Systemd Over Init System, What Do You Think?
Systemd is well designed. It was conceived from the top, not just to fix bugs, but to be a correct implementation of the base system services. A systemd, may refer to all the packages, utilities and libraries around daemon. It was designed to overcome the shortcomings of init. It itself is a background process which is designed to start processes in parallel, thus reducing the boot time and computational overhead. It has a lot other features as compared to init while Sysvinit was never designed to cope with the dynamic/event-based architecture of the current Linux kernel. The only reason why we still use it today is the cost of a migration.
Systemd ships a growing number of useful, unified command-line interfaces for system settings and control (timedatectl, bootctl, hostnamectl, loginctl, machinectl, kernel-install, localectl). In Debian, they use the existing configuration files without breaking compatibility.
Systemd makes the boot process much simpler, entirely removing the need to specify dependencies in many cases thanks to D-Bus activation, socket activation, file/inotify activation and udev integration.
Systemd supports SELinux integration while SysV doesn't
Systemd can handle the boot process from head to toe, without needing to use any of the existing shell scripts. Systemd extends the logging features of the system in many ways with journald, and can remain integrated with the existing rsyslog daemon. Logs are in a structured format, attributed to filename, line of code, PID and service. They include the early boot (starting from initramfs). They can be quickly filtered and programmatically accessed through an efficient interface.
Systemd unit files, unlike SysV scripts, can usually be shipped by upstream, or at least shared with other distributions (already more than 1000 existing unit files in Fedora) without any changes, the Debian specifics being handled by systemd itself.
Systemd is incredibly fast (1 second to boot). It was not designed with speed in mind, but doing things correctly avoids all the delays currently incurred by the boot process.
The transition plan is easy, since existing init scripts are treated as first-class services: scripts can depend (using LSB headers) on units, units can depend on scripts. More than 99% of init scripts can be used without a modification.
It is not just init. It unifies, in fewer lines of code, everything that is related to starting services and managing session groups: user login, cron jobs, network services (inetd), virtual TTY management… Having a single system to handle all of that allows us to remove a lot of cruft, and to use less memory on the system.
What Basics Measures Could You Take To Secure An Ssh Connection?
For Linux sysadmins, it is frequent to access servers by ssh. But are we sure the communication established is really good secured?
There some additionals very simple steps that can be taken to initially harden the SSH service, such as
Disabling root login, and even password-based logins will further reinforce the security of the server.
Disabling password-based logins and allow key based logins which are secured but can be taken further by restricting their use from only certain IP addresses.
Changing the standard port to something other significantly decreases random brute force attempts from the internet
Forcing the service to use only version 2 of the protocol will introduce both security and feature enhancement.
The whitelist approach can be taken, where only the users that belong to a certain list can log in via SSH to the server.
What Is Lvm And Does It Required On Linux Servers?
LVM is a logical volume manager. It requires to resize filesystem size. This size can be extended and reduced using lvextend and lvreduce commands respectively. You can think of LVM as dynamic partitions, meaning that you can create/resize/delete LVM partitions from the command line while your Linux system is running: no need to reboot the system to make the kernel aware of the newly-created or resized partitions. LVM also provides
You can extend over more than one disk if you have more than one hard-disk. They are not limited by the size of one single disk, rather by the total aggregate size.
You can create a (read-only) snapshot of any LV (Logical Volume). You can revert the original LV to the snapshot at a later time, or delete the snapshot if you no longer need it. This is handy for server backups for instance (you cannot stop all your applications from writing, so you create a snapshot and backup the snapshot LV), but can also be used to provide a "safety net" before a critical system upgrade (clone the root partition, upgrade, revert if something went wrong).
2
Linux can be installed on two partitions, one as / which will contain all files and a swap partition.Systemd is well designed. It was conceived from the top, not just to fix bugs, but to be a correct implementation of the base system services. A systemd, may refer to all the packages, utilities and libraries around daemon. It was designed to overcome the shortcomings of init. It itself is a background process which is designed to start processes in parallel, thus reducing the boot time and computational overhead. It has a lot other features as compared to init while Sysvinit was never designed to cope with the dynamic/event-based architecture of the current Linux kernel. The only reason why we still use it today is the cost of a migration.
Systemd ships a growing number of useful, unified command-line interfaces for system settings and control (timedatectl, bootctl, hostnamectl, loginctl, machinectl, kernel-install, localectl). In Debian, they use the existing configuration files without breaking compatibility.
Systemd makes the boot process much simpler, entirely removing the need to specify dependencies in many cases thanks to D-Bus activation, socket activation, file/inotify activation and udev integration.
Systemd supports SELinux integration while SysV doesn't
Systemd can handle the boot process from head to toe, without needing to use any of the existing shell scripts. Systemd extends the logging features of the system in many ways with journald, and can remain integrated with the existing rsyslog daemon. Logs are in a structured format, attributed to filename, line of code, PID and service. They include the early boot (starting from initramfs). They can be quickly filtered and programmatically accessed through an efficient interface.
Systemd unit files, unlike SysV scripts, can usually be shipped by upstream, or at least shared with other distributions (already more than 1000 existing unit files in Fedora) without any changes, the Debian specifics being handled by systemd itself.
Systemd is incredibly fast (1 second to boot). It was not designed with speed in mind, but doing things correctly avoids all the delays currently incurred by the boot process.
The transition plan is easy, since existing init scripts are treated as first-class services: scripts can depend (using LSB headers) on units, units can depend on scripts. More than 99% of init scripts can be used without a modification.
It is not just init. It unifies, in fewer lines of code, everything that is related to starting services and managing session groups: user login, cron jobs, network services (inetd), virtual TTY management… Having a single system to handle all of that allows us to remove a lot of cruft, and to use less memory on the system.
What Basics Measures Could You Take To Secure An Ssh Connection?
For Linux sysadmins, it is frequent to access servers by ssh. But are we sure the communication established is really good secured?
There some additionals very simple steps that can be taken to initially harden the SSH service, such as
Disabling root login, and even password-based logins will further reinforce the security of the server.
Disabling password-based logins and allow key based logins which are secured but can be taken further by restricting their use from only certain IP addresses.
Changing the standard port to something other significantly decreases random brute force attempts from the internet
Forcing the service to use only version 2 of the protocol will introduce both security and feature enhancement.
The whitelist approach can be taken, where only the users that belong to a certain list can log in via SSH to the server.
 |
| Splunk Technology Frequently Asked Linux Interview Questions Answers |
What Is Lvm And Does It Required On Linux Servers?
LVM is a logical volume manager. It requires to resize filesystem size. This size can be extended and reduced using lvextend and lvreduce commands respectively. You can think of LVM as dynamic partitions, meaning that you can create/resize/delete LVM partitions from the command line while your Linux system is running: no need to reboot the system to make the kernel aware of the newly-created or resized partitions. LVM also provides
You can extend over more than one disk if you have more than one hard-disk. They are not limited by the size of one single disk, rather by the total aggregate size.
You can create a (read-only) snapshot of any LV (Logical Volume). You can revert the original LV to the snapshot at a later time, or delete the snapshot if you no longer need it. This is handy for server backups for instance (you cannot stop all your applications from writing, so you create a snapshot and backup the snapshot LV), but can also be used to provide a "safety net" before a critical system upgrade (clone the root partition, upgrade, revert if something went wrong).
you can also set up writeable snapshots too. It allows you to freeze an existing Logical Volume in time, at any moment, even while the system is running. You can continue to use the original volume normally, but the snapshot volume appears to be an image of the original, frozen in time at the moment you created it. You can use this to get a consistent filesystem image to back up, without shutting down the system. You can also use it to save the state of the system, so that you can later return to that state if you mess things up. You can even mount the snapshot volume and make changes to it, without affecting the original.
What Is The Minimum Number Of Partitions You Need To Install Linux?
What Is The Minimum Number Of Partitions You Need To Install Linux?
2
What Is The Name And Path Of The Main System Log?
/var/log/messages
What Utility Can You Use To Automate Rotation Of Logs?
logrotate The logrotate command can be used to automate the rotation of various logs.
What Key Combination Can You Press To Suspend A Running Job And Place It In The Background?
ctrl-z Using ctrl-z will suspend a job and put it in the background.
What Command Is Used To Remove The Password Assigned To A Group?
gpasswd -r The gpasswd command is used to change the password assigned to a group. Use the -r option to remove the password from the group.
In Order To Improve Your System's Security You Decide To Implement Shadow Passwords. What Command Should You Use?
The pwconv command creates the file /etc/shadow and changes all passwords to 'x' in the /etc/passwd file.
What Command Should You Use To Check The Number Of Files And Disk Space Used And Each User's Defined Quotas?
The repquota command is used to get a report on the status of the quotas you have set including the amount of allocated space and amount of used space.
You Have A File Called Phonenos That Is Almost 4,000 Lines Long. What Text Filter Can You Use To Split It Into Four Pieces Each 1,000 Lines Long?
The split text filter will divide files into equally sized pieces. The default length of each piece is 1,000 lines.
You Want To Create A Compressed Backup Of The Users' Home Directories. What Utility Should You Use?
You can use the z modifier with tar to compress your archive at the same time as creating it.
You Wish To Restore The File Memo.ben Which Was Backed Up In The Tarfile Mybackup.tar. What Command Should You Type?
This command uses the x switch to extract a file. Here the file memo.ben will be restored from the tarfile MyBackup.tar.
What Is Cache Memory?
Cache memory is a small high-speed memory. It is used for temporary storage of data & information between the main memory and the CPU (center processing unit). The cache memory is only in RAM.
What Is Interrupt?
Interrupt is a signal send by external device to the processor so as to request the processor to perform a particular work.
Difference Between Static And Dynamic Ram?
Static RAM: No refreshing, 6 to 8 MOS transistors are required to form one memory cell, Information stored as voltage level in a flip flop.
Dynamic RAM: Refreshed periodically, 3 to 4 transistors are required to form one memory cell, Information is stored as a charge in the gate to substrate capacitance.
What Is The Difference Between Primary & Secondary Storage Device?
In primary storage device the storage capacity is limited. It has a volatile memory. In secondary storage device the storage capacity is larger. It is a nonvolatile memory. Primary devices are: RAM / ROM. Secondary devices are: Floppy disc I Hard disk.
Why Does Microprocessor Contain Rom Chips?
Microprocessor contain ROM chip because it contain instructions to execute data.
What Is Meant By Latch?
Latch is a D- type flip-flop used as a temporary storage device controlled by a timing signal, which can store 0 or 1. The primary function of a Latch is data storage. It is used in output devices such as LED, to hold the data for display.
What Is The Difference Between Microprocessor And Microcontroller?
In Microprocessor more op-codes, few bit handling instructions. But in Microcontroller: fewer op-codes, more bit handling Instructions, and also it is defined as a device that includes micro processor, memory, & input / output signal lines on a single chip.
What Is The Disadvantage Of Microprocessor?
It has limitations on the size of data. Most Microprocessor does not support floating-point operations.
Is The Data Bus Is Bi-directional?
The data bus is Bi-directional because the same bus is used for transfer of data between Micro Processor and memory or input / output devices in both the direction.
Is The Address Bus Unidirectional?
The address bus is unidirectional because the address information is always given by the Micro Processor to address a memory location of an input I output devices.
What Does The Last Two Sections Define In Fstab File?
The 5th column tells the dump information if whether the partition has to be backed up. It it is "0" the filesystem will be ignored
The 6th column tells the order in which fsck command would check the filesystem on boot. If it is "0" then fsck won't check the filesystem
Explain The Procedure To Fix A Case When A System Is Unable To Boot Due To Improper Entry In Fstab?
Boot into single user mode and make the necessary corrections inside fstab
What Is The Default Mode When You Enter Single User Mode?
Read only for the first time but once you change it to read write then from next time onward it will be read write.
How Do You Make Permanent Changes To Any File Inside /proc Directory?
sysctl -p
What Is The Use Of Mtab Directory?
It contains a list of all the mounted directories or partitions on the system.
What Is The Command To View All The Mounted Partitions On The System?
mount
How To Change The Ext2/ext3 File System Attributes?
chattr command changes the file attributes.
How To List The Ext2/ext3 Filesystem Attributes?
lsattr command displays file attributes
How To Disconnect A Filesystem From A Linux Box?
The umount command is used.
https://mytecbooks.blogspot.com/2019/01/splunk-technology-frequently-asked_21.html