gabriel rosenkoetter on 14 Feb 2004 18:07:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Interview Questions: System Admin


If you're really looking for someone who only knows Linux, or just
hiring a junior sysadmin (I'd call him an "operator"), then fine.

I don't think that the questions asked here (and, especially, the
answers) prove that a candidate has the generalized knowledge
necessary to be a senior sysadmin in the real world. That's not
just because you're not asking for all the ways to do things, it's
also because you're not asking some questions that really should
be asked.

Some of my additions below are corrections to what I think are
poorly worded questions. Others are additions or corrections to the
answers to bring them inline with what I would expect to hear from a
candidate applying for a position as a senior sysadmin.

(Unless I'm mistaken, you didn't write this list, right Mike? So, no
one needs to take the "you"s below personally.)

On Sat, Feb 14, 2004 at 11:09:12AM -0500, Mike Chirico wrote:
> 1.  You have 20 servers that need to be updated named
[...]
> Ans:

Yours is woefully unportable. For starters, you can't rely on bash.
Second, you can't rely on GNU-specific tools like seq.

> for i in `seq -w 20`

If you're using bash, why add an extra shell invocation here?

for i in {01..20} should get the same effect in recent versions of
bash2.

> 2.  How do you findout whether a command is an aliases, bash function,
> built-in like cd and type, or executable program?
> 
> Ans:
> 
> type -all yourcmd

This is, again, bash-specific. All common shells support the use of
which (either by builtin or, in some cases, by which(1)), which
will answer the same question.

> 3.  What is a zombie process and how do you find them?
[...]
> ps -aux, will show all processes. Look for "Z" in that stat and defunct
> under the command.

That answer's incomplete; that's relying on BSD ps(1) syntax. On
Solaris, at least, you can use /usr/ucb/ps (though it's quite slow),
but on a true SysV system, you'll need to know how to read ps -ef
output as well.

Also, BSD ps(1) syntax has long deprecated the use of the -.

> 4.  How do you find the version of Linux running and the version of gcc
> used?
> Ans:
> cat /proc/version

Why would you give a Linux-specific question, much less answer, on a
test for a Unix sysadmin? The POSIX way to get this information is
uname(1).

> 5.  How do you setup multiple IP address on one NIC (Network Interface
> Card)...assume ethernet.
> 
> Ans:
> Normally,    /etc/sysconfig/network-scripts/ifcfg-eth0  is the setup for the
> first card.  To add additional IP addresses, create another file
> "ifcfg-eth0:1" with the new IP address information in it.

That's disgustingly Linux-specific. BSD systems will use
/etc/ifconfig.<foo>

> 6. What is an inode?
> 
> Ans:
> The inode contains information about the file size, file location,
> ownership, etc. Plus, it contains a pointer to the first few blocks of data
> in the file.

That's true, but it neglects the FS-dependent implementation details
(sysadmins should be familiar at least with the file systems they
need to manage, and should have a basic understanding of what design
decisions are made when designing a FS) and neglects to ask the
important "and why do you care?" piece of the question.

> 7. What's the difference between a hard link and a soft link?

Why do people use the term "soft link"? The correct term is
"symbolic link".

> Ans:
[...]
> fileA and fileB have the same inode.  How do you know this?  Issue the stat
> command "stat fileA" and "stat fileB".

stat(1) isn't defined in POSIX, but ls's -i flag is.

> One important note about hard links.  Editors like emacs will create a new
> inode for a file. So if you edit the fileB above, you won't see the changes
> in fileA.  Instead, that inode becames the backup.

That's a pretty irrelevant note, I think, unless you're interested
in the internal functionings of Emacs. A salient point you neglect
to mention is what kind of links one can make across file system
boundaries.

> 8.  How do you create a file that even root can't remove?
> 
> Ans:
> You't can't really; but, the "chattr +i file" command can make a file
> immutable.  This file can't be removed until "chatt -i file" is performed.
> True, even root can't remove a file with the immutable attribute set.  But,
> root can unset this attribute, then, delete the file.

chattr(1) isn't just Linux-specific, it's ext{2,3}-specific. Some
other file systems provide other ways of doing this same thing.

The real answer to the question is that you create the file and then
set a physical read-only marker on the device itself (tabs on floppy
disks and tape media, jumpers on disk devices, ro=<hostname> in
dfstab/exports on an NFS server to which the root user in question
doesn't have access).

> 9. How do you find all the programs, and there location, using sockets or
                                           ^^^^^
> pipes on your computer?

Spellcheck is insufficient. Proofread.

> Ans:
> "netstat -na" will give a list of listening connections; but, it doesn't do
> an adequate job of listing the programs.  Instead, use
> "lsof"

lsof is rather portable (in that it can be built on most, if not
any, POSIX systems), but many operating systems provide a native
mechanism for this. (BSD systems have fstat(1), for instance.)

> Other items to know:  What is a superblock and what kind of data is in it?

More importantly, why would you need that information?

> If someone talks about ext2 and ext3 filesystems, what are they most likely
> running Debian or Redhat?

If someone talks about ufs, what are they most likely using, SunOS
or BSD/OS?

> Using the find command, how do you find all files
> with the immunitable attribute set?

GNU-find and ext{2,3}-specific.

> How do you create a directory that's sharable to a group,

A more general question would ask what attributes can be set in a
file's mode bits and which have special implications for files that
are directories or that are executable. One should also note that
certain popular file system implementations overload certain mode
bits; for example, Sun's ufs and, because of that, Veritas's vxfs.
Explaining which of these interactions will function across NFS
between same-OS servers and clients and different-OS servers and
clients would also be desirable.

> that by default, will have each file created as sharable to a group.

This presumes changes outside of the directory's mode bits. (You
need to force a umask on the users.)

> What's an effective UID and how is it set?

Relatedly, what's a saved UID, and why would you care about them?

> Is the speed of light constant in a vacuum and does light travel
> in a straight line? Careful on this last one..don't let your formal
> education throw you off.

Heh.

On Sat, Feb 14, 2004 at 11:43:54AM -0500, Chris wrote:
> Are these questions supposed to be focused on a low end admin? Or a high
> position admin?  

The former, we certainly hope, though my experience dictates that
people referring to themselves as senior couldn't answer some of the
modifications I made above.

I've attached an incomplete list of questions I would ask in an
interview for a senior Unix and Linux systems administrator. These
are based on a list of questions a friend of mine who prefers to
remain anonymous asked for my feedback on recently. I've made some
modifications to that person's questions and would prefer to make
some significant additions before I made use of this list. (My
friend also had questions specific to Windows 2000; I've ellided
those here, but if you'd like to see them, let me know.)

There's a significant lack of file-system-related questions here,
which I pointed out to my friend at the time. The questions Mike
provided above aren't a bad starting point for that component of
this list.

My friend's and my questions:

Sysadmin Quiz
  TCP/IP Networking
    - In an IP network, what is the function of a subnet mask?
    - Suppose you are assigned the CIDR netblock 130.78.25.64/28.
      - How many IP addresses are useable for hosts?
        - List them.
      - Are there any IP addresses that are not useable for hosts?
        - If so, list them with the reason that that specific address
          is not useable for hosts.
    - The default gateway address on a subnet is changing; the old
      address is 192.168.0.254, and the new address is 192.168.0.1.
      What changes would you need to make on a computer running as a
      DHCP server on that subnet? (The DHCP server is not acting as the
      gateway for this network, and the system acting as the gateway is
      not receiving its IP address from the DHCP server. Assume
      whatever operating system and DHCP server software you're
      familiar with, though answers for a POSIX operating system and
      ISC dhcpd are preferred.)
    - ping(1) reports "Request timed out" when trying to check
      connectivity to a host, but you're able to access other services
      running on the same system. Give at least one possible
      explanation for this.
    - What should be found in the /etc/hosts file? (If your answer
      is specific to any particular OS, please state that. More
      specific answers are preferred to more general ones.)
      - Sketch a brief history of the usage of this file in the Unix
        operating system(s).
    - What is found in a DNS zone file? (Assume BIND running on a
      POSIX operating system.)
    - What is the purpose of an MX record?
      - What data is permissable in a standards-compliant MX record?
        (Also accepted: what standards-non-compliant data is frequently
        placed in MX records?)
    - What data is transferred in a DNS zone transfer?
      - In what circumstances would you permit systems outside of
        your local/corporate network to perform DNS zone transfers?
      - In what circumstances would you not?
  E-Mail
    - Explain in what ways each of the IMAP, POP3, and SMTP protocols
      are used.
      - Give at least two differences between IMAP and POP3.
      - Explain at least one way that SMTP is used that does not
        involve a mail user agent. (Bonus points for creative
        answers.)
    - What is an open mail relay?
      - How would you test an SMTP server to see if it is an open
        mail relay?
      - Name at least two types of server process that can be an open
        mail relay but are not SMTP server processes.
    - What are the basic commands to send a message to an SMTP server?
      (Hint: Begin with HELO.)
  OS-level Tools
    - What options to (GNU) tar(1) would you use to decompress and
      extract everything  from  an  archive  named  files.tar.gz
      into  the  current directory?
    - How would you move a user's home directory from one mounted
      disk partition to another, preserving all file metadata, with
      minimal interruption to the user?
      - Can you do this with zero interruption to the user?
    - What command would you use to check available disk space on
      all currently-mounted disk partitions?
    - What command(s), with what options, would you use to discover
      which directory under a given disk partition was using the most
      space?
    - Why is there an /etc/shadow (or similar, differently-named)
      file? What is in it, and how is it different from /etc/passwd?

I'll leave the answers as an exercise for the reader, since you
should know these things by having learned them, not by having read
a cheat-sheet.

-- 
gabriel rosenkoetter
gr@eclipsed.net

Attachment: pgpm79akxwsSF.pgp
Description: PGP signature