================================

About RHEL

Operating system is an interface between user and the computer hardware. The
hardware of the computer cannot understand the human readable language as it works
on binaries i.e. 0's and 1's. Also it is very tough for humans to understand the
binary language, in such case we need an interface which can translate human
language to hardware and vice-versa for effective communication.

Types of Operating System:

? Single User - Single Tasking Operating System
? Single User - Multitasking Operating System
? Multi User - Multitasking Operating System

Why Linux?
? Fresh implementation of UNIX APIs
? Open source development model
? Supports wide variety of hardware
? Supports many networking protocols and Configurations
? Fully supported
1) Linux is a UNIX like OS: Linux is a similar to UNIX as the various UNIX versions
are to each other.
2) Multi-User and Multi-tasking: Linux is a multi-user and multi-tasking operating
system. That means that more than one person can be logged on to the same Linux
computer at the same time. The same user could even be logged into their account
from two or more terminals at the same time; Linux is also Multi-Tasking. A user
can have more than one program executing at the same time.
3) Wide hardware support: Red Hat Linux support most pieces modern x86 compatible
PC hardware.
4) Fully Supported: Red Hat Linux is a fully supported distribution Red Hat Inc.
provides many support programs for the smallest to the largest companies.

What is the Kernel:

The kernel is a computer program at the core of a computer's operating system with
complete control over everything in the system.[1] It is an integral part of any
operating system. It is the "portion of the operating system code that is always
resident in memory".[2] It facilitates interactions between hardware and software
components. On most systems, it is one of the first programs loaded on startup
(after the bootloader). It handles the rest of startup as well as input/output
(I/O) requests from software, translating them into data-processing instructions
for the central processing unit. It handles memory and peripherals like keyboards,
monitors, printers, and speakers.

The Linux� kernel is the main component of a Linux operating system (OS) and is the
core interface between a computer�s hardware and its processes. It communicates
between the 2, managing resources as efficiently as possible.

The kernel is so named because�like a seed inside a hard shell�it exists within the
OS and controls all the major functions of the hardware, whether it�s a phone,
laptop, server, or any other kind of computer.
------------

boot loader (boot manager):

A boot loader, also called a boot manager, is a small program that places the
operating system (OS) of a computer...

------------------
EXT vs XFS:

In general, Ext3 or Ext4 is better if an application uses a single read/write

thread and small files, while XFS shines when an application uses multiple
read/write threads and bigger files.
------------------

XFS File System:

The XFS file system is an extension of the extent file system.

The XFS is a high-performance 64-bit journaling file system.
The support of the XFS was merged into Linux kernel in around 2002 and In 2009 Red
Hat Enterprise Linux version 5.4 usage of the XFS file system.
XFS supports maximum file system size of 8 exbibytes for the 64-bit file system.
There is some comparison of XFS file system is XFS file system can�t be shrunk and
poor performance with deletions of the large numbers of files.
Now, the RHEL 7.0 uses XFS as the default filesystem.

=============

Unix / Linux filesystem blocks:

The blocks used for two different purpose:

Most blocks stores user data aka files (user data).

Some blocks in every file system store the file system�s metadata. So what the hell
is a metadata?

In simple words Metadata describes the structure of the file system. Most common
metadata structure are superblock, inode and directories.

===============================================================
1. How to create a file?

By using touch,cat and vi commands we can create the file.

2. differentiate the cat , touch and vi

Cat command. we can only append the data...cannot insert..

Touch command we can just create the file .no data will be inserted.
Vi command...we can do anything. Creation of file, inserting data, deleting some
data...anything.

3. how to create a directory in /dir1/dir2/dir3/dir4

By using mkdir -p command.

4. explain grep,tail, head,ls, ls -l, ls -ltr

grep is to search for a particuler pattern of a word.

tail is to see end of the files
head is to see begining of a file.
ls is listing
ls -l is long listing
ls -lt is for time stamp
ls -ltr is for reverse order.

5. What is hidden files and how to see them.

name of files/directories starts with . are called hidden files/directories. We

see them by using ls -a command.

6. how to copy a file and move a file.

By using cp command to copy. and By using mv command to move the file.

7. What is the directory and how to see a directory?

Directory contains files and sub directories. to see the directory ls -ld and to
see the content in that directory ls -l command can be used.

8. How to check the server time zone.

By using date command.

9. How to check the which user logged in for current session.

id or whoami command will show it.

10. How to check the users logged in?

By using w or who command

11. How to check the server name?

uname -a or hostname command will show.

12. how to check, how long server is up and running.

uptime command or top command also will display.

13. How to see the currently mounted file systems.

df -h command , mount command or cat /etc/mtab files will display currently

mounted file systems.

14. How to create a directory?

By using mkdir command.

14. How to remove a file or directory?

rm command, or rm -rf or rmdir command.

15. Unable to remove a directory with rmdir command. Why?

May be that directory in not empty...user rm -rf command.

16. How to see the which kernel u r using?

uname -r displays the current kernel.

17. How to see the redhat release u r using?

By using cat /etc/redhat-release

18. How to see the OS flavour u r using?

uname will display it.

19. One directory having 7 permissions for owner .. Explain owner privilizes

7 means read , write , execute.

reading of a directory means listing the content in that.
writing means, creating/deleting files/sub directories.
Executon of Directory means..entering in to the directory (cd)

20. Genrerally how do you copy a folder to other folder?

By using cp command and also with rsync command:

# cp -R Pictures Pictures_backup

The command above creates the destination directory and recursively copy all files
and subdirectories from the source to the destination directory.

If the destination directory already exists, the source directory itself and its
content are copied inside the destination directory.

Or

# rsync -av /data01/home/cfaweb/* /apps/cfaweb/

21. What is the difference between direcotry and a mount point?

directory is a directory under a mount point. Mount point is a directory attached

to a filesystem.

22. Suppose if you are not getting any exact switch(argument) for a command, what
you will do?

will see man pages of that command.

=====================================================================

File & Dir permissions:

1. What is file? how many types of files u know? how to see the file type?

File contains data.. there are multiple type of files like ASSCI file, data file,
Executable file, block device and character device files.

2. if you create a file what are the permissions it will get ? and why ?

It will depends on umask value.As default umak is 0022, the defaults file
permissions are 644 and for directory 755.

3. What is umask and how to change it?

Umask defines the default file/directory permissions.

default umask is 0022.You can change it my using umask command (it is not
permanent) ,For permanent change modify in /etc/profile file.

5. How to change umask value globally?

for global change ( for all users) modify in /etc/profile file.And for particular
user, we have to update in .bashrc file.

6. How to change the file or directiry permissions.

By using chmod command.

7. Explain the filels in ls -ltr command.

file permissions,link count,owner,group,size of the file,time stamp,file/directory

name.

8. what is Inode and how to find a inode of a file.

Inode is gateway of a file. Inode contains 2 types of data, file permiisions and
addresses of the data blocks.By using ls -i command we will get the inode number.

9. What is sticky bit and how to know if sticky bit is applied on a file or
directory?

Sticky bit is a special permission applied on a /files/directory.

If you apply sticky bit on a directory, the files and subdirectories in that can be
deleted only by owner or root. not by others though they have full permissions.

To apply:
chmod +t allAccess/

Remove sticky bit using -t option

chmod -t allAccess/

10. What is ACLs.How to apply it ? and how to know if ACL is applied on any file or
directory?

ACLs are special grained permissions. We can set user and group level permissions.
By using setfacl we can apply ACLs.
if you want to apply ACLs on a file, first you have to make sure whether that
mount is mounted with ACLs are not.
In ls -ltr command end of the first field you can see + symbol if ACLs are
applied on a file/directory.

11. Explain about SUID & SGID.

SUID is set to user/file level. If you set SUID, all users can able to execute the
file as a owner of the file.
SGID will be set on directory. then all the files and sub directories that
directory inherits the group ownership from parent directory.

12. One user is not able read a file. Explain the trouble shooting methods.

check the permissions and analyze what kind of permissions that user has. And
accordingly try to fix the issue.

================================================================================
User Management:
1. What are the important files in user management and explain the fields?

/etc/passwd, /etc/shadow,/etc/groups,/etc/skel/ /etc/default/useradd,

/etc/login.defs

2. Where to set the password policies?

in /etc/login.defs

3. How to set/reset the password? IF one user asked to reset his password, how do
you follow that request?

just check whether password really expired, and ask customer to reset his password
and set to ask to change in first login, and send mail to customer in 121 (one to
one) mail.In my environment we will update the password under "customer update-
private" notes.

4. While creating user with default parameters, what will happen backend?
It will collect information from /etc/default/useradd

5. User is not able to access the server. How do you troubleshoot?

Check whether server is up or not, Check user is existing or not, check the
password parameters,accvou finally check the secure log file for more information.

6. One user newly joined in your organization. How do you create his account?

from our jump server, we will run a script to create user in all the servers.

7. And one user leaving the company. How to remove his user account?

from our jump server, we will run a script to delete user in all the servers.
Initially we will remove only user .not Home directory. Later after few days we
will remove home directory as well.

8. How to check the password parameters?

By using chage command.

9. How many types of users in Linux?

There are 3 type of users. Root user, system users and normal users.

10. What type of user account you have? and where to check?

Based on the UID we will come to know. For upto RHEL 6 normal user ids start from
500 and 1000 for RHEL 7.

11. How to lock and unlock a user account and where to confirm whether is is locked
or unlocked?

By using usermod -L and uesrmod -u and in shadow file , password field, you will
see ! symbole before encrypted password.

12. How to add a user for few more other groups.

By using usermod -G and aslo usermod -a -G (-a... it will not overrite old
secondery groups)
13. If you create user with default parameters, what will happen?

as per the settings mentioned in /etc/default/useradd file, user will be created.

14. How to see who are current user logged in ?

Using id or whoami command.

15. How to see the user to which group/groups he belongs to?

id -a username

16. What are the profiles files for users?

.bashrc , .bash_profile , .bash_logout, .bash_history

17.user is not able to accesss even after resetting his password. Why?

Check count for failed login attemps and clear them.

# pam_tally2 -u username
# pam_tally2 -u username --reset

pam_tally2 module is used to lock user accounts after certain number of failed ssh
login attempts made to the system. This module keeps the count of attempted
accesses and too many failed attempts.

pam_tally2 module comes in two parts, one is pam_tally2.so and another is

pam_tally2. It is based on PAM module and can be used to examine and manipulate the
counter file. It can display user login attempts counts, set counts on individual
basis, unlock all user counts.

/etc/pam.d/password-auth
auth required pam_tally2.so file=/var/log/tallylog deny=3
even_deny_root unlock_time=1200

Parameters
file=/var/log/tallylog � Default log file is used to keep login counts.
deny=3 � Deny access after 3 attempts and lock down user.
even_deny_root � Policy is also apply to root user.
unlock_time=1200 � Account will be locked till 20 Min. (remove this parameters if
you want to lock down permanently till manually unlock.)

17. How to disable direct root login access?

Change PermitRootLogin no in /etc/ssh/sshd_config file.

restart the ssh service:

in rhel 6 : service sshd restart

in rhel 7 : systemctl restart sshd.service

==============================================================================
Disk Management:

1. How to partition a disk? How many partition can be done?

By using fdisk command we will do partitions.Maximim 4 partitions we can do.

2. what is hex numbers for partiotions?

83 for primary,5 is for extend, 82 for swap and 8e for LVM.

3. What is extended partition?

We can divide extended partition into multiple logical partitions.

4. What is partprobe command?

partprobe is a program that informs the operating system kernel of partition table
changes, by requesting that the operating system re-read the partition table

5. what is device files and where those will be created?

Device files will be created under /dev. Kernel will intract with devices through
these files.

In Unix-like operating systems, a device file or special file is an interface to a

device driver that appears in a file system

Character special files or character devices provide unbuffered, direct access to

the hardware device. They do not necessarily allow programs to read or write single
characters at a time; that is up to the device in question. The character device
for a hard disk, for example, will normally require that all reads and writes are
aligned to block boundaries and most certainly will not allow reading a single
byte.

Block devices
Block special files or block devices provide buffered access to hardware devices,
and provide some abstraction from their specifics.[5] Unlike character devices,
block devices will always allow the programmer to read or write a block of any size
(including single characters/bytes) and any alignment. The downside is that because
block devices are buffered, the programmer does not know how long it will take
before written data is passed from the kernel's buffers to the actual device, or
indeed in what order two separate writes will arrive at the physical device.
Additionally, if the same hardware exposes both character and block devices, there
is a risk of data corruption due to clients using the character device being
unaware of changes made in the buffers of the block device.

6. How to see the disks & partitions information?

fdisk or lsblk command.

7. What is main difference between fdisk & parted commands.

Both are for partition the disk. fdisk will use MBR partion and parted uses GPT
table.
And fdisk will be used for below 2 TB partition and parted is used for bigger than
2TB.

You can see that we can't add a new partition after reaching the limit of the 04
MBR primary partitions.

Another particularity of the MBR is that a single bit error can render a disk
useless. For these reasons, and more, the Unified Extensible Firmware Interface
(UEFI) specified that MBRs were to be replaced with GUID Partition Tables (GPT),
which overcome these limitations.

2- GPT
GPT for GUID Partition Tables is part of Intel�s EFI specification. The GPT is a
different format than the MBR, but for compatibility reasons, the MBR is stored in
the first logical block and the GPT is stored on the second block. GPT allows disk
with more than 2 TB and up to 128 partitions.

8. Expalin the differences between ext2, 3 & 4 filesystems.

Go through the kernel pdf.

9. What are differences betweeen Redhat 5, 6 & 7

Go through the notes given.

10. Create a partiton and mount it..Explain the proceedure.

Ask whether it is for Linux or LVM if question if the request is not clear.
Check any free disk is there (lsblk or fdisk).
Ask storage team to assign a LUN
Then scan the HBAs for new LUN visibility.
Partiotion it , save and partprobe it.
Create file system.
And cretae a directory and mount it.
Give entry in fstab file to make it permanant to mount at boot time.

11. After add the disk it is not vissible in OS level. How to fix it?

Rescan the HBS.By sending - - - characters to scan file under HBA folder.

echo "- - -" > /sys/class/scsi_host/host0/scan

The three values stand for channel, SCSI target ID, and LUN. The dashes act as
wildcards meaning "rescan everything"

12. How to increase the existing Linux partition(example /dev/sdb2) which was
having data.

It is very difficult to extend the partion which is in traditional Linux. (Ex:

/dev/sdb1)
Normally we take new disk and create partion in lvm and mount on temparary mount
and copy the content from old to new and unmount old one and mount new one as old
mount point name and change the fstab entries accordingly.

parted command example:

https://linoxide.com/storage/mbr-vs-gpt-things-know-when-partitioning/
===============================================================================

Process Management:

1) What is process?

Anything (task) running on the server.

2) How to see the process running on a server?

By using ps -ef or top command

3) Explain the top command?

it will show some useful information followed by processes running on the server.

4) How to kill the process?

with kill -9

5) What is jombie process and how to check those in server?

Whenever we run a program it creates a parent process and a lot of child processes.
All of these child processes use resources such as memory and CPU allocated to them
by the kernel.

Once these child processes have finished executing they send an Exit call and die.
This Exit call has to be read by the parent process which later calls the wait
command to read the exit_status of the child process so that the child process can
be removed from the processes table. If the Parent reads the Exit call correctly
sent by the Child Process, the process is removed from the processes table.

But, if the parent fails to read the exit call from the child process, the child
process which has already finished its execution and is now dead will not be
removed from the processes table.

Are Zombie processes harmful to the System?

No. Since zombie process is not doing any work, not using any resources or
affecting any other process, there is no harm in having a zombie process. But since
the exit_status and other process information from the process table are stored in
the RAM, having too many Zombie processes can sometimes be an issue.

6) What is nice value? How to change the nice value?

Nice defines the priority of a process to be run on CPU. default nice value is zero
and posible nice values are -19 to +20. you can change by using renice, or with top
command.

7) Server performance is slow. How do you troubleshoot with top command.

one way to check the performance is by checking the process. check what is process
consuming more cpu , memory by using top command and check the owner of the file
and inform to owner (Application/DB team ) to take necessary actions.

8) how to see available cpus in server from top command and also command line

with top command ..jusnt hit 1 ..you can see the num of cpus. And also with cat
/proc/cpuinfo.

9) how to see the defunct (jombie) process pids ?

ps -ef |grep -i defunct

10) if you see one process consuming more cpu/memory..How do you proceed to fix it?

check what is process consuming more cpu , memory by using top command and check
the owner of the file and inform to owner (Application/DB team ) to take necessary
actions.

11) what are different states of a process?

running ,sleeping, cpu, stopped, jombie,

12) how to kill the jombie processes?

It will not be killed using kill -9...Just take the approval from customer and
reboot the server.

13) what is the signal means? ( example kill -9 )..what is 9 here?

signals are instructions send to the processes. You can list all the signals by
using kill -l command.
===================================================================================
====================================
Jobs:

1) How many ways we can schedule the jobs?

By using cron and at.

2) What is the difference between cron & at?

Cron is to schedule the jobs repeated interval of times and at to create for a
single time.

3) How to see the cron jobs & how to delete the cronm jobs?

By using crontab -l and to delete user crontab -r.

4) What are the fields in cron tabs? How to schedule the cron job?

Mins, hours,day of the month , month and day of the week and followed by the
command.

5) User is not able to schedule the cron job. What could be the reason?

Check whther user the there in /etc/cron.deny file, else add the user in
/etc/cron.allow file.

6) Cron job is not running. How do you troubleshoot?

If the job is newly created, check the syntax of the crontab entry, check whether
crond is running or not..and finally check the cron log to get more information.

7) One user is there in cron.allow & cron.deny file. What will be the impact?

Cron will consider only cron.allow file.

8) Where you can see the logs for cron? Jobs

Under /var/log/cron

===============================================================
links:

1. What is a link?

Link a short cut or backup of a file.

2. How many types of links are there and explain?

Links or 2 types hard and soft links.

3. How to remove a link?

By using unlink command.

5) how to create a soft and hard links?

By using ln command for hard link and ln -s for soft link.

6) what is the destination file size in hard link and what is in soft link?

For hard links inodes are same. But soft link inodes are different.
Hard link size will be same as original file.
Soft link size will be number of characters in source file path.

7) how to determine that , a file has a link?

In ls -l command in first field first character shows as �l�

8) How to mount a partion with UUID?

First get the partition UUID with blikid command and mount it.

# blkid partitionname
# mount UUID=UUID_number mount point name

9) How to know if any file is having hardlinks ?

- first chk the inode of that file using ls -li command.

- then check with find command the files associated with that inode number.
# find / -inum XXXXXX

Ex:

[root@localhost ~]# ls -li ktech

273086 -rw-r--r--. 4 root root 23 Feb 21 11:00 ktech

[root@localhost ~]# find / -inum 273086

/root/file123
/root/gchr
/root/ktech
/root/maps

===============================================================
LVM:

1) What is LVM and what is its advantage?

LVM is a tool for logical volume management which includes allocating disks,
striping, mirroring and resizing logical volumes.
LVM allows for very flexible disk space management. It provides features like the
ability to add disk space to a logical volume and it is collection of multiple
physical hard drives and partitions into a single volume group which can then be
divided into logical volumes.
2) What is ihe hexa/ID number for LVM partition, swap , primary and extend?

Every partion type will have one ID..example for primary partition 83, extended 5,
swap 82 and LVM 8e.

3) Explain how to create a lvm mount?

Ask storage team for new LUN if no free disk is not availanle.
Rescan the HBAs
Once disk is visible in OS level,partion it and change id as LVM
create PV
Create VG
Create LV and cretae file system on it.
Create a directory and mount it and make entry in fstab to make it permananent at
boot level.

4) As per the customer request how to increase the LV size?

check if any free space is there in VG.

If space is there do lvextend and resize2 fs.
If free space is not there in VG , ask storage team for new LUN
rescan the HBAs
partion the new disk with lvm id.
Create pratition
Create PV
extend VG
Extend LV and do resize2fs.
And validate file system size with df -h.

5) what is lvscan?

lvrescan scans all known volume groups or all supported LVM block devices in the
system for defined Logical Volumes. The output consists of one line for each
Logical Volume indicating whether or not it is active, a snapshot or origin, the
size of the device and its allocation policy.

6) How to restore the LV?

https://www.thegeekdiary.com/corruption-or-accidental-deletion-in-lvm-how-to-
rebuild-lvm-from-archive-metadata-backups-in-rhel-centos/

# lvremove vg01/lv01

# cd /etc/lvm/archive/

Before running the actual restore you can do a dry run using the �test switch as
shown below.

First find the backed up configurations of Volume Group (vg1 in this case)
under /etc/lvm/archive/

# vgcfgrestore vg01 --test -f /etc/lvm/archive/vg01_00002-1315455408.vg

TEST MODE: Metadata will NOT be updated and volumes will not be (de)activated.
Restored volume group vg01

If the above dry run is successful, do the actual restore.

vgcfgrestore --list vg1

# vgcfgrestore vg01 -f /etc/lvm/archive/vg01_00002-1315455408.vg

Verify if the deleted volume has been successfully restored or not using �lvscan�.

lvscan

Activate the LV to access the data onto it.

lvchange -a y /dev/vg01/lv01

Mount the logical volume and verify if the data is intact.

7) How do you decrease the LV.

unmount the LV if no one is using.

Run fsck force fully.

Resize the LV filesystem to required size.

Ex:
# resize2fs /dev/mapper/vg_root-lv_data01 100G

shrink the file system.

# lvreduce -L 100G /dev/mapper/vg_root-lv_data01

8. How to migrate a LV from one type of storage to another?

1. Partition the disk ( replace XX with correct number for new device)

# parted /dev/mapper/mpath17 mklabel gpt mkpart primary 0% 100% print

# parted /dev/mapper/mpath17 set 1 lvm on
# kpartx -a /dev/mapper/mpath17

2. Create the PV

# pvcreate /dev/mapper/mpath17p1 ( expected device will be mpath17p1 please cross

verify )

3.vgextend
vgextend vg_U01 /dev/mapper/mpath17p1

verify new PV added in VG

vgs -o devices vg_U01

4. move the contents from old PV to new PV

pvmove -b /dev/mapper/mpath16p1 /dev/mapper/mpath17p1

we can check the progress of the migration by below command.

# lvs -a -o+devices

When the migration is completely finished, you will know because the �Copy%� column
will no longer register a value for the LV and VG that you�re working in.

5. Now, you can safely remove the original PV from the VG.

vgreduce vg_U01 /dev/mapper/mpath16p1

6. remove PV
pvremove /dev/mapper/mpath16p1

7. multipath flushing and Remove block devices

multipath -f /dev/mapper/mpath16

flush any pending or outstanding I/O to all paths to the device

# blockdev -flushbufs /dev/sddq

# blockdev -flushbufs /dev/sddr
# blockdev -flushbufs /dev/sdds
# blockdev -flushbufs /dev/sddt
# blockdev -flushbufs /dev/sddu
# blockdev -flushbufs /dev/sddv
# blockdev -flushbufs /dev/sddw
# blockdev -flushbufs /dev/sddx

remove each path to the device from the SCSI subsystem.

# echo 1 > /sys/block/sddq/device/delete

# echo 1 > /sys/block/sddr/device/delete
# echo 1 > /sys/block/sdds/device/delete
# echo 1 > /sys/block/sddt/device/delete
# echo 1 > /sys/block/sddu/device/delete
# echo 1 > /sys/block/sddv/device/delete
# echo 1 > /sys/block/sddw/device/delete
# echo 1 > /sys/block/sddx/device/delete

How to restore a volume group and its logical volumes after a disk (physical
volume) that the logical volume was using has failed or the volume has become
corrupted or was overwritten?

https://access.redhat.com/solutions/3334

vgdisplay --partial --verbose

Note the PV UUID line. This line contains the universally unique identifier (UUID)
of the physical volume that failed and will be needed in the next step:

If the physical volume failed, it must be replaced with a disk or partition that is
equal in size or larger than the failed volume. If the disk did not fail but was
overwritten or corrupted, the same volume can be re-used. Run the following command
to re-initialize the physical volume:

pvcreate --restorefile /etc/lvm/backup/<volume group name> --uuid <UUID> <device>

Now the new physical volume has been initialized with the UUID of the old physical
volume. The volume group metadata may be restored with the following command:

vgcfgrestore --file /etc/lvm/backup/<volume group name> <volume group name>

# vgcfgrestore --file /etc/lvm/backup/volGroup00 volGroup00

Restored volume group volGroup00
=============================================================

Run levels:

1) What is run level?

Runlevel is state of the server.who -r is the command to check the current runrevel
of the server.

2) How to see the current server run level?

By using who -r command.

3) What is the default runlevel and where to define it?

Normally default runlevel is 3. It will be defined in /etc/inittab file.

4) explain the run levels?

We have runlevels 0 to 6. See the information in pdf.

5) if I want to stop/start any script in a particular run level, what need to be

done?

a. Put the script under /etc/init.d/

b. Then create a soft link under /etc/rc.d/rc3.d/Snameofthescript

6) in runlevel command out put what is N.

N indicates previous runlevel. If server reboots then previous runlevel will show
as N
If server runlevel changes through init command then previous runlevel will show
instead of N.

7) how to change the server from runlevel 3 to 2 or someother.

By using init command..example command init 2 takes the server to runlevel 2

8) Explain about inittab file.

Once all the entries in /etc/inittab for your runlevel are executed, the boot
process is completed, and you can log in.

Each line in the inittab file consists of four colon-delimited fields:

id:runlevels:action:process

Here is a description of these fields:

id (identification code) � consists of a sequence of one to four characters that

identifies its function.

runlevels � lists the run levels to which this entry applies.

action � specific codes in this field tell init how to treat the process. Possible
values include: initdefault, sysinit, boot, bootwait, wait,once and respawn.
process � defines the command or script to execute.

===============================================================

Swap:

1) What is swap?
Swap is virtual memory configured on disk.swap will be used for inactive
pages(processes)
2) how to see the swap utilizaion?
By using free command
3) How to see how swap is assigned?
By using swapon -s
4) How to add (increse ) the swap?
Swap will added(increased) through a partition or through a file.and also by
increasing existing partition (downtime is required as swapoff is needed)
5) what is memory chunk,pagein and page out.

A peace of the memory is called memory chunk(memory page). Moving inactive page
from memory to swap is called pagein(swapin). And moving out from swap is pageout
(swapout)
6) How to see the size of the memory page?
By using getconf PAGE_SIZE command
7) Server(OS) is using swap though there is enough free RAM.why?
Might be because of swappiness. It might be configured less than default value(60)

8) No application running on the server, but still entire RAM is

underutilization. What could be the reason.
It may be becuse of juge pages allocation.

9) What is swappiness .How to see it and change it?

Swappiness defines how eagerly memory/or swap will be used. It can be changed by
adding entry vm.swappiness = 0 in sysctl.conf. if it is temperory, use echo command
to /proc/sys/vm/swappiness

10) what is huge page?

Huge pages are helpful in virtual memory management in Linux system. As name
suggests, they help is managing huge size pages in memory in addition to standard
4KB page size. You can define as huge as 1GB page size using huge pages.
During system boot, you reserve your memory portion with huge pages for your
application. This memory portion i.e. these memory occupied by huge pages is never
swapped out of memory. It will stick there until you change your configuration.
This increases application performance to great extent like Oracle database with
pretty large memory requirement.

Why use huge page?

In virtual memory management, kernel maintains table in which it has mapping of
virtual memory address to physical address. For every page transaction, kernel
needs to load related mapping. If you have small size pages then you need to load
more numbers of pages resulting kernel to load more mapping tables. This decreases
performance.

Using huge pages, means you will need fewer pages. This decreases number of mapping
tables to load by kernel to great extent. This increases your kernel level
performance which ultimately benefits your application.
In short, by enabling huge pages, system has fewer page tables to deal with and
hence less overhead to access / maintain them!

11) what is RAM?

RAM (Random Access Memory) is the hardware in a computing device where the
operating system (OS), application programs and data in current use are kept so
they can be quickly reached by the device's processor.
================================================================
Monitoring:

1. what is your monitoring tool?

Nagios

2. What is the agent name at client side.

nrpe.

3. What are the SLAs?

p1, p2,p3,p4
s1,s2,s3,s4
Critical , high , medium , low.

P1--10mins --4 hours

P2--30 mins --8 hours
P3-- 1 hour --3 business days
P4-- 1 day --7 business days

4. What is the difference between monitoring team and service desk team?

Monitoring or IM team is first level technical teams

And SD is not technical team.

5. What are the Incident states?

Assigned, in progress, pending-customer hold , closed , resolved.

6.Have you ever breached the SLAs.

Yes..Normally sometimes SLAs will be breached.But we shold have proper

justification.
Sometimes because of multiple teams involvement and sometime because of hardware
issues SLAs will be breached.But we have to put proper updates timely in incidents.

7. What is the difference between closed and resolved.

Closed INCs will not be reopened.

Resolved INCs will be reopend if customer not satifies.

8.What you will do if any modificatiobns required in ur monitoring.

We have configatuin file monitoring called gen_events.cfg

(/usr/local/monitor/gen_events.cfg).It will contain entries for different
monitoring.
Normally we will change it if threshold limit is need to increase or decrese and if
any NAS mount to removed from monitoring, if it is reclaimed.

DiskUtilization monitors, SAN Monitor,CPU monitor,logfile monitor,

for application, example Apache Error Monitors,Oracle ASM Monitors,

9. How do you know if any priority comes to your queue.

Normally for priority cases(p1 and p2) , monitoring or service desk team will call
us and notify us about that incident and will assign to us ince we are okay with
that.

If it is P1, we will also engauge MIM team in the call.

================================================================
Rpms:

1) What is rpm?

Rpm is the tool to install the packages on a RHEL machine.

2) what is the difference between rpm -ivh and rpm -Uvh?

-ivh installs new rpm without removing existing one(old one).

-Uvh upgrades the existing one with newone.( roll back is not possible)

3) rpm database is corrupted means?.How to restore it?

-If rpm database corrupted, no rpm commands will work properly.

-First remove the existing metadata under /var/lib/rpm starts with _DB*
-Then run command rpm �restoredb command.

4) what is the difference between rpm & YUM ?

rpm never installs dependencies. YUM install with dependencies.

5) How to downgrade the package?

rpm -Uvh --oldpackage [filename]

6) how to roleback rpms installed.

rpm -Uhv --rollback '8 hours ago'

================================================================
Inodes:

1) What is inode and explain?

Every Linux file or directory has an inode, and this inode contains all of the
file�s metadata (that is, all the administrative data needed to read a file is
stored in its inode). For example, the inode contains a list of all the blocks in
which a file is stored, the owner information for that file, permissions and all
other attributes that are set for the file. In a sense, you could say that a file
really is the inode, and names are attached to these inodes to make it easier for
humans to work with them.

2) how to see the inode num of file/directory and inode utilization of a

filesystem?

By using ls -i filename and df -i filesystem.

3) Not able to create a file/directory in a filesystem. why?

Check whether free space is there in the FS , then check the inode availability.
If the error is read-only filesystem run fsck to fix the issue.

4) When inodes will be allocated to a filesystem.

While creating FS on the partition, inodes will be allocated.
==================================================================
sudoers:

1.What is sudo permissions>

Providing super privilizes to normal user.

2) How to provide sudo access to a user..expalin? (means how you will edit the
sudoers file)

a. List the current sudo access of userid ksundaram

b. # sudo -U ksundaram -l
c. Take backup of /etc/sudoers file
# cp /etc/sudoers /var/tmp/PRE-1265032-sudoers
d. Edit the sudoers file
# /usr/sbin/visudo

e. Add the following configuration for the userid ksundaram as below:

ksundaram ALL=(ALL) ALL

press Escape Key and then type
:wq
"To Save & Quit"
f. Validate syntax of sudoers file/Verify sudo access
# /usr/sbin/visudo -c
# sudo -U ksundaram -l {It should not show the (ALL) ALL}

3) After adding sudo access to a user, how to run a command?

By putting sudo and followed by command.

4) How to provide sudo access to a user and a group?

for user:

username ALL=(ALL) ALL

hoteadmin ALL = NOPASSWD: ALL

for group:

%groupname ALL=(ALL) ALL

5) what is user_alias & command_alias?

If you want same sudo permissions for number of different users, you can keep all
the users under user_alias and provide sudo access to that name.

Ex Entry:
User_Alias WEBMASTER = ADMINS, !johnathan
Cmnd_Alias SHUTDOWN = /sbin/poweroff, /sbin/halt, /sbin/reboot

If you want to provide access to multiple commands for different users you can keep
all the commands under command_alias and provide the sudo access.

6) What will happen if sudoers file gets corrupted?

No user(including root) can able to login as root.

7) How to fix the corrupted sudoers file.

Go to single usermode and fix it as root user.

===================================================================================
=======

mount & unmount issues:

1) How to mount a filesystem?

By using mount command and better to use -t option. For NAS/NFS it is must.

2) what is df -h and mount commands?

Both will display currently mounted file systems.

df -h reads info from fstab file

mount reads info from mtab file

3) Unable to unmount a filesystem. How do you troubleshoot?

Try to umount with umount -f and umount -l ( checking fuser & lsof is common
process)

4) unable to see any data in one filesystem. What you will do?

Ans>
a. First check what kind of filesystem it is.
b. If it is local, unmount and mount it, or unmount and run fsck and mount it, or
reboot the server.
c. id it is nas/nfs (remote) , unmount and mount it. Or check with staorage team
for NAS and nsf server for NFS mount.

5) how mount -a will work?

It will check whether all all filesystems are mounted as per the entries in fstab
file.if not mounted anything it will mount it.

6) How to check whether a nfs filesystem exported in a client?

First check whether nfs share is enabled in client side (showmount -e IP_Address of
NAS).

7) How to see the users details using a filesystem?

by using fuser -cu command.

===================================================================================
=====
services:

1) How to start the servies? What is the other name for service?

by using service command. daemon is other name of servoce.

2) What is difference with chkconfig & service command?

service commnad to mange the services at OS level.

and chkconfig is to manage the services at boot level.

3) How start/stop the service at booting level with chkconfig command?

example:
a. To start/stop the service completely while booting.
chkconfig servicename on
chkconfig servicename off

b. To start the serveice on particular runlevels:

chkconfig --level 23 servicename start (it will start service on runlevel 2 and 3
only)

3) How to configure to start the service at particular run levels?

create file with that service under /etc/init.d

and then create soft link to that file under /etc/rc.d/rc(runlevel) with file name
starts with "S"

4) Curently one service (Ex: crond) is not running in the server. I used the
command chkconfig crond on. What about current
status of the service on server?

We have to start the service again with service command. The command chkconfig
crond on menas , we are instructiong to crond to be started while server boots.

===================================================================================
=======
passwordless ssh:

1) What is passwordlesss ssh?

To allow users to do ssh from one server to another server without assking
passowrd.

2) how to configure it for the user oracle?

a. login to sourece server with that user who wants passwordless ssh.
b. Create public and private keys (key pair) by using ssh-keygen -t rsa.keys will
be generated uner user home directory/.ssh/id_rsa.pub
c. Copy id_rsa.pub file to under destination server under userhome
directory/.ssh/authorized_keys ( you have to create this file)
d Make sure on detination server, permissions for .ssh folder should be 700 and
file authorized_keys permissions should be 640.

RSA (Rivest�Shamir�Adleman) is one of the first public-key cryptosystems and is

widely used for secure data transmission. In such a cryptosystem, the encryption
key is public and it is different from the decryption key which is kept secret
(private)

At SSH connect time, the client receives the servers public key, and verifies if
this matches the stored public key in $HOME/.ssh/known_hosts. If this test is
successful, and the server does not have the clients public key, a password is
required. Else, the server sends a message encrypted with the clients public key
and if the client manages to decrypt the message successfully, using its private
key, the connect is established.

===================================================================================
==
ssh and telnet:

SSH is more secure compared to Telnet

SSH encrypts the data while Telnet sends data in plain text
SSH uses a public key for authentication while Telnet does not use any
authentication
SSH adds a bit more overhead to the bandwidth compared to Telnet
Telnet has been all but replaced by SSH in almost all uses
SSH and Telnet commonly serves the same purpose

===================================================================================
=======

Log files:

1.What are the log files u are aware in Linux and name them and explain its
purpose.
There are many log files related to OS under /var/log/
Example:
/var/log/messages : General message and system related stuff
/var/log/auth.log : Authenication logs
/var/log/kern.log : Kernel logs
/var/log/cron.log : Crond logs (cron job)
/var/log/maillog : Mail server logs
/var/log/httpd/ : Apache access and error logs directory
/var/log/boot.log : System boot log
/var/log/mysqld.log : MySQL database server log file
/var/log/secure or /var/log/auth.log : Authentication log
/var/log/utmp or /var/log/wtmp : Login records file
/var/log/yum.log : Yum command log file.

2.How to determine the path of the logs.

It will be defined under syslog.conf or rsyslog.conf

3.message file or some other log file is not updating . What could be the reason?
Might be syslogd is not running. check and restart it.

4.What daemon is responsible for all logs?

Syslogd/rsyslogd
===================================================================================
=============

compression:

1 How many ways we can compress the file?

Normally we use gzip, bzips and compress commands.

2. what is the difference between tar and other compress commands?

Tar is to compress the folders and other compress commands to compress the files.

3. what is the difference between gzip and bunzip commands.

Both are for lossless data compression algorithm methods.

GZIP is based on an algorithm known as DEFLATE. It uses both the LZ77 algorithm
and Huffman coding.

BZIP2 is an open source lossless data compression algorithm � basically, a class of

data compression algorithms that makes it possible for the original data of a
compressed file to be completely reconstructed from the compressed data.

4. How to read a file from tar file without untar.

# tar -xvf cleanfiles.sh.tar cleanfiles.sh (Untar Single file from tar File)
OR
# tar --extract --file=cleanfiles.sh.tar cleanfiles.sh

5. Example tar commands:

tar cvzf MyImages-14-09-12.tar.gz /home/MyImages (.tar)

tar -cvf tecmint-14-09-12.tar /home/tecmint/ (for tar.gz)
tar cvfj Phpfiles-org.tar.bz2 /home/php ( for tar.bz2 )
tar -xvf public_html-14-09-12.tar
tar -xvf public_html-14-09-12.tar -C /home/public_html/videos/ (untar to a
specific directory)
tar -xvf thumbnails-14-09-12.tar.gz (xvf for both tar.gz and tar.bz2)
tar -tvf uploadprogress.tar ( to list the contents in tar file)

# tar -xvf cleanfiles.sh.tar cleanfiles.sh (Untar Single file from tar File)
OR
# tar --extract --file=cleanfiles.sh.tar cleanfiles.sh

Untar Multiple files from tar, tar.gz and tar.bz2 File

# tar -xvf tecmint-14-09-12.tar "file 1" "file 2"

# tar -zxvf MyImages-14-09-12.tar.gz "file 1" "file 2"

# tar -jxvf Phpfiles-org.tar.bz2 "file 1" "file 2"

===================================================================================
===============

1. What is sar command?

sar is the command to display historical or current resource utilization

information.

sar followed by an option (without specifying a saXX data file). This will look for
the current day�s saXX data file and report the performance data that was recorded
until that point for the current day.
sar followed by an option, and additionally specifying a saXX data file using -f
option. This will report the performance data for that particular day. i.e XX is
the day of the month.

2. what is the rpm responsible sar.

sysstat.

3. where are old files will be stores and how many old files can be saved.

under /var/log/sa and max 28 files will be saved after that old file will be
rotated.

4. whar are the options to get cpu, mem, load, network, IOs....

sar -u Displays CPU usage for the current day that was collected until that point.
CPU Usage of Individual CPU or Core (sar -P)
Memory Free and Used (sar -r)
Swap Space Used (sar -S)
Overall I/O Activities (sar -b)
Individual Block Device I/O Activities (sar -d)
Reports run queue and load average (sar -q)
Report network statistics (sar -n)
Report Sar Data Using Start Time (sar -s)
Example:
Using �-s hh:mi:ss� option, you can specify the start time. For example, if you
specify �sar -s 10:00:00�,
===================================================================================
================

Networking:

about IP and subnet https://www.youtube.com/watch?v=Deq9Dq-Kc-k

1. How to see the NICs in a server?

ifconfig -a or ip a command.

2. Where the NICs configuration files resides?

under /etc/sysconfig/network_scripts like ifcfg_eth1

3. How to make NIC up/down.

ifup NIC or ifdown NIC

4. How to check NIC details?

ethtool NIC

5. If NIC card card is down and unable to up, what you will do?

First ask DC team to reseat/replace the NIC cable, if still issue persists,raise a
case with HP to order the part and ask DC team to replace it.

6. what is bonding and explain the configuration?

Go through the notes provided.

7. How to understand what kind of bonding you have in a server?

We can see either under bond configuration file or from /proc/net/bonding/bondX

file and also bond configuration file under /etc/sysconfig/network-scripts path.

8. How to understand currently which NIC is active in active backup bonding?

You can see from /proc/net/bonding/bondX file.

9. What is miimon value?

It is the montoting value in milliscconds. If kernel did not get keep alive
acknowledgement in that time, it treats that NIC is down and immediately it will
bring other one up.

10. How to change the IP address of a server.

11. How to add a route.

By using route add command.

Ex: route add -net 10.40.100.0 netmask 255.255.255.192 gw 10.56.28.225 dev eth0

12. How to check the default route?

from cat /etc/sysconfig/network file or from netstat -rn command.

13. How to change the host name of the server?

Till RHEL 6 by editing /etc/sysconfig/network file and to reboot the server.

And but in RHEL 7 above process didnt work even service/server restart also)

And use these 2 commands

hostnamectl status
hostnamectl set-hostname Satya

14.How to change the timezone.

RHEL6: s602499bo2sl06 64.28.90.103

# cp /etc/localtime /etc/.localtime-PRE-VMAC-1308042
# rm -f /etc/localtime && cp /usr/share/zoneinfo/UTC /etc/localtime
# chmod 0644 /etc/localtime

# cp /etc/sysconfig/clock /etc/sysconfig/clock-PRE-VMAC-1308042
# echo "ZONE=\"UTC"\" > /etc/sysconfig/clock

# hwclock --systohc
# hwclock --show
# date

Reboot server, and show clock/date again.

In RHEL7: VA1BS5DCRYSDB01

date or timedatectl
timedatectl list-timezones
timedatectl set-timezone timezonename
timedatectl
hwclock --systohc
reboot the server

15. timezone is showing different for root and normal users. Why?

Just check the file /etc/localtime permissions. It should be 644 not 640 and 600.
https://access.redhat.com/solutions/2428001

Example output:

Mon Apr 13 07:46:59 UTC 2020

[svadmin@s608661rgvl421 ~]$ sudo su -

[root@s608661rgvl421 ~]# date

Mon Apr 13 08:47:08 BST 2020

[root@s608661rgvl421 ~]# chmod 644 /etc/localtime

[root@s608661rgvl421 ~]# ls -ltl /etc/localtime
-rw-r--r--. 1 root root 3661 Apr 8 21:01 /etc/localtime

[svadmin@s608661rgvl421 ~]$ date

Mon Apr 13 08:48:37 BST 2020
[svadmin@s608661rgvl421 ~]$ sudo su -
[root@s608661rgvl421 ~]# date
Mon Apr 13 08:48:43 BST 2020
[root@s608661rgvl421 ~]#
===================================================================================
===============
The blkid command allows you to display information about available block devices.
To do so, type the following at a shell prompt as root:
blkid
For each listed block device, the blkid command displays available attributes such
as its universally unique identifier (UUID), file system type (TYPE), or volume
label (LABEL). For example:
~]# blkid
/dev/vda1: UUID="7fa9c421-0054-4555-b0ca-b470a97a3d84" TYPE="ext4"
/dev/vda2: UUID="7IvYzk-TnnK-oPjf-ipdD-cofz-DXaJ-gPdgBW" TYPE="LVM2_member"
/dev/mapper/vg_kvm-lv_root: UUID="a07b967c-71a0-4925-ab02-aebcad2ae824" TYPE="ext4"
/dev/mapper/vg_kvm-lv_swap: UUID="d7ef54ca-9c41-4de4-ac1b-4193b0c1ddb6" TYPE="swap"
By default, the blkid command lists all available block devices. To display
information about a particular device only, specify the device name on the command
line:

1. e2label or tune2fs
The commands e2label or tune2fs used for changing label of ext2, ext3 and ext4 type
partitions.

# e2label /dev/sda1 ROOT

OR
# tune2fs �L ROOT_PART /dev/sda1

==================
suid sgid:
1. What is SUID and how to apply?

SUID will be applied on files.If you apply SUID all users can able to excute that
file as a owner of that file

2. How to know whether SUID applied or not?

in ls -ltr command under user permissions, in execution field s will be there.

3. What is SGID and how to apply and how to understand SGID is applied?

SGID will be applied on a directory. If you apply SGID on a directory, all the
files and sub directories created under that , inherits the group ownership from
the parent directory (where u applied SGID)

in ls -ld command under group permissions, under execution field s will be

displayed.

===================================================================================
=================
LUN scannng:(Rescan the HBAs)

echo "- - -" > /sys/class/scsi_host/host0/scan

The three values stand for channel, SCSI target ID, and LUN. The dashes act as
wildcards meaning "rescan everything"

===================================================================================
=================
diff between Linux 4,5 and 6

Go through Kernel PDF

===================================================================================
=================
diif between ext2 3 and 4

Go through Kernel PDF.

===================================================================================
=================
HW models in HP:

DL360 G6
DL360 G7
DL360P G8
DL360 Gen9
DL380 G6
DL380 G7
DL380P G8
DL380 Gen9
DL385P G5
DL385 G6
DL385 G7
DL385P G8
DL560 G8
DL560 Gen9
DL580 G7
DL580 G8
DL580 Gen9
DL585 G5
DL585 G6
DL585 G7
DL980 G7
DL 360
DL 560
DL 380

===================================================================================
=================

YUM:

yum is the tool to insatll , upgrade, query, erase the packages.

Yum resolves the dependencies.
yum.conf is the configuration file
Try to understand the configuraion of yum server.
But in our environment, we use redhat customized channels (Satellite channels) as
yum repos.
to see the channels added (configured) to the server command is # yum repo list.
We can add/remove the channels.

Clearing the yum Caches:

Yum stores temporary files in the /var/cache/yum/$basearch/$releasever/ directory,

It is often useful to remove entries accumulated in the /var/cache/yum/ directory.
If you remove a package from the cache, you do not affect the copy of the software
installed on your system. To remove all entries for currently enabled repositories
from the cache, type the following as a root:

yum clean all

===================================================================================
=

fsck:

1). What is fsck?

fsck..it is filesystem check. It will run to fix the inconsistences on a
filesystem.

The fsck can be run in two ways. Automatically and manually. The automatic run is
happening at the time of booting. A system administrator can run the utility
manually. The operations by this command will work on the data structures stored on
the disk directly. This data is internal and specific to the particular file system
in use. There are various fsck. The exact behavior of various implementation can
vary, but there is a common order of internal operations and a command line
interface.

There are both interactive and non-interactive fixing of errors. In interactive

mode, the user can choose how to fix an error, but in non-interactive mode, the
system will make a decision on the operations to do. A system administrator can
also run fsck manually if they believe there is a problem with the file system. The
file system is normally checked while unmounted, mounted read-only, or with the
system in a special maintenance mode. Modern journaling file systems are designed
so that tools such as fsck do not need to be run after an unclean shutdown (i.e.
crash). The UFS2 Filesystem in FreeBSD has a background fsck, so it is usually not
necessary to wait for fsck to finish before accessing the disk.

The ext2, ext3, and ext4 file systems use the e2fsck utility to perform file system
checks and repairs. The file names fsck.ext2, fsck.ext3, and fsck.ext4 are
hardlinks to the e2fsck utility. These binaries are run automatically at boot time
and their behavior differs based on the file system being checked and the state of
the file system.

After running fsck, it will return an exit code. These cods can be seen in fsck�s
manual

Note down the EXIT CODE into the CRQ notes

0 - No errors
1 - File system errors corrected
2 - System should be rebooted
4 - File system errors left uncorrected
8 - Operational error
16 - Usage or syntax error
32 - Fsck canceled by user request
128 - Shared library error

2) How to check the information about a filesystem?

By using tune2fs -l command.

3). What fsck will do?

Ans> It will run to fix the inconsistences on a filesystem.Fsck will run 5

phases.It will fix as shown below
# fsck /dev/sde1
fsck from util-linux-ng 2.17.2
e2fsck 1.41.12 (17-May-2010)
fsck.ext3: Superblock invalid, trying backup blocks...
/dev/sde1 was not cleanly unmounted, check forced.
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Free blocks count wrong for group #0 (7661, counted=7288).
Fix<y>?

4) what is lost+found directory?

last+found...whenever you create a filesystem by default last+found will be

created.
inconsistences(un referenced data) founded with fsck will be stored in that.
It will be used to analize by vendor.

5) You need to run a fack on /data01 filesystem? how you will proceed.

1. first unmount the filesystem (by taking approval, checking fuser and lsof )
2. run fsck
3 mount it back.
6) And how to run fsck on OS related filesystems?

Take the server into single user mode and run fsck.

7) what is the additional advantage with journaling than fsck?

fsck without journaling will check entire file system. SO, it will take huge time.
But the file system having journaling feature will take less time for fsck because
it will check only journal log and updates are copied back from the journal to the
filesystem.

## A thread writes data to the f/s and each transaction is flagged. After a crash,
updates are copied back from the journal to the filesystem and any incomplete
transactions are gone. In case of a failure, a journaled file system will ensure
that all inconsistencies are restored back to its prior state.###

8) How to see if any filesystem in read only mode?

With mount command, cat /proc/mounts , and also by writing something on that file
system , you will get the error.

================================================================================
housekeeping:

>> First identify what kind of filesystem it is ( OS, Customer Or NFS/NAS)

once we find the most consuming folder/file, based the type of the FS, we perform
the housekeeping.

>> If it is NAS Filesystem, we have to find out the files consuming space and let
customer know if any housekeeping required OR to increase the NAS volume from
storage team side.

>> If it is Customer related filesystem and local, find out the files consuming
space and owner of those files and let customer know and suggest how to proceed
further with housekeeping.

>> If it is OS related filesystem, we have to find out the files consuming space,
and to performed housekeeping based on the filesystem type.

A) If filesystem consumes space, then by using du command or find command get

the file which is consuming more space.

B) if it is /boot:
Verify how many old kernels are there.
just keep only one old kernel ( total 2 , 1 is latest and other one is old)
and remove remaining duly taking approval from the customer.

C) if it is /var, check which log is consuming space. take a copy to different

location, nullify the existing log, compress the backup file
and move it to its original location.

D) if it is "/", findout which folder is consuming space, ignore if it is

mount point and check the directories which are consuming space.
E) if it is /tmp, do it in a normal way

- using du command or find command get the file which is consuming more space.
- Check the owner of the file and inform him to perform housekeeping.
- If root is owning, try to understand the file and zip it, if it is not live.
- If it is owned by other users, try to understand the file and zip it, if it is
not live.If it is live file, better not to touch and to notify
to the user.

If inodes are exhausted:

(motto is find out the folder where huge number of smallest files are there. and
check the time stamp of the files)

a) first check the inode utilization by using df -i /filesystem

b) by using find command find out which folder is having huge number of files and
consuming inodes.
# find /var -xdev -printf '%h\n' | sort | uniq -c | sort -k 1 -rn | head
c) Then based on the confirmation from customer dele few old files ..example older
than one month.
# find /path/to/files* -mtime +5 -exec rm {} \;

===================================================================================
==

ping failed:

whenever we get any alert stating that server not reachable/not pinging,

-First make sure from your side to ping the server .

## If server is pinging .

-ssh to the server.

- check the uptime

###### if uptime shows recently rebooted. ########

- Check if it is because of any scheduled activity.

- Check the log files and try to get the cause for reboot.
- If you are unable to see anything in logs, raise a case with Redhat and work
accordingly.

##### if uptime showing it is not rebooted recently #####

-Check whether monitoring agent is running or not if it is not running start it.

OR

-Check the performance of the server, like load and work accordingly.
------

## if server is not pinging, connect to ILO/VC to check the console status.

Connect to ILO if it physical server OR connect to console thorough VC if it is VM.

- Check the Server information from ILO (like server status and HW related issues.
If HW issues, follow the process to replace the failed parts)
- Start the console session and check the status.
a) if server is hung, take the approval and reboot it.
b) if server able to login through console, check the sshd is running or not. if
not running start it.
c) If ssh is already running, check the NIC cards status and whether gateway is
pinging or not, If any issues with NIC cards try to replace with the help of
Vendors. If issue with gateway, contact to network team.

======================
Firmware: (Bios/SPP)

https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c00719376#N10011

Firmware is a software program that is stored in Read-Only Memory (ROM) chip on the
system board or on an add-on controller. Firmware is responsible for the behavior
of the system when it is first switched on and for passing control of the server to
the operating system. (BIOS stage in booting process)

===================================================================================
===========

log rotation:

To Rotate the logs periodically.

We do log rotation to suppress the alerts on filesystem utilization.

a)Create a file under /etc/logrotate.d/

and update entries like below.

full_path_of_the_log file{
compress
copytruncate
daily
dateext
notifempty
missingok
}
EOF

Validation:

# logrotate -df /etc/logrotate.d/inpute-logs <-- test run

# logrotate -vf /etc/logrotate.d/inpute-logs <-- real deal
===================================================================================
================

NFS:

1) What is nfs?

To share the folders through network across the multiple sevevers(clients) at a

time.users on Every client (server) feels it is a local filesystem.

2) what are the rpms requird to configure nfs?

Nfs utils

3) what are the daemons in nfs? and explain thier significance?

Rpc.mountd, rpc.nfsd,,rpc.statd, rpc.quotad and rpc.rquotad

nfs daemons:

rpc.nfsd:

It helps/supports all the requests receive from clients.

rpc.lockd:

it locks all the files using by clients.

rpc.statd:

it informs all the clients if nfs server goes down unexpectedly.

4) what are configuration files in nfs?

/etc/exports in server side.

/etc/fstab in client side.

5) configure a share to access from a client.

Server side:

a. Install rpms on server(nfs server)

b. Update /etc/exports file with folder and client IP details.
c. Run exports -avr command.

Client Side:
a. Verify whether that nfs share is exported to this client by using showmount -
e IP_nfs_server
b. Then update fstab file with nfs share
c. Run mount -a or mount with nfs command with -t option.
d. Verify the mount in df -h command.

6) What are the errors u see in nfs?

Please go through the attachment I shared to understand few errors.

https://www.thegeekdiary.com/troubleshooting-common-nfs-issues-in-linux/
7) What is the difference between nfs and samba

NFS: UNIX to UNIX

Samba : Windows to UNIX (vice versa)

8) what are filesystems types for nfs and samba

nfs: nfs ( netrwork filesystem)

Samba: cifs ( common internet filesystem)

===================================================================================
====

samba:

1. what is samba share?

2. How to mount samba share?

[root@s616038dc3vl8d5 ~]# cat .samba-credentials-cfaweb_ad

username=cfaweb_ad
password=aR+EGn8Bs45GP#3=+,wo
domain=CFA_CORP
[root@s616038dc3vl8d5 ~]#

mount.cifs //test.nas.cfahome.com/extftp_test -o username=cfaweb_ad,domain=CFA_CORP

/apps/extftp_test

===================================================================================
====
SCP & ftp and winscp

Secure Copy Protocol and File Transfer Protocol both offer simple command line
methods for transferring files between computers, but that's pretty much where the
similarities end.
scp is secure & encrypted while ftp is plain text...
SCP is better designed for a one-time transfer between two computers on the same
network, though it can be used remotely over the Internet as well. Conversely, FTP
is used to not only transfer data to a remote server, but also to manage that data.

Its main function is secure file transfer between a local and a remote computer.

=======================================================================

lost+found

Whenever you create filesystem on a disk, lost+found directory will be created by

default.

The fsck command puts files and directories that are allocated but
unreferenced in the lost+found directory located in that file system. The
inode number of each file is assigned as the file name. If the lost+found
directory does not exist, the fsck command creates it. If not enough space
exists in the lost+found directory, the fsck command increases the
directory�s size.
========================================================================
Booting Process:

Go through the youtube link fir understanding booting process.

https://www.youtube.com/watch?v=ZtVpz5VWjAs
=====================================================================

tcpdump:

Tcpdump is a command line utility that allows you to capture and analyze network
traffic going through your system. It is often used to help troubleshoot network
issues, as well as a security tool.
A powerful and versatile tool that includes many options and filters, tcpdump can
be used in a variety of cases. Since it's a command line tool, it is ideal to run
in remote servers or devices for which a GUI is not available, to collect data that
can be analyzed later. It can also be launched in the background or as a scheduled
job using tools like cron.
To get the network packets from a single interface, use

$ tcpdump -i eth0

To write all the captured packets to a file, use the �-w� option,

$ tcpdump -i eth1 -w packets_file

To read an already created, old tcpdump file, use the following command,

$ tcpdump -r packets_file

Capture all packets in any interface by running this command:

$ sudo tcpdump -i any

sudo tcpdump -i any -w webserver.pcap

This command saves the output in a file named webserver.pcap. The .pcap extension
stands for "packet capture" and is the convention for this file format.

Tcpdump creates a file in binary format so you cannot simply open it with a text
editor. To read the contents of the file, execute tcpdump with the -r option:

tcpdump -nn -r webserver.pcap

===================================================================================
===========
traceroute, ping

Traceroute is a command which can show you the path a packet of information takes
from your computer to one you specify(destination). It will list all the routers it
passes through until it reaches its destination, or fails to and is discarded (* *
* ). In addition to this, it will tell you how long each 'hop' from router to
router takes.
It show max 30 routes.It does not mean only 30 routes between source and
destination server.it will show you main routes it will ignore few intermediate
routers.

Tracing route to google.com [216.58.200.142]

over a maximum of 30 hops:

1 1 ms 1 ms 1 ms 192.168.0.1
2 12 ms 8 ms 8 ms 100.92.16.1
3 23 ms 12 ms 11 ms 113.193.5.37
4 * * * Request timed out.
5 10 ms 9 ms 9 ms 113.193.233.173
6 9 ms 9 ms 9 ms 14.141.145.137.static-Bangalore.vsnl.net.in
[14.141.145.137]
7 18 ms 29 ms 24 ms 172.31.167.54
8 29 ms 14 ms 14 ms 14.140.100.6.static-vsnl.net.in [14.140.100.6]
9 15 ms 14 ms 28 ms 115.112.71.65.STDILL-Chennai.vsnl.net.in
[115.112.71.65]
10 21 ms 16 ms 13 ms 121.240.1.50
11 20 ms 18 ms 18 ms 74.125.242.129
12 14 ms 17 ms 14 ms 216.239.54.197
13 15 ms 13 ms 19 ms maa05s10-in-f14.1e100.net [216.58.200.142]

Trace complete.

*** because of either firewall settings not allowed to pass through or route IP
not responded on requested time.

The main difference between Ping and Traceroute is that Ping is a quick and easy
utility to tell if the specified server is reachable and how long will it take to
send and receive data from the server whereas Traceroute finds the exact route
taken to reach the server and time taken by each step (hop).

===================================================================================
==
sysctl command/Kernal parameters in RHEL 4,5,6,7

To see the kernel parameters: sysctl -a

We can change the default kernel parameters by editing /etc/sysyctl.conf file and
by modifieng with sysctl -w command.
After changing paraameters , use sysctl -p command to make persistant after reboot.

tell me few kernel parameters where we changed.

kernel.shmall = 4294967296
kernel.shmmax = 68719476736
kernel.msgmni = 1024
kernel.shmmni = 4096
kernel.sem = 500 256000 250 1024
net.ipv4.tcp_keepalive_time = 300
vm.swappiness = 0
vm.nr_hugepages = 8500
===================================================================================
=
ulimit value:
1. User is not able to execute any commands.
2. How to change the ulimit values.
3. Tell me few ulimit values you know.

wms2admn soft fsize unlimited

wms2admn hard fsize unlimited
wms2admn soft core unlimited
wms2admn hard core unlimited
wms2admn soft cpu unlimited
wms2admn hard cpu unlimited
wms2admn soft data unlimited
wms2admn hard data unlimited
wms2admn soft stack unlimited
wms2admn hard stack unlimited
wms2admn soft rss 2097151
wms2admn hard rss 2097151
wms2admn soft nofile 2000
wms2admn hard nofile 2000
wms2admn soft memlock 17408000
wms2admn hard memlock 17408000
===================================================================================
1. what is jobs command?
this command is to see the jobs running back end.

To display the status of jobs in the current shell, enter:

$ jobs

Sample outputs:

[1] 7895 Running gpass &

[2] 7906 Running gnome-calculator &
[3]- 7910 Running gedit fetch-stock-prices.py &
[4]+ 7946 Stopped ping cyberciti.biz

2. how to run a job back end?

By putting & symble after the command.

===================================================================================
===
df -h is hanging,

If df -h is hanging means, it might be because of nfs/NAS mount issue.

First check where (at which mount point) df -h is hanging.
check in fstab file, and see what is the next mount where df -h is hanged.
and troubleshoot on that.If it nas/nfs, try to unmount and mount it.
If still issue persists, check with storage team(for nas mount) or check on nfs
server side for nfs share.

===================================================================================
==============
performance tuning:

When we see any issue in server performance (Application team facing any issue)

Server performance will be checked in many ways:

1) Check the CPU and Memory utilization & action on that particular process.
2) Check the FSs utilization.
3) Check if any HW issues are there.
4) Check the NIC for any issues / packet loss.
5) Check the IOs on Disks.
6) Check the multipath & HBA status. If multipath is not configured, check with
the storage team if there is any issue
from storage end.
7) know if anything has been updated recently on the server.If yes,rollback it.
8) Roleback if any changes done recently.
9) check kernel relese and update it if it is too old one
10) ask to reboot the server if it is up and runnig from very long time.

===================================================================================
==============
HW issues:

Coordinating with Vendor for HW related issues.

When we see any HW issues like, Battery , MB failure, PSU issues,HBA issues & NIC
issues etc.,

>> Validate from your side using hpasmcli // systool // dmidecode commands.

>> Also check from ILO about system information and make sure tere was a HW issue.

>> Then raise case with Vendor and upload the AHS logs report.

Once HP confirms to replace the part�.

1) After ordering part from HP, For hot pluggable (Online) activities, we will
reach out to DC
(if it is CRU) to replace the part by raising the Change request.
2) Incase , if HP support requires,We will schedule the activity and provide
access to HP
engineer in DC at that time.
3) In case any down time required, first take the customer approval then plan
for the
replacement schedule.
4) For Vendor activities (HP & DELL ) , we need to send the Vendor Engg details
to DC to
get the Visitor pass to enter into DC.

===================================================================================
==============

Scheduled Reboot:

In our environment, we do weekly/monthly scheduled reboots as per customer

requirement.
While doing reboots first you should confirm the console access & root passwords.
Inform monitoring team about these reboots to suppress the alerts.
Take the pre checks ( It is output of some important commands.For this we have
script.
No need to notify the customer as it is scheduled reboot by customer.So they will
take care of stopping Apps/DBs before prior to the activity.
Once reboot is done, need to perform post checks and there should be no difference
between Pre & Post checks.
Then drop an email to customer to start the DB/Apps.
Finally inform to monitoring team to start monitoring the server.

What will be the use of reboot:

1. It will check whether server is coming back to online without any issues (HW)
2. clears the cache and buffers.
3. clears the /tmp

4.The reboot is needed so that the changes that the user have done can be affected
on the server. For example, if the user is re-compiling the server�s kernel that is
going through some more advanced server administration, then he needs to restart
the machine in order to complete the compilation and to have a new updated kernel
version on the server.

--------
Reboot your system after 02:00 A.M :

$sudo shutdown �r 21:00

If you want your system to discard the previously scheduled restart or shutdown you
can simply call another shutdown command with the �c option and broadcast with it a
message for the users about the cancellation of the restart.

Cancel your scheduled Reboot: The previously scheduled reboot can be canceled by
the system administrator by simply issuing another shutdown command with the �c
option and an optional message argument.

$sudo shutdown -c "our custom example of canceling a scheduled shutdown

===================================================================================
==================

rsync (page174):

First time when you use rsync, it will copy all the files to destination.

And next time if run again,

Files that do not exist on the remote-host are copied.

Files that have been updated will be synced, rsync will copy only the changed parts
of files to the remote host.
File that is exactly the same are not copied to the remote host at all.

===================================================================================
=================
Deletion of mount point & reclaim the storage:

For Physical server:

1. unmount the lv
2. remove or commnet out entry in fstab file
3. Deactivite LV (vgchange -an vg_data02) (to activate vgchange -ay vg_data02 )
4. remove lv,vg,pv
5. If the disk is under multipath , flush the device and delete the paths.
5. ask storage team to reclaim the LUN.
For VMs,

1. Unmount the lv
2. remove or commnet out entry in fstab file
3. Deactivite LV (vgchange -an vg_data02) (to activate vgchange -ay vg_data02 )
4. remove lv,vg,pv
5. From VC level , on VM , right click and go to settings, and remove the mentioned
disk.
6. Finally recan the hbas

===================================================================================
===================
difference between in reboot commands:

We can reboot servers in multiple ways. Example by init 6 , shutdown -r and reboot.
init 6 , shutdown -r are graceful shutdown and boot.
reboot is for forceful shutdown and boot.

===================================================================================
===================

Soft decommission of servers:

Some times customer will ask to just shutdown the servers(soft decommissions)

1. Stop the monitoring agent in server. even at boot level.

2. Request Backup team to remove this servers from backup if backup is running.
3. Reclaim the FSs using LUNs ( based on customer request)
4. And shutdown the server and change the server status in tool as "soft
decommissioned"

===================================================================================
=====================
inittab file fields:

The /etc/inittab file is the configuration file used by the System V (SysV)
initialization system in Linux. This file defines three items for the init process:

the default runlevel

what processes to start, monitor, and restart if they terminate
what actions to take when the system enters a new runlevel

Since this "initdefault" line contains "3" as the second field, run state 3 is the
default.

Another important line on Linux systems is the sysinit line shown below. This tells
the system to run the /etc/rc.d/rc.sysinit script when the system is booted.

===================================================================================
=========================
lsblk command:

The�lsblk Linux command�is a useful�command�which lists information about all or

the
specified block devices. It queries the /sys virtual file system to obtain the
information that it
displays. The�command�displays details about all block devices excluding except RAM
disks in
a tree-like format by default.

[s.bandaru@dc2jump2 ~]$ lsblk

NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 279.4G 0 disk
+-sda1 8:1 0 512M 0 part /boot
+-sda2 8:2 0 278.9G 0 part
+-vg_root-lv_usr 253:0 0 6G 0 lvm /usr
+-vg_root-lv_swap 253:1 0 4G 0 lvm [SWAP]
+-vg_root-lv_root 253:2 0 2G 0 lvm /
+-vg_root-lv_data01 253:3 0 256.8G 0 lvm /data01
+-vg_root-lv_tmp 253:4 0 4G 0 lvm /tmp
+-vg_root-lv_var 253:5 0 6G 0 lvm /var
sdb 8:16 0 838.1G 0 disk
+-sdb1 8:17 0 838.1G 0 part
+-vg_data02-lv_data02 253:6 0 838.1G 0 lvm /data02
[s.bandaru@dc2jump2 ~]$

===================================================================================
=========================
kdump:

Kdump is an utility used to capture the system core dump in the event of system
crashes.

These captured core dumps can be used later to analyze the exact cause of the
system failure and implement the necessary fix to prevent the crashes in future.

Kdump reserves a small portion of the memory called crashkernel.

This crash kernel is used the capture the core dump image whenever the system
crashes.

Memory reserved for the kdump kernel is always reserved during system boot, which
means that the amount of memory is specified in the system's boot loader
configuration. This section will explain how to change the amount of reserved
memory on AMD64 and Intel 64 systems and IBM Power Systems servers using the GRUB
boot loader, and on IBM System z using zipl. To configure the amount of memory to
be reserved for the kdump kernel, edit the /boot/grub/grub.conf file and add
crashkernel=<size>M or crashkernel=auto to the list of kernel options as shown in
Example 32.1, �A sample /boot/grub/grub.conf file�. Note that the crashkernel=auto
option only reserves the memory if the physical memory of the system is equal to or
greater than:

Manually Trigger the Core Dump

You can manually trigger the core dump using the following commands:

echo 1 > /proc/sys/kernel/sysrq

echo c > /proc/sysrq-trigger

The server will reboot itself and the crash dump will be generated.

===================================================================================
========================
initrd image:

The initial RAM disk (initrd) is an initial root file system that is mounted prior
to when the real root file system is available. The initrd is bound to the kernel
and loaded as part of the kernel boot procedure. The kernel then mounts this initrd
as part of the two-stage boot process to load the modules to make the real file
systems available and get at the real root file system.

===================================================================================
==========================
ports:

remeber few port numbers:

ssh
telnet
dns
ftp
nfs
samba

===================================================================================
==========================
rpc: Remote proceedural call. ( the calls sending from clients to servers)

rpcbind: (or portmap)

rpcbind service replaces portmap, which was used in previous versions of Red Hat
Enterprise Linux to map RPC program numbers to IP address port number combinations.

When a client wishes to make an RPC call to a given program number, it first
contacts rpcbind on the server machine to determine the address where RPC requests
should be sent.

===================================================================================
=================================
chattr command:

chattr (Change Attribute) is a command line Linux utility that is used to set/unset
certain attributes to a file in Linux system to secure accidental deletion or
modification of important files and folders, even though you are logged in as a
root user.

In Linux native filesystems i.e. ext2, ext3, ext4, btrfs, etc. supports all the
flags, though all the flags won�t support to all non-native FS. One cannot delete
or modify file/folder once attributes are sets with chattr command, even though one
have full permissions on it.

If a file is accessed with �A� attribute set, its atime record is not updated.
If a file is modified with �S� attribute set, the changes are updates synchronously
on the disk.
A file is set with �a� attribute, can only be open in append mode for writing.
A file is set with �i� attribute, cannot be modified (immutable). Means no
renaming, no symbolic link creation, no execution, no writable, only superuser can
unset the attribute.
A file with the �j� attribute is set, all of its information updated to the ext3
journal before being updated to the file itself.
A file is set with �t� attribute, no tail-merging.
A file with the attribute �d�, will no more candidate for backup when the dump
process is run.
When a file has �u� attribute is deleted, its data are saved. This enables the user
to ask for its undeletion.
Operator
+ : Adds the attribute to the existing attribute of the files.
� : Removes the attribute to the existing attribute of the files.
= : Keep the existing attributes that the files have.

===================================================================================
=============================
RHN channel subscription from channel

rhn-channel -a -c rhel-x86_64-server-extras-7
rhn-channel -r -c rhel-x86_64-server-extras-7

2. Change the redhat channel subscription

i. Login to the redhat satellite webUI

https://dc2rhn1.mgmt.savvis.net/rhn/Login.do

ii. Locate the server

from the top right search box
select 'Systems'
enter the server name
press 'Search'

iii. Change the base channel

under 'Subscribed Channels' select the '(Alter Channel Subscriptions)' link
under 'Base Software Channel'
select 'RHEL EUS Server (v. 7.6 for 64-bit x86_64)'
press 'Confirm'
press 'Modify my base channel software'

Make selection to below Subscriptions and click on "change Subscription"

"RHEL EUS Server High Availability (v. 7.6 for 64-bit x86_64) *"
" RHEL EUS Server SAP (v. 7.6 for 64-bit x86_64) via REPOSYNC *"
" RHEL EUS Server SAP HANA (v. 7.6 for 64-bit x86_64) via REPOSYNC *"

Press "Confirm" > OK

On the linux server confirm the new channel is staged.

# rhn-channel -l (Output should be like below)

rhel-x86_64-server-7.6.eus
rhel-x86_64-server-ha-7.6.eus
rhel-x86_64-server-sap-7.4.eus-reposync
rhel-x86_64-server-sap-hana-7.6.eus-reposync
===================================================================================
================================

Hard and soft mounts:

NFS mount can be done in either as a �soft mount� or as a �hard mount�. These mount
options define how the NFS client should handle NFS server crash/failure. In this
article, we will see the difference between soft and hard mounts.
1) Soft Mount
Suppose you have mounted a NFS filesystem using �soft mount�. When a program or
application requests a file from the NFS filesystem, NFS client daemons will try to
retrieve the data from the NFS server. But, if it doesn�t get any response from the
NFS server (due to any crash or failure of NFS server), the NFS client will report
an error to the process on the client machine requesting the file access. The
advantage of this mechanism is �fast responsiveness� as it doesn�t wait for the NFS
server to respond. But the main disadvantage of this method is data corruption or
loss of data. So this is not a recommended option to use.

# mount -o rw,soft host.nf_server.com/home /techhome

2) Hard Mount
If you have mounted the NFS filesystem using hard mount, it will repeatedly retry
to contact the server. Once the server is back online, the program will continue to
execute undisturbed from the state where it was during server crash. We can use the
mount option �intr� which allows NFS requests to be interrupted if the server goes
down or cannot be reached. Hence the recommended settings are hard and intr
options.

# mount -o rw,hard,intr host.nf_server.com/home /techhome

===================================================================================
=============================
/proc fs

it is a vartual filesystem.Whenever server boots it will be created and once server

shutdown, it will be removed.
/proc maintains a directory for each process running on the server.
It also contains files for kernel parameters and all files are live files.
If you want to change any kernel parameters temporarlily change these files with
echo command.
for permanant change , modify in sysctl.conf

===================================================================================
================================

What is storage multiplathing?

- Providing access to LUNs from multiple paths.

- to provide redundency and share the load between the paths.

# multipath <- "without parameter" will reload the changes

# multipath -ll

===================================================================================
===============================
fastboot

touch /fastboot will skill the fsck while booting.

===================================================================================
====

su - & su

What is different between , su username and su - username

>> su is to switch user

>> su - username >> user sits into his home directory.

>> su username >> user sits into previous user home directory.

>> su - >> means switching as root user.

>> If normal user switches to other user, he has to give his passoword.

>> Root user can switch to other without providing any password.

===================================================================================
=============
server naming:

We can understand whether server is physical or virual by its name , or from tool,
or from dmidecode command.

===================================================================================
===========

Booting isssues:

https://www.youtube.com/watch?v=AI58iBCd6C8&t=324s

MBR corrupted
Grub.conf file corrupted
/etc/inittab file issue.
NFS mount issues
FSCK issues.

===================================
Network protocals:

Common Network Protocols and Their Ports:

There are many protocols while establishing a connection in the internet. According
to the type of connection need to be established, the protocols used varies. The
protocols define the characteristics of the connection.

https://www.interserver.net/tips/kb/common-network-protocols-ports/

==================================

=================
3) suppose inittab got corrupted.

If server is not booting due to inittab file missing,server will not know to which
runlevel it should go.

it will show clearly that inittab file is missing and it will ask runlevel to boot.

So, we need to boot the server into rescue mode and try to install the inittab rpm
by mounting the CD on /mnt.

=========================================================
LDAP command to check user is existing.

If user is remote user(LDAP)

we can check user existing or not by using getent comamnd

getent passwd username

===================================================================================

Kernal patching:

1. Why we do kernel patching.

2. How do you do kernel patching.
3. Explain the kernel patch upgradation.
4. AFter kernel patch upgradation, server not booting up.How do you troubleshoot?
5. After yum update kernel is not updated even updates are available. What could be
the reason?
6. How to tole back the kernel update?
7. tell me the latest kernels in RHEL6 and 7.

8. How to roleback tthe kernel updates.

a) Rollback steps for RHEL 5.11 servers

# rpm -Uhv --rollback '8 hours ago'

# shutdown -r now "CRQ000000215186 Rollback"

b) Rollback steps RHEL 6.10 servers

# yum --disableexcludes=all rollback last

# shutdown -r now "CRQ000000215186 Rollback"

9) how to understand uname -r command?

Example:
# Kernel version - 2.6.18...
a. 2.6 = major version
b. .18 = minor version
c. anything else after the minor version indicates that the kernel was patched by
the distributor

===================================================================================
Filesystem cleaning /lsof

Senarios:

1. File system is consuming space but du -sh command is not reflecting the
consumption . why?

2. I have deleted a file of 5GB size.But space not released after deletion. What
could be the reason?

Ans:
1. varify with lsof for any deleted files. Kill that PID.
2. Still issue persists : unmount and mount it
3. Still issue persists : reboot the server with approval.
===================================================================================
=

init and reboot commands:

In Linux, the init 6 and shutdowns are command gracefully reboots the system
running all the K* shutdown scripts first, before rebooting. The reboot command
does a very quick reboot. It doesn�t execute any kill scripts, but just unmounts
filesystems and restarts the system. The reboot command is more forceful.
===================================================================================
journaling:

A journaled file system is much easier to recover then a standard one, because you
do not need to use fsck anymore for recovery. Data integrity occurs because updates
to files are written to logs before the actual data blocks are updated. A thread
writes data to the f/s and each transaction is flagged. After a crash, updates are
copied back from the journal to the filesystem and any incomplete transactions are
gone. In case of a failure, a journaled file system will ensure that all
inconsistencies are restored back to its prior state.

=============================================================================

Resetting root password which was not working.

1. How to Reset the root password via grub.

FOR RHEL6:
Via console select the grub and edit grub's boot option. Press "e" to edit the
first grub menu option and navigate to kernel line.
Press "e" key again to edit and remove:
quiet splash
ADD:
init=/bin/bash (init=/bin/bash to the kernel parameters when we want it to boot to
a root shell instead of a normal boot to init level 3 or 4.)
Press "Enter"
Note: You may have some different boot options but the main part you need to
change/add is init=/bin/bash.

we have edited grub boot menu, and we are ready to boot. Press "b" key to boot.
Remount the / FS.
# mount -o remount,rw /
# passwd (Enter the password same as on password.savvis.net)

FOR RHEL 7:

1) Boot your system and wait until the GRUB2 menu appears.
2) In the boot loader menu, highlight any entry and press e.
3) Find the line beginning with linux. At the end of this line, append the
following:
add rd.break
4) Press F10 or Ctrl+X to boot the system using the options you just edited.
when the system boots, run the following command to remount the root filesystem in
read-write mode:
# mount -o remount,rw /sysroot
# chroot /sysroot
# passwd (Enter the password same as on password.savvis.net)
# touch /.autorelabel
In RHEL, after we
do an rd.break, and all the procedure, and
do a touch /.autorelabel,
what does the /.autorelabel do?

The rd.break parameter interrupts the boot process before the control is passed
over to the kernel. At this point, when you run the passwd command to do the
password reset, the associated shadow file (/etc/shadow) is modified with an
incorrect SELinux context. The touch /.autorelabel command creates a hidden file
named .autorelabel under the root directory. On the next boot, the SELinux
subsystem will detect this file, and then relabel all of the files on that system
with the correct SELinux contexts. On large disks, this process can take a good
amount of time.
5) type exit to leave the chroot environment.
6) type exit to log out, note this will also reboot the system.

===================================================================================
======
shell:

What is shell:

Shell is an environment in which we can run our commands, programs, and shell
scripts. There are different flavors of a shell, just as there are different
flavors of operating systems. Each flavor of shell has its own set of recognized
commands and functions.

Shell Prompt
The prompt, $, which is called the command prompt, is issued by the shell. While
the prompt is displayed, you can type a command.

Shell reads your input after you press Enter. It determines the command you want
executed by looking at the first word of your input. A word is an unbroken set of
characters. Spaces and tabs separate words.
===================================================================================
=======

sosreport:

https://access.redhat.com/solutions/3592

sosreport ...This command will collect diagnostic and configuration information

from
this Red Hat Enterprise Linux system and installed applications.

An archive containing the collected information will be generated in

/var/tmp and may be provided to a Red Hat support representative.

Vendor(Redhat) will analyze this report and find the root cause of this OS related
issues.

===================================================================================
=======
System call:

In computing, a system call is the programmatic way in which a computer program

requests a service from the kernel of the operating system it is executed on. A
system call is a way for programs to interact with the operating system. A computer
program makes a system call when it makes a request to the operating system�s
kernel. System call provides the services of the operating system to the user
programs via Application Program Interface(API). It provides an interface between a
process and operating system to allow user-level processes to request services of
the operating system. System calls are the only entry points into the kernel
system. All programs needing resources must use system calls.

===================================================================================
====
To clear the cache:

if any process is eating away your memory and you want to clear it, Linux provides
a way to flush or clear ram cache.

Every Linux System has three options to clear cache without interrupting any
processes or services.

1. Clear PageCache only.

# sync; echo 1 > /proc/sys/vm/drop_caches
2.Clear dentries and inodes.
# sync; echo 2 > /proc/sys/vm/drop_caches
Clear PageCache, dentries and inodes.
# sync; echo 3 > /proc/sys/vm/drop_caches

Explanation of above command.

sync will flush the file system buffer. Command Separated by �;� run sequentially.
The shell wait for each command to terminate before executing the next command in
the sequence. As mentioned in kernel documentation, writing to drop_cache will
clean cache without killing any application/service, command echo is doing the job
of writing to file.

If you have to clear the disk cache, the first command is safest in enterprise and
production as �...echo 1 > �.� will clear the PageCache only. It is not recommended
to use third option above �...echo 3 >� in production until you know what you are
doing, as it will clear PageCache, dentries and inodes.

Is it a good idea to free Buffer and Cache in Linux that might be used by Linux
Kernel?

When you are applying various settings and want to check, if it is actually
implemented specially on I/O-extensive benchmark, then you may need to clear buffer
cache. You can drop cache as explained above without rebooting the System i.e., no
downtime required.

Linux is designed in such a way that it looks into disk cache before looking onto
the disk. If it finds the resource in the cache, then the request doesn�t reach the
disk. If we clean the cache, the disk cache will be less useful as the OS will look
for the resource on the disk.

Moreover it will also slow the system for a few seconds while the cache is cleaned
and every resource required by OS is loaded again in the disk-cache.
Now we will be creating a shell script to auto clear RAM cache daily at 2am via a
cron scheduler task. Create a shell script clearcache.sh and add the following
lines.

==========================

=============================
lsof

To check which port is used by which process.

[root@s616038dc3vl867 ~]# lsof -i:25111 |tail

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 18789 cfaweb 1304u IPv4 95980711 0t0 TCP s616038dc3vl867.chick-fil-
a.com:25111 (LISTEN)
[root@s616038dc3vl867 ~]# lsof -p 18789 |tail

=================================

https://access.redhat.com/articles/2130961#:~:text=Red%20Hat%20Errata%20help
%20users,analysis%20by%20Red%20Hat%20engineering.&text=Errata%20are%20published
%20for%20low,which%20are%20delivered%20as%20packages.

Explaining Red Hat Errata (RHSA, RHBA, and RHEA)

Updated May 26 2020 at 7:43 AM - English
Red Hat Errata help users determine what updates are available and how important
they are based on analysis by Red Hat engineering. These updates can address
security issues, fix bugs, or provide new features for individual packages and
entire container images. Errata are published for low level, operating system
packages like the kernel and glibc, as well as layered products which are delivered
as packages.

This article explains what Red Hat Errata are, why Red Hat produces them, how users
can consume them, the difference between major types (RHSA, RHBA, and RHEA), and
the numbering and naming of advisories.

Red Hat Security Advisory (RHSA) : RHSAs contain one or more security fixes and
might also contain bug or enhancements fixes. RHSAs are generally considered the
most important type of errata for many organizations. RHSAs are ranked using a
severity rating of Low, Moderate, Important, or Critical based on the severity of
the vulnerability.

Red Hat Bug Advisory (RHBA): RHBAs always contain one or more bug fixes and might
contain enhancements, but do not contain security fixes. Because RHBAs are released
for bug fixes, they are often considered more important than an RHEA in priority.

Red Hat Enhancement Advisory (RHEA): RHEAs contain one or more enhancements or new
features and do not contain bug fixes or security fixes. Essentially, a RHEA is
released when new features are added and an updated package is shipped.

========================================================== VMWare ================

vSphere Client and Web Client: a user interface.

vSphere is a product suite, ESXi is a hypervisor installed on a physical machine.

vSphere Client HTML5 is used to access vCenter server to manages ESXi server.

VMware Inc. is a software company that develops many suites of software products
specially for providing various virtualization solutions. There are many cloud
products, datacenter products, desktop products and so on.
What is datastore?
Datastore is a storage location where virtual machine files are stored and
accessed. Datastore is based on a file system which is called VMFS, NFS.

What is Storage vMotion?

It is similar to traditional vMotion, in Storage vMotion, virtual disk of a VM is
moved from datastore to another. During Storage vMotion, virtual disk types think
provisioning disk can be transformed to thin provisioned disk.

What is cold migration?

To move a powered-off VM from one host to another is called cold migration.

What is hypervisor and its types?

Hypervisor is a virtualization layer that enables multiple operating systems to
share a single hardware host. Each operating system or VM is allocated physical
resources such as memory, CPU, storage etc by the host. There are two types of
hypervisors

Hosted hypervisor (works as application i-e VMware Workstation)

Bare-metal (is virtualization software i-e VMvisor, hyper-V which is installed
directly onto the hardware and controls all physical resources).

What is a Template?
Whan a VM is converted into a format which can be used to create a VM with pre-
defined settings is called a template. An installed VM can be converted into a
template but it cannot be powered-on.

What is Snapshot?
To create a copy of a VM with the time stamp as a restore point is called a
snapshot. Snapshots are taken when an upgrade or software installation is required.
For better performance, a snapshot should be removed after particular task is
performed.

What is the purpose of VMware Tools?

It is a suite of utilities which are used to enhance performance of a VM in the
form of graphics, mouse/keyboard movement, network card and other peripheral
devices.

What is difference between clone and template?

A clone is a copy of a virtual machine. By cloning a VM, it will save time if
multiple VMs with same configurations are required to configure. While a template
is a master copy of an image created from a VM which can be later used to create
many clones. After converting a VM to a template, it can�t be powered-on or edited.

1. Add new LUN.

Right click on VM s61dc4vl233 and select

Edit Settings--> Add-> select hard disk -> Next -> create a new virtual disk ->
Set disk size 1600 GB -> Select datastore S610497DC4CL03_S610497-
002.NTAP_VALUE_146 > Next/Finish
2.Increase CPU

a. If the VM is not already shut down, go to the Summary tab of the VM and click
"Shut Down Guest".
b. Go to the Summary tab of the VM and click "Edit Settings".
c. Go to the Hardware tab and select "CPUs".
d. Adjust the number of virtual processors from 8 to 14
e. Click OK.
f. Verify the new vCPU's if displaying in vSphere.

7. Increase Memory.
a. If the VM does NOT have hot-add RAM enabled, click "Shut Down Guest". (If the VM
does have hot-add RAM enabled, you do not need to shut down the guest.)
b. Go to the Summary tab of the VM and click "Edit Settings".
c. Go to the Hardware tab and select "Memory".
d. Adjust the memory size from 48GB to 95GB. (Currently S610497DC4CL03_S610497-
002.NTAP_VALUE_170 has 1.28TB GB free space. Before increment re-verify the status)
e. Go to the Resources tab and select Memory
f. Verify the "Unlimited" checkbox is checked
g. Click OK.
h. Verify the new RAM is now displaying in vSphere.

3.VMware tools upgrade.

Login to VC S216930RGVC03 and find the VM (servername), right click on Server in VC

go to Guest > click "Install / Upgrade VMware tools" and follow the recent task
progress bar. This may reboot the server.

a.) Select each host from the server list and rescan all for storage.
select the host --> click configuration --> storage --> select
s616038at1cl08_s616038-001.3par_qos0_35 and click on rescan all.

4.-----------Take snapshot of s214610rgvl030--------------

The snapshot feature is most useful when you want to preserve the state of the
virtual machine so you can return to the same state repeatedly.

https://www.vmware.com/support/ws4/doc/preserve_snapshot_ws.html#:~:text=You%20can
%20take%20a%20snapshot,on%2C%20powered%20off%20or%20suspended.

Remove the snapshot - When you remove the snapshot, the changes accumulated in the
redo-log files are written permanently to the base disks., either the virtual disk
files or the physical disks, depending on your virtual machine's hard disk
configuration. This is similar to committing changes to a disk in VMware
Workstation 3.
Revert to the snapshot - When you revert to the snapshot, the contents of the redo-
log files are discarded. Any additional changes are, once again, accumulated in the
redo-log files. This is similar to discarding changes to a disk in VMware
Workstation 3.
Take a snapshot - If you take a snapshot when the virtual machine already has a
snapshot, changes stored in the redo-log files are written permanently to the base
disk. Then any subsequent changes are, once again, accumulated in the redo-log
files.

Use this general formula to calculate the disk space required:

(Size of virtual machine's hard disk(s)) + (size of RAM for virtual machine) +
( 100 MB for log files per virtual machine) is the minimum space needed for each
virtual machine.

Right click on s214610rgvl030 --> Snapshot --> Take snapshot --> Enter name and
details as "CRQ000000090988-15-Feb-2018" and untick all square boxes --> ok

5. VM Migration:

[2a] Select the VM you are going to move in vCenter.

[2b] Right click on the VM and select "Migrate..."
[2c] Select "Change host" and click next.
[2d] Click the advanced button.
[2e] Select the datastore (refer to the list above) and click next.
[2f] Review and click finish

--------------

==========================