ldconfig follows symbolic links, causing unintended links in /lib

ldconfig is following symbolic links and creating unintended and potential harmful links in /lib

In my case, this was first shown when we installed McAfee EpoAgent and LinuxShield. The system crashed, and failed on boot as init was unable to load shared libraries. Booting with a live cd showed that /lib/ld-linux-so.2 had been linkded to a McAfee Library.

while I have seen the behavior of ld-linux.so.2 getting linked to the McAfee libraries in bug reports, the root cause was not found and the bugs closed, apparently with the assumption that it was some type of McAfee problem. While I would question the validity of any application using it's own version of critical system files, that does not pertain to the problem of ldconfig following symbolic links.

ldconfig is following a symbolic links that points to a symbolic link. man page of ldconfig indicates that ldconfig should ignore symbolic links. We are running the McAfee Epo Agent (ver 4.6) and LinuxShield (ver 1.7.1) . These products create symbolic links ld-mfert.so.2 and ld-nails.so.2 in /lib (we are also running the McAfee product on Redhat 5-enterprise, and this problem does not occur.)

In /lib, ld-nails.so.2 and ld-mfert.so.2 are both symbolic links that point to a ld-linux.so.2 in one McAfees library directories. the ld-linux.so.2 in the mcafee libraries are symbolic links to a 2nd Mcafee library. For Example. /lib/ld-mfert.so.2 points to /opt/McAfee/runtime/2.0/lib/ld-linux.so.2 which is a symbolic link to /opt/McAfee/runtime/2.0/lib/ld-2.5.so. this file contains the SONAME ld-linux.so.2

Output of ldconfig -N -X -v shows that ldconfig is linking ld-linux.so.2 to /lib/ld-nails.so.2 or /llib/d-mfert.so.2. (appended to the end of this writeup, also a ls -l output of /lib showing the ld-nails.so.2 and ld-mfert.so.2 links)

ldconfig is following the symbolic link in /lib, and since the McAfee files contain the SONAME ld-linux.so.2, it links them to /lib
It appears that ldconfig is resolving the links, as the ld-linux.so.2 that it links in /lib fromo the MacAfee file (in this case ld-mfert.so.2) will point to /opt/McAfee/runtime/2.0/lib/ld-2.5.so

ldconfig -N -X -v of /lib: (shows ld-linux.so.2 will be linked to ld-mfert.so.2)

/lib:
 libnss_mdns6.so.2 -> libnss_mdns6.so.2
 libnss_mdns4_minimal.so.2 -> libnss_mdns4_minimal.so.2
 libnss_mdns4.so.2 -> libnss_mdns4.so.2
 libnl-3.so.200 -> libnl-3.so.200.3.0
 libipq_pic.so.0 -> libipq_pic.so.0.0.0
 libnss_mdns6_minimal.so.2 -> libnss_mdns6_minimal.so.2
 libnss_mdns.so.2 -> libnss_mdns.so.2
 libply-splash-graphics.so.2 -> libply-splash-graphics.so.2.0.0
 libulockmgr.so.1 -> libulockmgr.so.1.0.1
 libxtables.so.7 -> libxtables.so.7.0.0
 libdevmapper-event.so.1.02.1 -> libdevmapper-event.so.1.02.1
 libfuse.so.2 -> libfuse.so.2.8.6
 libx86.so.1 -> libx86.so.1
 libproc-3.2.8.so -> libproc-3.2.8.so
 liblvm2app.so.2.2 -> liblvm2app.so.2.2
 libply-splash-core.so.2 -> libply-splash-core.so.2.0.0
 libiw.so.30 -> libiw.so.30
 libdevmapper.so.1.02.1 -> libdevmapper.so.1.02.1
 libip4tc.so.0 -> libip4tc.so.0.0.0
 libply.so.2 -> libply.so.2.0.0
 libnewt.so.0.52 -> libnewt.so.0.52.11
 libnl-genl-3.so.200 -> libnl-genl-3.so.200.3.0
 libnss_mdns_minimal.so.2 -> libnss_mdns_minimal.so.2
 libipq.so.0 -> libipq.so.0.0.0
 libiptc.so.0 -> libiptc.so.0.0.0
 libsysfs.so.2 -> libsysfs.so.2.0.1
 ld-linux.so.2 -> ld-mfert.so.2
 libcryptsetup.so.4 -> libcryptsetup.so.4.0.0
 libbrlapi.so.0.5 -> libbrlapi.so.0.5.6
 libip6tc.so.0 -> libip6tc.so.0.0.0
 libply-boot-client.so.2 -> libply-boot-client.so.2.0.0

Output of ls-l ld* of /lib (shows ld-mfert.so.2 and ld-nails.so.2 are symbolic links )

lrwxrwxrwx 1 root root 25 Mar 6 07:55 ld-linux.so.2 -> i386-linux-gnu/ld-2.15.so*
lrwxrwxrwx 1 root root 41 Mar 6 12:32 ld-mfert.so.2 -> /opt/McAfee/runtime/2.0/lib/ld-linux.so.2*
lrwxrwxrwx 1 root root 38 Mar 7 07:19 ld-nails.so.2 -> /opt/NAI/LinuxShield/lib/ld-linux.so.2*