| Summary: | aide and prelink false alarms | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Jason Priebe <jpriebe> | ||||
| Component: | aide | Assignee: | Daniel Kopeček <dkopecek> | ||||
| Status: | CLOSED WONTFIX | QA Contact: | Karel Srot <ksrot> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 6.4 | CC: | dkochuka, hkario, jstephen, kcleveng, ksrot, mcermak, mklika, mnewsome, mpoole, msaxena, nobody, pvrabec, rbinkhor, redhat-e27, rpiddapa, rrajaram, ssekidde, vvasilev | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | |||||||
| : | 1267143 (view as bug list) | Environment: | |||||
| Last Closed: | 2016-01-19 15:50:10 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Bug Depends On: | |||||||
| Bug Blocks: | 782183, 835616, 1002711, 1172231, 1271982 | ||||||
| Attachments: |
|
||||||
|
Description
Jason Priebe
2011-11-04 19:49:06 UTC
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. If you would like it considered as an exception in the current release, please ask your support representative. This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. It has been proposed for the next release. If you would like it considered as an exception in the current release, please ask your support representative. This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4. Changing component to prelink as this looks like a bug in prelink. This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux. Created attachment 659597 [details]
A partial fix for the prelink verify/directory modification problem
I made a trivial patch for the issue of prelink --verify modifying directories. It simply allows specifying the base pathnames (using the -o flag) for the temporary files created during the verify process.
It's only a partial fix, though, as it doesn't work properly for dependencies specified with relative paths. For example:
# ldd appletviewer
linux-vdso.so.1 => (0x00007fff2d88d000)
libz.so.1 => /lib64/libz.so.1 (0x0000003531000000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003530c00000)
libX11.so.6 => /usr/lib64/libX11.so.6 (0x0000003532800000)
libjli.so => /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/bin/./../jre/lib/amd64/jli/libjli.so (0x0000003530400000)
libdl.so.2 => /lib64/libdl.so.2 (0x0000003530800000)
libc.so.6 => /lib64/libc.so.6 (0x0000003530000000)
/lib64/ld-linux-x86-64.so.2 (0x000000352fc00000)
libxcb.so.1 => /usr/lib64/libxcb.so.1 (0x0000003533000000)
libXau.so.6 => /usr/lib64/libXau.so.6 (0x0000003532c00000)
# prelink -o /tmp/verify --verify appletviewer
prelink: /tmp/verify.#prelink#.yh3rOP: Recorded 9 dependencies, now seeing -1
This is because libjli.so is specified with a relative path, so depends on the executable being in /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/bin (for the case here).
That sounds like a flaw in aide, trying to verify something that really doesn't make sense to verify. prelink has to put the temporary files into the same directory as the libraries resp. programs for --verify, otherwise the dynamic linker could not find the right dependencies which can be relative to that (DT_RPATH, DT_RUNPATH etc.). If you don't want to modify the directory, you can only use prelink --undo -o - or similar, which isn't as strong verification as --verify, but doesn't need to write into the same directory. This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux. *** Bug 950625 has been marked as a duplicate of this bug. *** |