Must Know Linux Interview Questions for Job Aspirants

Have you ever thought why is Linux so popular? Is it because it is a free and open source OS or being robust, reliable, secure and reusable makes it more appealing. Interestingly, it does have all the specified qualities. And that’s the reason you’ll see a lot of job openings getting created for Linux professionals. Hence, we wrote this post focusing on the twenty must know Linux interview questions for candidates preparing for their first job or planning to change existing jobs.

The purpose of this post is to make you aware of the important Linux areas and how they could impact the chances of professionals in getting selected for a rewarding Linux job. If you have a sound knowledge of Linux commands, shell scripting and OS configuration, then a good company won’t mind paying a salary you deserve.

But this growing popularity of Linux is also leading to a steep increase in the competition for Linux talent. When a company is ready to pay higher incentives to attract talent, so it would also seek for professionals with desired knowledge and skills.

So you should get yourself equipped with enough preparation to beat this stiff competition. And that is the area where this post will help. We’ve shortlisted twenty must know Linux interview questions which belong to the topics that are interviewer’s favorites.

Though, there are many Linux role which can vary depending upon the job requirements. But generally, you should prepare to face off the questions from the following topics.

1. Core OS Architecture
2. User Provisioning (Add/Remove users)
3. Service Management (Starting/Stopping system services/daemons)
4. Network Configuration and IP Tables
5. Core OS Commands
6. Shell Scripting

As you saw a no. of categories listed above, so it’s not practical to cover all in a single post. Instead, you can go through some of our other posts which target the specific technical competencies. If you read all of them through, then the returns will be much higher than expected.

Now, you can proceed for reading the must know Linux interview questions and answers. And know about the pattern of questions asked during technical interviews.

Must Know Linux Interview Questions for Job Aspirants.

Q-1. What do you know about the Linux daemons?

Ans. It is a process running in the background that performs a particular operation at some pre-defined time or in response to some event. They are services that provide several functions, not available under the base operating system. Their main task is to monitor those requests and act upon it. After the service completes, it gets disconnected and waits for further requests.
The term daemon is a UNIX term, though many other operating systems also provide support for daemons. But there they are sometimes called by other names like, for example, Windows refers to daemons as System Agents and services.
Typical daemon processes include print spoolers, e-mail handlers, and other programs that perform administrative tasks for the operating system. The term comes from Greek mythology, where daemons were guardian spirits.
Daemons are controlled and maintained by init process.


Q-2. What command should you use to check the number of files and disk space used by each user’s defined quotas?

Command <repquota> prints the summary of the disk usage and quotas for the specified file systems. It displays the total number of files and the amount of space (in kilobytes) associated with the user, along with any quotas created using <edquota> or <setquota>.


Q-3. How will you remove all the running processes without restarting the machine?

Linux <disown> command is used to remove the jobs from the current shell on Linux system. It will remove all the currently running processes when used with option <disown -r>.


Q-4. What do you need to do for tracking the events on the system?

For tracking the events on the system, we need a daemon called <syslogd>. The syslogd daemon is useful in tracking the information of the system and then saving it to specified log files. Running the <syslogd> daemon generates logs at the location </var/log/syslog>.
All log messages contain time and hostname fields. The <syslogd> daemon reacts to the set of signals sent by the user. The following list describes some of these signals.

1. SIGHUP- It makes the <syslogd> daemon start re-initialization which results in the closing of all open files, re-reading of the configuration file </etc/syslog.conf>, and the re-execution of <syslog> service.
2. SIGTERM- The <syslogd> daemon will die.
3. SIGINT, SIGQUIT- These signals will get ignored after enabling the debug mode. Else it makes <syslogd> to die.
4. SIGUSR1: Switch to debug mode (on/off) and can be used only if <syslogd> starts with the debug (-d) option.
5. SIGCHLD: Wait for the child if some were born, because of waiting for messages.


Q-5. How will you restrict an IP so that the restricted IP’s may not use the FTPServer?

We can block suspicious IP by integrating <tcp_wrapper>.
We need to enable the parameter ‘tcp_wrapper=YES’ in the configuration file at ‘/etc/vsftpd.conf’ and then add the suspicious IP in the ‘host.deny’ file at location ‘/etc/host.deny’.


Q-6. What are the different modes in which we can use the vi editor?

Following are the modes defined for vi:
1. Command mode: Starts when you launch vi.
2. Edit mode: Allows editing of text.
3. Ex-mode: To interact with the vi editor and provides instructions to process a file.


Q-7. What is the main difference between Telnet and SSH?

SSH i.e. Secure Shell and Telnet, both are the network protocols. They serve the same purpose by providing remote access to the systems so that communication gets initiated between them. For example, communication between the Server and the Client.
However, the main difference between these protocols is the security of the data that gets transferred between the systems.

Following are the key points that differentiate SSH and Telnet.


1. SSH encrypts the data or packets that need to be transported between the systems. Thus the data becomes safe from hackers. For example, the username and password.
2. In the public network, mostly SSH is applied for remote connection due to its security mechanism.
3. SSH uses authentication which ensures that the source of the data is always the same system and not any other. Thus without authentication, any person cannot intercept and perform some undesired tasks.
4. SSH uses public and private keys, to identify hosts and users for authentication.
5. By default, SSH runs on port 22.


1. The data that transfers between the systems is in plain text (ASCII form) and not in an encrypted format. Thus anybody in the network can easily hack the data which is a major security concern for the user.
2. Telnet is mostly used in the Private network as it’s highly insecure to use in Public network.
3. Telnet does not use Authentication which is again a security issue.
4. Telnet runs on port 23.

Thus due to its security mechanisms, SSH is replacing Telnet nowadays.


Q-8. What are hard links?

A hard link is merely an additional name for an existing file on Linux. Any number of hard links, and thus any number of names, can be created for any file. A file’s original name and all its hard links point to the same inode. Thus even if you delete the original name, then the hard link still points to the same file. Indicating that hard link is an equally valid name for it.

Thus to create a hard link that file must exist in the same filesystem where you are trying to create the link. And a hard link directly maps to the physical file instead of pointing to its path. Hence, even if you rename or move the original file, the hard link won’t break because it’s independent of the location where the file is present.

We can create a hard link using the ln command as: <ln file1 hlink1>

Above command creates a hard link named hlink1 for file1.

<ls> command with its -l (i.e., long) option can be used to display the number of hard links to any file.  The second column of the output shows the total number of hard links. It is the sum of the target file and all hard links to it. This value will be same for the target file and all of the links.


Q-9. What is redirection?

Redirection is the process of directing data from one output to another. Thus it can be used to direct an output as an input to another process.


Q-10. What command will you use to search all the “*.tar” files in your Home directory and delete all of them at one go?

We need to use find command with rm command to delete all “*.tar” files as:
# find /home/ -name ‘*. tar’ | xargs rm –rf


Q-11. What are the contents of </usr/local>?

The </usr/local> hierarchy is for use by the system administrator when installing software locally. It becomes safe from being overwritten when the system software is updated. It is useful for programs and data that are shareable amongst a group of hosts.
Another application of this directory is for installing software packages from source, or software not officially shipped with the distribution. For example, when you install apache from source, it goes under </usr/local/apache2>.


Q-12. How do you terminate an ongoing process?

A system identifies its running processes by a unique process id or PID. Use the kill command followed by the PID to terminate that process. To stop all the running processes in one go, use the command <kill 0>.


Q-13. What is the difference between “locate” and “slocate” command?

1. <locate>: This command is used to search files and directories in a filesystem. The format of the locate command is:
<locate pattern>
With locate, you can see every file or directory whose name contains the search criterion.
The locate command works very quickly, as it does not search the files on disk rather, it searches for file paths in a database. But for this, the database should be up to date.
Thus, one limitation of the “locate” command is its dependency on the database which can be updated using the utility “updatedb”. Hence to get the latest and reliable results from ‘locate’ command, the database on which it works should be updated at regular intervals.

2. <slocate>: Secure Locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster. The difference from “locate” is that it stores, file permissions, and ownership so that users do not see the files they cannot access.
Thus, “slocate” allows system users to search the entire filesystem without displaying the unauthorized directories.


Q-14. What is Samba service?


Samba is a suite of programs that gives Linux box the ability to speak SMB (Server Message Block). SMB is the protocol used to implement file sharing and printer services between computers running OS/2, Windows NT, Windows 95, and Windows for Workgroups. The protocol is analogous to a combination of NFS (Network File System), lpd (the standard UNIX printer server) and a distributed authentication framework such as NIS or Kerberos.

On running the Samba server programs, the Linux box appears in the “Network Neighborhood” just like another Windows machine appears.

Now users of Windows machines can “log into” your Linux server and, depending on the rights granted to them, they can copy files to and from parts of the UNIX file system, submit print jobs and even send you WinPopup messages.

The best part of Samba is that it is freely available under the GNU public license, just like Linux.


Q-15. What is the command to make a process to run in the foreground from the background?

On a running process press <Ctrl + Z> which will suspend the most recent foreground process. It will then bring you back to the shell, now enter the command “bg” to move the just-suspended process to the background (letting it continue to run) or “fg” to bring it back to the foreground.


Q-16. List out few of the differences between Softlink and Hardlink?


Following are the key differences between Softlink and Hardlink:

 Hard LinkSoft Link
InodeInode will be same for both the files.Inode will be different for both the files.
Directory/FileLinux does not allow creating hard links for directories. However, it can create a hard link to a file.A soft link can link to a directory.
Deletion of original fileThere is no impact on the hard link if the user deletes the original file. It will still show the content of that file.Deletion of the original file has an impact on the soft link. The deleted file will not be accessible via the soft link now.
Execution TimeAccess time is fast as compared to soft linkAccess time is slow as compared to a hard link.
Cross File SystemSoft link works in the cross file system.A hard link does not work in the cross file system. It needs the same file system.


Q-17. What is an initrd image? What is its role in the Linux booting process?

Ans. The initial RAM disk (i.e. <initrd>) is a temporary file system which gets mounted before the real root file system and remains active until the latter becomes available.
It’s integrated into the kernel and loads as a part of the formal kernel boot procedure.


Q-18. What is the difference between “umask” and “ulimit”?


The umask is an abbreviated form of User file creation mask. It is a Unix command which determines the settings of a mask and controls the permissions required for a newly created file. It can also be recognized as a function to set the mask or a value representing the mask itself. The mask is a linear representation of bits where each bit can affect the default permissions of new files. The umask command can also modify the bits in the mask if there is a need to do so.

While, “ulimit” is a Linux inbuilt command which provides control over the resources available to the shell and to the processes started by it.
We can limit the user to the specific range by editing the configuration file </etc/security/limits.conf> and at the same time system wide settings can also be updated in </etc/sysctl.conf>.


Q-19. What do you know about SELinux?

Security-Enhanced Linux (SELinux) is an implementation of a flexible but mandatory access control architecture in the Linux operating system. It aims to protect the server against misconfigurations and compromised daemons. It imposes restrictions and instructs the server daemons or programs what files they can access and what actions they can take by defining a security policy.
The configuration file </etc/selinux/config> controls whether SELinux is enabled or disabled. And if enabled, it can be set in either of three modes:

1. Enforcing – In this mode, SELinux gets enabled and starts applying the underlying policies.
2. Permissive – In this mode, SELinux displays warnings instead of enforcing a policy. The warnings occur when the system detects a breach in the SELinux policy settings.
3. Disabled – No SELinux policy gets loaded. This mode completely disables the SELinux policies.

SELinux is set in two levels as:
1. Targeted processes
2. Mls (stands for Multi Level Security protection).


Q-20. How can we check “Memory stats” and “CPU stats”?

We can display the physical and virtual memory statistics using “free” and “vmstat” command respectively. And we see the CPU utilization and other stats with the help of “sar” command.


Summary – Must Know Linux Interview Questions for Job Aspirants.

We are hopeful that the above must know Linux interview questions and answers would help you immensely. And you could turn the wheel in your favor. All the best for your upcoming interviews.

Listening to your feedback makes us do better so share it.

You can even ask us to write on a topic of your choice. We’ll add it to our writing roadmap.

Lastly, if you’d enjoyed the post, then please care to share it with friends and on social media.

Keep Learning,