This Blog is to share our knowledge and expertise on Linux System Administration and VMware Administration

Thursday, September 21, 2017

Linux Interview Questions on Boot Process and other Stuff - Linvirtshell

Thursday, September 21, 2017 0
1) What is GRUB Boot Loader.

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader.Boot loader is the first software program that runs when a computer starts. It is responsible for loading and transferring control to the operating system kernel software. The kernel, in turn, initializes the rest of the operating system (e.g. GNU)

2) Explain Linux Boot Process

Press the power button on your system, and after few moments you see the Linux login prompt.Have you ever wondered what happens behind the scenes from the time you press the power button until the Linux login prompt appears?

The following are the 6 high level stages of a typical Linux boot process.


BIOS stands for Basic Input/Output System

Performs some system integrity checks

Searches, loads, and executes the boot loader program.

It looks for boot loader in floppy, cd-rom, or hard drive. You can press a key (typically F12 of F2, but it depends on your system) during the BIOS startup to change the boot sequence.

Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.

So, in simple terms BIOS loads and executes the MBR boot loader.

b. MBR

MBR stands for Master Boot Record.

It is located in the 1st sector of the bootable disk. Typically /dev/hda, or /dev/sda

MBR is less than 512 bytes in size. This has three components 1) primary boot loader info in 1st 446 bytes 2) partition table info in next 64 bytes 3) mbr validation check in last 2 bytes.

It contains information about GRUB (or LILO in old systems).

So, in simple terms MBR loads and executes the GRUB boot loader.


GRUB stands for Grand Unified Bootloader.

If you have multiple kernel images installed on your system, you can choose which one to be executed.

GRUB displays a splash screen, waits for few seconds, if you don’t enter anything, it loads the default kernel image as specified in the grub configuration file.

GRUB has the knowledge of the filesystem (the older Linux loader LILO didn’t understand filesystem).

Grub configuration file is /boot/grub/grub.conf (/etc/grub.conf is a link to this). The following is sample grub.conf of CentOS.






title CentOS (2.6.18-194.el5PAE)

root (hd0,0)

kernel /boot/vmlinuz-2.6.18-194.el5PAE ro root=LABEL=/

initrd /boot/initrd-2.6.18-194.el5PAE.img

As you notice from the above info, it contains kernel and initrd image.

So, in simple terms GRUB just loads and executes Kernel and initrd images.

d. Kernel

Mounts the root file system as specified in the “root=” in grub.conf

Kernel executes the /sbin/init program

Since init was the 1st program to be executed by Linux Kernel, it has the process id (PID) of 1. Do a ‘ps -ef | grep init’ and check the pid.

initrd stands for Initial RAM Disk.

initrd is used by kernel as temporary root file system until kernel is booted and the real root file system is mounted. It also contains necessary drivers compiled inside, which helps it to access the hard drive partitions, and other hardware.

e. Init

Looks at the /etc/inittab file to decide the Linux run level.

Following are the available run levels

0 – halt

1 – Single user mode

2 – Multiuser, without NFS

3 – Full multiuser mode

4 – unused

5 – X11

6 – reboot

Init identifies the default initlevel from /etc/inittab and uses that to load all appropriate program.

Execute ‘grep initdefault /etc/inittab’ on your system to identify the default run level

If you want to get into trouble, you can set the default run level to 0 or 6. Since you know what 0 and 6 means, probably you might not do that.

Typically you would set the default run level to either 3 or 5.

f. Runlevel programs

When the Linux system is booting up, you might see various services getting started. For example, it might say “starting sendmail …. OK”. Those are the runlevel programs, executed from the run level directory as defined by your run level.

Depending on your default init level setting, the system will execute the programs from one of the following directories.

Run level 0 – /etc/rc.d/rc0.d/

Run level 1 – /etc/rc.d/rc1.d/

Run level 2 – /etc/rc.d/rc2.d/

Run level 3 – /etc/rc.d/rc3.d/

Run level 4 – /etc/rc.d/rc4.d/

Run level 5 – /etc/rc.d/rc5.d/

Run level 6 – /etc/rc.d/rc6.d/

Please note that there are also symbolic links available for these directory under /etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.

Under the /etc/rc.d/rc*.d/ directories, you would see programs that start with S and K.

Programs starts with S are used during startup. S for startup.

Programs starts with K are used during shutdown. K for kill.

There are numbers right next to S and K in the program names. Those are the sequence number in which the programs should be started or killed.

For example, S12syslog is to start the syslog deamon, which has the sequence number of 12. S80sendmail is to start the sendmail daemon, which has the sequence number of 80. So, syslog program will be started before sendmail.

There you have it. That is what happens during the Linux boot process.

For Detail : Please refer linux boot process

3) Which files are called for user profile by default when a user gets login

$HOME/.bash_profile, $HOME/.bash_bashrc

4) Which file needs to update if srequired to change default runlevel 5 to 3

File is /etc/inittab and required to change below lines:

id:5:initdefault: to id:3:initdefault:

5) What command used for showing user info like Login Name, Canonical Name, Home Directory,Shell etc..

FINGER command can be used i.g; finger username

6) What is inode number

An inode is a data structure on a traditional Unix-style file system such as UFS or ext3. An

inode stores basic information about a regular file, directory, or other file system object

iNode number also called as index number, it consists following attributes:

File type (executable, block special etc)

Permissions (read, write etc)



File Size

find out the inode number using ‘ls -il’ command then run below command

find . -inum inode_number -exec rm -i {} \;

7) How can we increase disk read performance in single command

blockdev command

This is sample output – yours may be different.

# Before test

$ blockdev –getra /dev/sdb


$ time dd if=/tmp/disk.iso of=/dev/null bs=256k

2549+1 records in

2549+1 records out

668360704 bytes (668 MB) copied, 6,84256 seconds, 97,7 MB/s

real 0m6.845s

user 0m0.004s

sys 0m0.865s

# After test

$ blockdev –setra 1024 /dev/sdb

$ time dd if=/tmp/disk.iso of=/dev/null bs=256k

2435+1 records in

2435+1 records out

638390272 bytes (638 MB) copied, 0,364251 seconds, 1,8 GB/s

real 0m0.370s

user 0m0.001s

sys 0m0.370s

8) Command to change user password expiration time

CHAGE command

9) Command used to lock user password

usermod -L username

10) How many default number of Shells available and what are their names?


11) Which file defines the attributes like UID, PASSWORD expiry, HOME Dir create or not while adding user


12) Command used for changing authentication of linux system to LDAP/NIS /SMB/KERBOS


13) Command used for changing the attributes of any file


14) What is the path of network (ethX) configuration files


15) How can we change speed and make full duplex settings for eth0

We can do this with below given 2 methods:

ethtool -s eth0 speed 100 duplex full

ethtool -s eth0 speed 10 duplex half


mii-tool -F 100baseTx-HD

mii-tool -F 10baseT-HD

16) File which stores the DNS configuration at client side


17) Main configuration file and command used for exporting NFS directories and it’s deamons

/etc/exports and exportfs -av , deamons are quotad, portmapper, mountd, nfsd and nlockmgr/status

18) What is command to check ports running/used over local machine

netstat -antp

19) What is the commands to check open ports at remote machine


20) What is the difference between soft and hard links

Soft Links =>
1) Soft link files will have different inode numbers then source file
2) If original file deleted then soft link file be of no use
3) Soft links are not updated
4) Can create links between directories
5) Can cross file system boundaries

Hard Links =>
1) Hard links will have the same inode number as source file
2) Hard links can not link directories
3) Can not cross file system boundaries
4) Hard links always refers to the source, even if moved or removed

21) How to setup never expired user password

chage -E never username

22) Restricting insertion into file if full permission are assigned to all

chattr +i filename

23) Display or Kill all processes which are accessing any folder/file

Display User who are using file/folder : fuser -u file/folder

Kill All Processes which are using file/folder: fuser -k file/folder

24) Kill any user’s all processes

killall -u username

25) How can we have daily system analysis and reports over mail
Use logwatch

26) How can we rotate logs using logrotate without performing any operation like move and gzip’ng over original file and then creating new file (which is very lengthy process)

We can use “logrotate”‘s “copytruncate” option which will simply copy original file and truncate original file.

27) Command to collect detailed information about the hardware and setup of your system

dmidecode , sysreport

28) Command to check PCI devices vendor or version

Ans : lspci

29) What is the difference between cron and anacron

Cron :

1) Minimum granularity is minute (i.e Jobs can be scheduled to be executed every minute)

2) Cron job can be scheduled by any normal user ( if not restricted by super user )

3) Cron expects system to be running 24 x 7. If a job is scheduled, and system is down during that time, job is not executed

4) Ideal for servers 

5) Use cron when a job has to be executed at a particular hour and minute

Anacron :

1) Minimum granularity is only in days

2) Anacron can be used only by super user ( but there are workarounds to  make it usable by normal user )

3) Anacron doesn’t expect system to be running 24 x 7. If a job is scheduled, and system is down during that time, it start the jobs when the system comes back up.

4) Ideal for desktops and laptops

5) Use anacron when a job has to be executed irrespective of hour and minute

30) Default Port numbers used by   ssh, ftp, http, https, telnet, smtp, pop3, pop3s, imap,imaps

SSH 22, ftp 20/21, http 80, https 443, SMTP/SMPTS 25/465, POP3/POP3S 110/995, IMAP/IMAPS 143/993

31) How to setup ACLs in following case:

First we need mount the file system as ACL supported.
1) Create a file FILE1 and this should be read,write,executable for all user but Read only for user USER1

2) Copy FILE1 ACLs to FILE2 ACL

3) Delete a USER1′s rule for FILE1 which were setup in step 1)

Ans 1) touch FILE1 ; chmod 777 FILE1 ; setfacl -m u:USER1:r FILE1

2) getfacl FILE1 | setfacl –set-file=- FILE2

3) setfacl -x u:USER1 FILE1

32) How to make USB bootable?
Write efidisk.img from RHEL 6 DVD images/ subdirectory to USB

dd if=efidisk.img of=/dev/usb (usb device name)

33) How can we check disk/device status/failure/errors using smartctl utility?
Try following to check:

Enable/Disable SMART on device/disk : smartctl -s on /dev/sda

Check device SMART health : smartctl -H /dev/sda

Check device SMART capabilities : smartctl -c /dev/sda

Enable/Disable automatic offline testing on device : smartctl -o on/off /dev/sda

Show device SMART vendor-specific Attributes and values : smartctl -A /dev/sda

Show device log [TYPE : error, selftest, selective, directory,background,

scttemp[sts,hist]] : smartctl -l TYPE /dev/sda

Run test on device [TEST: offline short long conveyance select,M-N pending,N

afterselect,[on|off] scttempint,N[,p] : smartctl -t /dev/sda

34) Disable ping to avoid network/ICMP flood

Set following in /etc/sysctl.conf : net.ipv4.icmp_echo_ignore_all = 1

Then “sysctl -p”


echo “1″ > /proc/sys/net/ipv4/icmp_echo_ignore_all

35) What is SYN Flood, ICMP Flood

SYN Flood : A SYN flood occurs when a host sends a flood of TCP/SYN packets, often with a fake/forged sender address. Each of these packets is handled like a connection request, causing the

server to spawn a half-open connection, by sending back a TCP/SYN-ACK packet(Acknowledge), andwaiting for a packet in response from the sender address(response to the ACK Packet). However,

because the sender address is forged, the response never comes. These half-open connectionssaturate the number of available connections the server is able to make, keeping it from responding tolegitimate requests until after the attack ends

Linux basics question and answer.

Thursday, September 21, 2017 0

Linux basics question and answer.

1. What is linux?
linux is a free open-source operating system based on unix. Linux is an alternative to the windows operating system. Linux was originally created by linus Torvalds. A student of the university of

Linux has a reputation as a very efficient and fast-performing system. Linux's kernel (the central part of the operating system) was developed by Linus Torvalds at the University of Helsinki in Finland. To complete the operating system, Torvalds and other team members made use of system components developed by members of the Free Software Foundation for the GNU Project.

2. What is OS?

 An operating system is a program that controls the execution of application programs and acts as an interface between the user of a computer and the computer Hardware. In other words “ THE SOFTWARE THAT CONTROLS THE HARDWARE “

3. What is open source operating system ?

 Open source refers to a program or software in which the source code (the form of the program when a programmer writes a program in a particular programming language) is available to the general public for use and/or modification from its original design free of charge.

4. What are the products of RedHat?

 Redhat enterprise linux, cloud computing, Redhat enterprise virtualization, etc.

5. What are different flavors (or distributions) of linux?

 Redhat, Turbolinux, Debian, Ubuntu, Fedora, OpenSUSE, Slackware, mandriva. Etc.

6. Who created unix?

 Ken Thompson in 1969.

7. Who founded open source foundation?

 The Free Software Foundation (FSF) is a nonprofit with a worldwide mission to promote computer user freedom and to defend the rights of all free software users.

8. What is the difference between rhel 4 and rhel 5 ?

difference between RHEL 4 and RHEL 5

1)In RHEL 4 SELinux Block only 13 services, But on RHEL 5 SElinux Block 80 services
2) RHEL 4 have ext2 filesystem, but RHEL 5 we have ext3 filesystem That support Journal
3)RHEL 4 have no virtualization Feature, but in RHEL 5 we have virtualization with Hypervisor-V
4)In RHEL 4 we have no Yum, But in RHEL 5 we have Yum available

( or )

XEN, YUM and improved SELinux
all the features updated with better options
Better GUI support then RHEL4
YUM over RPM package management
IPTables and SELinux for more secure environment

9. Difference bw tcp and udp ?

TCP(Transmission Control Protocol). TCP is a connection-oriented protocol, a connection can be made from client to server, and from then on any data can be sent along that connection.

a) Reliable - when you send a message along a TCP socket, you know it will get there unless the connection fails completely. If it gets lost along the way, the server will re-request the lost part. This means complete integrity, things don't get corrupted.
b) Ordered - if you send two messages along a connection, one after the other, you know the first message will get there first. You don't have to worry about data arriving in the wrong order.
c) Heavyweight - when the low level parts of the TCP "stream" arrive in the wrong order, resend requests have to be sent, and all the out of sequence parts have to be put back together, so requires a bit of work to piece together.

UDP(User Datagram Protocol). A simpler message-based connectionless protocol. With UDP you send messages(packets) across the network in chunks.

a) Unreliable - When you send a message, you don't know if it'll get there, it could get lost on the way.
b) Not ordered - If you send two messages out, you don't know what order they'll arrive in.
c) Lightweight - No ordering of messages, no tracking connections, etc. It's just fire and forget! This means it's a lot quicker, and the network card / OS have to do very little work to translate the data back from the packets.

10. what is kernel panic error ? how will you fix it if you have face it after rebooting without the the help of rescue disk ?

 Many of the Mac OSX or similar Unix like operating system users may face a type of error known as “Kernel Panic”. When this error message get displayed, you need to restart your system as your system stops working and require restart.Since the system is not in the state that you can perform the normal restart and therefore you need to force restart the computer. At that time if you were in the middle of theprocess or working with some kind of unsaved document thenit will also be lose.

The general causes of kernel panic in Mac OS X include:
a) Defective or incompatible RAM
b) Incompatible, obsolete or corrupted kernel extensions
c) Incompatible, obsolete or corrupted Drivers
d) Hard Disk corruption that include bad sectors,
e) directory corruption and other hard disk errors
f) Incorrect permissions on System files and folders
g) Less RAM or Hard Drive Memory
h) Defects in hardware, CPU or programming errors
i) Incompatible hardware

Other than these the Mac Kernel Panic occurs when the core component of Mac (kernel) gets an unexpected user instruction and fails to handle that instruction properly.

Kernel Panic Fix in Mac OS X

It is monitored that the kernel panic does not come frequently but if it’s occurred then restarting the computer will solve the problem but if the error occurs due to the corrupted/incompatible system resources then reinstall Mac OSX. When you go for the fresh installation of Mac OSX, the primary volume need to be formatted and all the data present over that volume will be lost. This condition can be a bad dream as you can lose lots of important data which you had saved on that system volume.

11. Expalin the process of kickstart installation?

a) Reboot the system
b) Press f12
c) Select second option cd-rom drive
d) Then enter the kickstart path: linux ks=nfs:

12. There are 4 network Interfaces, how can we find which one is Primary.?
 When you type the command netstat -nr in your shell, you  will find a line starting with Something like UG 0 0 0 eth0

This line indicates if the system tries to contact a network outside its local network. It will first contact  the router and it does it with the primary interface. Hence in this case its eth0. So you can check this line for the primary interface

13. Without Using $date -d yesterday. How I get the yesterday's date ?

 $date --date='yesterday'
$date --date='1 day ago'

14. why kerberos.............what its need?

Kerberos is a authentication protocol it is used to send data from one system to anohter in encrypted form.

Most conventional network systems use password-based authentication schemes. When a user needs to authenticate to a service running on a network server, they type in their password for each service that requires authentication. Their password is sent over the network, and the server verifies their identity using the password.

Transmission of passwords in plaintext using this method, while commonly done, is a tremendous security risk. Any system cracker with access to the network and a packet analyzer (also known as a packet sniffer) can intercept any passwords sent this way.

The primary design goal of Kerberos is to ensure that passwords are never sent across a network unencrypted and are preferably never sent over the network at all. The proper use of Kerberos will eradicate the threat of packet sniffers intercepting passwords on your network.

15. what is the use of nis server in linux? what is the purpose

The main purpose of NIS is centralizing the authentication database.

For ex:

Usually when a user try to login to the machine it will contact the passwd, shadow and group files for user’s  authentication, in case of user requires to access his/her account across the network we need to update users  information all these files in each machine in the network. It is bit tricky to organize multiple users’ info in all the machines in the network.

NIS server will act as central server for user authentication and all other machines will contact the NIS server for the user’s authentication info.
Make sure all the machines in your network should be in the same domain. NIS will work only in single domain.

16. How many minimum partitions need to install the linux?

Two minimum partition need to install the linux

1: /boot

2: /

SWAP is not mendatary to create at the time of installation it is only use for Virtual Memory purpose.... as you required when u create...

17. how is FAT32 file system mounted in linux file system?

1: mkdir /kaka
2: open vim /etc/fstab and mount it permently.
3: mount -t vfat /dev/hda1 /kaka
4: /dev/hda1...... drive name.

18. Major difference between SMB and NFS ?

 main difference between samba and nfs is - By configuring samba we can access fileS from linux to window and window to linux but by nfs can't

19. Major difference between RPM and YUM ?

the main difference of rpm and yum is that yum will install all the package including dependencies if it is present in the server. but in rpm we have to install each and every dependency ourself.

20. Command to check last runlevelwho -r

21. Is it possible to give access to a nfs share to a particular user in a particular system?

you can give permission to an ip or to the users(The usershould be from the system where the file is gettingshared,external access from users arenot allowedexcept fornfsnobody). If you want to give permission to an ip then open /etc/exports...Let /data be the shared directory: /data,sync)

To give permission to a user like harry: setfacl -m u:harry:rwx /data.

By default the nfs gets accessed by the user nfsnobody. So you can add or remove a particular permissions to this user using acl.

22. In Linux OS, what is the file server?

NFS (Network File System) is the File server in Linux. We can also use the LDAP (Lightweight Direct Access Protocol)for the File server. NFS is easy to configure than LDAP. For NFS, we need the dameon portmap,nfsd etc../etc/exports is a file contains the partitions, which we want to share. NIS server which should configure for clients. we need ypbind,netfs services in clients

23.  Explain cups in linux.

 It is printer deamon

C - common

U - Unix

P - printing

S - system

24. what are pipes ? explain use of pipes ?

 a pipe is a chain of processes so that output of one process(stdoutput) is fed an input(stdinput) to another process.

25. What is the minimum number of partitions you need to install Linux?

Minimum 2 partitions are needed for installing Linux. 

The one is / or root which contains all the files and the other is swap. Linux file system is function specific which means that files and folders are organized according to their functionality. For example, all executables are in one folder, all devices in another, all libraries in another and so on. / or ‘root’ is the base of this file system. All the other folders are under this one. / can be consider as C: .Swap is a partition that will be used as virtual memory. If there is no more available RAM a Linux computer will use an area of the hard disk, called swap, to temporarily store data. In other words it is a way of expanding your computers RAM.

26. Which command is used to review boot messages?

dmesg command is used to review boot messages. This command will display system messages contained in the kernel ring buffer. We can use this command immediately after booting to see boot messages. A ring buffer is a buffer of fixed size for which any new data added to it overwrites the oldest data in it. Its basic syntax is

dmesg [options]

Invoking dmesg without any of its options causes it to write all the kernel messages to standard output. This usually produces far too many lines to fit into the display screen all at once, and thus only the final messages are visible. However, the output can be redirected to the less command through the use of a pipe, thereby allowing the startup messages to be viewed on one screen at a time
dmesg | less

27. What are the partitions created on the mail server hard drive?

The main partitions are done firstly which are root, swap and boot partition. But for the mail server three different partitions are also done which are as follows:
1. /var/spool- This is done so that if something goes wrong with the mail server or spool than the output cannot overrun the file system.
2. /tmp- putting this on its own partition prevents any user item or software from overrunning the system files.
3. /home- putting this on its own is useful for system upgrades or reinstalls. It allow not to wipe off the /home hierarchy along with other areas.

28. Which daemon is responsible for tracking events on Linux system?

syslogd is responsible for tracking system information and save it to the desired log files. It provides two system utilities which provide system logging and kernel message trapping.

29. Which daemon is used for scheduling of the commands?

The crontab command is used for scheduling of the commands to run at a later time. SYNTAX
crontab [ -u user ] file
crontab [ -u user ] { -l | -r | -e }

-l List - display the current crontab entries.
-r Remove the current crontab.
-e Edit the current crontab using the editor specified by the VISUAL or EDITOR environment variables.

30. how to recollect root password?

a) go to single user mode
b) type passwd and then the required password u want to change
c) if it gives u error on entering the passwd command
d) than type setenforce 0 it will disable the selinux for that moment and than again type the passwd command to change the password

31. what is LILO?

LILO stands for Linux boot loader. It will load the MBR, master boot record, into the memory, which tell the system which partition and hard drive to boot.

32. What is the difference between Telnet and SSH?

ssh is a secured shell, where telnet is not a secured one.when you ssh to trasnfer data between a system, the data will be send in the encrypted form, where the hacker cannot encode or decode it.

While you telnet,the data send between the system is alphabetical format(ASCII), where every one can understand. More over as per network security, telnet and ftp are prohibited. Always, trust SSL based data transfer.

33. User unable to login in server then how can u troubleshooting it? Example: server at Atlantic-DC. in that server two users try to login in server. 1st user able to login. but second user unable to login so how can troubleshoot it ?
Passwd expired r not

# usermod -l username

2)User is locked r not using the command

# passwd -u username -to unlock the user

3)passwd file problem

if any change in /etc/passwd file r /etc/shadow file

4)change the passwd


5)The default permission for security file is 600 when the value is changed,we can't login

#ls -ld /etc/secur

34. Explain linux file types?

7 types of files

- regular
d directory
l symbolic link
c character special file (hardware files)
b block special file (files to communicate with hardware)
p named pipe (to pass data between process )
s socket ( mechanism for inter-process communication

35. Please explain the file structure of linux?
The Linux system contains thousand of files located within many directories. All directories are organized in a tree-structure like manner.
* The 'trunk' of the tree is the root directory.
* The root directory is simply identified as a "/".
* All other directories 'branch' off from the trunk.

The following lists the most common directories and their intended contents.

* / - root directory
* /home - where directories are contained for each user,
* /usr - pronounced 'user' and contains Linux commands and utilities
o /bin - binary executable programs
o /lib - program libraries, similar to Windows 'dll' files
o /sbin - more executable programs and Linux utilities for administrative purposes
o /doc - documentation
o /src - source code to programs
* /tmp - temporary work files
* /etc - configuration files
o /rc.d - scripts used during boot and shutdown process
o /sysconfig - default configuration files
o /sysconfig/network-scripts - network scripts
o /sysconfig/daemons - special programs that run in background, such as print spooling
* /bin - binary executable programs that all users need
* /dev - device files that control drives, terminals andany equipment attached to the server
* /var - user specific files
o /log - log files containing system usage and errors
o /spool - where spooled files are stored during print spooling process
o /mail - where Email files are stored until retrieved by client Email program
* /proc - system files
* /root - root's home directory
* /opt - other options
* /sbin - more executable programs and utilities

36. Can we open pdf files in suse?

We can open .pdf file with the help of CUPS-PDF package.
Install CUPS-PDF package and use pdf file.

37. Why you shouldn’t use the root login?

Root has full control over the system Its like Admin.There ll be full credentials for root.If deleted any datas as root login its difficult to recover.

38. Who owns data dictionary?

The SYS user owns the data dictionary. The SYS and SYSTEM users are created when the database is created.

Very Basic Linux interview Questions and Answers - Linvirtshell

Thursday, September 21, 2017 0
1. Command to list the files in a directory?

ls - list directory contents
ls -l (-l use a long listing format)

2. Command to list all the files in a directory, including the hidden files?

ls -a (-a, do not hide entries starting with .)

3. Command to find out all processes that are currently running?

 ps -f (-f does full-format listing.)

4. Command to find out the processes that are currently running or a particular user?

ps -au Myname (-u by effective user ID (supports names)) (a - all users)

5. Command to kill a particular process?

kill -9 23456 (process_id 23456) or kill -9 %8765 (job number 8765)
kill -9 -1 (Kill all processes you can kill.)
killall - kill processes by name most (useful - killall java)

6. Commands to view the contents of the file?

less filename
cat filename
more filename   
tail filename       -  can see the end of the file.
head filename    - can see the head of the file
vi filename
vim filename

7. Commands to use edit contents of the file?

vi  filename
vim  filename
nano filename
view  filename
visudo — edit the sudoers file

8. Command to view contents of a large log file?

tailf /var/log/messages ( last 10 rows)
less filename
head /var/log/messages  (first 10 rows)

9. How do you log in to a remote Unix box?

ssh  remote_server — OpenSSH SSH client (remote login program)

10.How do you get help on a UNIX terminal?

man command_name
info command_name (more information)

11.Command to list contents of a directory including all of its

subdirectories, providing full details and sorted by modification time?
ls -acl  filename
-a    all entries
-c    by time
-l     use a long listing format

12.How do you create a symbolic link to a file (give some reasons of doing so)?

ln - make links between files

Links create pointers to the actual files, without duplicating the contents of
the files. That is, a link is a way of providing another name to the same file.
There are two types of links to a file.

a.Hard link
b.Symbolic (or soft) link

13. What is a filesystem?

Sum of all directories called file system.
A file system is the primary means of file storage in UNIX.
File systems are made of inodes and superblocks.

14. Command to get file system usage?

df - report file system disk space usage

15. How do you check the sizes of all users home directories (one command)?

du -sh /home/

du command summarize disk usage of each FILE, recursively for directories.

Saturday, September 16, 2017

What are the mode, we can configure for multipath?

Saturday, September 16, 2017 0

We have 2 types of mode we can configure the multipath.


DM-Multipath can provide failover in an active/passive configuration. In an active/passive configuration, only half the paths are used at any time for I/O. If any element of an I/O path (the cable, switch, or controller) fails, DM-Multipath switches to an alternate path.

Improved Performance

DM-Multipath can be configured in active/active mode, where I/O is spread over the paths in a round-robin fashion. In some configurations, DM-Multipath can detect loading on the I/O paths and dynamically re-balance the load.

Simple Powercli Code to Consolidate all vms which are Consolidation Needed

Saturday, September 16, 2017 0

Powercli Code to Consolidate all  vms  which are Consolidation Needed

Use the below command.

Get-VM |
Where-Object {$_.Extensiondata.Runtime.ConsolidationNeeded} |
ForEach-Object {

How to change the Lockdown Mode on all hosts managed by vCenter

Saturday, September 16, 2017 0

change the Lockdown Mode on all hosts managed by vCenter

Follow the below steps to achieve the requirement:

$vCenter = 'vCenterServer_Name_or_IP_address'
Connect-VIServer $vCenter
 $Scope = Get-VMHost #This will change the Lockdown Mode on all hosts managed by vCenter, amend this if you need to foreach ($ESXhost in $Scope) {
 (get-vmhost $ESXhost | get-view).ExitLockdownMode() # To DISABLE Lockdown Mode
 # (get-vmhost $ESXhost | get-view).EnterLockdownMode() # To ENABLE Lockdown Mode
Disconnect-VIServer -Server $vCenter -Confirm:$false

List all orphaned vmdk on all datastores in all VC's at a time by using script

Saturday, September 16, 2017 0
Use the below script to achieve :

# Just paste the code in text file and rename with .ps1
# Purpose : List all orphaned vmdk on all datastores in all VC's
#Here fwvc950","fwvc951","fwvc952","flsan01 are my vcentrer

$arrayVC = "fwvc950","fwvc951","fwvc952","flsan01"
$OutputFile = "C:\OrphanedVMDK.txt"

Foreach ($strVC in $arrayVC)

    Connect-VIServer $strVC
    $arrUsedDisks = Get-VM | Get-HardDisk | %{$_.filename}
    $arrDS = Get-Datastore
    Foreach ($strDatastore in $arrDS)
       $strDatastoreName = $
       Write-Host $strDatastoreName
       $ds = Get-Datastore -Name $strDatastoreName | %{Get-View $_.Id}
       $fileQueryFlags = New-Object VMware.Vim.FileQueryFlags
       $fileQueryFlags.FileSize = $true
       $fileQueryFlags.FileType = $true
       $fileQueryFlags.Modification = $true
       $searchSpec = New-Object VMware.Vim.HostDatastoreBrowserSearchSpec
       $searchSpec.details = $fileQueryFlags
       $searchSpec.sortFoldersFirst = $true
       $dsBrowser = Get-View $ds.browser
       $rootPath = "["+$ds.summary.Name+"]"
       $searchResult = $dsBrowser.SearchDatastoreSubFolders($rootPath, $searchSpec)
       $myCol = @()
       foreach ($folder in $searchResult)
          foreach ($fileResult in $folder.File)
             $file = "" | select Name, FullPath   

             $file.Name = $fileResult.Path

             $strFilename = $file.Name

             IF ($strFilename)


             IF ($strFilename.Contains(".vmdk"))


             IF (!$strFilename.Contains("-flat.vmdk"))


             IF (!$strFilename.Contains("delta.vmdk"))         


                $strCheckfile = "*"+$file.Name+"*"

             IF ($arrUsedDisks -Like $strCheckfile){}



             $strOutput = $strDatastoreName + " Orphaned VMDK Found: " + $strFilename

             $strOutput | Out-File $Outputfile -width 150 -Append










Friday, September 15, 2017

List the types of DB supported by openldap?

Friday, September 15, 2017 0

Below list of DBs are supported by openldap


Berkeley DB instance definition. This is the recommended database back-end type. It uses the Sleepycat Berkeley DB to store data.


LDAP DBM type. Easy to configure, but not as durable as the bdb database back-end type. It also uses Berkeley DB, GNU DBM, and MDBM to store data.


Uses a SQL database back-end to store data.


Used as a proxy to forward incoming requests to another LDAP server.


Metadirectory database back-end. It is an improvement on the LDAP-type back-end. It performs LDAP proxying with respect to a set of remote LDAP servers.


Stores information about the status of the slapd daemon.


Operations to this database type succeed, but do nothing. This is the equivalent of sending stuff to /dev/null in Linux/UNIX.


Uses the system’s plain-text /etc/passwd file to serve user account information.


An experimental back-end that uses a Tcl interpreter that is embedded directly into slapd.


Uses a Perl interpreter that is embedded directly into slapd.

Rescan All HBA of all ESXI in a simple way.

Friday, September 15, 2017 0

Rescan All HBA of all ESXI in a simple way.

For a Specific Cluster:

get-cluster -name “MY CLUSTER” | get-vmhost | Get-VMHostStorage -RescanAllHBA

All Hosts in VC:

get-vmhost | Get-VMHostStorage -RescanAllHBA

Thursday, September 14, 2017

Repairing Linux ext2 or ext3 FS

Thursday, September 14, 2017 0

Repairing Linux ext2 or ext3 file system

1) File system must be unmounted, you cannot repair it while it is running. Take system down to runlevel one (make sure you run all command as root user):# init 1

2)Unmount file system, for example if it is /home (/dev/sda3) file system then type command

# umount /home OR# umount /dev/sda3

3) Now run fsck on the partition: 

# fsck /dev/sda3

However be sure to specify the file system type using -t option. Recenly one of our sys admin run the command on ext3 file system w/o specifying file system. Result was more corruption as fsck by default assumes ext2 file system.

 # fsck -t ext3 /dev/sda3
OR# fsck.ext3 /dev/sda3

Tip if you don't know your file system type then typing mount command will display file system type.

fsck will check the file system and ask which problems should be fixed or corrected. If you don't wanna type y every time then you can use pass -y option to fsck

# fsck -y /dev/sda3

Please not if any files are recovered then they are placed in /home/lost+found directory by fsck command.

4) Once fsck finished, remount the file system:

# mount /home

5) Go to multiuser mode# init 3

Read man page of fsck for more.

How tcpdump command is used to find out the network switch information which is connected to the physical server?

Thursday, September 14, 2017 0
Run the below tcpdump command on physical server.

[root@testserver001 ~]# tcpdump -nn -v -i eth0 -s 1500 -c 1 'ether[20:2] == 0x2000'
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes
05:51:39.526913 CDPv2, ttl: 180s, checksum: 692 (unverified), length 434
        Device-ID (0x01), length: 21 bytes: ''
        Version String (0x05), length: 295 bytes:
          Cisco Internetwork Operating System Software
          IOS (tm) s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(18)SXF17a, RELEASE SOFTWARE (fc1)
          Technical Support:
          Copyright (c) 1986-2010 by cisco Systems, Inc.
          Compiled Tue 02-Mar-10 01:50 by tinhuang
        Platform (0x06), length: 16 bytes: 'cisco WS-C6506-E'
        Address (0x02), length: 13 bytes: IPv4 (1)
        Port-ID (0x03), length: 16 bytes: 'FastEthernet3/12'
        Capability (0x04), length: 4 bytes: (0x00000029): Router, L2 Switch, IGMP snooping
        VTP Management Domain (0x09), length: 0 byte: ''
1 packets captured
3 packets received by filter
0 packets dropped by kernel

Powershell script to list the Virtual Machines in SCVMM

Thursday, September 14, 2017 0

Windows PowerShell (SCVMM)

SCVMM One-liner command 1:   Outputs the VMName, VM Configuration File path, VHDCount, VHD Location, VHDSize, MaxVHDSize, Cluster for all VMs managed by the SCVMM server connected by PowerShell (in a single line)

$report = @(); $vms = get-vm; foreach ($vm in $vms){foreach ($vhd in $vm.VirtualHardDisks){$maxvhdsize = [math]::Round($vhd.MaximumSize/1024/1024/1024,1); $vhdsize = [math]::Round($vhd.Size/1024/1024/1024,1); $row = "" | select VMName, VMCPath, VHDCount, VHDLocation, VHDSize, MaxVHDSize, VMCluster; $row.VMName = $vm.Name; $row.VMCPath = $vm.VMCPath; $row.VHDCount = $vm.VirtualHardDisks.Count; $row.VHDLocation = $vhd.Location; $row.VHDSize = $vhdSize; $row.MaxVHDSIze = $MaxVHDSize; $row.VMCluster = $vm.VMHost.HostCluster.Name; $report += $row;};};$report | export-csv C:\Temp\Hyper-V-VMs.csv -NoTypeInformation


Brief Introduction about Annotation/ custom attributes in Vmware

Thursday, September 14, 2017 0

What are custom attributes?

Custom Attributes are attributes that a administrator can define for all Virtual Machines and Hosts in vCenter. The attributes are then displayed in the “Annotations” box for each VM. The custom attributes are also displayed alongside the VM Name, Status, State, CPU Usage, etc, when listing virtual machines in the Datacenter, cluster, host, and resource pool views.

Why use them?

Daily, we receive lots of clone requests for VMs. Clones are very good for application development and application troubleshooting. When an application on a VM goes pear shaped, the application vendor may request a clone for a system. They can then work on the clone system to try and fix some issues while the production system (if not broken completely) may in some cases still remain partially available to the end users. Once they are confident that they have resolved the issue, they can then implement the fix in the production environment.

This is all good and well, but here’s the problem. Clones are a drain on your resources. As administrator, you should be very careful to simply hand out clones as the requests come in. Virtual Machine clones can create a nightmare for administrators as they use huge amounts of additional disk space. Some of the clones we have today are in excess of 420GB. When creating clones, we need to make sure that the following information is recorded somewhere in vCenter:

·         Who requested the clone;

·         The requestor’s contact number/email address

·         The date that the clone was made;

·         The size of the clone on disk (all vDisk sizes combined + the amount of RAM  assigned to the VM);

·         Does it need to be backed up (Yes / No);

·         Reason for the clone;

Specifying your own Custom Attributes

Creating custom attributes is very simple. In the VI (or vSphere) client on the menu bar, click “Administration” >> “Custom Attributes...”

You’ll now be presented with the Custom Attributes dialog: You can file them b editing them manually once created.


Getting ESXi Network driver firmware details by using Script.

Thursday, September 14, 2017 0
Find the script as follows.

$ExportFilePath = "C:\Users\user\Desktop\esxi.txt"
$PuttyUser = "root"
$PuttyPwd = "w2k8the$"
$HostNic = "vmnic0,vmnic1"
$Plink = "C:\Users\user\Desktop\plink.exe"
$PlinkOptions = " -v -batch -pw $PuttyPwd"
$RCommand = '"' + "ethtool -i " + $HostNic + '"'
$ESXHosts = Get-VMHost | where {$_.Model -match "ProLiant BL*"} | Sort Name
$Report = @()
ForEach ($ESXHost in $ESXHosts) {
        $Message = ""
        $HostInfo = {} | Select HostName,ESXVersion,Cluster,pNic,DriverName,DriverVersion,DriverFirmware
        $HostInfo.HostName = $ESXHost.Name
        $HostInfo.ESXVersion = $ESXHost.Version
        $HostInfo.Cluster = (Get-Cluster -VMHost $ESXHost.Name).Name
        $HostInfo.pNic = $HostNic
        Write-Host "Connecting to: " $ESXHost.Name -ForegroundColor Green
        $Command = $Plink + " " + $PlinkOptions + " " + $PuttyUser + "@" + $ESXHost.Name + " " + $rcommand
        $Message = Invoke-Expression -command $command
        $HostInfo.DriverName = ($Message[0] -split"driver:")[1]
        $HostInfo.DriverVersion = ($Message[1] -split"version:")[1]
        $HostInfo.DriverFirmware = ($Message[2] -split"firmware-version:")[1]
        $Report += $HostInfo

$Report = $Report | Sort-Object HostName
IF ($Report -ne "") {
$Report | Export-Csv $ExportFilePath -NoTypeInformation
Invoke-Item $ExportFilePath

Wednesday, September 13, 2017

Collecting diagnostic information of all ESXi By using PowerCLi Script

Wednesday, September 13, 2017 0
VMware Technical Support routinely requests diagnostic information from you when a support request is handled. This diagnostic information contains product specific logs, configuration files, and data appropriate to the situation. The information is gathered using a specific script or tool for each product and can include a host support bundle from the ESXi host and vCenter Server support bundle. Data collected in a host support bundle may be considered sensitive.

This article provides the procedures for obtaining this diagnostic information of all ESX/ESXi hosts using VMware vSphere PowerCLI.

 #Variable declaration
$vCenterUsername="domain\user" #Any User name who has access to Vcenter.
$destination ="C:\Users\user\Desktop\naga\" #Location where to download support bundles
Write-Host "Connecting to vCenter" -foregroundcolor "magenta"
Connect-VIServer -Server $vCenterIPorFQDN -User $vCenterUsername -Password $vCenterPassword
$hosts = Get-VMHost #Retrieve all hosts from vCenter
Write-Host "Downloading vCenter support bundle" -foregroundcolor "magenta"
Get-Log -Bundle -DestinationPath $destination
foreach ($esxihost in $hosts){
Write-Host "Downloading support bundle for ESXi host $($esxihost.Name)" -foregroundcolor "magenta"
Get-Log -VMHost (Get-VMHost -Name $esxihost.Name) -Bundle -DestinationPath $destination

/lib/ bad ELF interpreter: No such file or directory

Wednesday, September 13, 2017 0
When we encounter this error /lib/ bad ELF interpreter: No such file or directory this is how you can fix it:

This will happen only on 64 bit systems, the cause is the fact that 32 bit libraries are missing from the system, so we can easily fix this issue by installing the 32 bit libraries on our system.


yum -y install glibc.i686

If the issue happen in  Debian/Ubuntu/Mint

apt-get update
apt-get install ia32-libs

That's it.

How to Clone the LVM2 Volume Groups?

Wednesday, September 13, 2017 0
These instructions describe the steps required to clone an LVM2 volume
group by creating a duplicate copy of the physical storage (PVs). This
requires the VG be deactivated while the clone is created and

The volume group being cloned, CloneVG consists of two PVs originally present
on /dev/testpv0 and /dev/testpv1. A new volume group named CloneVG-clone will
be created on devices /dev/testpv2 and /dev/testpv3.

1. Deactivate the VG

       # vgchange -an CloneVG

2. Create the cloned PV(s)

       E.g., dd, clone LUNs on storage, break mirror etc.

       # dd if=/dev/testpv0 of=/dev/testpv2
       # dd if=/dev/testpv1 of=/dev/testpv3

3. For each original PV, create a filter entry in /etc/lvm/lvm.conf to
temporarily mask the PV from the LVM tools.

Preserve a copy of the original filtering rules so that it can be
restored at the end of the process, for example:

       # cp /etc/lvm/lvm.conf /etc/lvm/lvm.conf.orig

To exclude the original loopback devices /dev/testpv0 and /dev/testpv1, the
filter line could look like this:

       filter = [ "r|/dev/testpv0|", "r|/dev/testpv1|", "a|.*|" ]

Or, using a regex to match both devices with a single rule:

       filter = [ "r|/dev/loop[01]|", "a|.*|" ]

Once the filters are set up, remove the LVM persistent cache:

       # rm -f /etc/lvm/.cache [versions before 2.02.23]
       # rm -f /etc/lvm/cache/.cache [version 2.02.23 or later]

Verify that the filtering is correct by running pvscan:

       # pvscan
         PV /dev/testpv2   VG CloneVG         lvm2 [60.00 MB / 40.00 MB free]
         PV /dev/testpv3   VG CloneVG         lvm2 [60.00 MB / 40.00 MB free]
         Total: 2 [120.00 MB] / in use: 2 [120.00 MB] / in no VG: 0 [0   ]

Only the cloned PVs should be displayed. If the original PVs appear,
check the syntax of the filtering rule and clear the persistent cache

4. Modify the cloned volume group name, ID and physical volume IDs to
avoid name and UUID clashes between the original and cloned devices:

For each cloned physical volume, run:

       # pvchange --uuid /path/to/physical/volume

This will generate a new random UUID for the specified physical volume
and update the volume group metadata to reflect the changed identity.

For example:

       # pvchange --uuid /dev/testpv2
         Physical volume "/dev/testpv2" changed
         1 physical volume changed / 0 physical volumes not changed
       # pvchange --uuid /dev/testpv3
         Physical volume "/dev/testpv3" changed
         1 physical volume changed / 0 physical volumes not changed

Generate a new UUID for the entire volume group using vgchange:

       # vgchange --uuid CloneVG
         Volume group "CloneVG" successfully changed

Finally, rename the cloned VG:

       # vgrename CloneVG CloneVG-clone

5. Remove filtering rules & verify both VGs co-exist correctly

Restore the original filtering configuration and wipe the persistent cache:

       # cp /etc/lvm/lvm.conf.orig /etc/lvm/lvm.conf
       cp: overwrite `/etc/lvm/lvm.conf'? y
       # rm -f /etc/lvm/.cache

Run pvscan to verify the new and old VGs are correctly displayed:

       # pvscan
         PV /dev/testpv0   VG CloneVG         lvm2 [60.00 MB / 40.00 MB free]
         PV /dev/testpv1   VG CloneVG         lvm2 [60.00 MB / 40.00 MB free]

         PV /dev/testpv2   VG CloneVG-clone   lvm2 [60.00 MB / 40.00 MB free]
         PV /dev/testpv3   VG CloneVG-clone   lvm2 [60.00 MB / 40.00 MB free]
         Total: 4 [240.00 MB] / in use: 4 [240.00 MB] / in no VG: 0 [0  ]

6. Activate volume groups

Both the original and cloned VGs can now be activated simultaneously:

       # vgchange -ay CloneVG
         1 logical volume(s) in volume group "CloneVG" now active

       # vgchange -ay CloneVG-clone
         1 logical volume(s) in volume group "CloneVG-clone" now active

Friday, September 8, 2017

How to setup passwordless `sudo` on Linux Easily

Friday, September 08, 2017 0
To allow  all users to set-up password-less sudo
Edit the visudo file by simply typing


to allow all users to run all commands without a password.
Add the following line for a user called username alone  to setup password-less sudo


Add the following line for a group called wheel to set-up password-less sudo

# %wheel        ALL=(ALL)       NOPASSWD: ALL

Adding a user to Sudoers in simple way

Friday, September 08, 2017 0
Login as root to server. The root user are the only one who has privilege to add new user.

Once you logged-in, you may now try the following commands below:

    Create a new user.
    useradd  [username]
    Add password to user
    passwd [username]
    Grant root privileges to user Edit the visudo file by simply typing
    enter code here

Find the following line of code: 

root ALL=(ALL) ALL
Then add this code below:
[username] ALL=(ALL) ALL
In Otherway
 su - root
and enter your password, then :
echo 'USERNAME ALL=(ALL:ALL) ALL' >> /etc/sudoers

  to add the user in sudoers file

Thursday, September 7, 2017

How to create Software Raid & How to replace the failed disk?

Thursday, September 07, 2017 0

Now let's create our RAID arrays /dev/md0/dev/md1, and /dev/md2 
/dev/sdb1 will be added to /dev/md0 
/dev/sdb2 to /dev/md1, and /dev/sdb3 to/dev/md2 

/dev/sda1/dev/sda2, and /dev/sda3 can't be added right now (because the system is currently running on them), therefore we use the placeholder missing in the following three commands:

mdadm --create /dev/md0 --level=1 --raid-disks=2 missing /dev/sdb1

mdadm --create /dev/md1 --level=1 --raid-disks=2 missing /dev/sdb2

mdadm --create /dev/md2 --level=1 --raid-disks=2 missing /dev/sdb3

The command

cat /proc/mdstat

should now show that you have three degraded RAID arrays ([_U] or [U_] means that an array is degraded while [UU] means that the array is ok):

server1:~# cat /proc/mdstat

Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10]

md2 : active raid1 sdb3[1]

      4594496 blocks [2/1] [_U]

md1 : active raid1 sdb2[1]

      497920 blocks [2/1] [_U]

md0 : active raid1 sdb1[1]

      144448 blocks [2/1] [_U]

unused devices: <none>

Next we create filesystems on our RAID arrays (ext3 on /dev/md0 and /dev/md2 and swap on /dev/md1):

mkfs.ext3 /dev/md0

mkswap /dev/md1

mkfs.ext3 /dev/md2

Next we must adjust /etc/mdadm/mdadm.conf (which doesn't contain any information about our new RAID arrays yet) to the new situation:

cp /etc/mdadm/mdadm.conf /etc/mdadm/mdadm.conf_orig

mdadm --examine --scan >> /etc/mdadm/mdadm.conf

At the bottom of the file you should now see details about our three (degraded) RAID arrays:

# mdadm.conf
# Please refer to mdadm.conf(5) for information about this file.

# by default, scan all partitions (/proc/partitions) for MD superblocks.
# alternatively, specify devices to scan, using wildcards if desired.
DEVICE partitions

# auto-create devices with Debian standard permissions
CREATE owner=root group=disk mode=0660 auto=yes

# automatically tag new arrays as belonging to the local system
HOMEHOST <system>

# instruct the monitoring daemon where to send mail alerts

# This file was auto-generated on Mon, 26 Nov 2007 21:22:04 +0100
# by mkconf $Id: mkconf 261 2006-11-09 13:32:35Z madduck $
ARRAY /dev/md0 level=raid1 num-devices=2 UUID=72d23d35:35d103e3:01b5209e:be9ff10a
ARRAY /dev/md1 level=raid1 num-devices=2 UUID=a50c4299:9e19f9e4:01b5209e:be9ff10a
ARRAY /dev/md2 level=raid1 num-devices=2 UUID=99fee3a5:ae381162:01b5209e:be9ff10a

Now up to the GRUB boot loader. Open /boot/grub/menu.lst and add fallback 1 right after default 0:

vi /boot/grub/menu.lst

default         0
fallback        1

This makes that if the first kernel (counting starts with 0, so the first kernel is 0) fails to boot, kernel #2 will be booted.

In the same file, go to the bottom where you should find some kernel stanzas. Copy the first of them and paste the stanza before the first existing stanza; replaceroot=/dev/sda3 with root=/dev/md2 and root (hd0,0) with root (hd1,0):

## ## End Default Options ##

title           Debian GNU/Linux, kernel 2.6.18-4-486 RAID (hd1)
root            (hd1,0)
kernel          /vmlinuz-2.6.18-4-486 root=/dev/md2 ro
initrd          /initrd.img-2.6.18-4-486

title           Debian GNU/Linux, kernel 2.6.18-4-486
root            (hd0,0)
kernel          /vmlinuz-2.6.18-4-486 root=/dev/sda3 ro
initrd          /initrd.img-2.6.18-4-486

title           Debian GNU/Linux, kernel 2.6.18-4-486 (single-user mode)
root            (hd0,0)
kernel          /vmlinuz-2.6.18-4-486 root=/dev/sda3 ro single
initrd          /initrd.img-2.6.18-4-486


root (hd1,0) refers to /dev/sdb which is already part of our RAID arrays. We will reboot the system in a few moments; the system will then try to boot from our (still degraded) RAID arrays; if it fails, it will boot from /dev/sda (-> fallback 1).

Next we adjust our ramdisk to the new situation:

update-initramfs -u

Now we copy the contents of /dev/sda1 and /dev/sda3 to /dev/md0 and /dev/md2 (which are mounted on /mnt/md0 and /mnt/md2):

cp -dpRx / /mnt/md2

cd /boot

cp -dpRx . /mnt/md0

Preparing GRUB (Part 1)

Afterwards we must install the GRUB bootloader on the second hard drive /dev/sdb:


On the GRUB shell, type in the following commands:

root (hd0,0)

grub> root (hd0,0)

 Filesystem type is ext2fs, partition type 0x83


setup (hd0)

grub> setup (hd0)

 Checking if "/boot/grub/stage1" exists... no

 Checking if "/grub/stage1" exists... yes

 Checking if "/grub/stage2" exists... yes

 Checking if "/grub/e2fs_stage1_5" exists... yes

 Running "embed /grub/e2fs_stage1_5 (hd0)"...  15 sectors are embedded.


 Running "install /grub/stage1 (hd0) (hd0)1+15 p (hd0,0)/grub/stage2 /grub/menu.lst"... succeeded



root (hd1,0)

grub> root (hd1,0)

 Filesystem type is ext2fs, partition type 0xfd


setup (hd1)

grub> setup (hd1)

 Checking if "/boot/grub/stage1" exists... no

 Checking if "/grub/stage1" exists... yes

 Checking if "/grub/stage2" exists... yes

 Checking if "/grub/e2fs_stage1_5" exists... yes

 Running "embed /grub/e2fs_stage1_5 (hd1)"...  15 sectors are embedded.


 Running "install /grub/stage1 (hd1) (hd1)1+15 p (hd1,0)/grub/stage2 /grub/menu.lst"... succeeded




Now, back on the normal shell, we reboot the system and hope that it boots ok from our RAID arrays:


Preparing /dev/sda

If all goes well, you should now find /dev/md0 and /dev/md2 in the output of

df -h

server1:~# df -h

Filesystem            Size  Used Avail Use% Mounted on

/dev/md2              4.4G  730M  3.4G  18% /

tmpfs                 126M     0  126M   0% /lib/init/rw

udev                   10M   68K   10M   1% /dev

tmpfs                 126M     0  126M   0% /dev/shm

/dev/md0              137M   17M  114M  13% /boot

The output of

cat /proc/mdstat

should be as follows:

server1:~# cat /proc/mdstat

Personalities : [raid1]

md2 : active raid1 sdb3[1]

      4594496 blocks [2/1] [_U]

md1 : active raid1 sdb2[1]

      497920 blocks [2/1] [_U]

md0 : active raid1 sdb1[1]

      144448 blocks [2/1] [_U]

unused devices: <none>


Now we must change the partition types of our three partitions on /dev/sda to Linux raid autodetect as well:

fdisk /dev/sda

server1:~# fdisk /dev/sda

Command (m for help): <-- t

Partition number (1-4): <-- 1

Hex code (type L to list codes): <-- fd

Changed system type of partition 1 to fd (Linux raid autodetect)

Command (m for help): <-- t

Partition number (1-4): <-- 2

Hex code (type L to list codes): <-- fd

Changed system type of partition 2 to fd (Linux raid autodetect)

Command (m for help): <-- t

Partition number (1-4): <-- 3

Hex code (type L to list codes): <-- fd

Changed system type of partition 3 to fd (Linux raid autodetect)

Command (m for help): <-- w

The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.

The kernel still uses the old table.

The new table will be used at the next reboot.

Syncing disks.


Now we can add /dev/sda1/dev/sda2, and /dev/sda3 to the respective RAID arrays:

mdadm --add /dev/md0 /dev/sda1

mdadm --add /dev/md1 /dev/sda2

mdadm --add /dev/md2 /dev/sda3

Now take a look at

cat /proc/mdstat

... and you should see that the RAID arrays are being synchronized:

server1:~# cat /proc/mdstat

Personalities : [raid1]

md2 : active raid1 sda3[2] sdb3[1]

      4594496 blocks [2/1] [_U]

      [=====>...............]  recovery = 29.7% (1367040/4594496) finish=0.6min speed=85440K/sec

md1 : active raid1 sda2[0] sdb2[1]

      497920 blocks [2/2] [UU]

md0 : active raid1 sda1[0] sdb1[1]

      144448 blocks [2/2] [UU]

unused devices: <none>


(You can run

watch cat /proc/mdstat

to get an ongoing output of the process. To leave watch, press CTRL+C.)

Wait until the synchronization has finished (the output should then look like this:

server1:~# cat /proc/mdstat

Personalities : [raid1]

md2 : active raid1 sda3[0] sdb3[1]

      4594496 blocks [2/2] [UU]

md1 : active raid1 sda2[0] sdb2[1]

      497920 blocks [2/2] [UU]

md0 : active raid1 sda1[0] sdb1[1]

      144448 blocks [2/2] [UU]

unused devices: <none>



Then adjust /etc/mdadm/mdadm.conf to the new situation:

cp /etc/mdadm/mdadm.conf_orig /etc/mdadm/mdadm.conf

mdadm --examine --scan >> /etc/mdadm/mdadm.conf

/etc/mdadm/mdadm.conf should now look something like this:

cat /etc/mdadm/mdadm.conf

# mdadm.conf
# Please refer to mdadm.conf(5) for information about this file.

# by default, scan all partitions (/proc/partitions) for MD superblocks.
# alternatively, specify devices to scan, using wildcards if desired.
DEVICE partitions

# auto-create devices with Debian standard permissions
CREATE owner=root group=disk mode=0660 auto=yes

# automatically tag new arrays as belonging to the local system
HOMEHOST <system>

# instruct the monitoring daemon where to send mail alerts

# This file was auto-generated on Mon, 26 Nov 2007 21:22:04 +0100
# by mkconf $Id: mkconf 261 2006-11-09 13:32:35Z madduck $
ARRAY /dev/md0 level=raid1 num-devices=2 UUID=72d23d35:35d103e3:2b3d68b9:a903a704
ARRAY /dev/md1 level=raid1 num-devices=2 UUID=a50c4299:9e19f9e4:2b3d68b9:a903a704
ARRAY /dev/md2 level=raid1 num-devices=2 UUID=99fee3a5:ae381162:2b3d68b9:a903a704

8 Preparing GRUB (Part 2)

We are almost done now. Now we must modify /boot/grub/menu.lst again. Right now it is configured to boot from /dev/sdb (hd1,0). Of course, we still want the system to be able to boot in case /dev/sdb fails. Therefore we copy the first kernel stanza (which contains hd1), paste it below and replace hd1 withhd0. Furthermore we comment out all other kernel stanzas so that it looks as follows:

vi /boot/grub/menu.lst

## ## End Default Options ##

title           Debian GNU/Linux, kernel 2.6.18-4-486 RAID (hd1)
root            (hd1,0)
kernel          /vmlinuz-2.6.18-4-486 root=/dev/md2 ro
initrd          /initrd.img-2.6.18-4-486

title           Debian GNU/Linux, kernel 2.6.18-4-486 RAID (hd0)
root            (hd0,0)
kernel          /vmlinuz-2.6.18-4-486 root=/dev/md2 ro
initrd          /initrd.img-2.6.18-4-486

#title          Debian GNU/Linux, kernel 2.6.18-4-486
#root           (hd0,0)
#kernel         /vmlinuz-2.6.18-4-486 root=/dev/sda3 ro
#initrd         /initrd.img-2.6.18-4-486

#title          Debian GNU/Linux, kernel 2.6.18-4-486 (single-user mode)
#root           (hd0,0)
#kernel         /vmlinuz-2.6.18-4-486 root=/dev/sda3 ro single
#initrd         /initrd.img-2.6.18-4-486


In the same file, there's a kopt line; replace /dev/sda3 with /dev/md2 (don't remove the # at the beginning of the line!):

# kopt=root=/dev/md2 ro

Afterwards, update your ramdisk:

update-initramfs -u

... and reboot the system:



Now let's simulate a hard drive failure. It doesn't matter if you select /dev/sda or /dev/sdb here. In this example I assume that /dev/sdb has failed.

To simulate the hard drive failure, you can either shut down the system and remove /dev/sdb from the system, or you (soft-)remove it like this:

mdadm --manage /dev/md0 --fail /dev/sdb1

mdadm --manage /dev/md1 --fail /dev/sdb2

mdadm --manage /dev/md2 --fail /dev/sdb3

mdadm --manage /dev/md0 --remove /dev/sdb1

mdadm --manage /dev/md1 --remove /dev/sdb2

mdadm --manage /dev/md2 --remove /dev/sdb3

Shut down the system:

shutdown -h now

Then put in a new /dev/sdb drive (if you simulate a failure of /dev/sda, you should now put/dev/sdb in /dev/sda's place and connect the new HDD as /dev/sdb!) and boot the system. It should still start without problems.

Now run

cat /proc/mdstat

and you should see that we have a degraded array:

server1:~# cat /proc/mdstat

Personalities : [raid1]

md2 : active raid1 sda3[0]

      4594496 blocks [2/1] [U_]

md1 : active raid1 sda2[0]

      497920 blocks [2/1] [U_]

md0 : active raid1 sda1[0]

      144448 blocks [2/1] [U_]

unused devices: <none>


The output of

fdisk -l

should look as follows:

server1:~# fdisk -l

Disk /dev/sda: 5368 MB, 5368709120 bytes

255 heads, 63 sectors/track, 652 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System

/dev/sda1   *           1          18      144553+  fd  Linux raid autodetect

/dev/sda2              19          80      498015   fd  Linux raid autodetect

/dev/sda3              81         652     4594590   fd  Linux raid autodetect

Disk /dev/sdb: 5368 MB, 5368709120 bytes

255 heads, 63 sectors/track, 652 cylinders

Units = cylinders of 16065 * 512 = 8225280 bytes

Disk /dev/sdb doesn't contain a valid partition table

Disk /dev/md0: 147 MB, 147914752 bytes

2 heads, 4 sectors/track, 36112 cylinders

Units = cylinders of 8 * 512 = 4096 bytes

Disk /dev/md0 doesn't contain a valid partition table

Disk /dev/md1: 509 MB, 509870080 bytes

2 heads, 4 sectors/track, 124480 cylinders

Units = cylinders of 8 * 512 = 4096 bytes

Disk /dev/md1 doesn't contain a valid partition table

Disk /dev/md2: 4704 MB, 4704763904 bytes

2 heads, 4 sectors/track, 1148624 cylinders

Units = cylinders of 8 * 512 = 4096 bytes

Disk /dev/md2 doesn't contain a valid partition table


Now we copy the partition table of /dev/sda to /dev/sdb:

sfdisk -d /dev/sda | sfdisk /dev/sdb

(If you get an error, you can try the --force option:

sfdisk -d /dev/sda | sfdisk --force /dev/sdb


server1:~# sfdisk -d /dev/sda | sfdisk /dev/sdb

Checking that no-one is using this disk right now ...


Disk /dev/sdb: 652 cylinders, 255 heads, 63 sectors/track

sfdisk: ERROR: sector 0 does not have an msdos signature

 /dev/sdb: unrecognized partition table type

Old situation:

No partitions found

New situation:

Units = sectors of 512 bytes, counting from 0

   Device Boot    Start       End   #sectors  Id  System

/dev/sdb1   *        63    289169     289107  fd  Linux raid autodetect

/dev/sdb2        289170   1285199     996030  fd  Linux raid autodetect

/dev/sdb3       1285200  10474379    9189180  fd  Linux raid autodetect

/dev/sdb4             0         -          0   0  Empty

Successfully wrote the new partition table

Re-reading the partition table ...

If you created or changed a DOS partition, /dev/foo7, say, then use dd(1)

to zero the first 512 bytes:  dd if=/dev/zero of=/dev/foo7 bs=512 count=1

(See fdisk(8).)


Afterwards we remove any remains of a previous RAID array from /dev/sdb...

mdadm --zero-superblock /dev/sdb1

mdadm --zero-superblock /dev/sdb2

mdadm --zero-superblock /dev/sdb3

... and add /dev/sdb to the RAID array:

mdadm -a /dev/md0 /dev/sdb1

mdadm -a /dev/md1 /dev/sdb2

mdadm -a /dev/md2 /dev/sdb3

Now take a look at

cat /proc/mdstat

server1:~# cat /proc/mdstat

Personalities : [raid1]

md2 : active raid1 sdb3[2] sda3[0]

      4594496 blocks [2/1] [U_]

      [======>..............]  recovery = 30.8% (1416256/4594496) finish=0.6min speed=83309K/sec

md1 : active raid1 sdb2[1] sda2[0]

      497920 blocks [2/2] [UU]

md0 : active raid1 sdb1[1] sda1[0]

      144448 blocks [2/2] [UU]

unused devices: <none>


Wait until the synchronization has finished:

server1:~# cat /proc/mdstat

Personalities : [raid1]

md2 : active raid1 sdb3[1] sda3[0]

      4594496 blocks [2/2] [UU]

md1 : active raid1 sdb2[1] sda2[0]

      497920 blocks [2/2] [UU]

md0 : active raid1 sdb1[1] sda1[0]

      144448 blocks [2/2] [UU]

unused devices: <none>


Then run


and install the bootloader on both HDDs:

root (hd0,0)

setup (hd0)

root (hd1,0)

setup (hd1)


That's it. You've just replaced a failed hard drive in your RAID1 array.