?
chattr -R
45
what command can be used to split a file into specific sizes?
csplit
46
what command can be used to show a file's classification or type?
file
47
what command will show a hexidecimal format of a file?
hexdump -C
48
what command can be used to view the contents of a log file as it grows?
tailf
49
where are the PAM modules stored?
/lib/security
50
where are the security files for PAM stored?
/etc/security
51
where are the configuration files stored for PAM?
/etc/pam.d
52
What is contained on each line of a PAM application config file?
module\_type (auth, account, session or password)
control\_flag (requisite, sufficient, optional)
module\_path (usually /lib/security)
53
what are the module\_type values for PAM?
auth: prompt for a password
account: determine access based on day, location, console, etc
session: what actions to perform before or after login
password: what module allows users to change passwords
54
what are the control\_flag values for PAM?
required: the module must succeed to procede further
requisite: if this fails, nothing else is tried. immediate failure returned
sufficient: if this succeeds, return success if no other requireds
optional: continue checking other modules even if one has failed
55
how do you check the swap space?
swapon -s
will show:
[root@bacall ~]# swapon -s
Filename Type Size Used Priority
/dev/dm-1 partition 16744440 69620 -1
56
how do you prevent login for everyone but root?
the /etc/nologin file is present
57
The PAM configuration files are corrupt and no one can log in. How do you fix it?
reboot in single user mode
in /etc/pam.d/login put the following:
auth required pam\_unix.so
account required pam\_unix.so
password required pam\_unix.so
session required pam\_unix.so
Causes PAM to use the /etc/passwd file
58
where does PAM record errors?
/var/log/messages
59
what determines where a machine verifies user authorization?
/etc/nsswitch.conf
## Footnote
passwd: files nis
shadow: files
group: files nis
etc. etc. etc.
60
what commands verify that the local machine is using NIS correctly?
rpcinfo -u localhost ypbind
ypcat passwd
61
what file sets the hostname of the machine?
/etc/sysconfig/network
HOSTNAME=.ox.com
and
/etc/hosts
129.77.226.77 viper.ox.com viper
62
where are most RPM package documents stored?
/usr/share/doc
63
what command will search the man pages for a particular topic?
man -f {yourSearchString}
64
when listing contents of the /dev directory, what indicates a block device?
the letter b in the ls -la listing
brw-rw---- 1 root cdrom 11, 0 Jul 2 08:24 sr0
65
what command is used to create a named pipe?
mknod
66
how do you change the user ownership as well as the group ownership in one command?
chown username.groupname file
use -R to do it recursively through the directories
67
how is chmod 700 different from chmod u+r u+w u+x ?
using binary notation 700 will replace all permissions.
using symbolic notation will only modify the permission specified
68
what permissions would allow a directory to be visable, but not the files?
chmod 711
69
what is the basic syntax for the ln command?
ln -s
70
What GID is reservied for nobody by the different flavors of LINUX?
RHEL and fedora 99
UBUNTO and SUSE 65534
71
what is the GECOS?
The long descriptive field in the /etc/passwd file normally used to keep the user's long descriptive name.
72
where do you add commands you want to run after the server is completely booted up?
/etc/rc.d/rc.local
73
how do you re-size the swap partition?
```
Disable swap
# swapoff -a
```
```
resize it
# lvresize -L +1G /dev/vg0/swap
```
```
next, (re)setup swap memory :
# mkswap /dev/vg0/swap
```
```
Now, You can re-enable swap like this:
# swapon -a
```
74
what command will show the detailed information about a file system including all the superblock info?
dumpe2fs
as in
dumpe2fs /dev/sda1
75
what command will show the inodes of a file?
ls -lai filename
76
what command will show detailed information about all the mounts?
cat /dev/mounts
77
what command will show detailed information about the ethernet adapter settings?
for file in `ls /proc/sys/net/ipv4`; do echo $file:`cat /proc/sys/net/ipv4/$file`; done
78
what command will show all the detail about the CPU?
cat /proc/cpuinfo
79
what command will show the enhanced security settings for the kernel?
getsebool -a
to set a value use:
setsebool -P
-P make permanent for next reboot
80
what command will do a complete backup of a disk?
dd if=/dev/sda2 of=/disk2/backup-sda2.img
81
what tool can be used to test and diagnose problems with CameronFIX connections?
FIX Tester by Jettek (jettekfix.com)
## Footnote
Multiple simultaneous sessions supported.
Build any FIX message from a template or copy and paste.
Script messages and scenarios.
Reduce errors introduced in new production releases.
Recreate problem scenarios in development and QA environments.
82
what file configures the CameronFIX system
config.xml
83
what daemon does the CameronFIX interact with?
LMA or Local Management Agent daemon
84
where is the cameronFIX username and password set?
config.xml
## Footnote
85
what nimsoft module monitors apps?
CA Nimsoft Monitor for Application Response Time
## Footnote
Monitor application response times to help determine if a problem affects your entire user community or only a subset.
Create and playback simulated end user behavior for each of your critical applications.
Automatically receive screenshots for any failed playback to provide which component of the application was unavailable
Alert and/or trend on:
Overall application response time
Transactions or steps that make up a response time test
Analyze and visualize the collected response time metrics
86
useful monitoring apps
top
vmstat - virt mem stats
htop - proc viewer
netstat - net connections routing int stats
tcpdump - show eth int stats
wireshark - network snooping
lsof - view open files
iotop -monitor disk io
iostat - storage io stats
87
things to check for a system not performing well
top
swap: should be 0
%sy lower than cpu core
%us user space
%wa: waiting for IO
adjust BIOS for disk write cache
free -m : cache used can add more to free mem
r key to re-nice priority on user PID
-20 thru 19 lower is higher priority
88
what is the boot process?
***System BIOS*** checks system. Launches first stage boot loader on MBR
* **1st stage boot*** loader loads GRUB into memory launches
* **2nd stage boot*** loader from the /boot/ partition.
2nd stage boot loader ***loads kernel*** into memory, which in turn loads any necessary modules and **mounts root** partition read-only.
The ***kernel transfers control*** of boot process to init
The ***init program loads all services*** and user-space tools, mounts all partitions listed in /etc/fstab.
The user is presented with a ***login screen*** for the freshly booted Linux system.
89
what tools can be used to check the status of the ehternet connection?
ethtool eth0
ethtool -S eth0
(detailed display of errors or dropped packets)
mii-tool -v eth0
ifconfig -a
netstat -i
traceroute
Frame errros: defective ethernet device
Carrier Errors: Errors are caused by the NIC card losing its link connection to the hub or switch.
| (check duplex)
90
how do you use arp?
arp -d hostname
remove entry from tables
arp -n or cat /proc/net/arp
list arp table entries
91
what port does ssh use?
22
use telnet 22 to test connectivity on port 22
92
what is the netstat command parameters for listing communication entries?
netstat -na
93
what file is used to tune kernel parameters and performance at runtime?
/etc/sysctl.conf
also use sysctl command to make command line changes to devices and kernel
sysctl -A will show all
values also found in /proc/sys/\* and /proc/net/\*
94
what are some generic sources for loss of network connectivity and performance?
NIC duplex and speed incompatibilities
Network congestion
Poor routing
Bad cabling
Electrical interference
An overloaded server at the remote end of the connection
Misconfigured DNS
95
what is a method of killing a daemon if you don't know the PID and you don't know if it is running?
kill `cat /var/run/named/named.pid`
96
what are the numbers for the sections in the man pages?
* 1 User tools
* 2 System calls
* 3 C library calls
* 4 Device driver information
* 5 Configuration files
* 6 Games
* 7 Packages
* 8 System tools
97
what command will show all the superblock information about a file?
stat
98
what command will show all the hard links related to a file?
get the inode number with "ls -li "
find it
find / -inum -print
99
what are the numbers displayed by ls -la on a block file?
Major and Minor numbers
Major number: the device category
Minor Number: minor number shows the instance.
ls -l /dev/sda
brw-r----- 1 root disk 8, 0 2090-09-30 08:18 /dev/sda
Note the b at the beginning of the file's permissions
8 is the major number,
0 is the minor number.
100
what does the "p" symbolize in a file item in a list of a directory?
A named pipe
created by mknod command
101
what command will list files in a single column display?
ls -1 \*
102
what command will list files recursively through all subdirectories?
ls -R
103
what is an alternative to the -exec parameter for the find command?
pipe it into xargs as in:
find / -type f -name core | xargs rm
104
what are the possible states of a process and their symbols?
S - Sleeping
R - running (using cpu)
D - uninteruptible sleep (io related)
T - debugger trace or has been stopped
Z - zombie
This means either
(1) the parent process has not acknowledged the death of its child using the wait system call; or
(2) the parent was improperly killed, and until the parent is completely killed, the init process cannot kill the child itself. A zombied process usually indicates poorly written software.
\< - high priority process
N - low priority task
L - pages in memory are locked
105
when you use 'kill ' what is being done?
kill sends a signal 15 REQUESTING a termination to the process.
kill -9 sends a terse kill command to the OS to completely and abruptly stop the process
106
what command will display the release version number of linux?
lsb\_release -a
107
what does
sudo su - root
do?
sodu - check the sudoers file for permission
su - change to another user id
- run the specified user's login script
root - become the user
108
what command will set the runlevels for a daemon?
in the /etc/init.d script for the daemon use;
chkconfig 35 99 01
'35' means chkconfig should create start and stop scripts for this daemon in runlevels 3 and 5 in
/etc/rc.d/rc3.d and /etc/rc.d/rc5.d
'99' means set the startup priority to 99
and '01' set the stop priority to 01
109
how do you add a new init script to the startup?
create the script file and use the command:
chkconfig --add
110
what file determines the actions taken for checking the file system during boot up?
/.autofsck
the same actions are specified in the /etc/fstab
111
what steps can be taken to boot into single user mode from the grub menu?
edit the grub menu.lst and add the parameter "single" at the end of the kernel command line
112
What command is used to change the run level and what are the standard run levels?
init { 0 1 2 3 4 5 6 }
0 — Halt
1 — Single-user text mode
2 — Multiuser but no NFS
3 — Full multi-user text mode
4 — Not used (user-definable)
5 — Full multi-user with X11
6 — Reboot
113
what are the fields in the /etc/inittab file?
id:runlevels:action:process
as in
id:3:initdefault:
only used by the older init process
newer upstart model uses files in /etc/init
114
what determines your permissions to modify the cron jobs?
if the file exists and your user id is in /etc/cron.allow you are allowed to edit it
if the file exists and you are not present in the file, you are not allowed to edit crontab
if the file exists and your user id is not in /etc/cron.deny you are allowed to use it
if the file exists and your user id is present, you are not allowed to edit the crontab
115
what is the format of the lines in the crontab?
minute hour day month day\_of\_week command
for example:
0 0, 4, 8, 12, 16, 20 \* \* \* /bin/ping -c 5 serverB
means run /bin/ping every four hours (0, 4, 8, 12, 16, 20)
116
what is the new system logging daemon and what are it's major features?
rsyslog
It can act as a drop-in replacement for the more common and traditional sysklog daemon.
Some of the advanced features of rsyslogd include writing logs directly to a configured database (such as an SQL database server on another central machine) and allowing other extensive manipulation of log messages.
117
what config files determine the behavior of the ethernet interfaces?
ifcfg-eth\<#\>
located in
/etc/sysconfig/network-scripts
118
what is a command to listen for DHCP requests?
tcpdump -vnes0 -i eth0 port 67 or port 68
## Footnote
- v shows more information about the packet. You can use -vv or -vvv for even more.
- n disables name resolution so your not waiting on DNS responses to show the packet.
- e shows link layer information (MAC Address)
- s sets how much of the packet to see. 0 shows full packet
- i sets the interface to use
119
What is the dialog in a DHCP setup by a workstation and the DHCP server?
The 4 packets to a successful DHCP
## Footnote
DISCOVER: Client connects to the network and sends out a broadcast discovery looking for its DHCP information.
OFFER: The server offers the DHCP information to the client
REQUEST: The client requests verification of the DHCP information
ACK: The server acknowledges the DHCP request
120
what command will look up the host name given an ip?
dig +short -x {hostname}.{domain}.com
121
what command will look up the ip given the host name?
dig +short {hostname}.{domain}.com
122
what steps can you take to troubleshoot an SQL problem?
1) Can you connect?
SELECT \* FROM sys.Databases
2) Who is active?
EXEC master.dbo.sp\_whoisactive
3) What is in the SQL Error log?
EXEC xp\_readerrorlog @1=1
@p2=1
4) Quick Assesment
access?
not available?
performance?
5) Check Windows Event Log
6) Run sp\_whoisactive in loop to capture activity
7) run sys.dm\_os\_wait\_stats to see waits since last restart
8) check performance counters
9) check main performance hardware
CPU, memory, network, disk
10) Identify recent changes
query, schema, index infra
123
what process can be used to analyze a java app problem?
Check stdout logs for the JVM
Look for stack trace pauses
Overall performance – top
Pstree –l -p -G
Jps –v then jstack to get thread states
Connection leaks to DB (exceeding limits?)
Look for SQL hang-ups
Check for hung threads ps –auxww
Check for messaging problems with corba or jms
Kill -3 for thread (-3 sigquit)
Connection leaks to DB (exceeding limits?)
Look for SQL hang-ups
Check for hung threads ps –auxww
Check for messaging problems with corba or jms
Kill -3
124
what command will tell you the linux installation processor class?
getconf LONG\_BIT
will echo either
64
or
32
125
what ls command will list files in human readable format?
ls -lh
126
what ls command will list files and subdirectories?
ls -R
127
what command will list files starting with the oldest first?
ls -ltr
128
what command will list files along with a symbol for their file type?
ls -F
129
what command will list all the details of the current user sessions running on a machine?
w
130
what command will show the ID numbers for the user currently logged in?
id
131
reports the history of successful user login attempts and system reboots and what file does it read?
the **_last_** command reads the /var/log/wtmp file. This file keeps a record of all login and logout activities including
login time
duration a user stayed logged in
tty where the user session took place.
132
what command shows the reboot history of a machine?
last reboot
133
what command lists more detailed information on recent logins and reboots and what file does it read?
**_utmpdump_** and is executed the following way:
utmpdump /var/log/wtmp
134
What command lists all unsuccessful login attempts, what detail does it show and what file does it read?
The **_lastb_** command reports the history of unsuccessful user login attempts by reading the **/var/log/btmp** file. This file keeps a record of all unsuccessful login attempt activities including
login name
time
the tty where the attempt was made.
