[CentOS] How can binaries be different when package versions are identical? (mkfs.ext3 on CentOS 5.4)

Bond Masuda bond.masuda at jlbond.com
Thu Jul 1 02:30:40 UTC 2010 

i think you'll need to re-read the man pages on prelink. specifically, the
-y or --md5 or --sha options. that is essentially what rpm -V does, it does
an "undo" of the prelink to verify the original binary file's hash; which
will be the same for the same version of software from the same package.
doing an md5sum/sha1sum on prelinked binaries is meaningless now.

i know this whole 'prelink' thing throws people off the first time they
encounter it. especially if you're doing computer forensics and you haven't
been made aware of this, it'll drive you nuts until you understand prelink.
personally speaking, i think this 'optimization' comes at a cost, but one
eventually gets use to it.

hope that helps...
-Bond

> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Aleksey Tsalolikhin
> Sent: Wednesday, June 30, 2010 6:00 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] How can binaries be different when package
> versions are identical? (mkfs.ext3 on CentOS 5.4)
> 
> I read up on "prelink" as suggested; and used "ldd /sbin/mkfs.ext3" to
> see what the dependencies (libraries) are.
> 
> There are 13 dependencies; file size is the same between servers but
> md5sum's are different!
> 
> Most of these libraries have other libraries they call; I finally
> drilled down
> to ld-2.5.so which is statically built.
> 
> Same thing: same file size, same datestamp, same package version; but
> the binary is actually different; yet rpm -V does not complain.  Why?
> 
> (Both systems are running CentOS 5.4; one was deployed in December
> 2009,
> the other in April 2010.)
> 
> [root at server1 /lib64]# ls -l ld-2.5.so
> -rwxr-xr-x 1 root root 139416 Sep  2  2009 ld-2.5.so
> [root at server1 /lib64]# md5sum ld-2.5.so
> ad38c69452b3990852c0d3e0ea51a31b  ld-2.5.so
> [root at server1 /lib64]# ldd ld-2.5.so
>         statically linked
> [root at server1 /lib64]# rpm -q -f /lib64/ld-2.5.so
> glibc-2.5-42
> [root at server1 /lib64]# rpm -V glibc
> [root at server1 /lib64]#
> 
> 
> [root at server2 /lib64]# ls -l ld-2.5.so
> -rwxr-xr-x 1 root root 139416 Sep  2  2009 ld-2.5.so
> [root at server2 /lib64]# md5sum ld-2.5.so
> ddb5ad336c3cf40ee2c69b91ef7bfd04  ld-2.5.so
> [root at server2 /lib64]# ldd ld-2.5.so
>         statically linked
> [root at server2 /lib64]#
> [root at server2 /lib64]# rpm -q -f /lib64/ld-2.5.so
> glibc-2.5-42
> [root at server2 /lib64]# rpm -V glibc-2.5-42
> [root at server2 /lib64]#
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

More information about the CentOS mailing list