Python Troubleshooting Scenarios

advent2025 apache bash c caddy clickhouse csv data processing disk volumes dns docker envoy etcd git golang gunicorn hack haproxy harbor hashicorp vault helm java jenkins json kubernetes linux-other mongodb mysql nginx node.js php podman postgres prometheus python rabbitmq redis sql sqlite ssh ssl supervisord systemd traefik

realistic / interviews new pro business

Python

Scenarios with applications using Python

#	Name	Level	Time	Type
1	"Saint John": what is writing to this log file?	Easy	10 m	Fix No Registration	"Saint John": what is writing to this log file? Scenario: "Saint John": what is writing to this log file? Level: Easy Type: Fix Access: Public Description: A developer created a testing program that is continuously writing to a log file /var/log/bad.log and filling up disk. You can check for example with `tail -f /var/log/bad.log`. This program is no longer needed. Find it and terminate it. Do not delete the log file. Test: The log file size doesn't change (within a time interval bigger than the rate of change of the log file). The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 10 minutes.
2	Linux Server Review - Guided Learning	Easy	30 m	Do	Linux Server Review - Guided Learning Scenario: Linux Server Review - Guided Learning Level: Easy Type: Do Access: Email Description: This is a guided learning scenario. Follow this Linux Server Review Scenario Guide The purpose of this scenario is to review a Linux server and be able to answer questions like: What's the purpose of the server? What's the hardware (CPU / RAM / disk / net) utilization of the server? is there a problem there? What is running and what's going on in the server? Note: This challenge doesn't have a specific solution (there's no "Check My Solution") Test: (there's no test) Time to Solve: 30 minutes.
3	"Kampot": A New Port	Easy	10 m	Do	"Kampot": A New Port Scenario: "Kampot": A New Port Level: Easy Type: Do Access: Email Description: A Python app serving simulated bank data runs as root and listens on port 20280. The app is managed by supervisor and cannot be stopped or reconfigured to use a different port. An internal legacy monitoring system expects the service to be available on port 80, but the app is hardcoded to 20280 for security and legacy reasons. Your task is to make the service accessible on port 80 locally. Test: `curl localhost:80/accounts` returns `[{"id":1,"name":"Alice","type":"Checking"},{"id":2,"name":"Bob","type":"Savings"},{"id":3,"name":"Charlie","type":"Business"}]` The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 10 minutes.
4	"Melbourne": WSGI with Gunicorn	Medium	20 m	Fix Pro	"Melbourne": WSGI with Gunicorn Scenario: "Melbourne": WSGI with Gunicorn Level: Medium Type: Fix Access: Paid Description: There is a Python WSGI web application file at /home/admin/wsgi.py , the purpose of which is to serve the string "Hello, world!". This file is served by a Gunicorn server which is fronted by an nginx server (both servers managed by systemd). So the flow of an HTTP request is: Web Client (curl) -> Nginx -> Gunicorn -> wsgi.py . The objective is to be able to curl the localhost (on default port :80) and get back "Hello, world!", using the current setup. Test: `curl -s http://localhost` returns `Hello, world!` (serving the wsgi.py file via Gunicorn and Nginx) Time to Solve: 20 minutes.
5	"Paris": Where is my webserver?	Medium	15 m	Hack	"Paris": Where is my webserver? Scenario: "Paris": Where is my webserver? Level: Medium Type: Hack Access: Email Description: A developer put an important password on his webserver localhost:5000 . However, he can't find a way to recover it. This scenario is easy to to once you realize the one "trick". Find the password and save it in /home/admin/mysolution , for example: `echo "somepassword" > ~/mysolution` Scenario credit: PuppiestDoggo Test: `md5sum ~/mysolution` returns `d8bee9d7f830d5fb59b89e1e120cce8e` Time to Solve: 15 minutes.
6	"Buenos Aires": Kubernetes Pod Crashing	Medium	20 m	Fix	"Buenos Aires": Kubernetes Pod Crashing Scenario: "Buenos Aires": Kubernetes Pod Crashing Level: Medium Type: Fix Access: Email Description: There are two pods: "logger" and "logshipper" living in the default namespace. Unfortunately, logshipper has an issue (crashlooping) and is forbidden to see what logger is trying to say. Could you help fix Logshipper? Do not change the K8S definition of the logshipper pod. Use "sudo". Because k8s takes a minute or two to change the pod state initially, the check for the scenario is made to fail in the first two minutes. Credit Srivatsav Kondragunta Test: `kubectl get pods -l app=logshipper --no-headers -o json \| jq -r '.items[] \| "\(.status.containerStatuses[0].ready)"'` returns `true` Time to Solve: 20 minutes.
7	"Bekasi": Supervisor is still around	Medium	20 m	Fix Pro	"Bekasi": Supervisor is still around Scenario: "Bekasi": Supervisor is still around Level: Medium Type: Fix Access: Paid Description: There is an nginx service running on port 443, it is the main web server for the company and looks like a new employee has deployed some changes to the configuration of supervisor and now it is not working as expected. If you try to access `curl -k https://bekasi` it should return `Hello SadServers!` but for some reason it is not. You cannot modify files from the /home/admin/bekasi folder in order to pass the check.sh You must find out what the issue is and fix it. Test: `curl -k https://bekasi` returns `Hello SadServers!` The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 20 minutes.
8	"Tukaani": XZ LZMA Library Compromised	Medium	15 m	Fix Pro	"Tukaani": XZ LZMA Library Compromised Scenario: "Tukaani": XZ LZMA Library Compromised Level: Medium Type: Fix Access: Paid Description: (You can learn about Linux Libraries before starting this scenario). The Linux shared library liblzma.so has been compromised (the real compromised XZ Utils liblzma has not been used). The liblzma.so at the path /usr/lib/x86_64-linux-gnu/liblzma.so.5.2.5 is the good one. Consider the same library liblzma.so.5.2.5 at other paths as compromised or malicious (ideally we would have used other real versions with different checksums). Find all instances of this "malicious" liblzma library (remember, it's the same library but in different directory locations) and make it so none of the running processes use it, while the applications "webapp" and "jobapp" (both of which managed by systemd) still run properly (eg, stopping those applications is not a solution). Test: `lsof \| grep liblzma.so.5` returns only the liblzma in the path: /usr/lib/x86_64-linux-gnu/liblzma.so.5.2.5 The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 15 minutes.
9	"Atrani": Modify a SQlite3 Database	Medium	15 m	Fix Pro	"Atrani": Modify a SQlite3 Database Scenario: "Atrani": Modify a SQlite3 Database Level: Medium Type: Fix Access: Paid Description: A developer created a script /home/admin/readdb.py that tests access to a database. Without modifying the readdb.py file, change the database so that running the script returns the string "John Karmack". Test: Running /home/admin/readdb.py returns "John Karmack". The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 15 minutes.
10	"Batumi": Troubleshoot "A" cannot connect to "B"	Medium	20 m	Fix Pro	"Batumi": Troubleshoot "A" cannot connect to "B" Scenario: "Batumi": Troubleshoot "A" cannot connect to "B" Level: Medium Type: Fix Access: Paid Description: (To learn the skills to solve this challenge, see Can't Connect to a Service: Linux Troubleshooting Guide) There is a web server (Caddy) on HTTP port :80 but `curl http://127.0.0.1` doesn't work. Find out what's wrong and make the necessary fixes so the web server returns a URL. Note: as a limitation, the file /home/admin/db_connector.py must not be modified so that the challenge is considered solved properly. The web server has to respond on the IP address 127.0.0.1; not only on "localhost". Test: The command `curl http://127.0.0.1` returns a URL address. The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 20 minutes.
11	"Bharuch": Lost in Translation	Medium	20 m	Fix Pro	"Bharuch": Lost in Translation Scenario: "Bharuch": Lost in Translation Level: Medium Type: Fix Access: Paid Description: There's a Docker container that runs a web server on port 3000, but it's not working. Using the tooling and resources provided in the server, make the container run correctly. Test: `curl http://localhost:3000` should return "Hello from sadservers!" The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 20 minutes.
12	"Bizerte": The Slow Application	Medium	15 m	Fix	"Bizerte": The Slow Application Scenario: "Bizerte": The Slow Application Level: Medium Type: Fix Access: Email Description: A Python web application running on port 5000 from the /opt directory is experiencing severe performance issues; every request takes more than 5 seconds to complete. The application is supposed to use the redis-server cache service for speed. Your mission is to diagnose the performance bottleneck and restore the application to its normal, fast response time. Do not change the Python application file slow_app.py. Test: `curl localhost:5000` returns Data from FAST cache! The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 15 minutes.
13	"Singara": Docker and Kubernetes web app not working.	Hard	20 m	Fix	"Singara": Docker and Kubernetes web app not working. Scenario: "Singara": Docker and Kubernetes web app not working. Level: Hard Type: Fix Access: Email Description: There's a k3s Kubernetes install you can access with kubectl. The Kubernetes YAML manifests under `/home/admin` have been applied. The objective is to access from the host the "webapp" web server deployed and find what message it serves (it's a name of a town or city btw). In order to pass the check, the webapp Docker container should not be run separately outside Kubernetes as a shortcut. Test: `curl localhost:8888` returns a value from the webapp deployed Kubernetes pod. Time to Solve: 20 minutes.
14	"Chennai": Pull a Rabbit from a Hat	Hard	30 m	Fix Pro	"Chennai": Pull a Rabbit from a Hat Scenario: "Chennai": Pull a Rabbit from a Hat Level: Hard Type: Fix Access: Paid Description: There is a RabbitMQ (RMQ) cluster defined in a docker-compose.yml file. Bring this system up and then run the producer.py script in such a way that is able to send messages to RMQ. In particular you have to send the message "hello-lwc". - RMQ is a queuing system: messages are put in the queue with a "producer" and they are taken out from the other side by a "consumer". The queue name has to be the same for both. - To send the message "hello-lwc": `python3 ~/producer.py hello-lwc`. Should return `Message sent to RabbitMQ`. "IncompatibleProtocolError" means RMQ is not working properly. - To test consuming it: `python3 ~/consumer.py`, this will retrieve the next message from the queue and print it. Once everything is working send more than one message so there's at least one in the queue when the validation runs. - Do not change the consumer.py and producer.py files; if you do the Check My Solution will fail. Test: `python3 ~/consumer.py` returns `hello-lwc` See /home/admin/agent/check.sh for the exact test. Time to Solve: 30 minutes.
15	"Monaco": Disappearing Trick	Hard	30 m	Hack	"Monaco": Disappearing Trick Scenario: "Monaco": Disappearing Trick Level: Hard Type: Hack Access: Email Description: There is a web server on :5000 with a form. POSTing the correct form password into this web service will return a secret. Save this secret provided by the web page (not the password you sent to it) to /home/admin/mysolution, for example: `echo "SecretFromWebSite" > ~/mysolution` TIP: a developer worked on the web server code in this VM, using the same 'admin' account. Scenario credit: PuppiestDoggo Test: `md5sum /home/admin/mysolution` returns `a250aa19f16dda6f9fcef286f035ec4b` Time to Solve: 30 minutes.

Python Troubleshooting Scenarios

Python

Scenarios with applications using Python

"Saint John": what is writing to this log file?

Linux Server Review - Guided Learning

"Kampot": A New Port

"Melbourne": WSGI with Gunicorn

"Paris": Where is my webserver?

"Buenos Aires": Kubernetes Pod Crashing

"Bekasi": Supervisor is still around

"Tukaani": XZ LZMA Library Compromised

"Atrani": Modify a SQlite3 Database

"Batumi": Troubleshoot "A" cannot connect to "B"

"Bharuch": Lost in Translation

"Bizerte": The Slow Application

"Singara": Docker and Kubernetes web app not working.

"Chennai": Pull a Rabbit from a Hat

"Monaco": Disappearing Trick

Send Us Feedback or Get Notified