Prelink is a tool wrote by Jakub Jelínek of RedHat used to decrease program load time, shortening system boot time and making applications start faster.

This feature is enabled by default on RedHat Enterprise Linux (RHEL) 6.3 and has been around for some time but is often overlooked.

How do you use it ? Well, the chances are that you are already, as it’s enabled in many Linux distributions by default. When you run a command, the pre-linking is taken care of automatically in the background.

To see if a command is pre-linked you can run the following command or look in /etc/prelink.conf.

$ prelink -p | grep '/bin/ls:'

Am example of how prelinking works using md5sum. The pre-linked 128-bit MD5 hash will be different on 2 boxes.

[host1]# md5sum /bin/ls
6efef7d0b1bebe6e17ff92d1105e5d7a  /bin/ls

[host2# md5sum /bin/ls
e0f53c5b1eeee686ed2e9f87bcf8bddc  /bin/ls

The un-prelinked MD5 hash will be the same between boxes of the same release and  same RPM version.

[host1# prelink -y /bin/ls | md5sum
d145719ea0ac2a61aca17b5ec9ff8a4b  -
[host2# prelink -y --md5 /bin/ls
d145719ea0ac2a61aca17b5ec9ff8a4b  /bin/ls

AIDE, the Advanced Intrusion Detection Environment (AIDE) is a popular security application that is prelink aware, which records the MD5 hashes, and makes comparisons when re-run at a later date.

After updating shared libraries, you should force prelink to run by running :

# touch /var/lib/misc/prelink.force
# /etc/cron.daily/prelink

If the Linux server is exposed, say it sits in a DMZ network zone, then you probably want to increase the security of the box. You can disable prelink by running the command :

# prelink -ua

In the file : /etc/sysconfig/prelink


You may find these helpful.


Jakub Jelínek’s paper

This entry was posted in linux. Bookmark the permalink.

One Response to Prelink

  1. k4nz4k1g4w4 says:

    thanks … very useful

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s