You are on page 1of 77

1 Basics & nstallation

(1) Default file permissions?
(Ans): 644
(2) Where can you allocated permissions for a file?
(3) How many shells are available in Unix? Or How many shell interfaces are available?
(Ans): Shell : A Unix shell, also called "the command line", provides the traditional user interface
for the Unix operating system. Users direct the operation of the computer by entering command
input as text for a shell to execute
There are several families of shells:
bourne shell (sh, ksh, bash)
c shell (csh, tcsh)
(b) What is the difference between Shell and Terminal and Konsole???
To give a bit of a bigger definition.
The shell is the commandline stuff. There are a number of these. The original was sh, the Bourne
Shell. Now the main one is Bash, the Bourne-Again Shell. There's also ksh (korn shell) and the C
Shell, amongst others. Each of these operates a bit differently. You use the Bash shell.
The shell is accessed via a terminal. You have 6 terminals; they can be accessed by pressing
Ctrl-Alt-F1 through Ctrl-Alt-F6.
When using the X Server, we use programs called Terminal Emulators. The original is called
xterm. There are tons of these. Many WM's come with their own emulators: Gnome has GNOME
Terminal, KDE has Konsole, XFCE has "Terminal", etc.
Some other well known Terminal Emulators are aterm, Eterm, rxvt ( think that's what it's called),
(4) Difference between Ksh, Bash and Csh?
sh csh ksh bash
Job control N Y Y Y
Aliases N Y Y Y
Command history N Y Y Y
(5) File Compression utilities
File compression/decompression utilities:
Basic file compression utilities: (and file extensions)
* gzip (.gz): Also see zcat, gunzip, gznew, gzmore
compress: gzip file-name
decompress: gzip -d file-name.gz
* bzip2 (.bz2): Also see: bunzip2, bzcat, bzip2recover
compress: bzip2 file-name
decompress: bunzip2 file-name.bz2
* compress (.Z): (Adaptive Lempel-Ziv compression) Also see: uncompress, zcat
compress: compress file-name
decompress: uncompress file-name.Z
(Provided by the RPM package ncompress)
* pack (.z): Also see: unpack
compress: pack file-name
decompress: unpack file-name.z
* zip (.zip): Compress files or groups of files. (R.P.Byrne compression) Compatible with PC
PKZP files. Also see: unzip
compress: zip file-name
decompress: unzip
tar -cvf /dev/st0 /home /opt To create the tar file
tar -xvf /dev/st0 Un tarring the file
2 Bootup process,startup & shutdown
(1) What is the importance of MBR and how it works?
(Ans):Reserved sectors on disk that are used to load the operating system. On startup, the
computer looks for the master boot record (MBR) or something similarly named, which is typically
the first sector in the first partition of the disk. The MBR contains a program that reads the
partition table which points to the first sector that contains the operating system. That sector
contains another small program that causes the computer to read the operating system.
(2) mportance of boot block? Where boot block is located?
(Ans):Bootblock : boot block - A program at some fixed location on a hard disk, floppy disk or
other media, which is loaded when the computer is turned on or rebooted and which controls the
next phase of loading the actual operating system. The loading and execution of the boot block is
usually controlled by firmware in ROM or PROM.
Boot block located : The boot block appears only in the first cylinder group (cylinder group 0) and
is the first 8K in a partition. t is reserved for storing the procedures used in booting the system. f
a filesystem is not to be used for booting, the boot block is left blank.
(3) mportance super block? How can you find alternative super block?
(Ans):Section of a computer hard disk drive that contains information about the file system. The
majority of computer file systems have some type of a super block.
Linux users may receive an incorrect or bad super block error message when attempting to
mount a drive disk drive improperly.
(4) What are the steps you can follow when boot block is corrupted?
(5) What are the contents in NVRAM?
(Ans): Abbreviation of Non-Volatile Random Access Memory, a type of memory that retains its
contents when power is turned off. One type of NVRAM is SRAM that is made non-volatile by
connecting it to a constant power source such as a battery. Another type of NVRAM uses
EEPROM chips to save its contents when power is turned off. n this case, NVRAM is composed
of a combination of SRAM and EEPROM chips.
(6) What are the contents in PROM?
(Ans):(Programmable ROM) A permanent memory chip in which the content is created
(programmed) by the customer rather than by the chip manufacturer. t differs from a ROM chip,
which is created at the time of manufacture. PROMs are used for storage when their content is
not expected to change, but in many applications, they have given way to EPROMs and
EEPROMs, which can be reprogrammed. See PROM programmer, memory types and EEPROM.
(a) EEPROM : (Electrically Erasable Programmable ROM) A rewritable memory chip that holds
its content without power. EEPROMs have a lifespan of between 10K and 100K write cycles,
which is considerably greater than the E-PROMs that preceded them (in this definition only, a
dash is inserted in EPROM for easier recognition between EPROM and EEPROM).
(7) What is the importance of bootstrap program?
(Ans): n computing, booting is a bootstrapping process that starts operating systems when the
user turns on a computer system. A boot sequence is the set of operations the computer performs
when it is switched on which load an operating system.
(8) How bootstrap program works?
(9) What is the last process when system rebooted?

(10) What is the importance of LOL?
(11) Where LLO is located and How LLO works?
(Ans): LLO : LLO stands for Linux Loader. t is the Linux boot manager that is either written to
the Master Boot Record of your hard drive or to the first sector of your hard drive. t is what loads
the Linux kernel when your computer boots up or allows you to choose which operating system to
load if you have multiple operating systems on your machine. t also allows you to boot different
Linux kernel versions if you choose.
During the installation of Linux, you are given the option to install LLO as your boot manager. f
you choose to install it, the LLO configuration file is usually in the /etc/lilo.conf (the default for
RedHat). However, in some distributions, it can be located in the /etc/lilo/config or /boot/lilo.conf.
f you can not find your configuration file, try the command locate lilo or whereis lilo to locate your
configuration file. See the locate: Find Files and Directories guide if the locate command does not
(12) what is kernel and Where Kernel is located?
(Ans):Kernel : UNX Kernel is heart of the operating system. UNX kernal is loaded first when
UNX system is booted. t handles allocation of devices, cpu, memory from that ponint on.
(13)Where kernel modules are located?
(14) Kernel compilation and kernel up gradation?
(15) Os updating?
(16) What is the difference between NT s and NT S?
(Ans) Both are same Single user/Maintenance mode
(17) Booting process in Linux?
(1) BOS: The Basic nput/Output System is the lowest level interfae between the computer and
peripherals.The BOS performs integrity checks on memory and seeks instructions on the Master
Boor Record (MBR) on the floppy drive or hard drive.
(2)The MBR points to the boot loader (GRUB or LLO: Linux boot loader).
(3)Boot loader (GRUB or LLO) will then ask for the OS label which will identify which kernel to
run and where it is located (hard drive and partition specified). The installation process requires to
creation/identification of partitions and where to install the OS. GRUB/LLO are also configured
during this process. The boot loader then loads the Linux operating system.
* See the YoLinux tutorial on creating a boot disk for more information on GRUB and LLO and
also to learn how to put the MBR and boot loader on a floppy for system recovery.
(4) The first thing the kernel does is to execute init program. nit is the root/parent of all processes
executing on Linux.
(5)The first processes that init starts is a script /etc/rc.d/rc.sysinit
(5)Based on the appropriate run-level, scripts are executed to start various processes to run the
system and make it functional.
LNUX has six states of operation of which "0" is the shutdown state and "3" and above are fully
operational with all essential processes running for user interaction. Upon system boot the LNUX
system /sbin/init program starts other processes by performing the following:
* nit will bring up the machine by starting processes as defined in the /etc/inittab file.
* The computer will be booted to the runlevel as defined by the initdefault directive in the
/etc/inittab file.

n this example a runlevel of "5" is chosen. Runlevel "5" will boot the system into GU mode
using XDM and X-Windows. Booting to runlevel "3" (often called console mode) is often used by
servers which do not need a graphical user interface. f booted to init level "3" one can promote
the run level with the command [root prompt]# init 5. See the more detailed explanation of run
levels below.
The inittab file will allow you to capture key sequences (ctrl-alt-del), start dial in internet
connections etc.
* One of these process started by init is /sbin/rc. This script runs a series of scripts in the
directories /etc/rc.d/rc0.d/, /etc/rc.d/rc1.d/, /etc/rc.d/rc2.d/, etc
* Scripts in these directories are executed for each boot state of operation until it becomes fully
operational. Scripts beginning with S denote startup scripts while scripts beginning with K denote
shutdown (kill) scripts. Numbers follow these letters to denote the order of execution. (lowest to
Runlevel "3" will boot to text or console mode and "5" will boot to the graphical login mode ( "4"
for slackware)
Runlevel Scripts Directory
(Red Hat/Fedora Core) State
0 /etc/rc.d/rc0.d/ shutdown/halt system
1 /etc/rc.d/rc1.d/ Single user mode
2 /etc/rc.d/rc2.d/ Multiuser with no network services exported
3 /etc/rc.d/rc3.d/ Default text/console only start. Full multiuser
4 /etc/rc.d/rc4.d/ Reserved for local use. Also X-windows (Slackware/BSD)
5 /etc/rc.d/rc5.d/ XDM X-windows GU mode (Redhat/System V)
6 /etc/rc.d/rc6.d/ Reboot
s or S
Single user/Maintenance mode (Slackware)
Multiuser mode (Slackware)
One may switch init levels by issuing the init command with the appropriate runlevel. Use the
command "init #" where # is one of s,S,0,1,3,5,6. The command telinit does the same.
The scripts for a given run level are run during boot and shutdown. The scripts are found in the
directory /etc/rc.d/rc#.d/ where the symbol # represents the run level. i.e. the run level "3" will run
all the scripts in the directory /etc/rc.d/rc3.d/ which start with the letter "S" during system boot.
This starts the background processes required by the system. During shutdown all scripts in the
directory which begin with the letter "K" will be executed. This system provides an orderly way to
bring the system to different states for production and maintenance modes.
f you installed all demons (background processes), Linux will run them all. To avoid slowing down
your machine, remove uneeded services from the start-up procedure. You can start/stop
individual demons by changing to the directory:
* /etc/rc.d/init.d/ (Red Hat/Fedora )
Run Level Commands:
* Shutdown:
o init 0
o shutdown -h now
+ -a: Use file /etc/shutdown.allow
+ -c: Cancel scheduled shutdown.
o halt -p
+ -p: Turn power off after shutdown.
o poweroff
* Reboot:
o init 6
o shutdown -r now
o reboot
* Enter single user mode:
o init 1
The (Red Hat/Fedora/RX) chkconfig command generates and breaks links between the
directory /etc/rc.d/init.d/ and the appropriate run level directory: /etc/rc.d/rc[0-6].d/ to control boot
process initiation and process shutdown.
chkconfig [--level <levels>] <name> on | off | reset >
chkconfig --list
chkconfig --list
chkconfig --add <name>
chkconfig --del <name>
chkconfig --level 0123456 <name> off
* chkconfig --level 345 httpd on - forces apache to be invoked for run levels 3, 4 and 5.
* chkconfig --add httpd - Start the web server daemon upon system boot.
* chkconfig --del sendmail - Do not start the sendmail daemon upon system boot.
* chkconfig --list - List all services and init levels.
* chkconfig --list | grep on - List all services to be started upon system boot.
Using chkconfig to administer xinetd processes.
* chkconfig wu-ftpd on - Turn on FTP service managed by xinetd.
* chkconfig ipop3 off - Turn off POP3 service managed by xinetd.
This will reconfigure the appropriate xinetd file (in directory /etc/xinetd.d/) and restart the
3 Filesystem
(1) Where is .profile file is located and importance?
(Ans): /home/userfolder/.profile
(2) Difference between FDSK and FORMAT commands?
(Ans): fdisk is used for creating the partions and format is used for making the file system
(3) Where the complete system information is located?
(Ans): /proc
(4) Procedure to configure FTP server?
(5) How ssh works and explain ssh configuration?
(Ans): Ssh is set of programs which employ public/private key technology for authenticating and
encrypting sessions between user accounts on distributed hosts on the nternet.
Ssh can also be used as a way to "tunnel" other protocols, such as the X Window System
protocol, adding encryption to the channel to improve security against packet sniffing and "man in
the middle" attacks. When used with X, ssh looks like a normal (albeit a proxy) X server on the
local machine which redirects X protocol communication across an encrypted channel to the
actual X server on the other end.
Ssh works by the exchange and verification of information, using public and private keys, to
identify hosts and users. t then provides encryption of subsequent communication, also by the
use of public/private key cryptography.
As a user, you generate an "identity" on the client system by running the ssh-keygen program.
This program creates a subdirectory $HOME/.ssh and inserts in it two files named identity and which contain your private and public keys for your account on the client system. This
latter file can then be appended to a file $HOME/.ssh/authorized_keys that should reside on
any/all servers where you will make ssh connections.
As a system administrator, you generate a public and private key pair for the system itself. By use
of this information contained within the system itself, the possibility of someone spoofing the
system's identity by faking P addresses or munging up DNS records that associate P addresses
and domain names is removed. You would have to break into the system and steal its private key
in order to sucessfully pretend to be that system. This is a big improvement in security.
Once you generate your public/private key on your local system you can place your public key in
the authorized_keys of the server so you can bypass the login procedure and directly login into
the server without the password.
When you ssh to a machine by the following command :
ssh -l admin -p 73
The first step performed is authentication of the server to the client and client to the server i.e first
the server checks whether its publci key is contained in the file $HOME/.ssh/known_hosts this
procedure is known as host validation if the key is present in the known_hosts file it will proceed
with the subsequent authentication.
Else if it is not matching or not present will display the following message :
The authenticity of host ' (' can't be established.
RSA key fingerprint is bd:e7:14:30:13:ba:74:77:47:b3:2a:b3:a1:07:2e:7a.
Are you sure you want to continue connecting (yes/no)?
Once you say yes then the public key of the server will be placed in the known_hosts file and you
will not see this message again.
And once the host validation is complete the subsequent communcication will be encrypted using
the private key that was generated from ssh-keygen command.
(6) Difference between FTP, SSH, Telnet?
What is Telnet and SSH?
Telnet and SSH allows you to access your shell account. The main difference between Telnet and
SSH is that the SSH protocol is encrypted, and therefore allows secure transmission of sensitive
data such as passwords.
Unless you live in a country which does not allow the public to acquire encryption software, there
is no reason not to use SSH. Due to the additional security features of SSH, we highly
recommend all clients use SSH instead of Telnet.
The difference between SSH and Telnet is that SSH transparently encrypts the data between the
client and the server.
* Ftp : The File Transfer Protocol is an application program which moves files between computers
connected to the nternet independent of machine type or operating systems.FTP is an
application protocol that uses the nternet's TCP/P protocols.t belongs to the application layer of
the nternet protocol suite.
4 Device managment
Hard Drive nfo:
* df -k report filesystem disk space usage. (-k reports in Kbytes)
* du -sh Calculates file space usage for a given directory. (and everything under it) (-
s option summarizes)
* mount Displays all mounted devices, their mount point, filesystem, and access. Used with
command line arguments to mount file system.
* cat /proc/filesystems Display filesystems currently in use.
* cat /proc/mounts Display mounted filesystems currently in use.
* showmount Displays mount info for NFS filesystems.
* cat /proc/swaps Displays swap partition(s) size, type and quantity used.
* cat /proc/ide/hda/any-file Displays disk information held by kernel.
*/usr/bin/lsdev List devices and info on system hardware. Also RQ's.(RPM package procinfo)
*/sbin/lspci list all PC devices (result of probe) Also lspci -vvx and cat /proc/pci
*cat /proc/interrupts List RQ's used by system and the device using the interrupt.
*cat /proc/ioports List /O ports used by system.
*cat /proc/dma List DMA channels and device used by system.
*cat /proc/cpuinfo List info about CPU.
(1) How did add a new disk?
(Ans):Adding an extra hard drive: (See commands and dialog of adding a second DE hard drive)
1. fdisk /dev/<drive> - Allocate drive space and register info on the partition table. (Option
"n"/"p", then "w" to write.)
Also see: sfdisk - cfdisk
2. mkfs -t ext3 /dev/<drive> - Create file system. (RH 7.1 and earlier use ext2, RH 7.2-8.0 use
3. mount -t ext3 /dev/<drive's device name> /<home2 or some suitable directory> - Mount the
Mount a raw SO file: mount -t iso9660 -o loop /home/user1/RedHat-9.0-i386-Disk1.iso
(Fstab entry: /home/user1/RedHat-9.0-i386-Disk1.iso /mnt/iso-1 iso9660 loop,ro 0 3)
Also see: mkefs man page
Where the drive is /dev/hdb or some device as conforms to the Linux device names:
DE drives are referred to as hda for the first drive, hdb for the second etc... DE uses separate
ribbon cables for primary and secondary drives. The partitions on each drive are referred
numerically. The first partition on the first drive is referred to as hda1, the second as hda2, the
third as hda3 etc ...
Linux DE naming conventions:
Device Description Configuration
/dev/hda 1st (Primary) DE controller Master
/dev/hdb 1st (Primary) DE controller Slave
/dev/hdc 2nd (Secondary) DE controller Master
/dev/hdd 2nd (Secondary) DE controller Slave
Note: SCS disks are labeled /dev/sda, sdb, etc... For more info see SCS info.
Use the command cat /proc/partitions to see full list of disks and partitions that your system can
See Linux devices:
* Kernel 2.4: (Red Hat 7.1+)
o file:/usr/src/linux-2.4/Documentation/devices.txt - (local file)
* Kernel 2.2: (Red Hat 7.0-)
o file:/usr/src/linux/Documentation/devices.txt (local file) - H. Peter Anvin
To make the drive a permanent member of your system and have it mount upon system boot, add
it to your /etc/fstab file which holds all the file system information for your system. See man page
for fstab.
Example of existing /etc/fstab file:
/dev/sdb6 / ext2 defaults 1 1
/dev/sdb1 /boot ext2 defaults 1 2
/dev/cdrom /mnt/cdrom iso9660 noauto,user,users,ro 0 0
/dev/fd0 /mnt/floppy auto noauto,owner 0 0
none /proc proc defaults 0 0
none /dev/pts devpts gid=5,mode=620 0 0
/dev/sdb5 swap swap defaults 0 0
Add SCS drive by adding line:
/dev/sdc1 /home2 ext2 defaults 1 2
At this point one may optionally check the file system created with the command: fsck /dev/sdc1
Note that fsck is NOT run against a mounted file system. Unmount it first if necessary. (umount)
Also see the man page for:
* cfdisk - Curses based disk partition table manipulator. (very nice)
* fdisk - Manipulate/configure the partition table.
* sfdisk - Manipulate/configure the partition table.
* fsck
Mounting other file systems: (locally attached drives)
* Mounting a CD: mount -r -t iso9660 /dev/cdrom /mnt/cdrom
Un-Mount the CD-ROM: umount /dev/cdrom (No "n" in umount)
This command should work for a Red Hat installation. Other distributions may require the
following set-up:
ln -sf /dev/hdc /dev/scd0 Reference SCS device directly.
ln -sf /dev/hdc /dev/cdrom A more typical system
cd /mnt
mkdir cdrom
mount -t iso9660 -o ro /dev/cdrom /mnt/cdrom

Don't forget to un-mount the CD with umount /mnt/cdrom
[Potential Pitfall]: There is NO "N" in umount!!!
For trouble shooting your CD see your kernel documentation:
o Kernel 2.4: file:/usr/src/linux-2.4/Documentation/ide.txt (local file)
o Kernel 2.2: file:/usr/src/linux/Documentation/ide.txt (local file)
* Mounting a Windows partition.
* Mounting a floppy:
o Mount MS-DOS floppy: mount /dev/fd1 -t vfat /mnt/floppy
Also see the YoLinux tutorial on using MS-DOS floppies with Linux.
o Unix floppy: See YoLinux Tutorial - Linux Recovery and Boot Disk Creation
* Ramdisk: Using a portion of RAM memory to act like a superfast disk.
/sbin/mkfs -t ext2 /dev/ram
mount /dev/ram /mnt/ramd

[Potential Pitfall]: 've never actually tried this. Use at your own risk!
See How to use a Ramdisk for Linux
(2) How did you find swap space?
(Ans): free -m
root@svr40 []# free -m
total used free shared buffers cached
Mem: 999 901 97 0 123 370
-/+ buffers/cache: 407 592
Swap: 2000 170 1829
(3) How did you add additional swap space?
Add system swap space for virtual memory paging:
Swap space may be a swap partition, a swap file or a combination of the two. One should size
swap space to be at least twice the size of the computer's RAM. (but less than 2GB)
dd if=/dev/zero of=/swapfile bs=1024 count=265032 - Create file filled with zeros of size 256Mb
mkswap /swapfile - Create swap file
swapon /swapfile - Begin use of given swap file. Assign a priority with the "-p" flag.
swapon -s - List swap files
cat /proc/swaps - Same as above

This example refers to a swap file. One may also use a swap partition. Make entry to /etc/fstab to
permanently use swap file or partition.
/swapfile swap swap defaults 0 0

Note: To remove the use of swap space, use the command swapoff. f using a swap partition, the
partition must be unmounted.
5 User & group Managment
===== ==========
Creating Groups :
# groupadd -g<gid> 500 <groupname> sales
Ex:- groupadd -g 500 sales ==> t creates the group id 500 for sales
f you want to share the same group id for the other group name
# groupmod -g<gid> -O <groupname>
Ex:- groupadd -g 500 -O marketing ==> t creates a duplicate groupid for a group
f you want to change the group id of the groupname
# groupmod -g<new gid> <groupname>
Ex:- groupmod -g 5000 sales ==> t will changes the group id of sales (500) to 5000
f you want to change the group name to New group name
# groupmod -n<new groupname> <old groupname>
Ex:- groupmod -n Newsales sales => t will change the sales group name to Newsales
f you want to delete the group
# groupdel <groupname>
Ex:- groupdel sales ==> t will delete the sales group
Generall commands
groupadd ==> Adding a group
groupmod ==> Modification of a group
groupdel ==> Deleting a group
vi /etc/group ==> This file shows the groups details
Fields in /etc/group file
* Name: eg users
* Number (gid): eg 100, used internally by the kernel
* Defined in /etc/group
The columns in /etc/group are:
1. Group name, eg audio
2. Encrypted group password, or 'x' if the password hash is stored in /etc/gshadow
3. Group number (gid), eg 29
4. List of user name for people who are members of this group
Field Purpose
group Name The unique name of the group
password The password associated with the group. f a password is present the newgrp(1)
command prompts users to enter it.
GD The unique numeric group identification.
users A comma-separated list of user accounts that belong to the group
Ex:- root::0:root
==== ==========
User info Commands:
Command Discription
* who Displays currently logged in users.
Use who -uH for idle time and terminal info.
* users Show all users logged in.
* w Displays currently logged in users and processes they are running.
* whoami Displays user id.
* groups Display groups you are part of.
Use groups user-id to display groups for a given user.
* set Display all environment variables in your current environment.
* id Display user and all group ids.Use id user-id to display info for another user id.
* last Listing of most recent logins by users. Show where from, date and time of login (ftp,
ssh, ...) Also see lastlog command.Show last 100 logins: last -100
* history Shell command to display previously entered commands.
All UD's must be consistent across the network. The UD typically a number between 100 and
60002,but can go as high 2147483647. see the note in the description for "Primary group"
regarding UD's greater than 60000.Primary Group .Enter the primary group name or Gd (group
number for the group to which the user will belong This is the group the operating system
will assign to files created by the user. Group 10(staff) is prdefined group that is
sufficient for most user's GD's can range from 0-60002, but they can go as high as
n solaris root group id is 0 and user id 1
Adding a user account
useradd -u <uid> -g <Primary.Groupid> -G <Secondarygroupid> -d <dir>/export/home/username
-m <makehomedirectory> -s <shell> -c <coment> -f <inactive> -e <expirationdate>
-u <uid> Sets the unique UD for the user
-g <Primary.Groupid> Specifies a predifined GD or name for the user. This will be the
user's primary group
-G <Secondarygroupid> Defines the new user's secondary group memberships.Multiple
can be entered but must be separated by commas.
-d <dir> The home directory of the new user. t defaults to <base_dir>/<account_name>,
in which <base_dir> is the base directory for new login home directories , and
<account_name> is the new loginname.
-m <makehomedirectory> Creates a new home directory if one does not already exist.
-s <shell> Defines the full pathname for the shell program to be used as the user login
shell. The default is /bin/sh if a shell is not specified.
-c <coment> This is only comment and is typically used to specify the user's full name,
location and phone number.
-f <inactive> Sets the number of inactive days allowed on a user account. f the account
is not logged in to during the specified number of days, the account is locked.x
-e <expire> Sets an expiration date on the user account . Specifies the date on which
user can no longer log in and access the account .After the specified datre, the
account is locked. Use the following format to specify the date : mm/dd/yy
useradd -u 501 -g 500 -G 600 -d /export/home/susheel -m -s /bin/sh -c "susheel" susheel
#usermod -l <New login username> <Old login username>
Ex:- usermod -l susheelkumar susheel ==> This is for changing the name susheel to
#usermod -u <New user id> <Username>
Ex:- usermod -u 5001 susheel ==> This is to change the group id of susheel <500> to 5001
Changing the passwords
# or $ password can change by user or root
$passwd susheel
New password : xxxx
Enter New password : xxxx
password (SYSTEM):password succesfully changed for susheel
Password locking
# passwd -l susheel t locks the password of susheel
#cat /var/adm/sulog ==> t shows the previous logins on the system.
/etc/password ==> The /etc/passwd file is an ASC file that is used to define user accounts
on the local systems.Each line represents a user account and sonsists of seven colon-delimited
fields as follows:
Field Purpose
username The unique name assigned to the user account.
password n earlier versions of unix the password field contained the
encrypted account password. For security resason'e the passwords have
been moved to the /etc/shadow file. The letter "x" is typically placed in
this field to indicate that the password is in /etc/shadow
UD A unique numeric identification assigned to the user account.Any
process or files created by the user account will be owned by the UD.
The system administrator account,root is assigned the UD of 0. This is the
UD of a super account. System maintenence accounts are usaully assigned a
UD of less than 100,whereas user accounts typically start at 1001.
GD The numeric identification of the default group that the user has been assigned
as member.Groups are defined in the /etc/group file .
Commentfield nformation about the owner of the user account .such as real name phone
number mailing address,and so on An ampersand in this field is interepted as
as the contents of the usernmae field
Home directory The full path to the directory where the user is intially located after logging
Login shell The full pathname of the intial shell used as command interpreter. f left
empty the default is /usr/bin/sh
* Name: eg kim
* Number (uid), used internally by the kernel: eg 1006
* Defined in /etc/passwd. eg
kim:x:1006:100:Kim Oldfield,,,:/home/kim:/bin/bash
The columns in /etc/passwd are:
1. Username
2. Encrypted password, or 'x' if the password hash is stored in /etc/shadow
3. User D, uid - number for this user
4. Group D, gid - number for the default group for this user
5. Full name, or other description
6. User's home directory, typically /home/username, but can be anywhere.
7. User's shell
To find out your current username and uid, primary group an gid, and additional groups you are a
member of run id.
bash> id
uid=1006(kim) gid=1006(kim) groups=1006(kim),4(adm),29(audio)
/etc/shadow ==> The file /etc/shadow file should always
6 package & patch Administration
RPM Command Description
rpm -Uvh program_package-ver.rpm Upgrade the system with the RPM package
rpm -ivh program_package-ver.rpm New nstall
rpm -Fvh program_package-ver.rpm Freshen install. Removes all files (including config files) of
older version during upgrade.
rpm -q program_package Query system RPM database (/var/lib/rpm), to see if package is
rpm -qi program_package Query system RPM database for info/description on package (if
rpm -ql program_package List all files on the system associated with the package.
rpm -qf file dentify the package to which this file belongs.
rpm -e program_package Uninstall package from your system
rpm -qa List ALL packages on your system. Use this with grep to find families of
rpm -qp --requires program_package-ver.rpm List dependancies (files and packages) of RPM.
List prerequisites.
rpm -q --whatrequires program_package List dependant packages of RPM. What packages will
break if this RPM is removed.
rpm -K --nogpg *.rpm Non sure if RPM downloaded ok? Verify md5 sum.
(1)Where the currently installed packages and patches are located in?
(Ans): /var/lib/rpm/
(2) Difference between *q and *a?
(Ans): *q query *a all
7 Networking concepts
What is the OS model?
The OS model is a reference model which most T professionals use to describe networks and
network applications.
The OS model was originally intended to describe a complete set of production network
protocols, but the cost and complexity of the government processes involved in defining the OS
network made the project unviable. n the time that the OS designers spent arguing over who
would be responsible for what, TCP/P conquered the world.
The Seven Layers of the OS Model
The seven layers of the OS model are:
Layer Name
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
The easiest way to remember the layers of the OS model is to use the handy mnemonic "All
People Seem To Need Data Processing":
Layer Name Mnemonic

7 Application All
6 Presentation People
5 Session Seem
4 Transport To
3 Network Need
2 Data Link Data
1 Physical Processing
The functions of the seven layers of the OS model are:
* Layer Seven of the OS Model
The Application Layer of the OS model is responsible for providing end-user services, such as
file transfers, electronic messaging, e-mail, virtual terminal access, and network management.
This is the layer with which the user interacts.
* Layer Six of the OS Model
The Presentation Layer of the OS model is responsible for defining the syntax which two
network hosts use to communicate. Encryption and compression should be Presentation Layer
* Layer Five of the OS Model
The Session Layer of the OS model is responsible for establishing process-to-process
commnunications between networked hosts.
* Layer Four of the OS Model
The Transport Layer of the OS model is responsible for delivering messages between
networked hosts. The Transport Layer should be responsible for fragmentation and reassembly.
* Layer Three of the OS Model
The Network Layer of the OS model is responsible for establishing paths for data transfer
through the network. Routers operate at the Network Layer.
* Layer Two of the OS Model
The Data Link Layer of the OS model is responsible for communications between adjacent
network nodes. Hubs and switches operate at the Data Link Layer.
* Layer One of the OS Model
The Physical Layer of the OS model is responsible for bit-level transmission between network
nodes. The Physical Layer defines items such as: connector types, cable types, voltages, and
The OS Model vs. The Real World
The most major difficulty with the OS model is that is does not map well to the real world!
The OS was created after many of todays protocols were already in production use. These
existing protocols, such as TCP/P, were designed and built around the needs of real users with
real problems to solve. The OS model was created by academicians for academic purposes.
The OS model is a very poor standard, but it's the only well-recognized standard we have which
describes networked applications.
The easiest way to deal with the OS model is to map the real-world protocols to the model, as
well as they can be mapped.
Layer Name Common Protocols

7 Application SSH, telnet, FTP
6 Presentation HTTP, SMTP, SNMP
5 Session RPC,Named Pipes, NETBOS
4 Transport TCP, UDP
3 Network P
2 Data Link Ethernet
1 Physical Cat-5
The difficulty with this approach is that there is no general agreement as to which layer of the OS
model to map any specific protocol. You could argue forever about what OS model layer SSH
maps to.
A much more accurate model of real-world networking is the TCP/P model:
TCP/P Model
Application Layer
Transport Layer
nternet Layer
Network nterface Layer
The most significant downside with the TCP/P model is that if you reference it, fewer people will
know what you are talking about!
The way that most services work under TCP/P is that the server is configured to use a well
known port number and the client connects from a random high port.
Most of these well known ports are port numbers below 1,024. High ports are ports 1,024 or
n the old days, ports below 1,024 were known as trusted ports. On Unix machines, only a user or
process with root privileges is able to open an outgoing port below 1,024.
With the proliferation of Windows and single-user Unix systems, the trusted port model no longer
A few of the most common well known ports are:
Service Port

FTP 20,21
SSH 22
telnet 23
DNS 53
DHCP 67,68
POP3 110
NNTP 119
NTP 123
MAP4 143
LDAP 389
MAPS 993
RADUS 1812
AM 5190
The file /etc/services on most Unix machines lists the port assignments for that machine.
On Windows, TCP/P port assignments are stored in the
* Diffrence Between. Switch , Hub, Router..
=== is a layer1 device..used to connect various machine on Lan.
2.t forwards broadcast by default.
3.t supports one collision domain and one broadcast domain. works on Bus topolog resulting less speed.

1. A layer2 device.
2. Forward broadcast first time only.
3. one broadcast domain & colliosion domains depends on no. of ports.
4.t is based on Star Topology giving 100mbps to every pc on Lan.
1. Does not Broadcast by default.
2. breaks up Broadcast domain.
3. Also called Layer3 switch.
Source :
8 Nfs
(1) Configuration file for NFS?
9 Dns & Apache
(1) How http works?
(Ans):What is http protocol ?
Http protocol is a protocol defining communication between a server and a client in order to
transfert a file. The current version is Http 1.1. See RFC 2616 for more details.
This protocol is used as a standard to surf web sites because it suits browsing with hypertext
What is going on while i'm surfing the net ?
When clicking on an hypertext link, you are transfering an URL to your browser. From this URL,
your browser knows which server to contact and what file to ask for.
This is exactly where the http protocol starts : connect a server and transfer a file !
Http transaction life time
During an http transaction, the requester, known as the client, asks for a file to a server.
Normal schema:
1 Client connects to host,
2 Server accepts connection,
3 Client request a file,
4 Server sends a response (including file or not).
(2) What are records in dns zone and importance?
(Ans): @ N SOA (
2004100801 ; serial #
4H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
Name : The root name of the zone. The "@" sign is a shorthand reference to the current origin
(zone) in the /etc/named.conf file for that particular database file.
Class: There are a number of different DNS classes. Home/SOHO will be limited to the N or
nternet class used when defining P address mapping information for BND. Other classes exist
for non nternet protocols and functions but are very rarely used..
Type: The type of DNS resource record. n the example, this is an SOA resource record. Other
types of records exist, which 'll cover later.
Name-server: Fully qualified name of your primary name server. Must be followed by a period.
Email-address: The e-mail address of the name server administrator. The regular @ in the e-mail
address must be replaced with a period instead. The e-mail address must also be followed by a
Serial-no: A serial number for the current configuration. You can use the date format YYYYMMDD
with an incremented single digit number tagged to the end. This will allow you to do multiple edits
each day with a serial number that both increments and reflects the date on which the change
was made.
Refresh: Tells the slave DNS server how often it should check the master DNS server. Slaves
aren't usually used in home / SOHO environments.
Retry: The slave's retry interval to connect the master in the event of a connection failure. Slaves
aren't usually used in home / SOHO environments.
Expiry: Total amount of time a slave should retry to contact the master before expiring the data it
contains. Future references will be directed towards the root servers. Slaves aren't usually used
in home/SOHO environments.
Minimum-TTL: There are times when remote clients will make queries for subdomains that don't
exist. Your DNS server will respond with a no domain or NXDOMAN response that the remote
client caches. This value defines the caching duration your DNS includes in this response.
Record Type Field Description
Type Name Field ClassField2 TypeField DataField
NS Usually blank1 N NS P address or CNAME of the name server
MX Domainname as in Zonefile N MX Mail server DNS name
A Name of a server N A P address of server
CNAME Server name alias N CNAME "A" record name for the server
PTR Lastoctet of server's P N PTR Fully qualified server name
(3) Fields in Virtual Host entry?
(Ans): <VirtualHost>
DocumentRoot /home/vindul32/public_html
BytesLog domlogs/
User vindul32
Group vindul32
<fModule mod_php4.c>
php_admin_value open_basedir "/home/vindul32/:/usr/lib/php:/usr/local/lib/php:/tmp"
<fModule mod_php5.c>
php_admin_value open_basedir "/home/vindul32/:/usr/lib/php:/usr/local/lib/php:/tmp"
CustomLog domlogs/ combined
ScriptAlias /cgi-bin/ /home/vindul32/public_html/cgi-bin/
(4) What are the files for forward lookup and reverse lookup in DNS?
(Ans):Forward zone file
vi /var/named/
; cPanel 5.x
; Zone file for vindulge
@ 14400 N SOA (
1055042780 ; serial, todays date+todays
28800 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds 14400 N NS 14400 N NS 14400 N A 14400 N A 14400 N MX 0
mail 14400 N CNAME
www 14400 N CNAME
ftp 14400 N A
(5) Configuration of Dns and Apache ?
(Ans): DNS
1) First we have to configure conf file For example
vi /etc/named.conf
zone "" {
type master;
file "/var/named/";
2) Forward zone file
vi /var/named/
; cPanel 5.x
; Zone file for vindulge
@ 14400 N SOA (
1055042780 ; serial, todays date+todays
28800 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds 14400 N NS 14400 N NS 14400 N A 14400 N A 14400 N MX 0
mail 14400 N CNAME
www 14400 N CNAME
ftp 14400 N A
3) vi /etc/httpd/conf/httpd.conf
DocumentRoot /home/vindul32/public_html
BytesLog domlogs/
User vindul32
Group vindul32
<fModule mod_php4.c>
php_admin_value open_basedir "/home/vindul32/:/usr/lib/php:/usr/local/lib/php:/tmp"
<fModule mod_php5.c>
php_admin_value open_basedir "/home/vindul32/:/usr/lib/php:/usr/local/lib/php:/tmp"
CustomLog domlogs/ combined
ScriptAlias /cgi-bin/ /home/vindul32/public_html/cgi-bin/
4) vi /etc/resolv.conf
Entries in Sub domain:
To create subdomain:
t wont create a seprate dns zone file. n the dns zone file it will adds the entry as
test 14400 N A
www.test 14400 N A
Zone file should be as follows
vi /var/named/
; cPanel 5.x
; Zone file for
@ 14400 N SOA
( 2006080600 ; serial, todays date+todays
28800 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds 14400 N NS 14400 N NS 14400 N A 14400 N A 14400 N MX 0
mail 14400 N CNAME
www 14400 N CNAME
ftp 14400 N A
test 14400 N A
www.test 14400 N A
We have create a separate virtual host entry in httpd.conf file and create
directory for subdomain EX: test
2) vi /etc/httpd/conf/httpd.conf
DocumentRoot /home/vindul32/public_html/test
BytesLog domlogs/
<fModule mod_php4.c>
php_admin_value open_basedir "/home/vindul32:/usr/lib/php:/usr/local/lib/php:/tmp"
<fModule mod_php5.c>
php_admin_value open_basedir "/home/vindul32:/usr/lib/php:/usr/local/lib/php:/tmp"
User vindul32
Group vindul32
CustomLog /usr/local/apache/domlogs/ combined
ScriptAlias /cgi-bin/ /home/vindul32/public_html/test/cgi-bin/
3)t will create a folder in public_html
Paths,configuration files & logs
Services Apchae
Version /usr/local/apache/bin/httpd -v Server version: Apache/1.3.37 (Unix)
Server built: Sep 15 2006 07:11:04
PortNumbers Unsecured http:// 80,
Secured https:// 443,
Paths /home/username/public_html
Configurationfiles /etc/httpd/conf/httpd.conf
Logfiles accessing logs ==> /usr/local/apache/logs/access_log
site logs ==> /usr/local/apache/logs/audit_log
error logs ==> /usr/local/apache/logs/error_log
We disabled ==> /usr/local/apache/logs/modsec_debug_log
domianlogs ==> /usr/local/apache/domlogs/domainname
bytes logs ==> /usr/local/apache/domlogs/domainname-bytes_log
Daemon httpd
Stoping service killall -9 httpd
service httpd stop
/etc/init.d/httpd stop
Restarting services service httpd start
service httpd restart
/etc/init.d/httpd start
/etc/init.d/httpd restart
10 Nis
11 Printers
12 cron jobs
(1) What are the fields in cron?
(Ans):What is cron?
Cron is the name of program that enables unix users to execute commands or
scripts (groups of commands) automatically at a specified time/date. t is
normally used for sys admin commands,
The cron daemon, is crond
What is cron tab?
'Cron tab(CRON TABle)' is a text file that contains a series of cron functions.
crontab -l [ List the crons set in the server ]
crontab -e [ To edit the cron for system wide ] control X to save and quit
crontab -e -u <username> [ To check the user crontab file ]
crontab -r Remove your crontab file.
crontab -v Display the last time you edited your crontab file. (This option is only available on a
few systems.)
Path for the system define cron : vi /etc/crontab
root@svr25 [~]# cat /etc/crontab
# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly
*/3 * * * * root /usr/local/sim/sim -q >> /dev/null 2>&1
The first part is almost self explanatory; it sets the variables for cron.
SHELL is the 'shell' cron runs under. f unspecified, it will default to
the entry in the /etc/passwd file.
PATH contains the directories which will be in the search path for cron
e.g if you've got a program 'foo' in the directory /usr/cog/bin, it might
be worth adding /usr/cog/bin to the path, as it will stop you having to use
the full path to 'foo' every time you want to call it.
MALTO is who gets mailed the output of each command. f a command cron is
running has output (e.g. status reports, or errors), cron will email the output
to whoever is specified in this variable. f no one if specified, then the
output will be mailed to the owner of the process that produced the output.
HOME is the home directory that is used for cron. f unspecified, it will
default to the entry in the /etc/passwd file.
Now for the more complicated second part of a crontab file.
An entry in cron is made up of a series of fields, much like the /etc/passwd
file is, but in the crontab they are separated by a space. There are normally
seven fields in one entry. The fields are:
3. Crontab file
Crontab syntax :-
A crontab file has five fields for specifying day , date and time followed by the command to be run
at that interval.
* * * * * command to be executed
- - - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)
* in the value field above means all legal values as in braces for that column.
The value column can have a * or a list of elements separated by commas. An element is either a
number in the ranges shown above or two numbers in the range separated by a hyphen
(meaning an inclusive range).
Note: The specification of days can be made in two fields: monthday and weekday. f both are
specified in an entry, they are cumulative .
* * * * * *
minute hour dom month dow user cmd
minute This controls what minute of the hour the command will run on,
and is between '0' and '59'
hour This controls what hour the command will run on, and is specified in
the 24 hour clock, values must be between 0 and 23 (0 is midnight)
dom This is the Day of Month, that you want the command run on, e.g. to
run a command on the 19th of each month, the dom would be 19.
month This is the month a specified command will run on, it may be specified
numerically (0-12), or as the name of the month (e.g. May)
dow This is the Day of Week that you want a command to be run on, it can
also be numeric (0-7) or as the name of the day (e.g. sun).
user This is the user who runs the command.
cmd This is the command that you want run. This field may contain
multiple words or spaces.
f you don't wish to specify a value for a field, just place a * in the
01 * * * * root echo "This command is run at one min past every hour"
17 8 * * * root echo "This command is run daily at 8:17 am"
17 20 * * * root echo "This command is run daily at 8:17 pm"
00 4 * * 0 root echo "This command is run at 4 am every Sunday"
* 4 * * Sun root echo "So is this"
42 4 1 * * root echo "This command is run 4:42 am every 1st of the month"
01 * 19 07 * root echo "This command is run hourly on the 19th of July"
Path for the cron's in the system : cd /var/spool/cron/ [ We can see the user's defined crons ]
To check the logs of cron tail -f /var/log/cron
Schedules a command to be ran at a particular time, such as a print job late at night.
at executes commands at a specified time.
atq lists the user's pending jobs, unless the user is the superuser; in that case,
everybody's jobs are listed. The format of the output lines (one for each job
is: Job number, date, hour, job class.
atrm deletes jobs, identified by their job number.
batch executes commands when system load levels permit; in other words, when the load
average drops below 1.5, or the value specified in the invocation of atrun.
at [-c | -k | -s] [-f filename] [-q queuename] [-m] -t time [date] [-l] [-r]
-c C shell. csh(1) is used to execute the at-job.
-k Korn shell. ksh(1) is used to execute the at-job.
-s Bourne shell. sh(1) is used to execute the at-job.
-f filename Specifies the file that contains the command to run.
-m Sends mail once the command has been run.
-t time Specifies at what time you want the command to be ran. Format hh:mm. am / pm
indication can also follow the time otherwise a 24-hour clock is used. A timezone name of GMT,
UCT or ZULU (case insensitive) can follow to specify that the time is in Coordinated Universal
Time. Other timezones can be specified using the TZ environment variable. The below quick
times can also be entered:
midnight - ndicates the time 12:00 am (00:00).
noon - ndicates the time 12:00 pm.
now - ndicates the current day and time. nvoking at - now will submit submit an at-job for
potentially immediate Specifies the date you wish it to be ran on. Format month,
date, year. The following quick days can also be entered:
today - ndicates the current day.
tomorrow - ndicates the day following the current day.
-l Lists the commands that have been set to run.
-r Cancels the command that you have set in the past.
at -m 01:35 < atjob = Run the commands listed in the 'atjob' file at 1:35AM, in addition all output
that is generated from job mail to the user running the task. When this command has been
successfully enter you should receive a prompt similar to the below example.
commands will be executed using /bin/csh
job 1072250520.a at Wed Dec 24 00:22:00 2003
at -l = This command will list each of the scheduled jobs as seen below.
1072250520.a Wed Dec 24 00:22:00 2003
at -r 1072250520.a = Deletes the job just created.
atrm 23 = Deletes job 23.
f you wish to create a job that is repeated you could modify the file that executes the commands
with another command that recreates the job or better yet use the crontab command.
Note: Performing just the at command at the prompt will give you an error "Garbled Time", this
is a standard error message if no switch or time setting is given.
(2) Difference between AT and CRONTAB?
13 Backup recovery
(1) What is the usage of FSFLUSH command?
(2) What is the importance of DD command?
(3) How can you find the information about existing tape drive?
(4) How UFS Dump and UFS restore works?
14 Lvms
(1)How LVM works?
15 Raid
RAD Level 0 requires a minimum of 2 drives to implement
Characteristics & Advantages
=============== = ==========
RAD 0 implements a striped disk array, the data is broken down into blocks and each block is
written to a separate disk drive
/O performance is greatly improved by spreading the /O load across many channels and drives
Best performance is achieved when data is striped across multiple controllers with only one drive
per controller
No parity calculation overhead is involved
Very simple design
Easy to implement
Not a "True" RAD because it is NOT fault-tolerant
The failure of just one drive will result in all data in an array being lost
Should never be used in mission critical environments
Recommended Applications
=========== ============
* Video Production and Editing
* mage Editing
* Pre-Press Applications
* Any application requiring high bandwidth
==== =
For Highest performance, the controller must be able to perform two concurrent separate Reads
per mirrored pair or two duplicate Writes per mirrored pair.
RAD Level 1 requires a minimum of 2 drives to implement
Characteristics & Advantages:
=============== = ===========
* One Write or two Reads possible per mirrored pair
* Twice the Read transaction rate of single disks, same Write transaction rate as single disks
* 100% redundancy of data means no rebuild is necessary in case of a disk failure, just a copy to
the replacement disk
*Transfer rate per block is equal to that of a single disk
* Under certain circumstances, RAD 1 can sustain multiple simultaneous drive failures
* Simplest RAD storage subsystem design
* Highest disk overhead of all RAD types (100%) - inefficient
* Typically the RAD function is done by system software, loading the CPU/Server and possibly
degrading throughput at high activity levels. Hardware implementation is strongly recommended
* May not support hot swap of failed disk when implemented in "software"
Recommended Applications
=========== ============
* Accounting
* Payroll
* Financial
* Any application requiring very high availability
==== =
Each bit of data word is written to a data disk drive (4 in this example: 0 to 3). Each data word has
its Hamming Code ECC word recorded on the ECC disks. On Read, the ECC code verifies
correct data or corrects single disk errors.
Characteristics & Advantages
=============== = ==========
* "On the fly" data error correction
* Extremely high data transfer rates possible
* The higher the data transfer rate required, the better the ratio of data disks to ECC disks
* Relatively simple controller design compared to RAD levels 3,4 & 5
* Very high ratio of ECC disks to data disks with smaller word sizes - inefficient
* Entry level cost very high - requires very high transfer rate requirement to justify
* Transaction rate is equal to that of a single disk at best (with spindle synchronization)
* No commercial implementations exist / not commercially viable
The data block is subdivided ("striped") and written on the data disks. Stripe parity is generated
on Writes, recorded on the parity disk and checked on Reads.
RAD Level 3 requires a minimum of 3 drives to implement
Characteristics & Advantages
=============== ==========
* Very high Read data transfer rate
* Very high Write data transfer rate
* Disk failure has an insignificant impact on throughput
* Low ratio of ECC (Parity) disks to data disks means high efficiency
* Transaction rate equal to that of a single disk drive at best (if spindles are synchronized)
* Controller design is fairly complex
* Very difficult and resource intensive to do as a "software" RAD
Recommended Applications
=========== =============
* Video Production and live streaming
* mage Editing
* Video Editing
* Prepress Applications
* Any application requiring high throughput
==== =

Each entire block is written onto a data disk. Parity for same rank blocks is generated on Writes,
recorded on the parity disk and checked on Reads.
RAD Level 4 requires a minimum of 3 drives to implement
Characteristics & Advantages
=============== = ==========
* Very high Read data transaction rate
* Low ratio of ECC (Parity) disks to data disks means high efficiency
* High aggregate Read transfer rate
* Quite complex controller design
* Worst Write transaction rate and Write aggregate transfer rate
* Difficult and inefficient data rebuild in the event of disk failure
* Block Read transfer rate equal to that of a single disk
==== =
Each entire data block is written on a data disk; parity for blocks in the same rank is generated on
Writes, recorded in a distributed location and checked on Reads.
RAD Level 5 requires a minimum of 3 drives to implement
Characteristics & Advantages
=============== = ==========
* Highest Read data transaction rate
* Medium Write data transaction rate
* Low ratio of ECC (Parity) disks to data disks means high efficiency
* Good aggregate transfer rate
* Disk failure has a medium impact on throughput
* Most complex controller design
* Difficult to rebuild in the event of a disk failure (as compared to RAD level 1)
* ndividual block data transfer rate same as single disk
Recommended Applications
=========== =============
* File and Application servers
* Database servers
* Web, E-mail, and News servers
* ntranet servers
* Most versatile RAD level
==== =
Two independent parity computations must be used in order to provide protection against double
disk failure. Two different algorithms are employed to achieve this purpose.
RAD Level 6 requires a minimum of 4 drives to implement
Characteristics & Advantages
=============== = =========
* RAD 6 is essentially an extension of RAD level 5 which allows for additional fault tolerance by
using a second independent distributed parity scheme (dual parity)
* Data is striped on a block level across a set of drives, just like in RAD 5, and a second set of
parity is calculated and written across all the drives; RAD 6 provides for an extremely high data
fault tolerance and can sustain multiple simultaneous drive failures
* Perfect solution for mission critical applications
* More complex controller design
* Controller overhead to compute parity addresses is extremely high
* Write performance can be brought on par with RAD Level 5 by using a custom ASC for
computing Reed-Solomon parity
* Requires N+2 drives to implement because of dual parity scheme
Recommended Applications
=========== ============
* File and Application servers
* Database servers
* Web and E-mail servers
* ntranet servers
* Excellent fault-tolerance with the lowest overhead
RAD 10
==== ==
RAD Level 10 requires a minimum of 4 drives to implement
Characteristics & Advantages
=============== = ===========
* RAD 10 is implemented as a striped array whose segments are RAD 1 arrays
* RAD 10 has the same fault tolerance as RAD level 1
* RAD 10 has the same overhead for fault-tolerance as mirroring alone
* High /O rates are achieved by striping RAD 1 segments
* Under certain circumstances, RAD 10 array can sustain multiple simultaneous drive failures
* Excellent solution for sites that would have otherwise gone with RAD 1 but need some
additional performance boost
* Very expensive / High overhead
* All drives must move in parallel to proper track lowering sustained performance
* Very limited scalability at a very high inherent cost
Recommended Applications
=========== ============
* Database server requiring high performance
and fault tolerance
RAD 50
==== ==
RAD Level 50 requires a minimum of 6 drives to implement
Characteristics & Advantages
=============== = ==========
* RAD 50 should have been called "RAD 03" because it was implemented as a striped (RAD
level 0) array whose segments were RAD 3 arrays (during mid-90s)
* Most current RAD 50 implementation is illustrated above
* RAD 50 is more fault tolerant than RAD 5 but has twice the parity overhead
* High data transfer rates are achieved thanks to its RAD 5 array segments
* High /O rates for small requests are achieved thanks to its RAD 0 striping
* Maybe a good solution for sites who would have otherwise gone with RAD 5 but need some
additional performance boost
* Very expensive to implement
* All disk spindles must be synchronized, which limits the choice of drives
* Failure of two drives in one of the RAD 5 segments renders the whole array unusable
RAD 0+1
==== ===
RAD Level 0+1 requires a minimum of 4 drives to implement
Characteristics & Advantages
=============== = ==========
* RAD 0+1 is implemented as a mirrored array whose segments are RAD 0 arrays
* RAD 0+1 has the same fault tolerance as RAD level 5
* RAD 0+1 has the same overhead for fault-tolerance as mirroring alone
* High /O rates are achieved thanks to multiple stripe segments
* Excellent solution for sites that need high performance but are not concerned with achieving
maximum reliability
* RAD 0+1 is NOT to be confused with RAD 10. A single drive failure will cause the whole array
to become, in essence, a RAD Level 0 array
* Very expensive / High overhead
* All drives must move in parallel to proper track lowering sustained performance
* Very limited scalability at a very high inherent cost
Recommended Applications
=========== ============
* maging applications
* General fileserver
Reasons why you should use RAD:
1. Speed
2. ncreased Storage capacity
3. The economic costs of disk failure
* n addition to downtime, consider. . .
* Emergency service cost
* Cost of restoring data
* mmediate lost productivity
* Long term lost sales
* Lost repeat sales
* Lost word-of-mouth advertising
* n a commercial enterprise, the cost of a disk failure when there is no mirroring or RAD is
much larger than usually recognized.
* Unexpectedly, the largest cost is the accumulated lost sales over a long period of time.
16 process management
Monitoring the system:
* pstree Processes and parent-child relationships
* top Show top processes
* ps -auxw process status
* vmstat Monitor virtual memory
* free Display amount of free and used memory in the system. (Also: cat /proc/meminfo)
* pmap Display/examine memory map and libraries (so). Usage: pmap pid
* cat /proc/sys/vm/freepages Display virtual memory "free pages".One may increase/decrease
this limit: echo 300 400 500 > /proc/sys/vm/freepages
* uname -a print system information
* cat /proc/version Display Linux kernel version in use.
* cat /etc/redhat-release Display Red Hat Linux Release. (also /etc/issue)
* uptime Tell how long the system has been running. Also number of users and system's load
* w Show who is logged on and what they are doing.
* /sbin/lsmod List all currently loaded kernel modules.Same as cat /proc/modules
* /sbin/runlevel Displays the system's current runlevel.
* hostname Displays/changes the system's node name. (Must also manually change hostname
setting in /etc/sysconfig/network. Command will change entry in /etc/hosts)
* service Red Hat/Fedora command to display status of system services.
Example: service --status-all Help: service --help
(1) Which command is used to monitoring processes?
(2) What is the importance and out puts of "top, ethereal, tcpdump, ntop, mrtg, weblaizer, sarg
and nagios?
(3) What is OSTAT, NETSTAT and VMSTAT ans differences?
(Ans): OSTAT :
(4) What is out put formats for oStat, Netstat and Vmstat?
Solaris Performance Monitoring & Tuning - iostat , vmstat & netstat
ntroduction to iostat , vmstat and netstat
* ps : provides process information
* vmstat : which provides paging and CPU utilization info. t also provides disk utilization data for
4 devices, but if you have many hard disks on your system, prefer iostat.
* iostat : provides disk i/o info.
* netstat: provides network utilization data.
* ab : is apachebench which simulates multiple web browsers. A good networking and application
server test.
This document is primarily written with reference to solaris performance monitoring and tuning but
these tools are available in other unix variants also with slight syntax difference.
iostat , vmstat and netstat are three most commonly used tools for performance monitoring .
These comes built in with the operating system and are easy to use .iostat stands for input output
statistics and reports statistics for i/o devices such as disk drives . vmstat gives the statistics for
virtual Memory and netstat gives the network statstics .
Following paragraphs describes these tools and their usage for performance monitoring and if
you need more information there are some very good solaris performance monitoring books
available at
Table of content :
1. ostat
* Syntax
* example
* Result and Solutions
2. vmstat
* syntax
* example
* Result and Solutions
3. netstat
* syntax
* example
* Result and Solutions
4. Next Steps
nput Output statistics ( iostat )
iostat reports terminal and disk /O activity and CPU utilization. The first line of output is for
the time period since boot & each subsequent line is for the prior interval . Kernel maintains
a number of counters to keep track of the values.
iostat's activity class options default to tdc (terminal, disk, and CPU). f any other option/s are
specified, this default is completely overridden i.e. iostat -d will report only statistics about the
Basic synctax is iostat <options> interval count
option - let you specify the device for which information is needed like disk , cpu or terminal. (-d ,
-c , -t or -tdc ) . x options gives the extended statistics .
interval - is time period in seconds between two samples . iostat 4 will give data at each 4
seconds interval.
count - is the number of times the data is needed . iostat 4 5 will give data at 4 seconds
interval 5 times
$ iostat -xtc 5 2
extended disk statistics tty cpu
disk r/s w/s Kr/s Kw/s wait actv svc_t %w %b tin tout us sy wt id
sd0 2.6 3.0 20.7 22.7 0.1 0.2 59.2 6 19 0 84 3 85 11 0
sd1 4.2 1.0 33.5 8.0 0.0 0.2 47.2 2 23
sd2 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0 0
sd3 10.2 1.6 51.4 12.8 0.1 0.3 31.2 3 31
The fields have the following meanings:
disk name of the disk
r/s reads per second
w/s writes per second
Kr/s kilobytes read per second
Kw/s kilobytes written per second
wait average number of transactions waiting for service (Q length)
actv average number of transactions actively
being serviced (removed from the queue but not yet completed)
%w percent of time there are transactions waiting
for service (queue non-empty)
%b percent of time the disk is busy (transactions
in progress)
Results and Solutions:
The values to look from the iostat output are:
* Reads/writes per second (r/s , w/s)
* Percentage busy (%b)
* Service time (svc_t)
f a disk shows consistently high reads/writes along with , the percentage busy (%b) of the disks
is greater than 5 percent, and the average service time (svc_t) is greater than 30 milliseconds,
then one of the following action needs to be taken
1.)Tune the application to use disk i/o more efficiently by modifying the disk queries and using
available cache facilities of application servers .
2.) Spread the file system of the disk on to two or more disk using disk striping feature of volume
manager /disksuite etc.
3.) ncrease the system parameter values for inode cache , ufs_ninode , which is Number of
inodes to be held in memory. nodes are cached globally (for UFS), not on a per-file system basis
4.) Move the file system to another faster disk /controller or replace existing disk/controller to a
Virtual Memory Statistics ( vmstat )
vmstat - vmstat reports virtual memory statistics of process, virtual memory, disk, trap, and CPU
On multicpu systems , vmstat averages the number of CPUs into the output. For per-process
statistics .Without options, vmstat displays a one-line summary of the virtual memory activity
since the system was booted.
Basic synctax is vmstat <options> interval count
option: let you specify the type of information needed such as paging -p , cache -c ,.interrupt -i
if no option is specified information about process , memory , paging , disk ,interrupts & cpu is
displayed .
interval : is time period in seconds between two samples . vmstat 4 will give data at each 4
seconds interval.
count : is the number of times the data is needed . vmstat 4 5 will give data at 4 seconds
interval 5
The following command displays a summary of what the system
is doing every five seconds.
example% vmstat 5
procs memory page disk faults cpu
r b w swap free re mf pi p fr de sr s0 s1 s2 s3 in sy cs us sy id
0 0 0 11456 4120 1 41 19 1 3 0 2 0 4 0 0 48 112 130 4 14 82
0 0 1 10132 4280 0 4 44 0 0 0 0 0 23 0 0 211 230 144 3 35 62
0 0 1 10132 4616 0 0 20 0 0 0 0 0 19 0 0 150 172 146 3 33 64
0 0 1 10132 5292 0 0 9 0 0 0 0 0 21 0 0 165 105 130 1 21 78
The fields of vmstat's display are
r in run queue
b blocked for resources /O, paging etc.
w swapped
memory (in Kbytes)
swap - amount of swap space currently available
free - size of the free list
page ( in units per second).
re page reclaims - see -S option for how this field is modified.
mf minor faults - see -S option for how this field is modified.
pi kilobytes paged in
po kilobytes paged out
fr kilobytes freed
de anticipated short-term memory shortfall (Kbytes)
sr pages scanned by clock algorithm
disk ( operations per second )
There are slots for up to four disks, labeled with a single letter and number.
The letter indicates the type of disk (s = SCS, i = P, etc) . The number is
the logical unit number.
in (non clock) device interrupts
sy system calls
cs CPU context switches
cpu - breakdown of percentage usage of CPU time. On multiprocessors this is an a
verage across all processors.
us user time
sy system time
id idle time
Results and Solutions:
A. CPU issues:
Following columns has to be watched to determine if there is any cpu issue
1. Processes in the run queue (procs r)
2. User time (cpu us)
3. System time (cpu sy)
4. dle time (cpu id)
procs cpu
r b w us sy id
0 0 0 4 14 82
0 0 1 3 35 62
0 0 1 3 33 64
0 0 1 1 21 78
Problem symptoms:
1.) f the number of processes in run queue (procs r) are consistently greater than the number of
CPUs on the system it will slow down system as there are more processes then available CPUs .
2.) if this number is more than four times the number of available CPUs in the system then
system is facing shortage of cpu power and will greatly slow down the processess on the system.
3.) f the idle time (cpu id) is consistently 0 and if the system time (cpu sy) is double the user time
(cpu us) system is facing shortage of CPU resources.

Resolution :
Resolution to these kind of issues involves tuning of application procedures to make efficient use
of cpu and as a last resort increasing the cpu power or adding more cpu to the system.
B. Memory ssues:
Memory bottlenecks are determined by the scan rate (sr) . The scan rate is the pages scanned by
the clock algorithm per second. f the scan rate (sr) is continuously over 200 pages per second
then there is a memory shortage.
Resolution :
1. Tune the applications & servers to make efficient use of memory and cache.
2. ncrease system memory .
3. mplement priority paging in s in pre solaris 8 versions by adding line "set priority paging=1" in
/etc/system. Remove this line if upgrading from Solaris 7 to 8 & retaining old /etc/system file.
Network Statistics (netstat)
======= ========== =========
netstat displays the contents of various network-related data structures in depending on the
options selected.
Syntax :
netstat <option/s>
multiple options can be given at one time.
-a - displays the state of all sockets.
-r - shows the system routing tables
-i - gives statistics on a per-interface basis.
-m - displays information from the network memory buffers. On Solaris, this shows statistics
-p [proto] - retrieves statistics for the specified protocol
-s - shows per-protocol statistics. (some implementations allow -ss to remove fileds with a value
of 0 (zero) from the display.)
-D - display the status of DHCP configured interfaces.
-n do not lookup hostnames, display only P addresses.
-d (with -i) displays dropped packets per interface.
- [interface] retrieve information about only the specified interface.
-v be verbose
interval - number for continuous display of statictics.
Example :
$netstat -rn
Routing Table: Pv4
Destination Gateway Flags Ref Use nterface
-------------------- -------------------- ----- ----- ------ --------- U 1 1444 le0 U 1 0 le0
default UG 1 68276 UH 1 10497 lo0
This shows the output on a Solaris machine who's P address is with a default
router at
Results and Solutions:
A.) Network availability
The command as above is mostly useful in troubleshooting network accessibility issues . When
outside network is not accessible from a machine check the following
1. if the default router ip address is correct
2. you can ping it from your machine.
3. f router address is incorrect it can be changed with route add commnad . See man route for
more info .
route command examples:
$route add default <hostname>
$route add <gateway_name>
f the router address is correct but still you can't ping it there may be some network cable
/hub/switch problem and you have to try and eliminate the faulty component .
B.) Network Response
$ netstat -i
Name Mtu Net/Dest Address pkts errs Opkts Oerrs Collis Queue
lo0 8232 loopback localhost 77814 0 77814 0 0 0
hme0 1500 server1 server1 10658566 3 4832511 0 279257 0
This option is used to diagnose the network problems when the connectivity is there but it is
slow in response .
Values to look at:
* Collisions (Collis)
* Output packets (Opkts)
* nput errors (errs)
* nput packets (pkts)
The above values will give information to workout
i. Network collision rate as follows :
Network collision rate = Output collision counts / Output packets
Network-wide collision rate greater than 10 percent will indicate
* Overloaded network,
* Poorly configured network,
* Hardware problems.
ii. nput packet error rate as follows :
nput Packet Error Rate = errs / pkts.
f the input error rate is high (over 0.25 percent), the host is dropping packets. Hub/switch cables
etc needs to be checked for potential problems.
C. Network socket & TCP Cconnection state
Netstat gives important information about network socket and tcp state . This is very useful in
finding out the open , closed and waiting network tcp connection .
Network states returned by netstat are following :
CLOSED ---- Closed. The socket is not being used.
LSTEN ---- Listening for incoming connections.
SYN_SENT ---- Actively trying to establish connection.
SYN_RECEVED ---- nitial synchronization of the connection under way.
ESTABLSHED ---- Connection has been established.
CLOSE_WAT ---- Remote shut down; waiting for the socket to close.
FN_WAT_1 ---- Socket closed; shutting down connection.
CLOSNG ---- Closed, then remote shutdown; awaiting acknowledgement.
LAST_ACK ---- Remote shut down, then closed ;awaiting acknowledgement.
FN_WAT_2 ---- Socket closed; waiting for shutdown from remote.
TME_WAT ---- Wait after close for remote shutdown retransmission.

#netstat -a
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
*.* *.* 0 0 24576 0 DLE
*.22 *.* 0 0 24576 0 LSTEN
*.22 *.* 0 0 24576 0 LSTEN
*.* *.* 0 0 24576 0 DLE
*.32771 *.* 0 0 24576 0 LSTEN
*.4045 *.* 0 0 24576 0 LSTEN
*.25 *.* 0 0 24576 0 LSTEN
*.5987 *.* 0 0 24576 0 LSTEN
*.898 *.* 0 0 24576 0 LSTEN
*.32772 *.* 0 0 24576 0 LSTEN
*.32775 *.* 0 0 24576 0 LSTEN
*.32776 *.* 0 0 24576 0 LSTEN
*.* *.* 0 0 24576 0 DLE 41992 0 24616 0 ESTABLSHED 38912 0 24616 0
ESTABLSHED 18048 0 24616 0
if you see a lots of connections in FN_WAT state tcp/ip parameters have to be tuned
because the
connections are not being closed and they gets accumulating . After some time system may run
out of
resource . TCP parameter can be tuned to define a time out so that connections can be released
used by new connection.
4. Next Steps :
This article tried to cover the performance tuning aspects in unix .There are not many books
available in this subject but have found some good books which will prove to be helpful in
performance management . These books are available for online buying and you should
relevant books from this selection in your personal or official book collection.
Following are the list of books recommended for performance tuning in unix , solaris , HPUX,
AX ,Linux ,oracle & SAP .
(Ans):Hi,sar = system activity reportervmstat = virtual memory stat counetriostat = input/output
stat counternetstat = network stat counter Sar is basically used for getting the performance stats
of a system over a period of time , this gives us a awful amount of data , but once mastered is
very good vmstat can be used to gather stats on the cpu , memory like paging , the processes etc
iostat is for the stats on disk activity and also nfs mounts netstat is for network stats
* ifconfig: configures or displays network interface parameters
To show information about all interfaces, enter:
$ ifconfig -a
To query the status of serial line interface sl0, enter:
$ ifconfig sl0
* nslookup: queries nternet name servers interactively
To find the dotted decimal P address of host name
$ nslookup
To find the hostname of the dotted decimal P address
$ nslookup
* ping: Sends CMP ECHO_REQUEST packets to network hosts
To determine the status of host
$ ping
To also have a record of the route to
$ ping -R
* traceroute: Print the route that packets take to the network host
To find the route to host, enter:
$ traceroute
* arp:Displays and controls Address Resolution Protocol (ARP) tables
To display all current ARP entries:

$ arp -a

* ps: displays current process status
To list all your processes, enter:
To list all processes, enter:
ps aux

On Solaris, try /usr/ucb/ps uax. Similarly on Linux, use ps uax. This command gives you the
percentage CPU and Memory used.
root 16755 0.1 1.0 1448 1208 pts/0 O 17:33:35 0:00 /usr/ucb/ps uax
root 3 0.1 0.0 0 0 ? S May 24 6:19 fsflush
root 1 0.1 0.6 2232 680 ? S May 24 3:10 /etc/init -
root 167 0.1 1.3 3288 1536 ? S May 24 1:04 /usr/sbin/syslogd
root 0 0.0 0.0 0 0 ? T May 24 0:16 sched
root 2 0.0 0.0 0 0 ? S May 24 0:00 pageout
gdm 14485 0.0 0.9 1424 1088 pts/0 S 16:17:57 0:00 -csh
* uname: displays information about the operating system
uname [-amnrsv]
-a Displays all information specified with the -m, -n, -r, -s, and -v
-m Displays the type of hardware running the system.
-n Displays the name of the node (this may be a name that the system is
known by to a communications network).
-r Displays the release number of the operating system.
-s Displays the name of the implementation of the operating system. (This
option is on by default.)
-v Displays the operating system version.
(5) What is common command to check the current running processes for all Unix flavors?
17 Performance Tuning
The basic monitoring commands such as pstree and ps -auxw and top will inform you of the
processes running on your system. Sometimes a process must be terminated. To terminate a
1. dentify the process:
* pstree -p
* ps -auxw
* top
2. Kill the process:
* kill <process-id-number>
* killall <command-name>
This will perform an orderly shutdown of the process. f it hangs give a stronger signal with: kill -9
<process-id-number>. This method is not as sanitary and thus less preferred.
18 Samba
19 Security & Firewall iptables
(1) Where did you find complete information of ports?
(Ans): cat /etc/services
(2) What is firewall and how firewall works?
(Ans):Firewall : As the term conveys, a firewall is an extra layer of security built into computers on
a network, which restricts access to systems from the outside world. Firewalls protect against
hackers and malicious intruders.
(b): How does a firewall work?
(Ans): There are two access denial methodologies used by firewalls. A firewall may allow all traffic
through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria
(see figure 3). The type of criteria used to determine whether traffic should be allowed through
varies from one type of firewall to another. Firewalls may be concerned with the type of traffic, or
with source or destination addresses and ports. They may also use complex rule bases that
analyse the application data to determine if the traffic should be allowed through. How a firewall
determines what traffic to let through depends on which network layer it operates at. A discussion
on network layers and architecture follows.

(3) How did you configure firewall?
(4) Define ptables?
(Ans): n computer networking, computers communicate by transmitting and receiving digital data
packets. The ability to redirect, modify or stop these data packets based on where they come
from (the source), or where they are going to (the destination) or on other criteria - including the
actual data contained in the data packet (the payload) - is very useful. ...
(4) How did you block an ip by using ptables?
(Ans): 1. Login to your server via SSH and su - to root (do not forget the - after su).
2. After logging in as root, you may want to look at what's already loaded, if anything. To look at
the tables that are currently in effect:
(Note: You might need to add "| less" to the end of your iptables -L commands if you have a lot of
iptables rules. This will let you view the rules one page at a time. You can use "q" to quit.)
# iptables -L -n
3. To successfully block an P address, the syntax would be:
# iptables - NPUT -s P_ADDRESS_HERE -j DROP
# iptables - NPUT -s -j DROP
4. To verify that your entry was successful:
(Note: You might need to add "| less" to the end of your iptables -L commands if you have a lot of
iptables rules. This will let you view the rules one page at a time. You can use "q" to quit.)
(as root still)
# /sbin/iptables -L -n
5. f you want to flush your Ptables:
# /sbin/iptables -F
You can find other options to choose from with the following command:
# /sbin/iptables --help
What kind of firewall you are using how to install it?
How to send the mail through telnet?
[susheel@rsanet ~]$ telnet localhost 25
Connected to localhost.localdomain (
Escape character is '^]'.
220 ESMTP Sendmail 8.13.1/8.13.1; Tue, 27 Feb 2007 02:59:28 +0530
250 Hello [], pleased to meet you
250 2.1.0 Sender ok
250 2.1.5 Recipient ok
354 Enter mail, end with "." on a line by itself
Subject : Hi
Hi this is susheel
250 2.0.0 l1QLTSHe006041 Message accepted for delivery
telnet> q
Connection closed.
1. Explain the process by which we can send email through telnet?
The first thing to do is to open a connection from your computer to your mail server. telnet
mail.domain.ext 25 You should receive a reply like: Trying ???.???.???.???... Connected to
mail.domain.ext. Escape character is '^]'. 220 mail.domain.ext ESMTP Sendmail ?version-
number?; ?date+time+gmtoffset?
You will then need to delcare where you are sending the email from:
HELO\~\~\~ - dont worry too much about your local domain name
although you really should use your exact fully qualified domain name as seen by the outside
world the mail server has no choice but to take your word for it as of RFC822-RFC1123. This
should give you: 250 mail.domain.ext Hello [], pleased to meet
Now give your email address: MAL FROM: mail@domain.ext Should yeild: 250 2.1.0
mail@domain.ext ... Sender ok
Now give the recipients address: RCPT TO: mail@otherdomain.ext Should yeild: 250 2.1.0
mail@otherdomain.ext ... Recipient ok
To start composing the message issue the command DATA
f you want a subject for your email type Subject:-type subject here- then press enter twice
(these are needed to conform to RFC 882)
You may now proceed to type the body of your message (e.g. hello mail@otherdomain.ext
from mail@domain.ext )
To tell the mail server that you have completed the message enter a single "." on a line on it's
own. The mail server should reply with: 250 2.0.0 ???????? Message accepted for delivery
You can close the connection by issuing the QUT command. The mailserver should reply
with something like:221 2.0.0 mail.domain.ext closing connection Connection closed by
foreign host.
Here are a list of problems 've encountered and their fixes 501 ... Sender domain must exist The domain that you are sending
from must exist
503 Need MAL before RCPT A recipient has been specified before a sender.
550 mail@domain.ext ... Relaying Denied The mail server has refused to relay mail for you,
this may be for any number of reasons but typical resons include: Not using this provider for
an internet connection and/or Not using an email address provided by the owner of the
Some things to watch out for: 1. f you type too quickly, sometimes it won't recognise your text
(weird!) 2. The backspace key sometimes does not work with some telnet clients (even
though it may seem as though it does)
\ul 2. What port sendmail uses and what is the default configurational file of sendmail?The
main configuration file for sendmail is the /etc/mail/ file and port is Port=587 #
m4 /etc/mail/ > /etc/mail/ -r-xr-sr-x root smmsp /usr/sbin/sendmail
drwxrwx--- smmsp smmsp /var/spool/clientmqueue drwx------ root wheel /var/spool/mqueue
-r--r--r-- root wheel /etc/mail/ -r--r--r-- root wheel /etc/mail/
2) What is mta,mua,mda,mx?
MTA : A mail transfer agent or MTA (also called a mail server, or a mail exchange server in
the context of the Domain Name System) is a computer program or software agent which
transfers electronic mail messages from one computer to another. The MTA works behind the
scenes, while the user usually interacts with another program, the mail user agent (MUA),
which contacts an MTA for actual delivery of the mail.The MTA is commonly referred to as the
mail server program sendmail and Exchange Sever are two examples of MTAs.

MDA : Mail Delivery Agent. A mail component which accepts mail from and MTA and delivers
it to mailstore.
MUA : An email client (or mail user agent [MUA) is a computer program that is used to read
and send e-mail. Protocols supported by email clients include POP3 and MAP. MAP and the
updated MAP4 are optimized for storage of e-mail on the server, while the POP3 protocol
generally assumes that the e-mail is downloaded to the client. The SMTP protocol is used by
most email clients to send e-mail MX : An MX record or Mail exchange record is a type of
resource record in the Domain Name System specifying how nternet e-mail should be
3) What is masquerading in email?
(ANS )Masquerading is a feature which rewrites the hostname in the address of outbound
mails. This feature is usually applied to route the inbound mail from a network through a
centralized mail hub. This feature is also applied to hide the actual hostname in order to
manage mails to avoid using a busy hostname.
To enable this, add the following lines to the /etc/mail/ file:
MASQUERADE_AS( )dnl FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl MASQUERADE_DOMAN( )dnl
Update the Sendmail configuration files using the m4 macro processor to generate a new file by executing the following command:
# m4 /etc/mail/ > /etc/mail/
To get the Sendmail macro file, the sendmail-cf package must be installed on the system.
After creating a new /etc/mail/ file, restart Sendmail for the changes to take effect.
To do this, use the following command:
# service sendmail restart
4. How you will check the sendmail is running in the server or not?
(Ans) netstat -na |grep ":25 "
5. What is the work of m4 in sendmail?
(Ans) The m4 macro processor program generates the file when it processes
the macro configuration file provided by the local system administrator.
6. What is procmail and what work it is doing. Also explain what is pop,imap protocal, what is
(Ans) Procmail is a mail processor. t\~ can sort thousands of e-mails per day for you. t works
using a user-defined set of recipes that can do almost anything from sorting mail into folders
to automatically deleting mail.
POP stands for Post Office Protocol. POP allows your computer to talk to the email server
and then download all of the messages each time you connect.
MAP stands for nternet Message Access Protocol. t is a method of accessing electronic
mail or bulletin board messages that are kept on a (possibly shared) mail server. n other
words, it permits a "client" email program to access remote message stores as if they were
local. For example, email stored on an MAP server can be manipulated from a desktop
computer at home, a workstation at the office, and a notebook computer while traveling,
without the need to transfer messages or files back and forth between these computers.
The terms Web-based email (or Web-based e-mail ) and Webmail refer to the
implementation of an e-mail client as a Web application that allows users to access their
e-mail through a Web browser , as an alternative to using a desktop -based client such as
Microsoft Outlook , Mozilla Thunderbird or Eudora . (Note that the term "Web", short for "
World Wide Web ", as well as its derivatives , may also be written in lowercase .) A webmail
client is usually offered by an email service to allow its users to access their mail stored on
the service's server, but there are exceptions.
7) How to comment a line in sendmail configuration file?
(Ans) using the dnl the start of line you can comment
8) Why we are comenting the loop back address in sendmail configuration
n order to allow mail relaying for external hosts you have to comment the line as below
Dnl DAEMON_OPTONS(\lquote Port=smtp,Addr=,Name=MTA\rquote )
Save the configuration file by the line below
M4 /etc/mail/ > /etc/mail/
Service sendmail restart
9) What is SSL and what port it is using?
Ans ) SSL secure socket layer and works on port 443
SSL is used to process the transactions securely on web so that other people cannot
intercept and read. t is combination of programs and encryption/decryption routines that
exist between web server and browser.
10) Difference between ssh and rsh ,rcp and scp
(Ans) Ssh is secured shell which is used in heterogenous environments but rsh is used only
in unix. n ssh passwords are sent in encrypted but in rsh it is plain text. n ssh we used to
connect to remote sytems but using rsh we can execute commands on remote system.
You cannot open vi editor,change or create passwords using the rsh but whereas we can do
using SSH. RSH require trusted relation but ssh does not require.
SCP is secured copy and data is send in encrypted format but using RCP the data transfer
is plain text. SCP is heterogenous but rcp is homogenous used for unix to unix
RCP require trusted relation but SCP does not. n scp we require password of remote
11) What is the port of TELNET and what is main use of it?
(Ans) Telnet port is 23. Telnet is a TCP/P protocol which is used to connect to remote
12) What is NAT and PAT? What is P masquerading?
NAT is Network Address Translation. PAT is Port Address Translation.
(Network Address Translation) An ETF standard that allows an organization to present itself
to the nternet with far fewer P addresses than there are nodes on its internal network. The
NAT technology, which is implemented in a router, firewall or PC, converts private P
addresses (such as in the range) of the machine on the internal private network
to one or more public P addresses for the nternet. t changes the packet headers to the new
address and keeps track of them via internal tables that it builds. When packets come back
from the nternet, NAT uses the tables to perform the reverse conversion to the P address of
the client machine
PAT (Port Address Translation) functions in a similar way to NAT, but it deals with
communication ports used by the computers in the network. PAT technology translates the
TCP or UDP between host and port on an outside network. Practically, the TCP/P port of a
computer behind the router is changed to another one known only inside the network. Also
known as NAT Overload (or simply overloading ), PAT technology allows the NAT-enabled
router to permit access of the computers in the network to the nternet through the public P
given by the SP. When communication to the outside network from a non-routable P
(private) is attempted, the router will automatically record the P address and the port number
to the address translation table.
P-Masquerading provides the possibility to connect several computers to the nternet using a
computer running Linux with just one public P address. This means you can connect a whole
private network to the nternet, and your nternet Service provider thinks you are still
connecting just one single computer.
11908\tx12824\tx13740\tx14656\cf2\f1\fs20 echo "1" > /proc/sys/net/ipv4/ip_forward\cf0
13) What is PAM?

(Ans) : Pluggable Authentication Modules. A suite of shared libraries that determine how a
user will be authenticated. For example, conventionally UNX users authenticate themselves
by supplying a password at the password prompt after they have typed their name at the
login prompt. n many circumstances, such as internal access to workstations, this simple
form of authentication is considered sufficient. n other cases, more information is warranted.
f a user wants to log in to an internal system from an external source, like the nternet, more
or alternative information may be required - perhaps a one-time password. PAM provides this
type of capability and much more. Most important, PAM modules allow you to configure your
environment with the necessary level of security.
14) What is squid server, what configurational files it is using, what ports it is using

(Ans) Port number of squid is 3128 using the line http_port 3128
Squid is an application that caches HTTP requests, subsequently serving the same request
more quickly. When requests are served from the cache, the webserver does not have to
expend resources to regenerate pages, transfer images, and so on. Squid stores XHTML
pages, images, CSS files, JavaScript and other data transmitted over HTTP via the proxy as
long as the data is configured as cacheable by the application (Publish in this case). With
Publish you can cache the following: Complete pages by using the header override features
(available in Publish 3.8 and greater) Static files such as CSS and JavaScript

Database content such as images, media and binary files
15) What is traceroute and which protocal is using in traceroute?
Ans) Traceroute is the program that shows you the route over the network between two
systems, listing all the intermediate routers a connection must pass through to get to its
destination. t can help you determine why your connections to a given server might be poor,
and can often help you figure out where exactly the problem is. t also shows you how
systems are connected to each other, letting you see how your SP connects to the nternet
as well as how the target system is connected.
The protocol used in traceroute is CMP.
16) Diff. between rpc and lpc request?
Ans) Binding using Local Procedure Call typically binds procedure calls to procedure
implementations AT COMPLE TME. Sometimes LPC does this at runtime; examples include
Java classes and Microsoft dynamic linked libraries. n all cases, however, its a question of
connecting a procedure call to a particular piece of code that implements the called
procedure. RPC is different because we not only bind the call to a particular piece of code,
but also to a particular instance of a SERVER to run the code; that is the SERVER is a
active/dynamic thing its not just a static thing like code.
17) Binding using Remote Procedure Call
(Ans) Binds a client's RPC call to a particular server that will handle that call. Requires a
name for the server (i.e., a ComHandle) and a name for the exported module and procedure
(typically hidden by client stub).
18) Diff between ftp and samba?
Ans ) Directory sharing is not available in FTP but samba support. Printer/resouce sharing is
available in samba but not in FTP. No Anonymous login in samba where FTp supports
Anonymous login. No Data duplication in samba but data is duplicated in FTP.
19) What is testperm in samba?

testparm - check an smb.conf configuration file for internal correctness
testparm [ [ -h] [ -L servername] [ configfilename] [ hostname hostP]
testparm is a very simple test program to check an configuration file for internal
correctness. f this program reports no problems, you can use the configuration file with
confidence that smbd will successfully load the configuration file.
Note that this is a guarantee that the services specified in the configuration file will be
available or will operate as expected.
f the optional host name and host P address are specified on the command line, this test
program will run through the service entries reporting whether the specified host has access
to each service.
f testparm finds an error in the smb.conf file it returns an exit code of 1 to the calling
program, else it returns an exit code of 0. This allows shell scripts to test the output from
testparm .
Without this option, testparm will prompt for a carriage return after printing the service names
and before dumping the service definitions.
-h Print usage message
-L servername
Sets the value of the -L macro to servername. This is useful for testing include files specified
with the -L macro. Configfilename This is the name of the configuration file to check. f this
parameter is not present then the default smb.conf file will be checked. hostname
f this parameter and the following are specified, then testparm will examine the "hosts allow
and "hosts deny" parameters in the smb.conf file to determine if the hostname with this P
address would be allowed access to the smbd server. f this parameter is supplied, the
hostP parameter must also be supplied hostP
This is the P address of the host specified in the previous parameter. This address must be
supplied if the hostname parameter is supplied.
20) What filesystem we are using in samba to mount a share?
21 ) What is the port of portmap?

Ans ) 111
22) What is the use of 53 and 953 port in dns?
Ans ) : port 53 is for named and port 953 is for rndc.
First off, the actual software that runs the DNS service on most systems is called bind. The
main component in this software is a daemon called named (prounounced "name-dee"). This
daemon "listens" on TCP port 53 and UDP port 53 for queries from DNS clients or other
servers.The utility, or the Remote Name Daemon Control program, provides some control
over the nameserver. t doesn't work out of the box. As a security measure, it requires setting
up before named will allow itself to be controlled. That's what we'll look at now.
This tool does pretty much the same as does in Bind 8. Here are its main features:
Reload a zone
Stop the server
View the server's status
Turn on (or off) log querying
Dump the server's cache to a file
Flush the server's cache
Change debugging levels
n order for this to work, the rndc and named configuration files,rndc.conf and named.conf
respectively, must be in agreement. We can use the rndc-confgen tool to generate an
appropriate configuration:
# rndc-confgen | tee /etc/rndc.conf\cell\row
Refer to
rndc.html for more info
23 ) What is nslookup and how this command is diff. from dig
Ans ) Nslookup is a program to query nternet domain name servers. Nslookup has two
modes: interactive and non-interactive. nteractive mode allows the user to query name
servers for information about various hosts and domains or to print a list of hosts in a domain.
Non-interactive mode is used to print just the name and requested information for a host or
main. simple dig provides a lot more information, by default at least, than does nslookup. t
begins with information about the name server and resolver flags used. (The flags are
documented in the manpage for bind resolver .) Next come the header fields and flags
followed by the query being answered. These are followed by the answer, authority records,
and additional records. The format is the domain name, TTL field, type code for the record,
and the data field. Finally, summary information about the exchange is included.
24) What is diff between 20 and 21 port in ftp?
Ans ) File Transfer Protocol (FTP) is used as one of the most common means of copying files
between servers over the nternet
FTP relies on a pair of TCP ports to get the job done. t operates in two connection channels
as 'll explain:
FTP Control Channel, TCP Port 21: All commands you send and the ftp server's responses to
those commands will go over the control connection, but any data sent back (such as "ls"
directory lists or actual file data in either direction) will go over the data connection.
FTP Data Channel, TCP Port 20: This port is used for all subsequent data transfers between
the client and server.
From a networking perspective, the two main types of FTP are active and passive. n active
FTP, the FTP server initiates a data transfer connection back to the client. For passive FTP,
the connection is initiated from the FTP client.
Windows defaults to active FTP, and Linux defaults to passive
25) What is the diff between iptable and ipchain?
Ans : iptable : n computer networking, computers communicate by transmitting and receiving
digital data packets. The ability to redirect, modify or stop these data packets based on where
they come from (the source), or where they are going to (the destination) or on other criteria -
including the actual data contained in the data packet (the payload) - is very useful
pchain :
26) What is raid and lvm?
RAD - \i redundant array of inexpensive disks
LVM - Logical volume management
Uses of LVM
LVM allows you to manage large amounts of data efficiently
Eases the administration of environments where the reallocation of resources is a necessity
A RAD device is a physical grouping of disk devices in order to create a logical presentation
of one device to an OS for redundancy or performance or a combination of the two. LVM is a
logical layer that that can be manipulated in order to create and, or expand a logical
presentation of a disk device to an OS.
RAD (redundant array of independent disks; originally \i redundant array of inexpensive
disks\i0 ) is a way of storing the same data in different places (thus, redundantly) on multiple
hard disk s. By placing data on multiple disks, /O (input/output) operations can overlap in a
balanced way, improving performance. Since multiple disks increases the mean time between
failures ( MTBF ), storing data redundantly also increases fault tolerance .
For raid refer,,sid5_gci214332,00.html
For LVM refer
(27) What is the fields in cron?
A CRON script is a list of one or more command s to a computer operating system or
application server that are to be executed at a specified time. Each command is executed
when its triggering time arrives. n Unix -based operating system s, the crontab command
is a user interface command that creates or changes a file (called a \i crontab file\i0 ). This file
contains a list of UNX shell commands, each with a specified time of execution.
\sb100\sa100\fs36 cron\fs24 is a unix, solaris utility that allows tasks to be automatically run
in the background at regular intervals by the cron daemon. These tasks are often termed as
cron jobs in unix , solaris. Crontab (CRON TABle) is a file which contains the schedule of
cron entries to be run and at specified times.
Each cron command has 5 time and date fields, followed by a user name, and if this is the
system crontab file, it will be followed by a command. Commands are executed when the
time specified by the time/date fields matches the current time.
field allowed values
----- --------------
minute 0-59
hour 0-23
day of month 0-31
month 0-12 (or names, see below)
day of week 0-7 (0 or 7 is Sun, or use names)
A field may be an asterisk (*), which always stands for ``first to
last''. So used in the hour field, it means 'every hour from 00:00 to
Example Crontab:
# r----minute
# | r-----hour
# | | r------day of the month
# | | | r------month
# | | | | r------day of the week
# | | | | | |------ command to run ------------->
# | | | | | |
5 0 * * * $HOME/bin/daily.job >> $HOME/tmp/out 2>?
Refer the link below
By default cron jobs sends a email to the user account executing the cronjob. f this is not
needed put the following command At the end of the cron job line . >/dev/null 2>&1
28) What is the group d of sysadmin in sloaris?
Ans ) To perform administrative tasks such as adding user accounts, the administrator must
be logged in as superuser or be a member of GD 14 (sysadmin).
29) What is the difference between unix and linux?
Ans ) A widely used Open Source Unix-like operating system. Linux was first released by its
inventor Linus Torvalds in 1991.
Linux is a kernal, unix is a type of OS. Unix is a registered name so Linux cannot be
described as a Unix OS however you will here linux described as a Unix like system. One
thing to bear in mind is that Linux is NOT an OS it is just the kernal the GNU (recursive
acronym for GNU's Not Unix) is what people often confuse as being 'Linux' this is however
the command line and tools that interact with the Linux Kernal.
Also, an interesting point to add. Unlike Unix, Linux isnt made by any company or single
group of people. Linus started the Linux Kernel, and ultimatly has the end say in what
happens to Linux, however it is programmed by a global network of people who simply code
for the fun of it.
Unix requires high hardware configuration i.e it works in mainframe computers but can't work
in x86 based personal computer. Whereas Linux (which is built on the concept of Unix) has
low hardware requirement i.e it works in mainframe as well as x86 based personal computer.
Unix: An Operating System developed in olden days in which kernel interacts directly with the
hardware.kernal is consider to be heart of this os. n this Operating system everything is
considered as a file, provides greater security. Ex: posix Linux: Linux is an Operating system
which use unix as its base and gives further more facilities and applications. Merely speeking
GU is made in linux having unix as its core. Ex: Redhat, Fedora, Susee, Mandrake. Solaris
OS also using the same unix kernal all the unix commands will work on solaris and have 500
more solaris specific commands. Differnent organizations used the UNX kernal and added
their own essence to form their own version of linux. Both UNX and LNUX are Open source.
Unix is the foundation for a number of operating systems, Linux is one of them, and probably
the most popular. Novell and Free BSD are 2 other commonly used Unix varients.
UNX is an operating system created in the early days of computers. More recently, Linux
was created as an open-source, freeware operating system. t is "UNX-LKE", meaning that it
uses many UNX constructs but also departs from traditional UNX in many ways. Like UNX,
Linux is faster than many of the other commercially available operating systems. t appears to
also be far more robust than any of the Microsoft products. Linux is being used in many time
critical applications because of it's speed. t is also used in many applications that need to
maintain uptime because Linux, like UNX, can run for months at a time without rebooting.
While the typical method of solving Microsoft problems is to "reboot", that particular
requirement does not seem to be appropriate in a Linux/Unix environment. While UNX has
created a windows-like work environment, Linux has improved greatly on that concept. Linux
has become a real player in the consumer operating system market... and it's free. While you
may want to pay for a Linux distribution, the actual code is free and you are allowed to load it
on as many machines as you want. You can get Linux for free if you wish to load it across the
30 ) Explain the use of tip?
Ans tip - connect to remote system
tip [ -v ] [ -speed-entry ] hostname\i0 |phone number | device}
refer to link for more info
*) What is DOS & DDOS attack and dictionary attack?
\sb100\sa100 A denial-of-service attack (also, DoS attack) is an attack on a computer system
or network that causes a loss of service to users, typically the loss of network connectivity
and services by consuming the bandwidth of the victim network or overloading the
computational resources of the victim system.
DDOS : A type of denial of service attack in which an attacker uses malicious code installed
on various computers to attack a single target. An attacker may use this method to have a
greater effect on the target than is possible with a single attacking machine.
Dictonary Attack : A brute force attack that uses common words as possible passwords or
decryption keys and may provide a more efficient way of discovering the user's code.
Sophisticated dictionary attacks sort words by frequency of use and start with the most likely
possibilities; for example, names of people, sports teams, pets and cars. For greater security,
users should not use passwords that could be found in an ordinary dictionary. While a
dictionary attack can be done by a person manually, it is mostly done via software and a
database that contains millions of words.
Brute force : The systematic, exhaustive testing of all possible methods that can be used to
break a security system. For example, in cryptanalysis, trying all possible keys in the
keyspace to decrypt a ciphertext
31)What is diff. between NS and NFS?
32 ) Difference between NFS and FTP?
Ans ) FTP : Short for File Transfer Protocol, the protocol used on the nternet
for exchanging files. FTP works in the same way as HTTP for
transferring Web pages from a server to a user's browser and SMTP for
transferring electronic mail across the nternet in that, like these
technologies, FTP uses the nternet's TCP/P protocols to enable data
FTP is most commonly used to download a file from a server using the
nternet or to upload a file to a server
NFS : ( Network File System) The file sharing protocol in a Unix network. This de facto Unix
standard, which is widely known as a "distributed file system," was developed by Sun

Abbreviation of Network File System, a client/server application
designed by Sun Microsystems that allows all network users to access
shared files stored on computers of different types. NFS provides
access to shared files through an interface called the Virtual File
System (VFS) that runs on top of TCP/P. Users can manipulate shared
files as if they were stored locally on the user's own hard disk.
With NFS, computers connected to a network operate as clients while
accessing remote files, and as servers while providing remote users
access to local shared files. The NFS standards are publicly available
and widely used.
33) Difference's between SAMBA , NFS and FTP
File Sharing YES YES YES
Dirctory Sharing YES YES NO
Resource Sharing YES YES NO
Print Sharing YES NO NO
User Authentication YES No YES
Anonymous Logins NO NO YES
Data Redundancy NO NO YES
Data consistancy NO NO YES
Name Resolution YES NO NO
34 ) Difference between tcp/ip and osi
The SO/OS protocol is a 7 layer reference model that was designed after TCP/P model,
which only has 4 layers. That said, the differences between the two are only minor.
The 7 layers of the OS Protocol Stack are as follows:
7. Application: end user services such as email
6. Presentation: data problems and data compression
5. Session: authentication and authorization
4. Transport: guarantee end-to-end delivery of packets
3. Network: packet routing
2. Data Link: transmit and receive packets
1. Physical: The physical connection or cable itself.
Of these 7 layers, the 4 layers the TCP/P Protocol Stack use are as follows:
5. Application: authentication, compression, and end user services 4. Transport: handles the
flow of data between systems and provides access to the network for applications via the
BSD socket library 3. Network: packet routing 2. Link: Kernel OS/device driver interface to the
network interface on the computer.
The main differences between OS and TCP/P are:
The application layer in TCP/P handles the responsibilities of layers 5,6, and 7 in the OS
model. The transport layer in TCP/P does not always guarantee reliable delivery of packets
as the transport layer in the OS model does So as you can see there is not too much
difference between the models. n terms of software implementation TCP/P looks like this:
Application Layer: some of the applications covered are SMTP (mail), Telnet, FTP, Rlogin,
NFS, NS, and LPD. Transport Layer: the transport uses two protocols, UDP (User Datagram
Protocol) and TCP, which does not guarantee packet delivery and applications which use this
must provide their own means of verifying delivery. TCP guarantees delivery of packets to the
applications that use it Network Layer: the network layer is concerned with packet routing and
used low level protocols such as CMP, P, and GMP. Link Layer: the link layer is concerned
with the actual transmittal of packets as well as P to Ethernet address translation. This layer
is concerned with Arp, the device driver and