Mastering Linux: 20 Scenario-based Interview Questions for Beginners and Experienced Users

In the dynamic world of Linux, being proficient in troubleshooting and problem-solving is essential. Scenario-based interview questions are designed to assess a candidate’s ability to apply theoretical knowledge to real-world situations. Whether you’re a beginner or an experienced Linux user, these questions will challenge your critical thinking and problem-solving skills, providing valuable insights into your readiness for the role.

1. You are unable to SSH into a node. What could be the problem, and how would you troubleshoot it?

• Check the network connectivity between the client and the server using tools like ping and traceroute.
• Examine the SSH log files (e.g., /var/log/secure, /var/log/sshd, /var/log/messages) for any error messages or clues about the issue.
• Verify that the SSH service is running on the server and that the firewall is not blocking the SSH port.
• Ensure that the user account you’re trying to log in with has the correct permissions and is not locked or disabled.
• If possible, try connecting from a different client machine to isolate the issue.

2. A Linux system fails to boot after a kernel upgrade. What steps would you take to resolve the issue?

• During boot, access the GRUB menu and attempt to boot the system using the previous kernel version.
• If successful, analyze the kernel upgrade logs for any errors or issues.
• Check the kernel version compatibility with the hardware and software components.
• Regenerate the initramfs or update any necessary drivers or modules.
• If the issue persists, consider booting into rescue mode or a live environment to further investigate and repair the system.

3. You have a file named “secret” that should only be accessible by the root user and another user “deepak”. How would you set the correct permissions?

• Use the setfacl command to set Access Control Lists (ACLs) on the file.
• Example: setfacl -m u:deepak:rwx secret (grants read, write, and execute permissions to the user “deepak” on the file “secret”).
• Verify the permissions using getfacl secret.

4. A script named “/tmp/deepak.sh” owned by the user “deepak” needs to be executed by another user “ankit”. How would you achieve this?

• Edit the sudoers file using visudo.
• Add the following line: ankit golinuxhub=(deepak) /tmp/deepak.sh
• This allows the user “ankit” to execute the script /tmp/deepak.sh with the user context of “deepak”.
• Run the script as: sudo -u deepak /tmp/deepak.sh

5. You want to ensure that a newly created user has the default shell set to “ksh” and the home directory set to “/export/home/<username>”. How would you achieve this?

• Modify the /etc/default/useradd file.
• Change the HOME and SHELL variables to the desired values:
  • HOME=/export/home
  • SHELL=/bin/ksh
• After making the changes, any new user created with useradd will have the specified default shell and home directory.

6. You want to automatically log out an idle user session, including the root session, after a certain period of inactivity for security reasons. How would you implement this?

• Set the TMOUT variable in the user’s profile (e.g., /etc/profile, /etc/bash.bashrc) or the root user’s profile.
• For example, TMOUT=1800 (logs out the user after 30 minutes of inactivity).
• Alternatively, you can use the IDLE_TIMEOUT parameter in the sudoers file to set a timeout for the root user’s sudo session.

7. You have set up password-less authentication between two Linux nodes, but you are still being prompted for a password when attempting SSH. What could be the issue, and how would you troubleshoot it?

• Verify that the public key copied to the target node’s authorized_keys file matches the key generated on the client.
• Check the permissions of the .ssh directory, the generated keys, and the authorized_keys file (they should not be world-readable, writable, or executable).
• Analyze the SSH log files (e.g., /var/log/sshd, /var/log/secure) for any error messages or clues about the issue.

8. Your Linux system experiences a sudden increase in CPU utilization. How would you identify the culprit process and resolve the issue?

• Use the top or htop command to monitor real-time system statistics and identify the processes consuming the most CPU resources.
• Analyze the specific process to understand its behavior and determine if it’s a legitimate process or a potential issue.
• Review log files for any related error messages or warnings.
• If the process is causing performance issues, you may need to terminate or restart it, or investigate further to identify and resolve the root cause.

9. You are experiencing intermittent SSH connection failures. What could be the cause, and how would you investigate the issue?

• Check the network connectivity between the client and the server using ping and traceroute.
• Monitor the server load using top or htop to ensure the server is not overloaded and refusing new connections.
• Review the SSH configuration file /etc/ssh/sshd_config for any incorrect settings that might be causing the issue.
• Analyze the SSH log files (e.g., /var/log/auth.log, /var/log/sshd) for specific error messages or clues.
• Try connecting from different client machines to isolate the issue.

10. The system clock on your Linux server is consistently incorrect, even though it is connected to an NTP server. What could be the cause, and how would you resolve the issue?

• Check the BIOS date and time settings on the Linux server and ensure they are correct.
• Use the ntpdate service to synchronize the system clock with the NTP server.
• Ensure that the hardware clock (hwclock) is properly synchronized with the system clock.
• Review the NTP server configuration and connectivity, and consider using a different NTP server if necessary.

11. You have a service that you want to run on a specific CPU core. How would you achieve this?

• Edit the service unit file (e.g., /etc/systemd/system/myservice.service).
• Add the CPUAffinity parameter under the [Service] section, specifying the CPU core you want to bind the service to.
• Example: CPUAffinity=3 (binds the service to CPU core 3).
• Reload the systemd daemon and restart the service for the changes to take effect.

12. You have a physical hardware with 10 CPU processors, but you only want to use 6 of them. How would you limit the number of visible CPU processors to your applications?

• Use the maxcpus or nr_cpus kernel parameter to limit the number of CPU processors visible to the kernel and applications.
• Edit the GRUB configuration file (e.g., /etc/default/grub on RHEL/CentOS, /etc/default/grub.d/* on Ubuntu/Debian) and add the parameter maxcpus=6 or nr_cpus=6.
• Regenerate the GRUB configuration file and reboot the system for the changes to take effect.

13. You have a script that continuously monitors logs, but your server doesn’t have enough space to store the logs. How would you save the logs without additional storage?

• Use the nc (netcat) command to transfer the logs in real-time to a different server on the network with more available storage space.
• On the receiving server, run: nc -l -p 55000 > /tmp/logs_from_server1.log
• On the sending server, run: ./log_monitor.sh > /dev/tcp/<receiving_server_ip>/55000
• This will stream the logs from the sending server to the receiving server, where they can be stored.

14. After a reboot, the system startup time in the boot logs (/var/log/messages) is different from the local time, even though the machine is connected to an NTP server. What could be the cause, and how would you resolve this issue?

• The issue is likely caused by an incorrect BIOS date and time setting on the Linux server.
• Access the BIOS settings and ensure the date and time are correctly set.
• Use the ntpdate service to synchronize the hardware clock (hwclock) with the system clock after booting.
• Ensure that the NTP service is configured to start automatically at boot and synchronize the system clock.

15. You are performing a hard disk replacement, but when you connect the new disk, you see strange partitions and RAID devices appearing. What could be the cause, and how would you resolve this issue?

• The issue is likely caused by the new disk having existing partition tables and data from a previous usage.
• Use the mdadm command to stop and remove any RAID devices associated with the new disk.
• Use the wipefs command to clear all existing partition tables and data from the new disk.
• Example: wipefs --all --force /dev/sda (replace /dev/sda with the appropriate disk device).
• After wiping the disk, you can create new partitions and file systems as needed.

16. When attempting to switch users using the su command, you receive an “Authentication failure” error, even though you are providing the correct password. What could be the cause, and how would you troubleshoot the issue?

• Check if the user account is locked due to failed login attempts using the faillock or pam_tally2 commands.
• If the account is locked, reset the failed login attempts using faillock --reset --user <username> or pam_tally2 --reset --user <username>.
• Review the authentication log files (e.g., /var/log/auth.log, /var/log/secure) for any clues or error messages related to the authentication failure.
• Verify that the user’s password is correctly stored in the /etc/shadow file.
• If none of the above steps resolve the issue, consider resetting the user’s password as a last resort.

17. The rsyslog service fails to start on your RHEL 7 system, and you cannot find any messages in /var/log/messages to debug the issue. Where should you look for system messages in this scenario?

• On RHEL 7, the journald service, which is part of systemd, is responsible for log management.
• Use the journalctl command to view the system log entries, including those related to the rsyslog service.
• Example: journalctl -u rsyslog (displays log entries specific to the rsyslog service).
• You can also use various filters and options with journalctl to narrow down the log entries and identify the issue.

18. A user reports slow file access on your Linux system. What tools and techniques would you use to identify the cause?

• Ask the user for specific details about the types of files affected and when the issue started.
• Use tools like iotop, vmstat, or iostat to monitor I/O activities and identify potential bottlenecks.
• Check disk usage using df and du to ensure the disk is not full.
• If the files are accessed over the network, use ping and traceroute to check for network latency issues.
• Review user permissions to ensure they have appropriate access to the files.
• Consult system log files for any related errors or warnings.
• Perform disk health checks to rule out hardware issues.

19. You need to diagnose and mitigate a security breach on your Linux server. What steps would you take?

• Isolate the affected system from the network to prevent the breach from spreading.
• Analyze log files using tools like fail2ban or aide to understand the nature and source of the breach.
• Identify compromised files and user accounts.
• Remove any malicious files and close any vulnerabilities by patching the system or updating software.
• Perform continuous monitoring to ensure the issue is fully resolved.
• In severe cases, consider rebuilding the system from scratch.

20. A user cannot access a specific website from their Linux machine. How would you troubleshoot this issue?

• Verify if the issue is limited to the specific website by trying to access other websites.
• Use the ping command to check network connectivity.
• Use the nslookup or dig commands to diagnose any DNS resolution issues.
• Inspect the local firewall rules and proxy settings.
• Examine browser-related issues by checking for error messages or trying a different browser.
• Review the /etc/hosts file to ensure the site is not inadvertently blocked.

Scenario-based interview questions are an excellent way to assess a candidate’s practical knowledge and problem-solving abilities in the Linux environment. By effectively answering these questions, you can demonstrate your expertise, critical thinking skills, and readiness to tackle real-world challenges in a Linux-based IT infrastructure.