Latest Linux System Calls Interview Preparation Guide

Download PDF

insmod: insmod is a tool used to attach a module to the
running linux kernel. This will take the kernel object(.ko)
and takes all executable code and data sections of the .ko
and attach it to the running linux kernel.

rmmod: used to remove or deattach a module code from the
running kernel

kernel 2.6 introduces a new file naming convention: kernel
modules now have a .ko extension (in place of the old .o
extension) which easily distinguishes them from conventional
object files. The reason for this is that they contain an
additional .modinfo section that where additional
information about the module is kept.
Linux program modpost can be used to convert .o files into
.ko files.

There are 2 situations when Linux can switch from user Space
to Kernel Space:-

1) by doing System calls
2) When interrupt comes (to handle interrupt)
3) by executing 128 (0x80 ) instruction or doing sysenter

Linux can switch from kernel Space to User space:-
1) process in kernel mode is preempted.
2) After completion of Interrupt handler / System call
3) performing sysexit sys call

Mainly hardware related information such as CPU
information, Memory (RAM) information stored under /proc
directory

example:
# cat /proc/cpuinfo (show the information of CPU of that
particular hardware)
# cat /proc/meminfo (show the information of Memory i.e.
RAM of that particular hardware)

It contains all the kernel modules that needed to be loaded
into kernel (booting etc). there will some .map, .dep
(dependency files) files present.

When the kernel needs a feature that is not resident in the
kernel, the kernel module daemon kmod[1] execs modprobe to
load the module in.

You can see what modules are already loaded into the kernel
by running lsmod, which gets its information by reading the
file /proc/modules

atomic variables are the variables which can only be
manipulated atomically using atomic APIs. Linux declares
variable as atomic by using the type atomic_t. Basically
used a way to achieve synchronization.

an atomic operation is one which cannot be (or is not)
interrupted by concurrent operations and cannot be broken up
into smaller parts that could be performed by different
processors.

Atomic function is a function which is executed to
completion without interruption. Atomic function can also be
seen as a small critical section which is executed without
interruption, locking.

umask value = 022
Without a umask in effect,any file created will have 666
permissions.

666
022
---------
644
---------
A umask of 022 will result in files created with 666 permission.

You need to install an SSL certificate in apahce to secure
the transactions.

Linux implements fork() via the clone() system call.
The clone() system call, in turn, calls do_fork().
The bulk of the work in forking is handled by do_fork(),
which is defined in kernel/fork.c.This function calls
copy_process() and then starts the process running.
If copy_process() returns successfully, the new child is
woken up and run. Deliberately, the kernel runs the child
process first.

When successful exec will not return, it will start
executing the new program
However if there is an- error exec returns -1 and sets the
errno to the appropriate value

mainly spinlock used in threads to avoid synchronization,where as semaphore and mutex used to avoid process synchronization.
1.spinlock is something like polling.it spins for resouce until aloocated resouce releases.
2.binary semaphore and mutex are similar.

#rpm -qpR filename.rpm

Lists the dependency list of packages.

ssh is secured shell, allows the user to login remotely with more secured.
whereas telnet also same but authentications like passwords, transfers over a network as text mode. so it is not good to use.

swap can be created in two ways after the installation,
1. fdisk command
2. create a swap file using dd command

after creating swap file or file system

#mkswap /dev/sda10
#swapon /dev/sda10
#swapon -s #To see the swap devices

by using dd command

#dd if=/dev/zero of=/swap bs=1024 count=1

Which will creates the file size 1024(1GB).

#mkswap /swap
#swapon /swap
#swapon -s #to see the swap devices

LVM is a mechanism use for providing specality of extending (or) reducing
the sizes of an existing partition.

resize2fs is only for ext2 filesystem but not ext3.
first unmount the partition
#umount /dev/sda1

#tune2fs -O ^has_journal /dev/sda1 #to remove journal from /dev/sda1

#e2fsck -f /dev/sda1

#resize2fs /dev/sda1 600M #resize the partition

ext3 is also same as the ext2, but journaling concept is introduced in ext3.
Compared to ext2, ext3 is slow. ext2 less secure compared to ext3. ext2 is less
Performance where as ext3 is very good performance.

by using pvremove command.

Don't know exactly, think of 2TB or 8TB

RAID 1 is disk striping. no mirroring no parity. Minimum 2 disks required. If any
One disk fails all the data get lost.
RAID 5 is disk striping with parity. Minimum 3 disks required. if anyone disk fails
Data is safe, if two fails data get lost.

A Server-- it is weather in testing or production-- are primary targets for
the attackers. By taking the proper steps, you can turn a vulnerable box into
a hardened server.
How to secure SSH sessions, configure firewall rules, minimize software, listed below,
1. Encrypt Data communication
-- use scp, ssh avoid FTP, Telnet and Rlogin /rsh
2. Minimize Software to minimize vulnerability
-- use RPM pkg management / YUM utility to remove unwanted packages installed
3. One Network Service per System or Vm Instance
-- Run different network services on separate servers or vm instance.
For example, if an attacker able to successfully exploit software called
Apache flow, he/she get an access to entire server including other services
such as MYSQL, email server and so on.
4. Keep linux software and Kernel up to date.
-- Use yum update or up2date
some distros apt-get update
5. Security essentials like selinux
6. password authentication like password aging, restricting to user previous
passphrases, and locking user accounts after login failures.
7. Disable unwanted services using chkconfig --list | grep "3:on"

.bash_history

Sendmail should be installed by default when you install Red
Hat Linux. If it is not then you need to install the
Sendmail RPM's with the Red Hat distribution.

Configuring Sendmail
--------------------

1) Edit file "/etc/mail/sendmail.mc" - Look for the line:

DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')

Change this line to:

dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')

Save the file.

2)Make the sendmail configuration file:

# m4 /etc/mail/sendmail.mc > /etc/sendmail.cf

3)Restart Sendmail:

# /etc/rc.d/init.d/sendmail restart

NIS is a service that provides any user on that network
with the same working environment irrespective of the
system on that network which has been used for login
purpose.
For example if NIS server is set up in a single system and
configured to hold user accounts and their passwords and
access information. Then any user on that network can login
to his/her account that is set up in the NIS server from
any system (with nis client running) on that configured
network. This gives a look and feel that the user is logged
into his/her own system. But actually its the account on
the NIS server that is mounted on the local sytem on user
login .

Samba provides file and print services to all manner of
SMB/CIFS clients, including the numerous versions of
Microsoft Windows operating systems. Samba configuration
file is smb.conf:

Sample smb.conf
---------------

[global]
# Domain name ..
workgroup = DOMAIN.NAME
# Server name - as seen by Windows PCs ..
netbios name = SERVER1
# Be a PDC ..
domain logons = Yes
domain master = Yes
# Be a WINS server ..
wins support = true

# allow user privileges
#enable privileges = yes

obey pam restrictions = Yes
dns proxy = No
os level = 35
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
pam password change = Yes

# Allows users on WinXP PCs to change their password
when they press Ctrl-Alt-Del
unix password sync = no
ldap passwd sync = yes

# Printing from PCs will go via CUPS ..
load printers = yes
printing = cups
printcap name = cups

# Use LDAP for Samba user accounts and groups ..
passdb backend = ldapsam:ldap://localhost

# This must match init.ldif ..
ldap suffix = dc=domain,dc=name
# The password for cn=admin MUST be stored in
/etc/samba/secrets.tdb
# This is done by running 'sudo smbpasswd -w'.
ldap admin dn = cn=admin,dc=domain,dc=name

# 4 OUs that Samba uses when creating user accounts,
computer accounts, etc.
# (Because we are using smbldap-tools, call them
'Users', 'Computers', etc.)
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap idmap suffix = ou=Idmap
# Samba and LDAP server are on the same server in
this example.
ldap ssl = no

# Scripts for Samba to use if it creates users,
groups, etc.
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script =
/usr/sbin/smbldap-groupmod -m '%u' '%g'
delete user from group script =
/usr/sbin/smbldap-groupmod -x '%u' '%g'
set primary group script = /usr/sbin/smbldap-usermod
-g '%g' '%u'

# Script that Samba users when a PC joins the domain ..
# (when changing 'Computer Properties' on the PC)

#add machine script = /usr/sbin/smbldap-useradd -w '%u'
add machine script = /usr/sbin/useradd -s /bin/false
-d /home/nobody %u


# Values used when a new user is created ..
# (Note: '%L' does not work properly with
smbldap-tools 0.9.4-1)
logon drive = H:
logon home = \\server\%U
logon path = \\server\Profiles\%U
logon script = logon.bat

# This is required for Windows XP client ..
server signing = auto
server schannel = Auto

[homes]
comment = Home Directories
path = /home/users/%U
valid users = %S
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
admin users = root
guest ok = Yes
browseable = No

[Profiles]
comment = Roaming Profile Share
# would probably change this to elsewhere in a
production system ..
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
browsable = No
hide files = /desktop.ini/ntuser.ini/NTUSER.*/

[printers]
comment = All Printers
path = /var/spool/samba
use client driver = Yes
create mask = 0600
guest ok = Yes
printable = Yes
browseable = No
public = yes
writable = yes
admin users = root
write list = root

[print$]
comment = Printer Drivers Share
path = /var/lib/samba/printers
write list = root
create mask = 0664
directory mask = 0775
admin users = root

Test it with :

# testparm /etc/samba/smb.conf

Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[Profiles]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions