Ubuntu
eglibc package

Bug #915995
Comment #10

Comment 10 for bug 915995

Revision history for this message

Duane Rezac (duane-rezac-ctr) wrote on 2013-03-07:

#10

Here is something I have discoverd with this bug. The problem is caused by ldconfig following a symbolic link that points to a symbolic link. man ldconfig indicates that ldconfig should ignore symbolic links. We are running the McAfee Epo Ageent and LinuxShield. (we are also running the McAfee product on Redhat 5-enterprise, and this problem does not occur.)

In /lib, ld-nails.so.2 and ld-mfert.so.2 are both symboic links that point to a ld-linux.so.2 in McAfees /lib, ld-linux.so.2 in the mcafee libs are symbolic links to a mcafee lib. For Example. ld-mfert.so.2 in /lib points to /opt/McAfee/runtime/2.0/lib/ld-linux.so.2 which is a symbolic link to /opt/McAfee/runtime/2.0/lib/ld-2.5.so

Output of ldconfig -N -X -v shows that ldconfig is linking ld-linux.so.2 to /lib/ld-nails.so.2 or /llib/d-mfert.so.2.

ldconfig is following the symbolic link in /lib, and since the McAfee files contain the SONAME ld-linux.so.2, it links them to /lib
It appears that ldconfig is resolving the links, as the ld-linux.so.2 that it links in /lib fromo the MacAfee file (in this case ld-mfert.so.2) will point to /opt/McAfee/runtime/2.0/lib/ld-2.5.so

Note: once your system has been corrupted, an easy fix is to boot with a live cd, mount the root file system (for example, to /mnt/fubarroot) then use copy -P to copy /lib/ld-linux.so.2 from the live cd to your mounted root file system's /lib (copy -P /lib/ld-linux.so.2 /mnt/fubarroot/lib ) - reboot and all is well until ldconfig gets run again. The best workarount I have seen is to shut down nails and cma, remove the links, run updates, re-create the McAfee Links, restart cma and nails.

Scripts I use:

mcoff
#!/bin/sh
# keep McAfee from stepping on /lib/ld-linux.so.2
# turn off McAfee and unlink libs in /lib
/etc/init.d/nails stop
/etc/init.d/cma stop
rm /lib/ld-mfert.so.2
rm /lib/ld-nails.so.2
echo McAfee Agent and VSE Disabled

mcon
#!/bin/sh
# keep McAfee from stepping on /lib/ld-linux.so.2
# re-enable links and restart McAfee

ln -s /opt/McAfee/runtime/2.0/lib/ld-linux.so.2 /lib/ld-mfert.so.2
ln -s /opt/NAI/LinuxShield/lib/ld-linux.so.2 /lib/ld-nails.so.2
/etc/init.d/cma start
/etc/init.d/nails start
echo McAfee Agent and VSE enabled

Here is something I have discoverd with this bug.  The problem is caused by ldconfig following a symbolic link that points to a symbolic link.  man ldconfig indicates that ldconfig should ignore symbolic links.  We are running the McAfee Epo Ageent and LinuxShield. (we are also running the McAfee product on Redhat 5-enterprise, and this problem does not occur.)

In /lib,  ld-nails.so.2 and ld-mfert.so.2 are both symboic links that point to a ld-linux.so.2 in McAfees /lib,  ld-linux.so.2 in the mcafee libs are symbolic links to a mcafee lib.  For Example. ld-mfert.so.2 in /lib points to /opt/McAfee/runtime/2.0/lib/ld-linux.so.2 which is a symbolic link to /opt/McAfee/runtime/2.0/lib/ld-2.5.so

Output of ldconfig  -N -X  -v shows that ldconfig is linking ld-linux.so.2 to /lib/ld-nails.so.2 or /llib/d-mfert.so.2.

ldconfig is following the symbolic link in /lib, and since the McAfee files contain the SONAME ld-linux.so.2, it links them to /lib
It appears that ldconfig is resolving the links, as the ld-linux.so.2 that it links in /lib  fromo the MacAfee file (in this case ld-mfert.so.2) will point to /opt/McAfee/runtime/2.0/lib/ld-2.5.so

Note: once your system has been corrupted, an easy fix is to boot with a live cd, mount the root file system (for example, to /mnt/fubarroot)  then use copy -P to copy /lib/ld-linux.so.2 from the live cd to your mounted root file system's /lib  (copy -P /lib/ld-linux.so.2 /mnt/fubarroot/lib ) - reboot and all is well until ldconfig gets run again.  The best workarount I have seen is to shut down nails and cma, remove the links, run updates, re-create the McAfee Links, restart cma and nails.

Scripts I use:

mcon
#!/bin/sh
# keep McAfee from stepping on /lib/ld-linux.so.2
# re-enable links and restart McAfee

Ubuntueglibc package

Comment 10 for bug 915995

Ubuntu
eglibc package