[mdlug] Job Interview Questions: Linux Admin

Carl T. Miller carl at carltm.com
Wed Nov 30 08:11:33 EST 2022


On 11/29/22 06:56 PM, Gib wrote:

Hey Gib,

Good questions.  Here are some things to consider.

c

> What would you do to diagnose a slow system?

0.  First, talk to the person(s) who are experiencing
the issue.  When and how do they notice the slowness?
Is it constant or cyclical?  If constant, has it started
recently or has it worsened over time?  If cyclical,
try to determine when it starts, how long it lasts,
and when it stops.  Is there anything they can do
(such as a reboot) that can bring it back up to speed?

1.  Check if it's swapping.  If it is, find what is eating
the memory and either decide to offload that program
or to buy more memory.

2.  Run atop to see if there is currently a bottleneck.
If so determine what is the best method to alleviate
it.  Perhaps add a network card, buy faster hard
drives, etc.

3.  Examine what programs are running and what
resources they need.  It's possible there is an
update to the current software or a better program.
Likewise for the operating system and the kernel.
It may benefit from changing the process scheduler,
tweaking the kernel and/or drivers.

4.  Run sa and check the results after a day, a week,
a month and a year.  It is possible that the slowness
only occurs as certain tasks run.
If restoring a prior backup of
5. Do more advanced monitoring if needed.

> How would you do a performance problem when more swap space needs to be
> added?

Actually I'd go through the same steps as above,
but focus on memory and software.

> How would you handle a root password loss?
I would check with each user and recent backups if
available.  The goal would be to find the password
or to determine when it was most recently changed.

Next check the permission in pam and/or selinux to
see if there are restrictions.  Perhaps it may be
necessary to use ssh with a key or to use a particular
tty.

Check if there are any other accounts with id 0 that
can be used.  Also, check for sudo access by any of
the users.

If all else fails, try going to runlevel 1 and hope
that you have the right grub password, if needed.
If that fails, boot from a system recovery image
and hope that you have the right encryption
passphrase, if needed.

In any case, after updating the password, I'd
enable sudo for the appropriate users and then
lock down the root account.  I would then ask
for two people (manager and a vp?) who would
receive a sealed envelope to be kept in a safe
that contains instructions to gain access as
root.  All "normal" admins would then be
required to use their personal account and
the root account.



More information about the mdlug mailing list