Linux Q & A

bogotobogo.com site search:

Linux Q & A

When using iproute2, how do we show routing information for an IPv6 network?
1. ip route show
2. ip -6 route show
3. route
4. route -ipv6

Ans: #2
```
$ ip -6 route show
fe80::/64 dev eth0  proto kernel  metric 256  mtu 9001 pref medium         
     
```

Why doesn't passwd -l keep a user from logging in via other methods?
The passwd -l locks the password of the named account.
It will add "!" at starting of user's password:
```
$ sudo cat /etc/shadow
test_user:!$6$vXmPK0s/$4Q3XDFR8VDMyL8k1...    
```
A User can't Change it's password when his/her password is locked. To unlock:
```
$ sudo passwd -u test_user
passwd: password expiry information changed.    
```
Note that passwd -l does not keep the user from gaining access through other means such as authentication tokens (like SSH keys).

Why is the passwd command able to modify the /etc/passwd file?
It has the SUID permission mode and is owned by root.
Check Special permission II - SUID/SGID.

What NFS option allows the root use to access NSF shares as the root user?
By default, NFS shares change the root user to the nfsnobody user, an unprivileged user account. In this way, all root-created files are owned by nfsnobody, which prevents uploading of programs with the setuid bit set.
If no_root_squash is used, remote root users are able to change any file on the shared file system and leave trojaned applications for other users to inadvertently execute.

What is a major advantage of using Logical Volume Management (LVM)?
The biggest advantage of LVM is that both logical and physical volumes can be created, deleted and resized online, without any restarts.
Logical volumes can also be resized dynamically, so we can start for example with a small partition and configure it to expand as data is written on it.

What character class is equal to this set? [0-9].

What is /etc/hosts file used for?
1. blocking sites using iptables
2. resolving the local name
3. setting the hostname
4. configuring DNS name servers

Ans. #3

$ cat /etc/nsswitch.conf 
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat
group:          compat
shadow:         compat
gshadow:        files

hosts:          files dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

Here, files refers to the /etc/hosts file, and dns refers to the DNS system, whichever comes first wins.

In a systmd-based OS, we can change the system hostname by editing /etc/hostname manually and then doing what?
1. Restart dhcpd
2. Nothing, the system notices automatically
3. Run /etc/hostname
4. Notify systemd to update it by restarting the systemd-hostnamed service

Ans. #4
It's necessary to restart the systemd-hostnamed daemon so that as to reflect the change in static hostname.
```
$ sudo systemctl restart systemd-hostnamed
```

We're managing an Apache web server on a system using SELinux. By defult, it cannot read personal webpages in users' home directories. What SELinux boolean would we set to allow this?
1. httpd_enable_userhome_dirs
2. httpd_enable_userdirs
3. apache_enable_homedirs
4. httpd_enable_homedirs

Ans. #4
```
$ setsebool -P httpd_enable_homedirs true
```

What does this command string do?
```
$ find ./ -size +10M -exec ls -l {} \;
...
-rw-rw-r-- 1 ubuntu ubuntu 13655547 Apr 16  2014 ./home/ubuntu/.ivy2/cache/org.scala-lang/scala-compiler/jars/scala-compiler-2.11.0.jar
-rw-rw-r-- 1 ubuntu ubuntu 14445780 Mar 18  2014 ./home/ubuntu/.sbt/boot/scala-2.10.4/lib/scala-compiler.jar
...
```
Ans.
It finds all files larger than 10 MB and long lists them using the ls command.
The "{}" has the result from the find command, and it needs to know when the arguments of exec are terminated. So, we added ';'. The escape ('\') is needed because ';' has its own meaning within a shell.

We want to resolve a long list of DNS names using dig. What should we do?

$ cat << EOF > list.txt
> example.com
> google.com
> yahoo.com
> EOF


$ dig -f list.txt

; <<>> DiG 9.10.3-P4-Ubuntu <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48051
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com.			IN	A

;; ANSWER SECTION:
example.com.		300	IN	A	93.184.216.34

;; Query time: 2 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Fri Mar 12 23:17:05 UTC 2021
;; MSG SIZE  rcvd: 56

; <<>> DiG 9.10.3-P4-Ubuntu <<>> google.com
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29459
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com.			IN	A

;; ANSWER SECTION:
google.com.		58	IN	A	172.217.6.46

;; Query time: 1 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Fri Mar 12 23:17:05 UTC 2021
;; MSG SIZE  rcvd: 55

; <<>> DiG 9.10.3-P4-Ubuntu <<>> yahoo.com
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55462
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;yahoo.com.			IN	A

;; ANSWER SECTION:
yahoo.com.		300	IN	A	74.6.143.25
yahoo.com.		300	IN	A	74.6.143.26
yahoo.com.		300	IN	A	74.6.231.20
yahoo.com.		300	IN	A	74.6.231.21
yahoo.com.		300	IN	A	98.137.11.163
yahoo.com.		300	IN	A	98.137.11.164

;; Query time: 1 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Fri Mar 12 23:17:05 UTC 2021
;; MSG SIZE  rcvd: 134

Refs