$ /courses/linux/interview
Not a Top-30 with a list of answers. Each question is a card: what they want to hear, the usual traps, a follow-up, and links into the knowledge base for depth. Right now 47 questions across 7 clusters.
Each cluster is an independent topic. Open the one you're weakest on, or go in order.
/processes
8 questionsA core cluster. The questions here trip up even strong candidates, because a Linux process has many edge-case details: PID 1, zombies, fork/exec, the difference between a signal and a system call. These come up for Backend, SRE, DevOps, and Platform engineers about equally often.
/network
8 questionsNetworking questions are their own layer. Even strong Linux engineers slip here if they have not worked closely with networks. TCP states, MTU, NAT, routing, and iptables/nftables are must-know for SRE, DevOps, and Platform. The questions are drawn from interviews at Cloudflare, Datadog, Hashicorp, and Russian infrastructure teams.
/filesystem
6 questionsQuestions about how the file system is built and where even experienced engineers slip. Inode versus path, hard link versus symlink, the df-versus-du discrepancy, fsync and what it costs, mount options and why they exist. These topics come up for Backend and SRE roles, anyone who deals with persistent storage.
/troubleshooting
8 questionsScenario questions are the most valuable in an interview. Not 'what is load average' but 'the on-call engineer calls, the server is slow, what do you do first'. These questions separate the person who read the textbook from the person who has put out incidents by hand. The scenarios are real cases from SRE interviews at Cloudflare, Datadog, Yandex, Avito, and mid-size Russian infrastructure teams.
/observability
6 questionsQuestions about how to see what the system is doing right now. perf, strace, eBPF, metrics, logs, and traces are tools at different levels. In senior interviews the expectation is that you know which tool fits which situation and what each one costs. Junior questions about basic `top`/`htop`/`journalctl` also live here.
/scripting
6 questionsA core cluster for anyone who writes glue code on Linux. Questions about strict mode, argument handling, signals in bash, and the difference between a pipe and process substitution. It looks shallow, but this is where carelessness gets caught most often. One missing `IFS=` breaks a script on a file with a space in its name.
/security
5 questionsLinux defense mechanisms. SUID and its modern alternatives (capabilities), two MAC frameworks (SELinux on RHEL, AppArmor on Ubuntu), seccomp for restricting syscalls, and basic kernel hardening through sysctl. These come up in security-engineer and senior SRE interviews, and after a privilege-escalation CVE they show up in just about any DevOps interview.