UNIX
SANDEEP TANTI

Table of contents

1.What is a file system in Unix?

o A file system is a logical method for organizing and storing large amounts of information in a way that makes it easy to manage.

o The file is the smallest unit in which information is stored.

2.What are the different types of files in File system?

o Ordinary files

Ordinary files can contain text, data, or program information

o Directories

Directories are containers that can hold files, and other directories.

o Special files

Special files represent input/output (i/o) devices, like a tty (terminal), a disk drive, or a printer. Special files can be either character special files that deal with streams of characters or block special files that operate on larger blocks of data.

o Links

A link is a pointer to another file. Directory is nothing more than a list of the names and i-numbers of files

3.How do you unmount the file system that is busy?

o Try unmounting using the umount command

o Advise the user to close if they have any opened files / sessions.

o Find the open sessions using “fuser” command

Syntax: fuser – cu / <mt.point>

4.What is an I-node?

o An information block called an i-node describes a Unix file. (Information Node or Index Node) There is an i-node on disc for every file on the disc.

o All the information about a file, other than it's name, is stored in the i-node. I-node stores file informations like, file permissions, owner and group details, file modified, created ,and last accessed details and type of the file,size of the file.

5.How do you find a file name from the inode number ?

# ncheck –i nnn /mntpoint

Where nnn è inode number.

6.How do u check the inode number from the file?

# ls –il

7.What are the information that inode contains?

o Type of the file

o File permissions

o No. Of links

o User / Group information

o No of bytes occupied

o Last accessed / modified

8.What is a link?

o A link is an association between a filename and inode.

9.What are the types of links?

o Hard link

o Soft link or Symbolic link

10.What is a hard link?

o A hard link is an additional name for a file.

o It cannot be created across the file systems boundaries and to link directories as well.

o Original file deletion will not affect the link file.

Syntax: ln <original_file> <link_file>

11.What is a Soft link or Symbolic link?

o A soft link is another way to provide multiple names for the same file.

o It can be created across file system boundaries and link directories.

o Original file deletion will affect the link file also.

Syntax: ln -s <original_file> <link_file>

12.Why can’t hard links span across file system?

o A hard link to a file is indistinguishable from the file itself.

o When a hard link is made, then the i-numbers of two different directory file entries point to the same inode.

o For that reason, hard links cannot span across file systems.

13.Is soft link can span across file systems?

o Yes. A soft link (or symbolic link) provides an indirect pointer to a file.

o A soft link is implemented as a directory file entry containing a pathname.

o Soft links are distinguishable from files, and can span across file systems.

14.What are the differences between Hard and Soft link?

Hard Link	Soft Link
$ ln old_file link_file	$ ln –s old_file link_file
Can not span across file systems	Can span across file systems
Original file deletion will not affect link file	Original file deletion do affect link file.
Same I-node number as original file	New I node number assigned to link file

15.There is one situation in which you do not do the sync to be executed. either manually or automatically, why??

o When you have run fsck on the root filesystem,it is not advisable to execute sync.

o If the sync executed at this point, that will rewrite the bad superblocks stored in the kernel buffers and undo the fixing fsck just did.

o Use –n option to reboot or shutdown to suppress the usual automatic sync operation.

16.What is the use of lost+found directory in unix file system?

o This is lost files directory.

o Disk errors or incorrect system shutdown may cause files to become lost:

o Lost files refer to disk locations that are marked as in use in the data structures on the disk, but they are not listed in any directory.

o (Example: A non-empty inode that is not listed in any directory)

o When the system is booting, it runs a fsck and finds these files.

o There is a lost+found directory on every disk partitions.

17.What is File and File System Limitation on AIX

Maximum File/Filesystem Sizes in AIX
23-Jan-04
	AIX 4.3	AIX 5.1			AIX 5.2
JFS	JFS	JFS	JFS2		JFS	JFS2
AIX Kernel	32/64	32/64	32 Bit	64 Bit	32/64	32 Bit	64 Bit

Maximum Supported
File Size	64 GB	64 GB	1 TB	1 TB	64 GB	1 TB	16 TB
Filesystem Size	1 TB	1 TB	1 TB	1 TB	1 TB	1 TB	16 TB

18.How do you limit the file size growth in a file system?

Using limit (csh),ulimit (ksh) command we can set the maximum file size.Unix will refuse to allocate more disk space to any files that has been set limit.

Example:

% limit filesize 2m

$ ulimit –f 2000

GENERAL UNIX

19.What will the halt command do?

o The halt command syncs the file system and stops the processor.

o No shutdown scripts are fired up.

20. What does the sync command do when you execute it?

Sync command completes pending file system to write to disk.
Most Unix shutdown, reboot, and halt commands will do a sync.
However, the reboot, fast boot, or halt commands will not go through the shutdown scripts.
If you manually sync, it is customary to do it multiple times (as we saw before).
The first sync is supposed to schedule a sync, not actually perform it.
The second and subsequent syncs force the sync.

21.What is a Daemon?

o A Daemon is a process that waits for an event to take place. It starts when you start your system and runs until you shutdown

o Once the event is detected, the daemon takes responsibility for the task and processes it.

The configuration files contain the daemons to be started, the tasks these perform and so on.

22.How do I recover deleted files?

If a file is Deleted from the system, the filesytem blocks composing that file still exist, but are no longer allocated. As long as no new files are created or existing files extended within the same filesystem, the blocks will remain untouched. It is possible to reallocate the blocks to the previous file using the "fsdb" command (filesystem debugger).

23.How to see "console" messages? (AIX SPECIFIC)

Use the swcons command to redirect the console to a file. Or use chcons to do it permanently.

24.Which command do you use to see the contents of the end of the file.?

tail displays the tail, or end, of the file.The default is to display the last 10 lines, but you can specify different line or byte numbers, or a different starting point within the file.

To display the last 30 lines of a file use the -number style:

% tail -30 filename

25.How do you record the terminal screen display informations?

script creates a script of your session input and output. Using the script command, you can capture all the data transmission from and to your terminal screen until you exit the script program. This can be useful during the programming-and-debugging process.

Syntax:

script [-a] [file] < . . . > exit

typescript is the name of the default file used by script.

26.How to change the access time of a file?

touch is the command to update the access time of a file.

Syntax :

touch [options] [date] file

The command is used primarily when the script is checking for last date or time a function was performed.

27.What is the use of “tee” command in unix?

The tee command reads standard input, then writes the output of a program to standard output and simultaneously copies it into the specified file or files.

Example :

To view and save the output from a command at the same time:

lint program.c | tee program.lint

This displays the standard output of the command lint program.c at the workstation, and at the same time saves a copy of it in the file program.lint. If a file named program.lint already exists, it is deleted and replaced.

28. What is grep?

The grep utility is used to search for generalized regular expressions occurring in Unix files. Regular expressions, such as those shown above, are best specified in apostrophes (or single quotes) when specified in the grep utility.

Common Options

-i ignore case

-c report only a count of the number of lines containing matches, not the

matches themselves

-v invert the search, displaying only lines that do not match

-n display the line number along with the line on which a match was found

-s work silently, reporting only the final status:

0, for match(es) found

1, for no matches

2, for errors

-l list filenames, but not lines, in which matches were found

29. What’s the command to search a particular number in a file using grep?

To search for the number 15:

# grep '<search string>' <file name>

30. How to count the number of lines matching the search criterion?

# grep -c '<search string>' <file name>

31. How to select for all lines containing the character 1 followed by either of 1, 2 or 5 if the file has numeric values?

# grep '1[125]' <file name>

32. How to search for all lines that begin with a space?

# grep '^ ' <file name>

33. How to find all lines that don’t begin with a space?

# grep '^[^ ]' <file name>

34. How to search for all lines that begin with the characters 1 to 9?

# grep '^[1-9]' <file name>

35. How to search for number of instances of t followed by zero or more occurrences of e?

Here we take an example of a file “numlist”

# grep 'te*' numlist

1 15 fifteen

2 14 fourteen

3 13 thirteen

4 12 twelve

6 10 ten

8 8 eight

13 3 three

14 2 two

36. How to search for number of instances of t followed by one or more occurrences of e?

We take an example of a file “numlist”

# grep 'tee*' num.list

1 15 fifteen

2 14 fourteen

3 13 thirteen

6 10 ten

37. We can also take input from a program, rather than a file. Here we report on any lines output by the who program that begin with the letter l.

# who | grep '^l'

lcondron ttyp0 Dec 1 02:41 (lcondron-pc.acs.)

38.How do you disable remote root login?

To disable remote logins for the root id

# chuser -rlogin=false root.

This forces users to first login in with their regular user id, then "su -" to root. All "su" activity is captured in /var/adm/sulog, thus answering the question of "who logged in as root."

39.What is the procedure to switch between 32 and 64 bit AIX 5 Kernels?

To switch from 32-bit mode to 64-bit mode run the following commands, in the given order:

ln -sf /usr/lib/boot/unix_64 /unix
ln -sf /usr/lib/boot/unix_64 /usr/lib/boot/unix
bosboot -ad /dev/ipldevice
shutdown -Fr
bootinfo -K (should now show 64)

40.What is the procedure to switch between 64 and 32 bit AIX 5 Kernels?

To switch from 64-bit mode to 32-bit mode run the following commands, in the given order:

ln -sf /usr/lib/boot/unix_mp /unix
ln -sf /usr/lib/boot/unix_mp /usr/lib/boot/unix
bosboot -ad /dev/ipldevice
shutdown -Fr
bootinfo -K (should now show 32)

41.How do you determine if a reboot is required after installing a software on AIX?

o The answer is in the ".toc" file** associated with the installp filesets. The ".toc" file contains lines like

bos.adt.libm 05.02.0000.0000 1 N U en_US ...

The "N" character means no reboot is required. On the other hand, if the line has a "b" character, a reboot is necessary. An example of such a line would be

bos.mp64 05.02.0000.0000 1 b B en_US ...

42.What is the difference between /tmp and /usr/tmp ?

The system splits the temporary files storage space. /tmp is normally used for storing small temporary files. Where as /usr/tmp directory for storing temporary files in bigger size.

Example:

Sort command put their temporaries in /usr/tmp.It assumes that the input will be bigger in size.

43. How do you copy file permission of one file to multiple files?

Cpmod command is used to copy / inherit the file permissions of one file to multiple files.

Example :

% cpmod ch01 ch0[234]

(cp –p is for copying file permission from one file to another)

44. How do you check the current init run level?

# who –r

# cat /etc/.init.state

45.How do you check the default init level ?

Check the default entry in /etc/inittab.

46.What is the difference between AIX Version 5.1 and Version 5.2?

The varyonvg command in 5.2 supports an -r flag that allows a volume group to be varied-on in read-only mode.
If there are several logical partitions with heavy usage on one physical disk and want to balance these across the available disks, you can use the new migratelp command to move these logical partitions to other physical disks.

o In Version 5.2, JFS2 can have a 1 TB file system on a 32-bit machine and 16 TB on a 64-bit machine running the 64-bit kernel.

AIX 5L Version 5.2 supports the IDE DVD-ROM Drive by default. This device is also supported with AIX 5.1 when ML 5.1.0.0 –03 is updated.

o Automatically mounts the CD-ROM/DVD-RAM file system when a media is

inserted in a drive. User commands to mount, unmount the file system, and eject the media from the drive are also available.

o The CD-ROM/DVD-RAM automount facility is contained in the bos.cdmount

fileset, which is installed by default.

o The lsconf command is provided for Linux affinity and has the same flags as the prtconf command.

47.How do you view boot and console logs in AIX?

o Boot and console messages can be used to identify and fix problems.

o These messages are automatically stored on disk by AIX. To view the stored messages, use the alog command.

Here are a couple examples of the alog command:

· alog -L # List the defined log types

· alog -o -t boot # View the boot log

· alog -o -t console # View the console log

48. Brief all System Configuration Files used in Unix system

File	Description
`/etc/bootparams`	Contains information regarding network boot clients.
`/etc/cron.d/cron.allow` `/etc/cron.d/cron.deny`	Allow access to `crontab` for users listed in this file. If the file does not exist, access is permitted for users not in the `/etc/cron.d/cron.deny` file.
`/etc/defaultdomain`	NIS domain set by `/etc/init.d/inetinit`
`/etc/default/cron`	Sets `cron` logging with the `CRONLOG` variable.
`/etc/default/login`	Controls root logins via specification of the `CONSOLE` variable, as well as variables for login logging thresholds and password requirements.
`/etc/default/su`	Determines logging activity for `su` attempts via the `SULOG` and `SYSLOG` variables, sets some initial environment variables for `su` sessions.
`/etc/dfs/dfstab`	Determines which directories will be NFS-shared at boot time. Each line is a `share` command.
`/etc/dfs/sharetab`	Contains a table of resources that have been shared via `share`.
`/etc/group`	Provides groupname translation information.
`/etc/hostname.interface`	Assigns a hostname to interface; assigns an IP address by cross- referencing `/etc/inet/hosts`.
`/etc/hosts.allow` `/etc/hosts.deny`	Determine which hosts will be allowed access to TCP wrapper mediated services.
`/etc/hosts.equiv`	Determines which set of hosts will not need to provide passwords when using the "r" remote access commands (eg rlogin, rsh, rexec)
`/etc/inet/hosts` `/etc/hosts`	Associates hostnames and IP addresses.
`/etc/inet/inetd.conf` `/etc/inetd.conf`	Identifies the services that are started by `inetd` as well as the manner in which they are started. `inetd.conf` may even specify that TCP wrappers be used to protect a service.
`/etc/inittab`	inittab is used by `init` to determine scripts to for different run levels as well as a default run level.
`/etc/logindevperm`	Contains information to change permissions for devices upon console logins.
`/etc/magic`	Database of magic numbers that identify file types for `file`.
`/etc/mail/aliases` `/etc/aliases`	Contains mail aliases recognized by `sendmail`.
`/etc/mail/sendmail.cf` `/etc/sendmail.cf`	Mail configuration file for `sendmail`.
`/etc/minor_perm`	Specifies permissions for device files; used by `drvconfig`
`/etc/mnttab`	Contains information about currently mounted resources.
`/etc/name_to_major`	List of currently configured major device numbers; used by `drvconfig`.
`/etc/netconfig`	Network configuration database read during network initialization.
`/etc/netgroup`	Defines groups of hosts and/or users.
`/etc/netmasks`	Determines default netmask settings.
`/etc/nsswitch.conf`	Determines order in which different information sources are accessed when performing lookups.
`/etc/path_to_inst`	Contents of physical device tree using physical device names and instance numbers.
`/etc/protocols`	Known protocols.
`/etc/remote`	Attributes for tip sessions.
`/etc/rmtab`	Currently mounted filesystems.
`/etc/rpc`	Available RPC programs.
`/etc/services`	Well-known networking services and associated port numbers.
`/etc/syslog.conf`	Configures `syslogd` logging.
`/etc/system`	Can be used to force kernel module loading or set kernel tuneable parameters.
`/etc/vfstab`	Information for mounting local and remote filesystems.
`/var/adm/messages`	Main log file used by `syslogd`.
`/var/adm/sulog`	Default log for recording use of `su` command.
`/var/adm/utmpx`	User and accounting information.
`/var/adm/wtmpx`	User login and accounting information.
`/var/local/etc/ftpaccess` `/var/local/etc/ftpconversions` `/var/local/etc/ftpusers`	wu-ftpd configuration files to set ftp access rights, conversion/compression types, and a list of userids to exclude from ftp operations.
`/var/lp/log`	Print services activity log.
`/var/sadm/install/contents`	Database of installed software packages.
`/var/saf/_log`	Logs activity of SAF (Service Access Facility).

Meta characters

49.What is a meta character?

A character that do not display as text but that are interpreted by the shell as having a special meaning are known as metacharacter.

Set of metacharacters are :

<>|!*?$\[]&

50.What is a wildcard?

Wildcards are members of a subset of metacharacters,that are used to search for and match file patterens.

Set of wildcards are :

* ? ! [] [-]

51.What is the use of ? wildcard character?

The ? is a one character wild card.
The shell matches the ? to any single character in a file name occupying the same position as the wildcard.
? wild card does not match a period (.) if it is the first character in a file name.

52.What is the use of * wildcard?

The * is a multiple character wildcard.
The shell expands * to match zero or any number of the characters in a file name or a directory name.

53.How do you exclude the list of characters using wild cards?

An exclusion list is that including an exclamation mark (!) as a character.
The ! character tells unix that the characters that follow are not members of a list of a range.

Example:

$qprt [!tn]*

Scheduling

54.Which daemon is responsible for scheduling jobs in Unix?

The cron daemon which translates to Chronological Data Event Monitor, is a program that schedules jobs to run automatically at a specific tiem and date.
The inittab file contains all the startup programs,including the cron daemon.The init process starts the cron daemon,or cron from the initab file during the initialization process of the operating system.

55.What all are the ways to submit a job for scheduling?

Use at and batch commands.
Use the crontab files to execute the jobs at regular intervals.

56.How do you submit jobs for one time execution?

Using at and batch commands we can submit jobs for one time execution.

57.How many concurrent events cron can run?

Be default,cron can run concurrently run 100 events of equal importance.

58.How do you limit the number of current events?(AIX Specific)

/var/adm/cron/queuedefs file allows to change the schedule by limiting the number of concurrent events and the priority by event type.

59.Which file is referred by cron to run the schedule jobs in the system?

At regular intervals,the cron looks and reads the crontab files that are located in the directory /var/spool/cron/crontabs
These file s contain the jobs submitted by users. For example,the file /var/spool/cron/crontabs/john contains John’s jobs that are scheduled to be run by cron.

60.Explain the flow of scheduling process.

The file /etc/init and the lines in the inttab are processed sequentially by init according to the current or specified run level.
The cron daemon reads the files in the /var/spool/cron/crontabs directory.
The files in this directory are named for the individual users/
When changes are made to the files in the corntabs directory,the cron daemon must be notified to reread the files.

61.How do you restrict the cron jobs submitting for normal users?

Only users listed in /var/adm/cron/cron.allow file will be able to submit the jobs.
By default root is part of this list.
Otherway is that the users listed in /var/adm/cron/cron.deny file will not be able to submit the jobs,and others can do.

62.How to set a cron job ?

A crontab file has five fields for specifying day , date and time followed by the command to be run at that interval.

* * * * * <command to be executed>

63.What are the rules for crontab file syntax?

A space separates each field,and spaces can not be embedded with in fields.
An asterisk (*) for every or all the possible values for the indicated field
A comma (,) indicates a list of values.
A dash (-) indicates a range of values.

64. How do you list / edit / remove the crontab file?

Crontab –l à Lists the contents of the current crontab file
Crontab –e à Edits the current crontab file
Crontab –r à removes the corntab file from the crontab directory.

65.What is the difference between at and batch commands?

The at command submits a job for corn to run at a specific time in the future.
Batch command submits a job to be run in background when the processor is low.
The entries will not be executed until the system reboots.
When using at commands,you should specify a start time for the job,but for batch command start time is not required to specify.

66.What file shows executed cron jobs? ( AIX Specific)

o The file /var/adm/cron/log shows all executed cron jobs.

67.Which are the files that control the usage of AT command ? (AIX Specific )

o /var/adm/cron/at.allow and /var/adm/cron/at.deny

UNIX PRINTING

68.What is a Print job?

A print job is a unit of work to be run on a printer. A print job can consist of printing one or more files depending on how the print job is requested. The system assigns a unique job number to each job it runs.

69.What is the Queue?

The queue is where you direct a print job. It is a stanza in the /etc/qconfig file whose name is the name of the queue and points to the associated queue device.

70.What is Queue device?

The queue device is the stanza in the /etc/qconfig file that normally follows the local queue stanza. It specifies the /dev file (printer device) that should be used.

71.What is the daemon that controls the print queues?

· qdaemon

72.How to start the qdaemon? (AIX SPECIFIC)

qdaemon is generally started when IPL starts. Alternatively we can start using startsrc command

· # startsrc –g qdaemon

73.What’s the command to create a new print queue?

· # lpadmin

74.Where’s the printer configuration file located? (AIX SPECIFIC)

· /etc/qconfig

75.How do you see the information about the current status of the printer?

· # lpstat –t

76.How to see everyone's activty on a printer?

· # lpstat <printername> -o

77.What is the command to display the current status information regarding specified print jobs, print queues, or users? (AIX SPECIFIC)

# qchk

78.What is the command to report the status of the specified job or all jobs associated with the specified UserName and JobNumber variables? (AIX SPECIFIC)

· # lpq

79.What is the command to print a file?

· # lpr <file name>

80.How to start the print queue? (AIX SPECIFIC)

· # enq -U -P <qname>:<Device>

81.How to stop the print queue? (AIX SPECIFIC)

· # enq -D -P <qname>:<Device>

Ø -D Device DOWN. Turns off the device associated with the queue. The qdaemon process no longer send jobs to the device.

Ø -U Brings UP the device associated with a queue. The qdaemon process sends jobs to it again.

Ø -P Queue Specifies the queue to which the job is sent. A particular device on a queue can be specified by typing -P Queue:Device.

82.How to cancel the print job in the queue?

· # qcan –x <qname>:<Device>

Networking

83. What is Ethernet?

Ethernet is the IEEE 802.3 series standard, based on the CSMA/CD

access method that provides two or more stations to share a common

cabling system.

This access method, Carrier Sense Multiple Access with Collision Detection, is the basis for Ethernet systems which range from speeds of 1 Mb/s through 1000 Mb/s.
IEEE 802.3 specification includes thick coax, thin coax, twisted pair cabling and fiber optic cabling, with speeds of 10 Mb/s, 100Mb/s (Fast Ethernet), 1,000 Mb/s (Gigabit Ethernet), and 10,000 Mb/s (10 Gigabit Ethernet).

84. What is CSMA/CD?

Carrier Sense Multiple Access with Collision Detection is the basis for the Ethernet standard.
This provides specific rules for allowing stations to communicate over the same transmission medium.

85.What are the steps involved when communicating with CSMA/CD.?

Stations must listen for a carrier on the wire.
If no carrier is detected, stations can begin transmitting.
While transmitting, the station continues to listen on the wire to ensure successful communications.
If two stations attempt to transmit information at the same time, the transmissions overlap and cause a collision.
If a collision occurs, the transmitting station recognizes the interference on the network and transmits a bit sequence called jam.
The jam helps to ensure that the other transmitting station recognizes that a collision has occurred.
After a random delay, the stations attempt to retransmit the information and the process begins again.

86. What is the difference between a bus topology and a star topology?

A bus topology is a networking architecture that is linear, usually by using one or more pieces of cable to form a single line, or bus.
The signals sent by one station extend the length of this cable to be heard by other stations.
A star topology is an architecture that includes a central device or hub to connect all stations together.
Signals sent by a station must pass through (and are usually regenerated) by these central hubs.
Since the hub sits in the center and all other stations are linked through the hub, the architecture resembles a star.

87. What is propagation delay?

The propagation speed of a medium refers to the speed that the data

travels through that medium.

Propagation delays differ between mediums, which affect the maximum possible length of the Ethernet topology running on that medium.
The maximum propagation delay through the network can be calculated

by dividing the maximum length by the speed.

88.How do I set the NIC speed and duplex?

# ndd -set /dev/hme adv_100fdx_cap 1 <SOLARIS Specific>
# chdev -P -l ent0 -a media_speed=100_full_Duplex <AIX Specific>
# mii-tool -F 100baseTx-FD eth0 <LINUX Specific>
# ethtool -s ethX speed 100 duplex full <LINUX Specific>

89. What is the command do you use to monitor packets traveling in your NIC ports?

Use the snoop -d command to capture and inspect network packets.
This command enables you to troubleshoot network problems at the packet level, allowing examination of the contents of a packet.

Snoop –d <interface name>

90.How do you check the network duplex mode is half or full?

Ndd –get /dev/<interface name> link_mode <SOLARIS Specific >

(Where a return value of 0 = half duplex, and 1 = full duplex.)

lsattr -d ent# <AIX Specific>
ifconfig –a eth0 <LINUX Specific >
lanadmin -x NMid# <HP-UX 10.x >
lanadmin -x PPA# <HP-UX 11.x >

91.How do you disable the Ethernet interface?

ifconfig <interface name> down

92.What are the files to be modified in order to rename the host name?

<SOLARIS Specific>

/etc/hosts
/etc/net/ticlts/hosts
/etc/net/ticolts/hosts
/etc/nodename
/etc/hostname.hmex
/etc/net/ticotsord/hosts

93.How do you add / delete a static route?

# route add -net 192.168.16.0 10.236.74.1
# route delete -net 192.168.16.0 10.236.74.1

94. What is the file to change the name resolution order?

/etc/nsswitch.conf < SOLARIS, HP UNIX, Linux >
/etc/netsvc.conf < AIX Specific >

95. We have TCP and UDP.TCP is relaible and UDP is not reliable. But still why r we using UDP? as there is no guaranteed transmission of DATA?

UDP is faster than TCP and adds less data to the packets.
TCP is connection oriented and UDP is connectionless protocol.
TCP makes sure everything is delivered. But UDP is not responsible for data delivery.
The reason for using Udp is to transmit audio or video streaming.
UDP is faster and in a real time video if you miss a frame, its not going to affect the entire data.
IP broadcast and Multicast always uses UDP protocol to transfer the data.

96.How do you control the unix systems to route the packets between the multiple interfaces?

By default, TCP/IP considers any machine with multiple network interfaces to be a router.
However, you can change a router into a multihomed host--a machine with more than one network interface that does not run routing protocols or forward IP packets.
Create a file called notrouter under /etc

# touch /etc/notrouter

When the machine reboots, the startup script looks for the presence of the /etc/notrouter file.
If the file exists, the startup script does not run in.routed –s and it does not turn on IP forwarding on all interfaces configured "up" by ifconfig.

97.What is scp?

Scp (Secure copy) is a command which allows files to be copied between UNIX machines.
Scp is an updated version of an older utility named rcp (remote copy).
The password information is encrypted.
To copy a directory, use the -r (recursive) option.

Example:

% scp -r mydir xyz@sdcc7:mydir

98.What all are the networking Terminologies used in unix environment?

routers are devices that connects two networks.
bridges are devices that connects your network to rest of the world, Internet, etc.
repeaters are devices that repeats the signals for amplification purposes.
hubs are devices that make up the network. All PCs when connected to a hub it becomes a LAN.
protocols are set of rules which define standard across a set of machines, i.e. All machines in this world use TCP/IP protocol for Internet, Novell and Microsoft use IPX/SPX protocol for their networks.
TCP/IP is Transmission control protocol/Internet Protocol.
file servers are machines which have huge disk space to house files for all users in network.
token ring is a type of network in which computers are connected as if in a ring (not physically though).
ethernet is type of network in which computers are connected to a central location (a hub).
print servers are devices that allow shared printers over network.
twp is Twisted Wire pair for LAN (a regular LAN cable for ethernet).
coax is coaxial cable (old LAN cable for ethernet also used for cable TV).
RJ45 refers to the jack or end of TWP cable which connects to RJ45 plug (wider telephone jack).
RJ11 refers to the regular telephone jack and plug.
10BaseT and 100BaseT refers to the speed of network, 10 kbps or 100 kbps.

99.What is the use of finger command ?

The finger command provides information about users on local and remote machines.This command refers .plan file of a specific user to provide the information.

User must allow general read permission on the .plan file.

100.Which command can be used to copy a file from local to remote system??

The rcp command provides the ability to copy files from the local host to a remote host in the local

Network.

rcp does not prompt for passwords, so you must have permission to execute remote commands on the specified machines as the selected user on each machine.

101.What is IP aliasing ?

IP Aliasing allows a single network interface to have multiple IP addresses. One of the advantages of aliasing is the ability consolidate applications and web pages on one server without changing application code.

102.How do you add/delete IP aliasing?

To add an alias to your existing network adapter:

#ifconfig en1 alias 10.10.10.1 netmask 255.255.255.1

To delete an alias from your network adapter

#ifconfig en1 delete 10.10.10.1

103.What is the term called DMZ in networking?

In computer networks, a DMZ (demilitarized zone) is a computer host or small network inserted as a "neutral zone" between a company's private network and the outside public network.
It prevents outside users from getting direct access to a server that has company data. A DMZ is an optional and more secure approach to a firewall and effectively acts as a proxy server as well.
Users of the public network outside the company can access only the DMZ host.
The DMZ may typically also have the company's Web pages so these could be served to the outside world.
However, the DMZ provides access to no other company data.
Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP ) servers, FTP servers, SMTP (e-mail) servers and DNS servers.

104.What is IP Spoofing?

A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host.

105.What is the function of a firewall?

A system designed to prevent unauthorized access to or from a private network.
Firewalls can be implemented in both hardware and software, or a combination of both.
Firewalls are frequently used to prevent unauthorized Internet users to access private networks that is intranets.
All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

106.Why port numbers are used?

Port numbers are used to name the ends of logical connections which carry long term conversations.
For the purpose of providing services to unknown callers, a service contact port is defined.
This list specifies the port used by the server process as its contact port.
The contact port is sometimes called the "well-known port".

107.What are the different ranges of port numbers?

The Well Known Ports are those from 0 - 1023.
The Registered Ports are those from 1024 - 49151
The Dynamic and/or Private Ports are those from 49152 –65535

108.What are the port numbers used for ftp connection?

Port number 20 – FTP Data
Port Number 21 – FTP Control

109.What are the most commonly used port numbers?

SSH Connection - 22
Telnet connection - 23
SMTP - 25
DNS - 53
TFTP - 69
HTTP - 80
POP3 - 110
NNTP - 119
LDAP - 389
DHCP (Client) - 546
DHCP (Server) - 547
Socks - 1080

NFS, NIS, cachefs, and autofs

110. Which of the following files are updated during the sysidtool phase of the installation? ( Solaris Specific )

/etc/TIMEZONE
/etc/nodename
/etc/nsswitch.conf
/etc/hosts
/etc/netmasks

111. Using which command All CacheFS file systems in the cache directory can be deleted ? (AIX/Solaris )

cfsadmin -d

112. How many bits are used for the HOST portion of a Class A IP address?

113. What command displays cache hit rates for a CacheFS mounted directory?

cachefsstat

114. Which of the following commands are used to create, partition, and check file systems on SUN OS?

newfs
format
fsck

115.Which is a RAM-based file system that implements a file system interface to files by using their file descriptors ?

FDFS file system

116.When would you have to re-run the automount command? ( Solaris )

o When you add an entry to the /etc/auto_direct map

When you add an entry in the /etc/auto_master map

117.What command is used to unshare all shared resources in /etc/dfs/sharetab? (Solaris )

unshareall

118.Which server is described: Offers database access through applications such as Oracle, Sybase, and Informix.

o Database Servers

119.Which of the following are valid names of NIS maps?

passwd.byname.dir
hosts.byname.pag

120.which of the following are NIS daemons?

rpc.ypupdated
rpc.yppasswdd
ypserv
ypxferd

121. Which command and option would you use to indirectly determine the Ethernet network load?

netstat -i

122. Which command manually invokes a consistency check on a cachefs filesystem?

cfsadmin -s

123.Which right that is used to grant access to a restricted function?

authorization

124. Which command below will mount a cacheFS filesystem?

mount -F cachefs -o backfstype=nfs ,cachedir=/cache/cache0, cacheid=data_cache hosts1:/export/data /data ( Solaris )
mount -V cachefs -o backfstype=nfs,backpath=/usr/abc,cachedir=/cache1 server1:/user2 /xyz ( AIX )

125. Which file maintains a list of shared directories?

o /etc/dfs/sharetab ( Solaris )

o /etc/xtab ( AIX )

126. What is the name of the NIS+ server daemon? ( AIX / Solaris )

rpc.nisd

127. What is the directory that holds both the ypbind daemon and the ypstart script?

/usr/lib/netsvc/yp

128. What are the valid profile shells? ( Solaris )

o pfsh

pfksh

129. Which statement is true about networking files, the /etc/hosts.equiv and the .rhosts files?

Neither file exists by default; they must be created

130. List the name services provided in Unix.

DNS
NIS
NIS+

131. Within the NFS server daemon, what run level does the system have to run at if there are entries in its /etc/dfs/dfstab file? ( Solaris )

Run Level 3

132. which facility in the /etc/syslog.conf file will put a timestamp in a defined log file.

mark

133. What are all the RAM based filesystems?

ProcFS
TMPFS
SwapFS

135. Which file would not normally be used as a NIS map?

/etc/passwd

Since most servers often run different services,the same /etc/inetd.conf file would not be used on all servers.

136. Which command would you use to view an NIS map?

ypcat

137. What command would you use to verify mounted partitions?

mount

138. Which NFS daemons are responsible for file locking and status checking?

Rpc.lockd

o Rpc.statd

139. What are the files used for automount ?

AIX

/etc/auto_master	The default map file used to create the initial automount keys.
/etc/hosts	Specifies servers that will be used in automount host maps.
/etc/irs.conf	Specifies the location of the automount maps.

Solaris

/etc/auto.master

/etc/auto.direct

/etc/auto.home

140. What are the advantages of automount ?

There is no overhead for the server
It unmounts file systems that are no longer in use
Mounts file system on demand

141. What are the benefits of using NFS?

Files appear to be local on the client
NFS gives the ability to setup a file server

142. What are the benefits of using NIS+?

NIS+ allows you to allow more users than just root to modify tables
NIS+ has built-in Security
NIS+ can handle larger domains

143. Which name service was designed to be primarily used on the Internet and provides hostname to IP address resolution?

144. Which command shows cache hit rate and consistency check statistics?

cachefsstat

145. Which command will zero all cacheFS counters?

cachefsstat -z

146. Which file is used to configure NFS logging? ( Solaris )

/etc/nfs/nfslog.conf

147. Which command is used for creation of additional swap space.

mkfile

148. To stop all file sharing on an NFS server, execute the command

unshareall ( Solaris )
exportfs –u ( AIX )

149. Which command will mount all remote shares. ( Solaris )

mountall -r

150. _Which standard naming service features with a directory that can store custom information about objects. These objects can be queried in a number of ways.

LDAP

151. The template configuration file for NIS+ is: ( Solaris )

/etc/nsswitch.nisplus

152.What all the daemons play critical role in NFS service?

biod: On the client end, handles asynchronous I/O for blocks of NFS files.
nfsd: Listens and responds to client NFS requests.
mountd: Handles mount requests.
lockd: Network lock manager.
statd: Network status manager

UNIX Security

153.What should be the umask and default path settings should be set for user root?

umask setting should be 077 or 027.
Safe search path, should be /usr/bin:/sbin:/usr/sbin

154.How do I make the user "root" can not log directly into an AIX server?

AIX :

# chuser rlogin=false root
/etc/security/user – set the root à rlogin value to false.

Solaris:

Enable the "CONSOLE" line in /etc/default/login.

155.How to disable ftp access for normal users?

Add the users in /etc/ftpusers
By default root is disabled

156. How do I disable rlogin/rsh access?

Remove /etc/hosts.equiv, /.rhosts,
Do a kill -HUP of the inetd process.

157.What all are the accounts are unncessary in Unix? And how can those be disabled?

sys
uucp,
nuucp,
listen.

These accounts either can be removed or locked.
To lock the account à put "*LK*" in the password field of the /etc/shadow file

158.How to I protect devices?

The file /etc/logindevperm <Solaris Specific>contains configuration information to tell the system permissions set on devices associated with login (console, keyboard, etc).
Check the values in this file and modify them to give different permissions.

159. What permissions should be set for /etc ?

No file in /etc needs to be group writeable.
Remove group write permission via the command chmod -R g-w /etc

160.How do you control the unix systems to route the packets between the multiple interfaces?

add ndd -set /dev/ip ip_forwarding 0 at the end of /etc/init.d/inetinit. < Solaris Specific>
touch /etc/notrouter
no –ipforwarding=0 ( AIX )

161.How do you monitor cron job activities? ( Solaris )

Enable logging of all cron job activities by setting "CRONLOG=yes" in /etc/default/cron.

162. Is it secure to run rpcbind?

rpcbind is the program that allows rpc callers and rpc service provides to find each other.
Unfortunately, standard rpc is unsecure. It uses "AUTH_UNIX" authentication, which means it depends on the remote system's IP address and the remote user's UID for identification.
Both of these forms of identification can be easily forged or changed. Special purpose systems (web servers, ftp servers, mail servers, etc) can usually have rpc disabled.
To disable rpc, rename /etc/rc2.d/S71RPC.

163. What permission bits should be set on /etc/utmp?

/etc/utmp can be set to mode 644

164.How do you check the files which all are set suid and sgid?

# find / -perm -4000 -print
# find / -perm -2000 –print

165.What are the permissions to be set for loginlog? ( Solaris )

Other than syslog, loginlog file also provides more logging information.

touch /var/adm/loginlog
chmod 600 /var/adm/loginlog
chgrp sys /var/adm/loginlog

166.What is "promiscuous" mode? ( Solaris / AIX )

Promiscuous mode allows the machine to see all network packets, rather than just those packets destined for the machine.
This allows the machine to snoop the network and monitor all traffic.
An interface should only be in promiscuous mode if the snoop program, or another network monitor program, is being run.
If you aren't running such a program, and your machine's interface is in promiscuous mode, then it's likely that a hacker is monitoring your network.
The public domain ifstatus command returns a machine's promiscuous state.
Ifstatus command can be used for checking the promiscuous mode.

167.What is Secure Shell (SSH) ?

Secure Shell (SSH) is an application that protects the TCP/IP connections between two computers.
The encryption of the connection is done on the application layer, which means that security provided by Secure Shell (SSH) is available regardless of the network connection speed or type.
Secure Shell is a new industry standard of accessing remote systems securely using strong encryption and cryptography.
It was originally designed to replace popular telnet, ftp and UC Berkley UNIX ‘r’ commands with secured encrypted versions.
The server side is called Secure Shell server or daemon (sshd).
The client side is called Secure Shell client (ssh).
A ssh client is used to connect to a remote machine running sshd server and run any character mode programs in the sshd server.
Secure Shell standard has been expanded to perform these crucial tasks securely:

Ø Secure remote access into a computer system

Ø Securely transfer and copy files between systems

Ø Act as a software VPN or tunnel to secure protocols like SMTP, POP, FTP, Telnet, X-windows which are not inherently secure on the TCP/IP wire

168. What all are the benefits of Secure Shell ?

Strong Authentication, State-of-the-art Encryption
Easy Installation and Effortless Deployment
Network Independent Secure Access
Graphical User Interface for Windows Users
Smart Card Authentication

169. What all are the security measures you will take, when you use NFS?

Ensure that no file systems are exported to the world or to untrusted hosts
Use the "-access" option on all file systems in the exports (or dfstab) file ( “ro” or “rw” permissions)
Do not allow untrusted workstations to mount file systems with "root" access enabled
Minimize the number of exported file systems
Make sure NFS servers require that clients use privileged ports
Understand that root on a client can always become any non-root NFS user
Understand any OS-Version-Specific NFS bugs on your system

170. What all are the security measures you will take, when you use sendmail?

Check your version of sendmail to ensure it is secure
Ensure the "decode" alias in the aliases file is disabled
Ensure that there is no "wizard" password in the sendmail.cf file
Ensure that there is no "debug" command
Ensure your versions of /bin/mail and /bin/rmail are secure

171. What all are the security measures you will take, when you use NIS?

Avoid using NIS if possible; if you do use it, choose a "hard to guess" NIS-domain name
Use "+:" instead of "+::0:0:::" in the password file
Be sure the NIS maps are writable only by "root"
Check "+" lines in passwd and group files
Realize that NIS passwords (and other maps) are visible on the network, so take extra care that users choose "good" passwords and change them frequently

172.What all are the security measures you will take, on X Window System?

Make use of any access control mechanisms provided by the operating system and window system to prevent theft of workstation display contents or keystrokes
Inform users to not use the 'xhost +' command and/or disable it
Check for xsessions files with 'xhost +' enabled and stop doing this
Disable broadcast and/or indirect XDM requests for any X terminals that you don't explicitly want to support

173.What are the considerations on Account Security in Unix?

Inform users of "good" password selection criteria, and use either a pro-active password checker or a password cracking program to verify that passwords are secure.
password aging
implement a shadow password file
Place expiration dates on, and periodically "expire", all accounts to eliminate unused accounts
Carefully restrict guest accounts, using restricted shells if possible
Do not leave "idle" (i.e. unused) guest accounts enabled
Password protect all well-known accounts that must be on the system; delete well-known accounts that are not needed
Make sure all accounts have passwords or "*" in the password field
Eliminate group and shared accounts, replacing them with groups instead
Avoid placing the current directory (".") in your (especially root's) search path
Make sure default file protections for newly created files do not allow group/world read/write access by using a "umask" value of 022, 027, or 077, especially on the root account
Codify rules and policies for operating as the "super user"; use "su -" instead of logging in as root to monitor use of the root account--then monitor the log files to see when this account is used
Write-protect the "root" account's startup files and home directory
Disable message permission using the mesg command if you are using a terminal with block-mode transmission features or remotely programmable function keys
Minimize the number of accounts on servers and "critical" hosts
Minimize the number of users with "super user" privileges

174.How do you enforce automatic logoff?

To do this, edit the /etc/security/.profile file to include an automatic logoff value for all users, as in the following

Example:

TMOUT=600 ; TIMEOUT=600 ; export readonly TMOUT TIMEOUT

The number 600, in this example, is in seconds, which is equal to 10 minutes.

175.How do you hide user names and passwords ?

Ensure that user IDs and passwords are not visible within the system.
The .netrc files contain user IDs and passwords.
This file is not protected by encryption or encoding, thus its contents are clearly shown as plain text.
To find these files, run the following command:

# find ’awk -F: ’{print $6}’ /etc/passwd&’ -name .netrc –ls

After you locate these files, delete them.

176.What is TCB ? < AIX Specific>

The Trusted Computing Base (TCB) is the part of the system that is responsible for enforcing systemwide information security policies.
By installing and using the TCB, you can define user access to the trusted communication path, which allows for secure communication between users and the TCB.
TCB features can only be enabled when the operating system is installed.
To install TCB on an already installed machine, you will have to perform a preservation installation.
Enabling TCB allows you to access the trusted shell, trusted processes, and the Secure Attention Key.
Every file in the /dev directory is monitored by TCB.
In addition, the TCB automatically monitors over 600 additional files, storing critical information about these files in /etc/security/syschk.cfg.

177.What is command do you use to remove obsolete files? < AIX Specific>

o To remove unwanted and unneeded files from your system, AIX provides you with

the skulker command, which allows you to automatically track and remove obsolete files.
This facility works on candidate files located in the /tmp directory, executable a.out files, core files, and ed.hup files.
To run the skulker command, type
# skulker -p
You can automate the skulker command by setting up the cron facility to perform this task regularly.

178.How do you identify the unowned files ?

When a user ID is removed, that user’s files then have no owner assigned to them. To identify files that have no owner, you can use the find command as follows:

# find / -nouser –ls

After identifying files that have no owners, determine whether the files are needed. If they are needed,assign them to a different user.
Otherwise, you can remove those files from the system.

179.How do you identify the network services with open communication ports?

Open ports are vulnerable to potential security attacks, identify which

applications have open ports and close those ports.

To determine which ports are open, you must:

v Identify the services with the netstat command as follows:

# netstat -af inet

v After you have identified which services are listening, open the /etc/services file and check the Internet Assigned Numbers Authority (IANA) services to map the service to port numbers within the operating system.

v Close down the unnecessary ports by removing the running services.

180.What are Tcp Wrappers?

One of the problems with TCP/IP is that it is basically insecure. Many intrusions are the result of this insecurty.
TCP Wrappers solves this by restricting services that can be used.
TCP Wrappers is a daemon that is run instead of inetd. It intercepts requests and either allows inetd to run and service the request or does not run inetd, thereby denying the request.
TCP Wrappers handles telnet, finger, ftp, exec, rsh, rlogin, tftp, talk, comsat, and other services that have a one-to-one mapping onto executable files.
TCP Wrappers consists of:

Ø hosts.allow and hosts.deny files with the rules for allowed and denied services

Ø tcpdchk program that checks configuration files for problems

Ø tcpdmatch program that reports how a service will be handled

o Configure hosts.allow and hosts.deny files

o If you have a high level of trust then allow everything that isn't specifically denied

o If you have a low level of trust then deny everything that isn't specifically allowed

Then set up hosts.allow and hosts.deny files

o Remember that hosts.allow is examined first

For a mostly open system, leave hosts.allow empty and put denied services in hosts.deny
For a mostly closed system, put "ALL : ALL" in hosts.deny and then put allowed services in hosts.allow

Example - mostly closed system

hosts.allow

ALL : localhost

in.telnetd : gilton.net

in.fingerd : jeff1.gilton.net

181.How does /etc/shadow password file differs from /etc/password?

/etc/shadow files are protected from all access by non-root users and which store the encrypted passwords. The /etc/passwd file is usually owned by root and system group. Only the owner should have write access and others will have read access.

Example:

-rw-r- - r-- root system 4096 Apr 1991 /etc/passwd

/etc/shadow password files usually have the same ownership but are not accessible at all by anyone but root.

-rw------- 1 root system 4096 Apr 1991 /etc/shadow

182.What is umask?

The umask command to specify the default mode for newly created files. A three digit numeric mode that represents the access to be inhibited –masked out-when a file is created.To determine the value,subtract the desired value for the file you want to give.

Example:

To obtain the mode 751 by default for all newly created files, subtract 751 from 777 which is 026.

# umask 026

Once the umask is set,all the future files created will be given this protection automatically.

(Usually put the umask command in the system initialization file which gives the users, when an account is created).

183.What is a Sticky Bit?

Sticky bit is applied to an executable program to instruct the operating system to keep it loaded in memory even after the process that was using it had exited.
This was set on large programs that were frequently used to increase system performance, but is not necessary today due to modern virtual memory techniques.
Even though it's not often used in this manner today, it can be used to create an additional layer of security on directories.

Normally, when a directory has write permission enabled for a user, that user may add and delete files from it.
If the sticky bit is set on a directory, files in it may only be deleted if the user is...

· the owner of the directory
· the owner of the file
· root (superuser)

This functionality is useful when a group of users need to have the ability to create and modify files in a shared directory, but need to be prevented from deleting each other's files.
A system-level example of this is the /tmp directory:

drwxrwxrwt 4 root sys 188 Sep 20 15:22 tmp

To set the sticky bit:

chmod u+t <directory>

184.How do you restrict the normal users to login to the system??

/etc/nologin file restricts the users to log in to the system. This file is created automatically when the shutdown command and removed by /etc/rc.

The contents of /etc/nologin file is used to display if any one tries to login.

185.Which file will be refered by last command?

/var/adm/wtmpx
last Looks in the /var/adm/wtmpx file, which records all logins and logouts, for information about a user, a terminal, or any group of users and terminals.

186.which file will be refered by who command??

The who utility can list the user's name, terminal line, login time, elapsed time since activity occurred on the line, and the process-ID of the command interpreter (shell) for each current UNIX system user. It examines the /var/adm/utmpx file to obtain its information.

187.How do you verify the failed login details?

/etc/security/failedlogin contains a record of invalid login attempts.

188.How do you verify unsuccessful su login attempts?

Each time the su command is executed, an entry is made in the /var/adm/sulog file. The /var/adm/sulog file records the following information: date, time, system name, and login name. The /var/adm/sulog file also records whether or not the login attempt was successful: a + (plus sign) indicates a successful login, and a - (minus sign) indicates an unsuccessful login.

189.How do you enable non-root users to administer passwords?

The AIX pwdadm command can be used to offload password administration to non-root administrators. The pwdadm command allows the administrator to change anothers password, or force users to change their password at the next login. To enable a non-root administrator to use pwdadm, simply add their ID to the "security" group.

STORAGE

190.What is Fault tolerance?

Fault-tolerant describes a computer system or component designed so that, in the event that a component fails, a backup component or procedure can immediately take its place with no loss of service. Fault tolerance can be provided with software, or embedded in hardware, or provided by some combination

191.What is High availability?

A high availability solution will ensure that any failure of any component of the solution, be it hardware, software, or system management, will not cause the application and its data to be inaccessible to the user community. This is achieved through the elimination or masking of both planned and unplanned downtime. A highly available solution should eliminate single point of failure (SPOF) through appropriate design, planning, selection of hardware, and Configuration of software.

192.What are the difference between fault tolerance and high availability?

A fault tolerant environment has no service interruption, while a highly available environment has a minimal service interruption. Many sites are willing to absorb a small amount of downtime with high availability rather than pay the much higher cost of providing fault tolerance. Additionally, in most highly available configurations, the backup processors are available for use during normal operation.

193.What is RAID?

RAID is an acronym for Redundant Array of Inexpensive (or Independent) Disks.

A RAID array is a series of drives which together act as a single storage system. In most configurations this storage system can tolerate the failure of a drive without losing data and depending on how it is configured, can rebuild itself once the failed component is replaced.

194.What are the different raid levels?

· RAID Level 0

· RAID Level 1

· RAID Level 3

· RAID Level 5

· RAID Level 10

· RAID Level 50

195.What is RAID Level 0?

· RAID Level 0 provides no redundancy, which is otherwise called as Striping.

· RAID Level 0 splits or stripes the data across drives, resulting in higher data throughput.

· The failure of any disk in the array results in complete data loss.

· Level 0 is only used to increase disk performance.

196.What is RAID Level 1?

RAID Level 1 is usually referred to as mirroring.

A Level 1 array provides redundancy by duplicating all the data from one drive on a second drive so that if either drive fails, no data is lost.

197.What is RAID Level 3?

RAID Level 3 stripes data at a byte level across several drives, with parity stored on one drive.
If one disk fails it is possible to rebuild the complete data set so that no data is lost.
If more than one drive fails all the stored data will be lost.

198.What is RAID Level 5?

RAID Level 5 stripes data at a block level across several drives and distributes parity among the drives.
No single disk is devoted to parity.
The parity data is distributed on each drive, hence the read performance tends to be lower than other RAID types.

199.What is RAID 10?

RAID 0+1 or RAID 10 is a combination of RAID Levels that utilizes multiple RAID1 (mirrored) sets into a single array.
Data is striped across all mirrored sets. Any disk can fail and no data is lost as long as the mirror of that disk is still operational.

200.What is RAID 50?

RAID 0+5 or RAID 50 is a combination of RAID levels that utilizes multiple RAID 5 sets striped in a single array.
In a RAID 0+5 array, a single hard drive failure can occur in each of the RAID 5 sides without any loss of data on the entire array.
If more than one disk is lost in any of the RAID 5 arrays all the data in the array is lost.

201.What are the advantages and disadvantages of different RAID levels?

RAID level	Availability mechanism	Capacity	Performance	Cost
0	None	100%	High	Medium
1	Mirroring	50%	Medium / High	High
3	Parity	80%	Medium	Medium
5	Parity	80%	Medium	Medium

202.What is NAS?

Network Attached Storage (NAS) allows storage capacity from one Server to be shared with other servers connected to the same communications network.

203.What are the advantages of NAS?

High-capacity storage consolidation of heterogeneous data (up to 12TB raw capacity)

Utilization of existing network infrastructure

Easy installation and management

Non-disruptive capacity upgrades

Dual controller or clustered support for high availability environments

204.What is SAN?

Storage Area Networks or SANs, place data storage on its own network. SANs provide the ability to isolate all storage I/O functions so that business applications and end-user bandwidth needs are not affected by storage network traffic.

205.What are the advantages of SAN?

SANs improve accessibility to data
Remove the bottlenecks often associated with traditional data storage technologies

Enhances manageability and allow better use of information as a strategic asset.

Backup & Restore

206.Why do we need backups?

o In order to recover lost files we need to have backups.

o If our data is lost, computers are of no use.

o Thus giving us a reason to copy the data into a backup media, from which we can recover our lost files after disaster.

o Before backing up the files, a systems administrator needs to decide on which type of backup ,duration ,media, commands to be used,

207.What all are the backup types?

Backup types are

Full backup
Differential backup
Incremental backup
Mirror backup.

208.What is a full backup?

Full backup is the starting point for all other backups, and contains all the data in the folders and files that are selected to be backed up.
Full backup stores all files and folders, frequent full backups result in faster and simpler restore operations.

209.What is a Differential Backup?

A differential backup contains all files that have changed since the last FULL backup. The advantage of a differential backup is that it shortens restore time compared to a full backup or an incremental backup.
However, if you perform the differential backup too many times, the size of the differential backup might grow to be larger than the baseline full backup

210.What is an Incremental backup?

An incremental backup stores all files that have changed since the last FULL OR DIFFERENTIAL backup.
The advantage of an incremental backup is that it takes the least time to complete.
However, during a restore operation, each incremental backup must be processed, which could result in a lengthy restore job.

211.What is a mirror backup?

A mirror backup is identical to a full backup, with the exception that the files are not compressed in zip files and they can not be protected with a password.
A mirror backup is most frequently used to create an exact copy of the backup data.
It has the benefit that the backup files can also be readily accessed using tools like Windows Explorer.

212.What is the difference between incremental and differential backups?

The incremental backup saves several intermediate versions of files which have been modified or created since the last backing up.
The differential backup saves files which are not included in the full backup (newly created or added files) or which are differ from the same files in the full backup. (The files are considered identical, if they have equal size and date-time stamp)

213.what are the common backup and restore commands used in unix environment?

cpio,dump, restore , pack, tar, ,backup,dd

214.Explain about compress and uncompress commands.

Compress command compresses a file and returns the original file with .Z extension, to uncompress this filename.Z file use uncompress filename command.

Syntax for compress command is
compress options files

Uncompress file uncompresses a file and return it to its original form.

Syntax is
uncompress filename.Z this uncompresses the compressed file to its original name.

215.What is the use of cpio command?

cpio command is useful to backup the file systems.
It copy file archives in from or out to tape or disk, or to another location on the local machine.

Syntax is
cpio flags [options]

cpio -i copy in files who names match selected patterns
cpio –o Copy out a list of files whose name are given on standard output.
cpio –p copy files to another directory on the same system

216.What is the use of dump command? < HP-UX Specific>

dump command copies all the files in filesystem that have been changed after a certain date.
It is good for incremental backups.
This information about date is derived from /var/adm/dumpdates and /etc/fstab

Syntax for dump is
/usr/sbin/dump [option [argument ...] filesystem]

217.Explain about pack command?

pack command compacts each file and combine them together into a filename.z file.
The original file is replaced. Pcat and unpack will restore packed files to their original form.
Syntax is
Pack options files

218,What is tar command? What is the use of it?

tar command creates an archive of files into a single file.
Tar copies and restore files to a tape or any storage media.
The tar command manipulates archives by writing files to, or retrieving files from, an archive storage medium.
The files used by the tar command are represented by the File parameter.
If the File parameter refers to a directory, then that directory and, recursively all
files and directories within it are referenced as well.

Synopsis of tar is
tar [options] [file]

Examples:
tar cvf /dev/rmt/0 /bin /usr/bin creates an archive of /bin and /usr/bin, and store on the tape in /dev/rmt0.
tar tvf /dev/rmt0 will list the tape's content in a /dev/rmt0 drive.
tar cvf - 'find . -print' > backup.tar will creates an archive of current directory and store it in file backup.tar.

219.Explain about mt command? <HP-UX Specific>

Mt command is used for tape and other device functions like rewinding, ejecting, etc.
It give commands to tape device rather than tape itself.

Syntax is
mt [-t tapename] command [count]

220.What is a dd command?

The dd command reads the InFile parameter or standard input, does the specified conversions, then copies the converted data to the OutFile parameter or standard output.
The input and output block size can be specified to take advantage of raw physical I/O.

Example:

dd if=boot.img of=/dev/fd0 bs=1440

221.What is the pax used for?

The pax command should be the archive of choice for system dumps

and images greater than 2 GB in size.

222.Explan about backup and restore commands?

The backup command creates copies of your files on a backup medium, such as a magnetic tape or diskette.
The copies are in one of the two backup formats:
Either specific files backed up (using the –i flag), or the entire file system backed up by i-node.

The restore command reads archives created by the backup command and extracts the files stored on them.
These archives can be in either file-name or file-system format.

Examples:

# backup -0 -uf /dev/rmt0 /home
# restore -x -d -v -q -f /dev/rmt0 /etc/hosts

223.What is the command used to take rootvg backup in AIX?

The mksysb command creates a bootable image of all mounted file systems on
the rootvg volume group.
You can use this backup command to reinstall a system to its original state.
The tape format includes a BOS boot image, a BOS install image, and a dummy
table of contents (TOC) followed by the system backup (root volume group)
image.
The root volume group image is in backup-file format starting with the data files and then any optional map files.

224.What is the command used to take backup of datavg in AIX?

The savevg command finds and backs up all files belonging to a specified volume
group.
A volume group must be varied on, and the file systems must be mounted.
The savevg command uses the data file created by the mkvgdata command.

Example:

# savevg -if /dev/rmt0 uservg

225.What is the command used to restore the datavg in AIX?

restvg Use the restvg command to restore a user volume group.

226. How the ufsdump Command Works? <SOLARIS SPECIFIC>

The ufsdump command makes two phases when it backs up a file system.
On the first phase, this command scans the raw device file for the file system and builds a table of directories and files in memory.
Then, this command writes the table to the backup media.
In the second phase, the ufsdump command goes through the inodes in numerical order, reading the file contents and writing the data to the media.
The ufsdump command copies data only from the raw disk slice.
If the file system is still active, anything in memory buffers is probably not copied. The backup done by ufsdump does not copy free blocks, nor does it make an image of the disk slice.
If symbolic links point to files on other slices, the link itself is copied.

Example:

# ufsdump 0f - /dev/rdsk/c0t0d0s0|(cd /newroot;ufsrestore xf -)

227.What all are the issues concerning backups?

An effective backup strategy is an ongoing process.
The simpliest backup scheme is to copy all the files on a media, called full backup.
Copy only those files which were changed since last backup, called incremental backup.
Always label on media before what you are going to backup in that media.
Know where the media is and keep a handy procedure on "how to backup and restore."
Write protect media.
Take security of media into account. A stolen/lost tape of full backup is full access to system.

228.how do you make a root volume mirroring in sun solaris?

STEP 1 : run format and make exact copy of disk slice patition on new
disk which u want to make new copy.

STEP 2 : run newfs command on all slices made in new disk

STEP 3 : go to the path of current disk and make a dump of all existing file systems into new disk

ufsdump 0f - /dev/rdsk/c0t0d0s0|(cd /newroot;ufsrestore xf -)
ufsdump 0f - /dev/rdsk/c0t0d0s1|(cd /newvar;ufsrestore xf -)
ufsdump 0f - /dev/rdsk/c0t0d0s3|(cd /newusr;ufsrestore xf -)

STEP 4 : make new disk bootable using this command
installboot /usr/platform/`uname -i`/lib/fs/ufs/bootblk /dev/rdsk/c0t1d0s0

STEP 5: Remove old disk and boot with new disk

229.What is Tar?

The tar command combines files into one device or filename for archiving purposes. The tar command does not compress the files; it merely makes a large quantity of files more manageable.

Syntax

tar [options] [directory file]

Common Options

c create an archive (begin writting at the start of the file)

t table of contents list

x extract from an archive

v verbose

f archive file name

b archive block size

230.How to create Tar archieve?

Example:

# tar –cvf /dev/rmt0 <source file>

/dev/rmt0 > Target where archive to be created

tar will accept its options either with or without a preceding hyphen (-). The archive file can be a disk file, a tape device, or standard input/output. The latter are represented by a hyphen.

231.How to extract archive from tar?

Example :

# tar –xvf <source> <destination>

232.How to read the contents of tar arcive ?

Example:

# tar –tvf <archieve name>

233.What is dd?

The dd command allows you to copy from raw devices, such as disks and tapes, specifying the input and output block sizes. dd was originally known as the disk-to-disk copy program. With dd you can also convert between different formats.

Syntax

dd [if=input_device] [of=output_device] [operand=value]

Common Options

if=input_device the input file or device

of=output_device the output file or device

234.What are all the other options we can include in dd usage?

ibs=n input block size (defaults to 512 byte blocks)

obs=n output block size (defaults to 512 byte blocks)

bs=n sets both input and output block sizes

files=n copy n input files

skip=n skip n input blocks before starting to copy

count=n only copy n input blocks

conv=value[,value] where value can include:

ascii convert EBCDIC to ASCII

ebcdic convert from ASCII to EBCDIC

lcase convert upper case characters to lower case

ucase convert lower case characters to upper case

swab swap every pair of bytes of input data

noerror don’t stop processing on an input error

sync pad every input block to the size of ibs, appending null bytes as needed

Block sizes are specified in bytes and may end in k, b, or w to indicate 1024 (kilo), 512 (block), or 2

(word), respectively.

235.How to copy files from one tape to another using dd command?

To copy files from one tape drive to another:

# dd if=/dev/rmt/0 of=/dev/rmt/1

20+0 records in

20+0 records out

PERFORMANCE

236.What all are the performance tools used in unix?

· Vmstat

· Iostat

· Netstat

· Svmon

· Ps

· Topas

· Top

· Sar

· Glance

· Nvmon

· Monitor

· Tprof

· Mpstat

· Lvmstat

237.What is “truss” command?

Truss command traces a process's system calls, dynamically loaded user level function calls, received signals, and incurred machine faults.

If the trace output remains directed to the terminal, or if existing processes are traced (using the -p flag), then truss responds to hangup, interrupt, and quit signals by releasing all traced processes and exiting. This enables the user to terminate excessive trace output and to release previously existing processes. Released processes continue to function normally.

Syntax:

# truss -rall -wall -f -p <PID>

238.What is the command to display performance statistics for logical CPU in a system?

The mpstat command collects and displays performance statistics for all logical CPUs in the system.

When the mpstat command is invoked, it displays two sections of statistics.

· The first section displays the System Configuration, which is displayed when the command starts and whenever there is a change in the system configuration.

· The second section displays the Utilization Statistics which will be displayed in intervals and at any time the values of these metrics are deltas from pervious interval

Example:

To see the default set of utilization metrics, typ:

# mpstat 1 1

239.Explain about nmon and nmon-analyzer.

The nmon and nmon_analyzer are free tools from IBM that are useful for displaying and analyzing AIX performance.

The nmon tool is similar to "topas", which displays real-time AIX performance statistics. But unlike "topas", nmon presents more information and can capture data for analysis and presentation.

The nmon_analyzer tool analyzes the captured performance data. It can create a spreadsheet showing graphs of performance trends.

240.How to find the system is memory bound or cpu bound?

cpu bound

From the output of the vmstat command if the total system (sy) and user (us)

CPU usage is approaching 100 %. This would imply idle and wait times for CPU are approaching 0. So the system is CPU bound.

Memory bound:

A system is memory bound if some virtual memory is forced out to disk.

Meaning the system is waiting on a relatively slow disk instead of relatively fast RAM.

This is indicated by a non-zero value in the page-in (pi) and page-out (po) values.

241.What is sar?

Sar is System Activity Report.

Sar Collects, reports, or saves system activity information.

The sar command extracts and writes to standard output records previously saved in a file. This file can be either the one specified by the -f flag or, by default, the standard system activity daily data file, the /var/adm/sa/sadd file, where the dd parameter indicates the current day.

242.What are the memory pages?

The Unix kernel divides the memory into manageable chunks called pages.
A single page of memory is usually 4096 or 8192 bytes (4 or 8KB).
Memory pages are laid down contiguously across the physical and virtual memory.

243.What is a process?

When a UNIX program is running, it occupies RAM (memory) and stays in memory as long as it runs.
The memory is reclaimed when the program exits.
During the time it runs, the program in memory is called a process.

244.What is memory leak?

Systems have been known to run out of paging space because of memory leaks in long-running programs that are interactive applications.
A memory leak is a program error where the program repeatedly allocates memory, uses it, and then neglects to free it.
The svmon <AIX Specific> command is useful in detecting memory leaks.

Use the svmon command with the -i flag to look for processes or groups of processes whose working segments are continually growing.

245.What is the nice and renice command used for ?

The nice command enables a user to adjust the dispatching priority of a

command. Non-root authorized users can only degrade the priority of their own

commands.

A user with root authority can improve the priority of a command as

well. A process, by default, has a nice value of 20. Numerically increasing this

value results in degraded priority of the threads in this process.

Example:

# nice -10 ps -l

The priority of a thread that is currently running on the system can be changed by

using the renice command to change the nice value for the process that contains

the thread.

Example :

# renice -n -20 -p 18220

246. What all are the performance statistics displayed when executing topas tool?

Topas is capable of reporting on local system statistics such as,

CPU utilization statistics

Network interface statistics
Disk drive statistics
WLM statistics
Process statistics
Event and queue statistics
File and tty statistics
Paging statistics
Memory statistics
NFS statistics

247.Why lvmstat is used in AIX?

The lvmstat command reports input and output statistics for logical partitions,logical volumes, and volume groups.
lvmstat can help identify particular logical volume partitions that are used more than other partitions If these partitions reside on the same disk or are spread out over several disks, it may be necessary to migrate them to new disks.

Example:

To enable statistics collection for all logical volumes in a volume use the -e option together with the -v flag as follows:

# lvmstat -v rootvg -e

248.Which command is used to set the network attributes?

The Network Options (no) command is used to set the network attributes. The no

command can either display the network parameters or change them in the

kernel. It can also set a parameter back to its default value.

Example:

# no –a

249.What is the command to check the network statistics?

The netstat command is a monitoring tool that displays a wide range of network status information.
The netstat command is a useful tool for determining network problems, and it can provide information about the network traffic, the amount of data send and received by each protocol, and memory usage for network buffers.

Example:

# netstat –rn

250.Why should we use iostat command ?

The iostat command is used for monitoring system input/output device load by

observing the time the physical disks are active in relation to their average

transfer rates.

The iostat command generates reports that can be used to determine an imbalanced system configuration to better balance the I/O load between physical disks and adapters.

The primary purpose of the iostat tool is to detect I/O bottlenecks by monitoring

the disk utilization (% tm_act field).

iostat can also be used to identify CPU problems, assist in capacity planning, and provide insight into solving I/O problems.

Armed with both vmstat and iostat, you can capture the data required to identify performance problems related to CPU, memory, and I/O subsystems.

251.What is vmstat ?

o vmstat stands for virtual memory statistics.

o The vmstat command is very useful for reporting statistics about kernel threads, virtual memory, disks, and CPU activity.

o Reports generated by the vmstat command can be used to balance system load activity.

o These system wide statistics (among all processors) are calculated as averages for values expressed as percentages or, otherwise, as sums.

252.What is a sparse file?

A file with lot more NUL characters in it called sparse files.

On many Unix filesystems, files containing long strings of nulls can be stored much more efficiently than other files. To be specific, if a string of nulls spans an entire allocation block, that whole block is not stored on disk at all. Files where one or more blocks are omitted in this way are called sparse files. The missing blocks are also known as holes.

ls –ls will show the sparse files. The disk usage in the first column will be relatively much smaller than the character blocks.

Deletion of such sparse files will not help in disk space cleaning.

253.What are the differences between Paging and Swapping?

Paging:

When a process starts in Unix, not all its memory pages are read in from the disk at once. Instead, the kernel loads into RAM only a few pages at a time.
After the CPU digests these, the next page is requested.
If it is not found in RAM, a page fault occurs, signaling the kernel to load the next few pages from disk into RAM.
This is called demand paging and is a perfectly normal system activity in Unix.
Paging is how all processes normally run.
A page fault occurs, which is normal operation, and a new page of a program is paged in, and freed pages are paged out. this is not swapping.

Swapping:

Swapping will only occur if the resource load is heavy and and system performance is degrading. If there is not enough physical RAM to accomodate the text, data, and stack segments of all these processes at one time,swapping happens.
Since the kernel cannot find enough RAM to fit things in, it makes use of the available virtual memory by a process known as swapping.
It selects the least busy process and moves it in its entirety (meaning the program's in-RAM text, stack, and data segments) to disk.

254.How kernel organizes memory?

When the kernel is first loaded into memory (at boot time), it sets aside a certain amount of RAM for itself as well as for all system and user processes:

Main categories in which RAM is divided are:

o Text

o Data

o Stack

o Shared Memory

o Buffer Cache

255.What is shared memory?

This is an area of memory which is available to running programs if they need it.
If there is more than one programs using shared library to run simultaneously

needs the common code to be available in shared memory area.

This results increased efficiency

256. What is the use of Buffer Cache?

All reads and writes to the filesystem are cached to the buffer cache.
When sync occurs, and the buffer cache is dumped to disk and the file size increases.

257.What is the difference between physical and virtual memory?

Unix, allows you to use all of the physical memory installed in your system as well as area(s) of the disk (called swap space)
This swap spaces will be used by the kernel in case of the physical memory is insufficient.
Virtual memory is simply the sum of the physical memory (RAM) and the total swap space.

Mathematically, Virtual Memory (VM) = Physical RAM + Swap space

258.What are the paging allocation policies ?

Late Page Space Allocation (LPSA)
Early Page Space Allocation (EPSA)
Deferred Page Space Allocation (DPSA)

Late Page Space Allocation : which means that the disk block for a paging space page is only allocated when the corresponding in-memory page is touched.

Early Page Space Allocation : If you want to ensure that a process will not be killed due to low paging conditions, this process can preallocate paging space by using the Early Page Space Allocation policy.

This is done by setting an environment variable called PSALLOC to the value of early. This can be done from within the process or at the command line (PSALLOC=early command).

Deferred Page Space Allocation : The deferred page space allocation policy is the default policy in AIX. With deferred page space allocation, the disk block allocation of paging space is delayed until it is necessary to page out the page, which results in no wasted paging space allocation.

259.What is a Zombie Process?

When a process is exiting, it informs its parent of its imminent death; when it receives an acknowledgement, its PID is removed from the process table.

A Zombie process is one in which all its resources have been freed but the parent process’s acknowledgement had not occurred. Zombies are cleared the next time the system is booted and do not adversely affect the system performance.

TROUBLESHOOTING

260.How do you isolate if any networking related problem?

Check the problem with your own machine?

– The physical network

– The network device

– Routing tables

Check the problem with the target host?
Check the problem with name resolution?
Check the problem with a router (if the target is not in same subnet)

261. If you are not able to ping by host name or IP address, you may have a routing problem. What all actions do you take?

First, check the routing tables as follows:

Use the netstat -rn command to show the content of your local routing table

using IP addresses.

Check the netmask displayed and ensure that it is correct (ask the network

administrator what it should be if you are unsure).

If there is a default route, attempt to ping it.
If you have more than one network interface, attempt to determine if any

interfaces are working.

If the ping is not successful, you need to:

Ensure that the inetd process is active using the lssrc -g tcpip (AIX Specific) command.
If inetd is not active, issue the startsrc -s inetd or startsrc -g tcpip (AIX Specific) commands.
Check the state of the interface with the netstat -i command.
An asterisk (*) after the interface name in the output from the netstat

command indicates that the interface is down. Use the following command to

start the interface:

# ifconfig <interface> inet <ip_address> up

262.How do you check if there is any errors or collisions in your system which is connected to the network?

Use netstat -i command and check the output for Ierrs (input errors), Oerrs (output

errors), and Coll (collisions).

Example:

263. If you are unable to obtain an IP address from a system with DHCP configured. What is the procedure to resolve this problem?

o Check if the interface to be configured was specified in the /etc/dhcpcd.ini file. (You also can check it by using the SMIT fast path smit dhcp.)

o Check if there is a server on the local network or a relay agent configured to

get the requests off the local network.

o Check if the client dhcpcd daemon is running:

# lssrc -s dhcpcd (AIX Specific)

o If it is not running, start it:

# startsrc -s dhcpcd (AIX Specific)

o Check if the server dhcpsd daemon is running:

# ps -ef | grep dhcpsd

o If the server dhcpsd daemon is not running,

o Check if the bootpd and dhcpsd (DHCP server) are running at the same time.

o They cannot be running at the same time, because they use the same service port. To solve this, comment out, with #, the bootps line in the /etc/inetd.conf file and refresh the inetd subsystem:

# vi /etc/inetd.conf

o Put a # in front of the line:

bootps dgram udp wait root /usr/sbin/bootpd .......

o Save the file and refresh the inetd daemon:

# refresh -s inetd (AIX Specific)

264. What are the steps to be followed if CPU Usage is High

o Login to Server

o Check top process utilizing the CPU with top, monitor or topaz tool

o Check userid using the process highly utilized

o Mail and contact the concerned user

o With confirmation from user if the process is not needed, kill the process to make CPU usage normal

265. What are the steps to be followed if memory usage is high.

Check for swap space
Check for the processes utilizing high memory
Check with monitor tool and uptime for load average
With confirmation kill any unwanted process or highly utilizing process

266.Why I’m getting the message "dirname not empty" even after deleting all the files

Use ls -a to check that there are no hidden files (names that start with a period) other than . and .. (the working directory and its parent).

The command rm .[a-zA-Z0-9] .??* is good for cleaning up hidden files.

267.If NFS is not working, what are the steps to be taken care? ( Solaris Specific )

Make sure that the NFS server daemons are running. In particular, check for statd, lockd, nfsd and mountd. If the daemons are not running, they can be started by running /etc/init.d/nfs.server start.
Check the /etc/dfs/dfstab and type shareall.
Use share or showmount -e to see which filesystems are currently exported, and to whom. Showmount -a shows that the server believes is actually mounting which filesystems.
Make sure that your name service is translating the server and client hostnames correctly on both ends.
Check the server logs to see if there are messages regarding failed or rejected mount attempts; check to make sure that the hostnames are correct in these messages.

Make sure that the /etc/net/*/hosts files on both ends report the correct hostnames. Reboot if these have to be edited.

vi Quick Reference

All commands in vi are preceded by pressing the escape key. Each time a different command is to be entered, the escape key needs to be used

Cursor Movement Commands

(n) indicates a number, and is optional

(n)h left (n) space(s)

(n)j down (n) space(s)

(n)k up (n) space(s)

(n)l right (n) space(s)

(The arrow keys usually work also)

^F forward one screen

^B back one screen

^D down half screen

^U up half screen

H beginning of top line of screen

M beginning of middle line of screen

L beginning of last line of screen

G beginning of last line of file

(n)G move to beginning of line (n)

0 (zero) beginning of line

$ end of line

(n)w forward (n) word(s)

(n)b back (n) word(s)

e end of word

Inserting Text

i insert text before the cursor

a append text after the cursor (does not

overwrite other text)

I insert text at the beginning of the line

A append text to the end of the line

r replace the character under the cursor

with the next character typed

R Overwrite characters until the end of the

line (or until escape is pressed to change

command)

(alpha o) open new line after the current

line to type text

(alpha O) open new line before the current

line to type text

Deleting Text

dd deletes current line

(n)dd deletes (n) line(s)

(n)dw deletes (n) word(s)

D deletes from cursor to end of line

x deletes current character

(n)x deletes (n) character(s)

X deletes previous character

Change Commands

(n)cc changes (n) characters on line(s) until

end of the line (or until escape is pressed)

cw changes characters of word until end of

the word (or until escape is pressed)

(n)cw changes characters of the next

(n) words

c$ changes text to the end of the line

ct(x) changes text to the letter (x)

C changes remaining text on the current

line (until stopped by escape key)

~ changes the case of the current character

J joins the current line and the next line

u undo the last command just done on this line repeats last change

s substitutes text for current character

S substitutes text for current line

:s substitutes new word(s) for old

:<line nos effected> s/old/new/g

& repeats last substitution (:s) command.

(n)yy yanks (n) lines to buffer

y(n)w yanks (n) words to buffer

p puts yanked or deleted text after cursor

P puts yanked or deleted text before cursor

File Manipulation

:w (file) writes changes to file (default is

current file)

:wq writes changes to current file

and quits edit session

:w! (file) overwrites file (default is current

file)

:q quits edit session w/no changes

made

:q! quits edit session and discards

changes

:n edits next file in argument list

:f (name) changes name of current file to

(name)

:r (file) reads contents of file into current

edit at the current cursor

position (insert a file)

:!(command) shell escape

:r!(command) inserts result of shell command

at cursor position

ZZ write changes to

SANDEEP TANTI'S UNIX-AIX WORLD

Tanti Technology

Monday 20 June 2011

UNIX NOTES

FILE SYSTEM

22.How do I recover deleted files?

48. Brief all System Configuration Files used in Unix system

Meta characters

Solaris

Example - mostly closed system

cpu bound

Cursor Movement Commands

Inserting Text

Deleting Text

Change Commands

File Manipulation

No comments:

Post a Comment