Explore topic-wise InterviewSolutions in .

Command Line Interface is also known as CLI. This is an interface for users to interact and INSTRUCT system in command line fashion. CLI is the basis on text-based interact to ACCEPT user request and response. While comparing with GUI, CLI is lightweight and consume less CPU & Memory resources.

considering the GUI of different versions and flavour, User needs to change there way of working and need additional learning. Whereas CLI is independent of this and allows the user to use any Linux system in the same MANNER. CLI also comes up with help option so that users need not remember all commands and option and they can refer help or man PAGE for details options and definitions.

Advantages

• Easy, Fast & Flexible
• Very less load on CPU or Memory

Disadvantages

• Commands syntax is a bit tricky and tough to learn
• Long Text inputs can be problematic
• In Compare of GUI, bit tuff to use

Boot Loader is a package that loads operating system to memory during boot. Windows comes up with its own boot loader whereas Linux gives you to select boot loader as PER your environment and requirement.

GNU GRUB or GRUB (GRAND UNIFIED Bootloader) is a type of boot loader package that SUPPORTS multiple operating systems. It allows feasibility of selecting the required OS during boot. GNU GRUB gives the option to select the operating system to load during boot. GNU GRUB is an advanced level of legacy GRUB.

• Unlimited number of boot entries supported
• Dynamically configurable, run-time changes can be made during boot
• Easy to install or execute from any device
• It can be helpful in loading the operating system from the network or decompressing during boot
• It also supports Windows and DOS
• Only CLI (Command Line Interface) is available
• Installation and configuration steps have a slight difference on the basis of OS distribution used

/proc is a virtual file system that provides detailed information about the Linux kernel, hardware, and running processes. /prod is a generic file available in all flavours of Linux. Files under /proc directory named as Virtual files. These files are CREATED when the system boots up and dissolve on shutdown. It contains information about running processes and works as an information zone for the kernel.

/proc is also a hidden tool for a system ADMINISTRATOR for analyzed and TROUBLESHOOTING performance and system bottleneck related ISSUES.

These virtual files have unique QUALITIES. Most of them are listed as zero bytes in size as they reside in memory, not on disk. Virtual files such as the /proc/interrupts, /proc/meminfo, /proc/mounts, and the /proc/partitions provide an up-to-the-moment glimpse of system’s hardware. Others: /proc/filesystems file and /proc/sys/ directories provide system configuration information and interfaces. These are tools for a system administrator to troubleshoot and analyze the issues.

Systemd is the first process of the LINUX system and very well designed process in compare with init.

Systemd is multithreaded and faster than init. Systemd is standard processes to CONTROL programs need to be run during Linux boot. It was conceived from the top, not just to fix the bugs, but to be a correct implementation of all the base system services. A systemd, may refer to all PACKAGES, utilities and the

libraries around the daemon. It was designed to overcome all the shortcomings of init. It is itself a background process which is designed to start the processes in PARALLEL, and thus reducing the boot time and computational overheading. It has a lot of other features as compared to init.

• Systemd support multiple useful commands with UNIFIED command-line interfaces
• Systemd makes the boot process much simpler
• Systemd support backward compatibility
• Systemd supports SELinux integration
• Systemd is an incredibly fast service

Full form of NFS is Network File SYSTEM. NFS is used for sharing of the files and folders between Linux/Unix systems by SUN Microsystems in late 1980. NFS helps you in mounting your local file systems or drive over a network and remote \ client hosts can use it as it MOUNTED locally on their system. With the help of the NFS, we can set up file sharing between the cross-operating system, Unix to Linux system and vice versa. If you want to use Linux system mount on windows, you need to use SAMBA\CIFS in place of NFS.

Benefits of NFS:-

• You can ACCESS remote files as local
• NFS USES client/server architecture for file sharing
• NFS support file sharing cross-operating systems
• NFS helps in building centralized storage solutions
• Users can access their data irrespective of physical location
• No manual refresh needed for new files
• NFS can be secured with Firewalls and Kerberos

Memory MONITORING and usage MANAGEMENT are one of the critical system administrator requirement. It’s always required to keep the system under monitoring to check if memory is low or any user or process is over-consuming it. Linux comes up with multiple commands that you can use to monitor and manage the usage. Different ways to check memory usage:-

• Free: Free command gives details of memory used, free, cache and total. By default values are in KB but you can pass -m to have values in MB.
• /proc/meminfo: This is a system file to monitor memory. It will give you 6 ENTRIES Total Active RAM, Total INACTIVE RAM, User Active RAM, User Inactive RAM, File Active RAM & File Inactive RAM.
• Vmstat: VMSTATS give you memory statistics.
• Top: Top command gives you memory usage and total RAM. This command also used for monitoring.

syslogd daemon process facilitates the event tracking in a Linux system and logs useful information or future analysis. syslogd provides two system UTILITIES, one for logging and other for the kernel messages. syslogd mainly reacts to the set of signals given by users.

Some of the signals given to syslogd:

• SIGHUP: This signal instructs syslogd to perform a re-initialization step. All OPEN files are then closed, the configuration file (default is /etc/syslog.conf) will be reread and the syslog facility will be started again.
• SIGTERM: syslogd will die.
• SIGINT, SIGQUIT: If debugging is enabled these are then IGNORED, OTHERWISE syslogd will die.
• SIGUSR1: Switch the debugging on/off. This option can only be used if the syslogd is started with the - d debug option.
• SIGCHLD: Wait for CHILDS if some were born, because of the waiting messages.

POP3 mail is the only account that is assigned to the /bin/FALSE shell. However, ASSIGNING bash shell to the POP3 mail only gives user login access, which is always avoided. /bin/nologin can ALSO be used for the same. This shell access is provided to the user when we don’t want to give shell access to the user. The user cannot access the shell service and it rejects shell login on the server as in Telnet. It is mainly for the security of all shells.

POP3 is basically used for downloading the mail to the mail program. So for illegal downloading of all emails on the shell, this account is assigned to the /bin/false shell or the /bin/nologin. These both shells are the same as they both do the same work of rejecting the user login to the shell.

The main difference between these two shells is that the false shell shows the incorrect code and any unusual coding when a user login to the shell. But the nologin shell SIMPLY tells that no account is available. So nologin shell is used OFTEN in the Linux.

This is very much possible that we have free storage space but still we cannot add any NEW data in the file system because all the Inodes are consumed as the df -I command will SHOW that. This may happen in a case where the file system contains a very large number of very SMALL-sized files. This will consume all the Inodes and though there would be free space from a Hard-disk-drive POINT of view but from a file system point of view no Inode available to store any new file.

A storage UNIT can contain numerous small files. The inode structure fills up before the data storage of disk, no more files can be copied to the disk. Once inode storage is freed up in the structure, new files can be written to storage.

LVM is a short form of logical volume manager requires to resize filesystem size. This size of LVM can be extended and reduced using lvextend and lvreduce command respectively.  We can think of LVM as dynamic partitions, meaning that we can create/resize/delete LVM partitions from the command line while our Linux system is running: here is no need to reboot the systems to MAKE kernel aware of the newly-created or resized partitions.

LVM provided functions:

• A logical drive can EXTEND over more than one hard-disk. They are not limited by the size of one single disk, rather by the total aggregate in size.
• LVM can be used to create a (read-only) snapshot of any LV (Logical Volume). You can revert the original LV to the snapshot at a later time, or delete the snapshot if you no longer need it.
• LVM also supports writeable snapshots. LVM allows FREEZING an EXISTING Logical Volume in time, at any moment, even while the system is running.

The Random Number Generator gathers noise of environment from the device drivers and other sources into the entropy pool. It also keeps an estimate of the number of BITS of the noise in an entropy pool. It is from this entropy pool and will generate random numbers.

/dev/random will only be returning Random bytes from the entropy pool. If the entropy pool is empty, reads to /dev/random will be blocked until the additional environmental noise will be gathered. This is suited to high-quality randomnesses, such as the one-time pad or KEY generation.

/dev/urandom will return as many random bytes requested. But if the entropy pool is empty, this will generate data using SHA, MD5 or any other available algorithm. It never blocks the operations. Due to which, the values are vulnerable to the theoretical CRYPTOGRAPHIC attack, though no known methods will exist.

For cryptographic purposes, we should really use the /dev/random because of the nature of data it returns. Possible WAITING should be considered as an acceptable tradeoff for the sake of the security, IMO. When we need random data fast, we should use the /dev/urandom of course.

Both /dev/urandom and the /dev/random are using exact same CSPRNG (a cryptographically secure pseudorandom number generator). They can only differ in very few ways that have nothing to do with the “true” RANDOMNESS and then /dev/urandom is the preferred source of cryptographic randomness on the UNIX-like systems.

NSCD means Name Service CACHE Daemon which provides a cache for the most common name service requests. When resolving a USER, group, service the process will first TRY to connect to the NSCD socket (something like /var/run/nscd/socket2).

If NSCD died, then the connection will fail and NSCD won't be used for same and that should not be a problem.

If NSCD in a hung state, then the connection may hang or succeed. If this succeeds then the client will send the request. Now, we can configure NSCD to disable caching for any type of the database (for instance by having enable-cache hosts no in the /etc/nscd.conf for hosts database).

However, if NSCD is in a hung state, it may not be able to even give that simply won't do the answer, so that won't necessarily help. NSCD is a caching daemon, it's meant to improve the performance. DISABLING it would POTENTIALLY make those lookups slower. However, that's only true for some kind of databases. For the instance, if user/service/group databases are only in small files (/etc/passwd, /etc/group, /etc/services), then using NSCD for those will probably bring little benefit if any. NSCD will be very useful for the host's database.

When we have a process in progress which handle your prompt, there were some signals (orders) that we can SEND to theses process to indicate what we need:

Control+C sends SIGINT which INTERRUPTS the application. Usually causing it to abort, but a process is able to INTERCEPT the signal and do whatever it likes: for instance, from the Bash prompt, try Ctrl-C. In Bash, it cancels whatever you've typed and gives you a blank prompt (as opposed to the quitting Bash)

Control+Z sends SIGTSTP to foreground application, EFFECTIVELY putting in the BACKGROUND on suspended mode. This is very much useful when we want the application to continue its process while we are doing another job in the current shell. When we finish the job, we can go back into the application by running FG (or %x where x is the job number as shown in jobs).

Samba is an open-source software suite that runs on the Unix/Linux based platforms but it is able to communicate with the Windows clients like a native application. So Samba is able to provide the service by employing the Common INTERNET File System (CIFS).

At the heart of the CIFS is the SERVER Message Block (SMB) protocol.  Samba does this by performing the four key things –

• The File & print services
• The Authentication and Authorization
• The Name resolution
• The Service announcement (browsing)

Samba can be run on many different platforms including Linux, Unix, OpenVMS and the operating SYSTEMS other than the Windows and allows users to interact with a Windows client or server natively. It can BASICALLY be described as Standard Windows interoperability suite of the programs for Linux and Unix.

This is one of the most basic and useful commands. This command (“ls”) is used by a normal user or system administrator on a regular BASIS. This command is used to list down files and directories in the present working directory. 

“ls” Command comes up with multiple options:-

• l This option will SHOW file & directory permissions in rwxrwxrwx format for user, group & others
• This option allows you to view hidden & system files
• i This option gives you inode details of files
• s Helps you to list down file size

“ls” without any options will list down all files & directories in plain text. This command gives more desired outputs after clubbing it with grep & LESS command that allows your filter the list or highlights the required file. This command is ALSO compatible with input-output redirection option which is very helpful for logging.

The Virtual hosts are used to host the MULTIPLE domains on a SINGLE apache instance. We can have one virtual host for each IP your server has, or the same IP Address but different ports, or the same IP Address, the same port but different hostnames. The latter is called "the name-based vhosts".

In IP-based virtual hosting, we can run more than one web site on the same server machine, but each web site has its own IP Add while In Name-based virtual hosting, we can host multiple websites on the same IP address. But for this to succeed, we have to put more than one DNS record for your IP address in the DNS database. In the production shared web hosting ENVIRONMENT, getting the dedicated IP address for every domain hosted on the server is not feasible in terms of the cost. Most of the CUSTOMERS won't be able to afford the cost of having a dedicated IP Add. Here is the place where the concepts of the Name-based virtual hosting find its place.

How the system administrator can manage and monitor memory USAGE in Linux?

Memory monitoring and usage management are one of the critical system administrator requirement. It’s always required to keep the system under monitoring to check if memory is low or any user or process is over-consuming it. Linux comes up with multiple commands that you can use to monitor and manage the usage. Different ways to check memory usage:-

Free: Free command gives details of memory used, free, cache and total. By default values are in KB but you can pass -m to have values in MB.

/proc/meminfo: This is a system file to monitor memory. It will give you 6 entries Total Active RAM, Total Inactive RAM, User Active RAM, User Inactive RAM, File Active RAM & File Inactive RAM.

Vmstat: VMSTATS give you memory statistics.

Top: Top command gives you memory usage and total RAM. This command also used for monitoring.

No, TELNET is not a secure way of communication. Talent sends data and sensitive information in plain text over the network and that can be easily accessible and readable by anyone. This GIVES the OPEN opportunity to the hacker to hurt your system. As a System administrator, you need to close all possible security risk for your system and having Talent is one of the tops in the list.

SSH (Secure Shell) is a secure alternative of talent. SSH is completely secure and replaces LEGACY telnet usage. SSH save user identity, password, and data from the network attacks. Linux COMES up with a free version of SSH known as OpenSSH. For extended features, We can also use paid versions of SSH.

Window Manager is client SOFTWARE that controls icons, placement of icons, the appearance of the window after login to the system. This is desktop management software. As we know LINUX is an open-source operating system, We have a long list of WM software available in the market. The system ADMINISTRATOR can install and configure it as per user or environment requirements. One thing before using WM software, they will consume ADDITIONAL resources on the system.

The/etc/.xinitrc file is hidden system files allows you to change the window manager while login from any or particular user account. The prefix of “.” In the file, the name shows that it is hidden file and you will not be able to view it with the normal ls COMMAND.  WM GIVES enhance user experience or add-on features.

Some of the popular command for WM or desktop management are:-

• The KDE = startkde
• The Gnome = gnome-session
• The Blackbox = Blackbox
• The FVWM = fvwm
• The Window Maker = wmaker
• The IceWM = icewm

In Linux, User passwords save in /etc/passwd system FILE. This file accessible to all users and VISIBLE passwords is a security RISK. Linux COMES up with a feature of shadow password or encrypted password. In Shadow password, Passwords are encrypted before saving in /etc/passwd system file. This gives you security from unauthorized system access. The pwconv command is used for providing shadow passwords. This command creates the file as /etc/shadow and changes all passwords to ‘x’ in the /etc/passwd file. This functionality may require additional installation of shadow suite.

The original password is encrypted after creating shadow password by an encryption key

Encryption key saves along with the encrypted password for a further refresh

When a user USING a shadow password tries to connect, the system decrypts the password before connecting.

The ext3 file system is an enhanced VERSION of the ext2 file system. The most important difference between the Ext2 and Ext3 is that Ext3 supports journaling.

Ext2 is a LEGACY file system has LOYS SHORTCOMINGS. In case of a system crash or unexpected power failure or unclean reboot of the system, the system administrator needs to check all ext2 mounted drives for consistency. This needs to be performed an e2fsck program. This is a time-consuming process and during this time, any data on volumes is unreachable.

Ext3 is a newer filesystem with supports journaling.  Journaling feature in ext3 file systems eliminates the requirement of consistency check of the file system in case of a system crash or unclean reboot. The only possible situation of consistency check requirement in ext3 is with hardware failures. In such a case, recovery time depends on hardware speed, storage performance, and system RESOURCES. File size and a number of files do not create any impact, normally journaling complete consistency check in a few seconds.

As a system administrator or application admin, You need to execute multiple TASKS or reports on a regular basis. We can automate or schedule such activities in Linux system using cron  & anacron.

We can use either cron or anacron as per our requirement but both have its features. Both cron and anacron are daemons processes.

CORN assumes your system is running continuously and online for execution. anacron can works when your system is not online 24X7. If our system is off and we have a job scheduled during this time, the job never gets executed.

Anacron uses timestamp file to check when was last time command or task was executed if schedule task or process missed the schedule due offline system. On the other hand, corn executes the required task a predefined schedule.

anacron every hour or day and check all required execution to execute WHEREAS corn runs every minute to perform required action.

Corn job can be configured by any NORMAL user but Anacron can be scheduled only by the superuser.

Corn is best when you can not expect a delay in execution time whereas Anacron is good when we can expect action in set intervals instead of specified timestamp.

UMASK is user file-creation mode to determine permissions of newly created files. When any user creates a file or directory under Linux or UNIX, the DEFAULT setting of the permissions was applied on the basis of UMASK mentioned in the CONFIG file. By default, UMASK id022 but you can change it COMPLETE system or for a particular user. Any files can have 3 types of PERMISSION read, write and execute, numeric representation is 777 for full permissions to a user, group and other users. When any user creates a file on the system with default UMASK 022 then files will get 755 permissions. 755 means read, write & execute to the user and read & execute to the group and other users.

UMASK is a very CRUCIAL command to control file & directory security. The system administrator can control file access permissions using UMASK in an efficient manner.

The seven types of modes available, as mentioned below:

mode=0 (balance-rr): This mode is based on the Round-robin policy and it is the default mode. This mode provides load balancing and fault tolerance kind of FEATURES. It routes the packets in the Round-robin fashion that means from the FIRST available slave through the last.

• mode-1 (active-backup): This mode is based on the Active-backup policy. Only one is active in this band,and another slave will ACT only when others fail. The MAC address of this bond will be available only on the adapter PART to avoid confusing switch. This mode will also provide fault tolerance.
• mode=2 (balance-xor): This mode sets an XOR (an exclusive or) mode that is the source MAC address is XOR’d with destination MAC address which provides load balancing and fault tolerance feature. Each destination MAC address the same slave selected.
• mode=3 (broadcast): This method is based on the broadcast policy that will transmit everything on all the slave interfaces. It provides the fault tolerance feature. This can be used for only specific purposes.
• mode=4 (802.3ad): This mode is called the Dynamic Link Aggregation mode that has it created aggregation groups having the same speed. It requires a switch that supports the IEEE 802.3ad dynamic link. The slave selection for outgoing traffic will be done based on the transmit hashing method. This can be changed from the XOR method via the xmit_hash_policy option.
• mode=5 (balance-tlb): This mode is known as ADAPTIVE transmit load balancing. The outgoing traffic will be distributed based on the current load on each slave and the incoming traffic is received by the current slave. If incoming traffic fails, the failed receiving node is replaced by the MAC address of another slave.
• mode=6 (balance-alb): This mode is known as adaptive load balancing.

find –PERM OPTION is used to find FILES based on permissions

Here "." or period DENOTES the current directory

./IBSO_utilities/venv/Scripts/easy_install-3.7.exe.manifest

./IBSO_utilities/venv/Scripts/easy_install.exe.manifest

./IBSO_utilities/venv/Scripts/pip.exe.manifest

./IBSO_utilities/venv/Scripts/pip3.7.exe.manifest

./IBSO_utilities/venv/Scripts/pip3.exe.manifest

LILO is a boot loader for Linux. LILO stands for Linux Loader that is USED to load Linux into memory.

It is used mainly to load the Linux operating system into main memory so as to begin operation.

Lilo HANDLES some tasks such as LOCATING the KERNEL, identifying other supporting programs, load memory and starts the kernel. The configuration FILE of lilo is located at “/etc/lilo.conf”. Lilo reads this configuration file and it tells Lilo where to place the bootloader.

Below are the system calls used for Process management:

• fork (): CREATE a CHILD process
• exec(): Execute a new program
• WAIT(): wait until the process finishes execution
• exit(): Exit from the process
• getpid(): get the UNIQUE process ID of the process
• getppid(): get the parent process unique id
• nice(): run a program with modified scheduling priority

Aliases are abbreviated shortcuts used to represent a COMMAND or a group of COMMANDS executed with or WITHOUT custom options.

#Alias for log directory

These aliases can be PUT in the ~/.bash_aliases file.

To have the aliased command on any existing terminal, user needs to source ~/.bashrc from the terminal :

source ~/.bashrc

This can be done using wc COMMAND (word count)-

#NUMBER of LINES

#Number of words 

#Number of characters 

<P>This can be done USING 'sed' command :

# Here 'p' to PRINT and '-n' to not print each line

touch command is used to CREATE an EMPTY filename

Example :

$ touch knowledgehut.txt

Also for existing files or directories, touch command changes the last access TIME to current time.

Below commands can be USED :

nslookup - to find the IP ADDRESS from a hostname or vice-versa.

ipconfig or ifconfig - based on whether the HOST is WINDOWS or Unix

hostname -i - on Linux

This can be CHECKED by USING du command ( DISK usage)

du –sh . | GREP G    - lists all the directory which has GIGS in SIZE.

5       ./Default/AppData/Local/Microsoft/Windows/WinX/Group1

25      ./Default/AppData/Local/Microsoft/Windows/WinX/Group2

60      ./Default/AppData/Local/Microsoft/Windows/WinX/Group3

As zombie processes are already DEAD , the user  Cannot kill something which is already dead.

Execute the below command :

Replace the pid with Parent PROCESS ID, so that parent process will remove all the CHILD processes that are dead.

Zombie process is a process whose execution is completed but have not been removed from the process table.

When a program forks and the child finishes before the PARENT , kernel has some of the child information .

In case parent needs to CHECK for child's exit STATUS - parent calls 'wait()'. Child is said to be a zombie process in the duration child terminating and the parent calling 'wait()'.

Execute the below command

child will have a 'Z' in its status field to indicate zombie process

Also this command will give details of all zombie processes in the processes table.

lsof -  ‘LiSt Open FILES’ is used to find out which files are opened or are in use .

Example :

# lsof -u kunand

COMMAND  PID   USER FD TYPE     DEVICE SIZE/OFF NODE NAME

sshd    1838 kunand  mem REG   253,0 122436 190247 /lib/libselinux.so.1

sshd    1838 kunand  mem REG   253,0 255968 190256 /lib/libgssapi_krb5.so.2.2

sshd    1838 kunand  mem REG   253,0 874580 190255 /lib/libkrb5.so.3.3

Top is the command used to get the list of running processes and resource utilization (RAM or CPU usage). It GIVES  all the information about each process running on the host :

• Process ID (PID)
• Owner of the process(USER)
• Priority of process(PR)
• Percentage of CPU (%CPU)
• Percentage of memory
• Total CPU TIME spends on the process.
• Command used to start a process.

Sample Output :

PID USER      PR  NI  VIRT  RES SHR S %CPU %MEM    TIME+  COMMAND
7629 greys     20 0 749m 291m  28m S 1 7.4 16:51.40 firefox
19935 greys     20 0 133m 14m  10m S 0 0.4 2:38.52 smplayer
   1 root      20 0 4020  880 592 S 0  0.0 0:00.96 init
   2 root      15 -5 0    0 0 S 0 0.0   0:00.00 khutreadd
   3 root      RT -5 0    0 0 S 0 0.0   0:00.04 datamigration/0
   4 root      15 -5 0    0 0 S 0 0.0   0:00.90 ksoftirqd/0
   5 root      RT -5 0    0 0 S 0 0.0   0:00.00 watchdog/0
   6 root      RT -5 0    0 0 S 0 0.0   0:00.06 datamigration/1

Most commonly used options with the top  command are below –

sed '/^$/d' sample.txt

Here “^” symbol represents the STARTING point of a line and “$” represents the END of the line. Whereas “^$” represents the EMPTY lines , d stands for DELETE .

SED COMMAND in UNIX stands for stream editor, which is used to make changes to FILE content.

It can be used to find and replace strings or patterns without OPENING a file

The default behavior is that  the SED command REPLACES the first occurrence of a pattern in each and it won’t replace the second, third or multiple occurrence in the line.

If we use the ‘g’ option ALONG with the above command then SED command will replace all Unix strings with Linux globally ( g stands for globally) .

In Linux, CURL command is a tool to transfer data from or to a server. In Linux, curl command is used to test an application's endpoint or connectivity to an upstream service endpoint. It is used to determine if the application can reach another service, like a database, or to check if the service is up and running . This  command doesn’t require any user interaction.

Example:

This example with an exception shows that the application can't reach server. Options used In the above command,

Curl command with -O option is  used to DOWNLOAD the file :

Usage :

To list every occurrence of the TERM “warn” on a separate LINE,

run grep -o warn <path>. Adding the r flag to the command makes recursive search for every file under the given path, and the I flag ensures that matches in BINARY files are ignored.

In ADDITION, the w flag can be included to match the exact term only, and IGNORE superstrings such as “warnings”, and to make the search case-insensitive, the i flag can be added.

From the command shell, USE the command for memory usage information :

cat /proc/meminfo

Ex :

There are other commands ALSO which GIVES memory INFO :

Service Calls PROVIDE a FEATURE to use operating system services. It provides an interface between the process and the operating system for better functionality and requirements. System calls are not for beginners, it needs some level of expertise to use. System call provides additional control over the system. Processes are the most basic unit on Linux System and process management need some system calls in Linux, some of them are:-

DATA & system security is one of the biggest challenges today. We need to secure our system from all POSSIBLE vulnerabilities. The system should be on the basis of best practices EITHER adopted from and best practices either from approved vendors or from inhouse from experts. SSSH has secured shell services used to connect a Linux system in a secured manner. SSH is is the most common tool for a system administrator for better system management and security. SSH gives some advance FEATURES that need proper knowledge and expertise to use. SSH gives more feature to the user.

Some of the very SIMPLE steps to secure ssh services as below:-

1. Disable/enable Root User
2. Reset Root user password
3. Disable password-based login and enable key-based logins
4. Change standard ports of the system and assign random ports
5. Restricted network access from the system
6. Use a whitelist approach to allow only authorized IPs to connect

By default, the standard INPUT device is Keyboard and the standard output device is a Display screen. But to automate the processes or to pass the output of one PROCESS to another process these standard ways does not work. Linux feature of DIRECTING input & outputs data to and from processes is called Input/Output Redirection. Input / Output redirection is a required feature for good programming and shell scripting. It’s used for taking input and showing results as per requirement. Input from USER and passing to other process is called input redirection WHEREAS if process further pass its output to another process or function that will be output redirection for that and input redirection for receiving one.

In Linux, we have three redirections available as below: -

• Input Redirection: ‘<’ symbol is used for input redirection to the new process.
• Output Redirection: ‘>’ symbol is used for output redirection to a new process or log file.
• Error Redirection: It is denoted as STDERR(2). This is very useful for error handling.

Swap space is like pagefile in windows. Swap space is virtual memory where disk reserved for swap will behave like actual RAM.

In Swap space, Some amount of physical disk to hold some transaction or data temporarily. Ideally, this data should be residing in RAM or memory but due to a situation where memory is under pressure, the system moves some transaction or data into swap space. RAM is always costlier than disk space and disk performance is INCREASING day by day. Physical Memory need PROPER management for cost-effectiveness and swap SPACES help in USING the disk as a physical memory or temporary and least used data. The system will consider this as a part of memory only. Swapping of memory to and from physical storage is managed by systems memory management. By default, this is an auto driven process and does not REQUIRE any manual intervention.

For more accurate memory management We also have the tools to manage swap space as per our requirements

Physical volume or Physical disk is the first layer of the disk management. It’s considered as physical DISKS connected to the system. It can be local to the system or from SAN storage. Normally Datacenter and storage team manage it. Any disk addition and expansion can be done if SPACE is available at this level.

A volume group is the second layer or middle layer between physical volume and logical volume. Volume group club all physical volume and display them as single storage to the system for further partitioning and USAGE. Due to large system in today’s environment, Application or Database need bigger space than an available physical disk. Volume group allows to clod multiple physical disk as one volume. This leverage system team to use bigger disks with any splitting at their end.

Logical volume or logical disk is the management of volume group to divide disk as per usage instead of allocation physical storage DIRECTLY. Logical Volume Management (LVM) PARTITIONS can allocate across the physical drives and be resized like traditional disks.

First, We NEED to understand the difference and RELATION between the network connection and a network interface. A network interface can have many connections but one connection is only bounded to a specific network interface. Network connections are unclassified by default. It’s a system or network administrator's responsibility to create a ZONE with specific details to enable a level of trust by creating firewall policies.

Network Zone explains the trust level of a network connection. Creating Zones helps in identifying the secure network or unsecured network. Your system can have large access in a secure zone and limited to other zones or unsecured networks. This helps Network administrators to plan the level of monitoring for different networks.

The initial network zones:

SMTP(Simple Mail Transfer Protocol) is a push protocol and is used to send the mail whereas POP (post office protocol) or IMAP (internet message access protocol) are used to RETRIEVE those emails at the receivers or client-side. The SMTP server on Linux is very fast, reliable and secure. Also, it SUPPORTS POP3, IMAP and webmail access. Linux systems in a NETWORK can use the SMTP server to send alerts notifications. The mail transfer agent is an application use SMTP to transmit Email over the network. We have some of the most POPULARLY used open-source Mail transfer agents like POSTFIX, SENDMAIL, EXIM, QMAIL, MUTT, ALPINE etc.. Each agent has its own advantages and disadvantages. You can review your system and can install the required one as per need.

Postfix is a free and open-source mail MTA (Mail Transfer Agent). This application used to send and receive the email. It is responsible for routing and delivering electronic mail. This is a cross-platform and most popular system.