LinuxQuestions.org
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   aide -i give me errors about prelink, in spite of disabling it! (https://www.linuxquestions.org/questions/linux-security-4/aide-i-give-me-errors-about-prelink-in-spite-of-disabling-it-4175521756/)

massy 10-11-2014 03:17 AM
aide -i give me errors about prelink, in spite of disabling it!
 
I tried disabling PRELINKIN and running prelink -ua after that, but these errors are shown, yet!
Code:

sudo aide -i
/usr/sbin/prelink: /usr/lib64/libplumbgpl.so.2.0.0: at least one of file's dependencies has changed since prelinking
Error on exit of prelink child process
/usr/sbin/prelink: /usr/lib64/libpils.so.2.0.0: at least one of file's dependencies has changed since prelinking
Error on exit of prelink child process
/usr/sbin/prelink: /usr/lib64/libplumb.so.2.1.0: at least one of file's dependencies has changed since prelinking
Error on exit of prelink child process

AIDE, version 0.14

### AIDE database at /var/lib/aide/aide.db.new.gz initialized.

unSpawn 10-11-2014 09:00 PM
Quote:
Originally Posted by massy (Post 5252221)
Code:
/usr/sbin/prelink: /usr/lib64/libplumbgpl.so.2.0.0: at least one of file's dependencies has changed since prelinking
Error on exit of prelink child process
Apparently AIDE is still configured or compiled to perform prelinking. Undo that.

massy 10-12-2014 02:17 AM
Quote:
Originally Posted by unSpawn (Post 5252501)
Apparently AIDE is still configured or compiled to perform prelinking. Undo that.
The error is shown:
Code:
prelink -ua
prelink: /usr/lib64/firefox/plugin-container: Could not parse `/usr/lib64/firefox/plugin-container: /usr/lib64/xulrunner/libxul.so: no version information available (required by /usr/lib64/firefox/plugin-container)'

unSpawn 10-12-2014 05:23 AM
I'm sorry I should have said you should 0) check your AIDE configuration to see if prelinking is enabled there. Then disable it. If it is not then 1) recompile AIDE without prelinking. In both cases you have to initialize your database afterwards.

massy 10-12-2014 08:09 AM
Quote:
Originally Posted by unSpawn (Post 5252612)
I'm sorry I should have said you should 0) check your AIDE configuration to see if prelinking is enabled there. Then disable it. If it is not then 1) recompile AIDE without prelinking. In both cases you have to initialize your database afterwards.
There were n't prelink enable in the aide config file!
What do you mean by that: recompile aide without prelinking!
I did aide -i again and I receive the errors, yet!

unSpawn 10-12-2014 08:38 AM
When you compile AIDE from source there is a configuration option called "--with-prelink". So you could try building AIDE with
Code:
./configure --without-prelink
before you run
Code:
make && make install
and try again.

massy 10-15-2014 03:04 AM
Quote:
Originally Posted by unSpawn (Post 5252681)
When you compile AIDE from source there is a configuration option called "--with-prelink". So you could try building AIDE with
Code:
./configure --without-prelink
before you run
Code:
make && make install
and try again.
Thank you, I tried it but I get these errors during configure:
Code:
./configure --without-prelink --without-zlib
...
You need to have libgpg-error.a installed to use libgcrypt
And when I try to install the library via yum, I get the message:
Code:
yum install libgpg-error
Loaded plugins: fastestmirror, refresh-packagekit, replace, security
Loading mirror speeds from cached hostfile
 * base: mi.mirror.garr.it
 * epel: ftp.jaist.ac.jp
 * extras: mi.mirror.garr.it
 * updates: mi.mirror.garr.it
 * webtatic: uk.repo.webtatic.com
Setting up Install Process
Package libgpg-error-1.7-4.el6.x86_64 already installed and latest version
Nothing to do

massy 10-15-2014 03:06 AM
Quote:
Originally Posted by massy (Post 5253993)
Thank you, I tried it but I get these errors during configure:
Code:
./configure --without-prelink --without-zlib
...
You need to have libgpg-error.a installed to use libgcrypt
And when I try to install the library via yum, I get the message:
Code:
yum install libgpg-error
Loaded plugins: fastestmirror, refresh-packagekit, replace, security
Loading mirror speeds from cached hostfile
 * base: mi.mirror.garr.it
 * epel: ftp.jaist.ac.jp
 * extras: mi.mirror.garr.it
 * updates: mi.mirror.garr.it
 * webtatic: uk.repo.webtatic.com
Setting up Install Process
Package libgpg-error-1.7-4.el6.x86_64 already installed and latest version
Nothing to do
I've used the link to download the source package:
http://sourceforge.net/projects/aide...e=typ_redirect

unSpawn 10-15-2014 02:13 PM
Quote:
Originally Posted by massy (Post 5253993)
Code:
Package libgpg-error-1.7-4.el6.x86_64 already installed and latest version
Nothing to do
You need the -devel package.

massy 10-18-2014 03:16 AM
Quote:
Originally Posted by unSpawn (Post 5254247)
You need the -devel package.
Package libgpg-error-devel-1.7-4.el6.x86_64 already installed and latest version
Nothing to do

unSpawn 10-18-2014 06:22 AM
Please run
Code:
./configure --without-prelink --without-zlib > /tmp/configure.log 2>&1
and attach or post the complete "/tmp/configure.log" file.

massy 10-20-2014 02:11 AM
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-unknown-linux-gnu
checking target system type... x86_64-unknown-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking for style of include used by make... GNU
checking dependency style of gcc... gcc3
checking whether make sets $(MAKE)... (cached) yes
checking for ranlib... ranlib
checking for bison... bison -y
checking for flex... flex
checking lex output file root... lex.yy
checking lex library... -lfl
checking whether yytext is a pointer... yes
checking for ld... ld
checking for pkg-config... /usr/bin/pkg-config
checking for library containing syslog... none required
checking for vsyslog... yes
checking how to run the C preprocessor... gcc -E
checking for grep that handles long lines and -e... /bin/grep
checking for egrep... /bin/grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking whether byte ordering is bigendian... no
checking for byte... no
checking for ushort... yes
checking for ulong... yes
checking for u16... no
checking for u32... no
checking for u64... no
checking size of unsigned short... 2
checking size of unsigned int... 4
checking size of unsigned long... 8
checking size of long long... 8
checking size of unsigned long long... 8
checking for long double with more range or precision than double... yes
checking for ANSI C header files... (cached) yes
checking for strtoll... yes
checking for strtoimax... yes
checking for readdir... yes
checking args to readdir_r... POSIX
checking for stricmp... no
checking for strnstr... no
checking for strnlen... yes
checking for mmap... yes
checking for fcntl... yes
checking for ftruncate... yes
checking for posix_fadvise... yes
checking for asprintf... yes
checking for snprintf... yes
checking for vasprintf... yes
checking for vsnprintf... yes
checking for va_copy... no
checking for __va_copy... no
checking for ISO C99 compliant snprintf... yes
checking for ISO C99 compliant vsnprintf... yes
checking for open/O_NOATIME... no
checking syslog.h usability... yes
checking syslog.h presence... yes
checking for syslog.h... yes
checking for inttypes.h... (cached) yes
checking fcntl.h usability... yes
checking fcntl.h presence... yes
checking for fcntl.h... yes
checking ctype.h usability... yes
checking ctype.h presence... yes
checking for ctype.h... yes
checking for sun-acl-support... no
checking for posix-acl-support... no
checking for selinux-support... no
checking for prelink-support... no
checking for xattr-support... no
checking for e2fsattrs-support... no
checking for lstat64... yes
checking for stat64... yes
checking for readdir64... yes
checking for readdir64_r... yes
checking size of off_t... 8
checking size of off64_t... 8
checking for LFS ino_t... ino_t
checking for LFS dirent... dirent64
checking for regexec... no
checking for regcomp... no
checking for mhash_get_block_size in -lmhash... no
configure: WARNING: No mhash means no hmac.
checking for gpg_strerror in -lgpg-error... no
configure: error: You need to have libgpg-error.a installed to use libgcrypt.

unSpawn 10-20-2014 04:26 PM
See if adding configure flag "--disable-static" works.

massy 10-22-2014 05:26 AM
Quote:
Originally Posted by unSpawn (Post 5256760)
See if adding configure flag "--disable-static" works.
Thank you. I did these steps:
1- ./configure ...
2-make
3-make install
Now I want to initial aide, and I used this command:
Code:
aide --init --config=aide.conf
and the error is shown:
aide: command not found

unSpawn 10-22-2014 12:24 PM
Quote:
Originally Posted by massy (Post 5257594)
aide: command not found
Try supplying the full path?


All times are GMT -5. The time now is 05:34 PM.
Page 1 of 2 1 2
Show 50 post(s) from this thread on one page