Linux基础——RPM包构建

一、下载源码包

1、下载相关包

mkdir /root/rpmrebuild/

cd /root/rpmrebuild/SOURCES

wget https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.9p2.tar.gz
wget http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-1.2.4.1.tar.gz

 

二、拷贝openssh.spec到/root/rpmrebuild/SPECS/



cd /root/rpmrebuild/SOURCES


tar -xf openssh-9.9p2.tar.gz

cp SOURCES/openssh-9.9p2/contrib/redhat/openssh.spec ./SPECS/





三、解决依赖问题




# 涉及依赖问题
[root@harbor rpmbuild]# ls SOURCES/
openssh-9.9p2  openssh-9.9p2.tar.gz  x11-ssh-askpass-1.2.4.1.tar.gz
[root@harbor rpmbuild]# rpmbuild -bb /root/rpmbuild/SPECS/openssh.spec
warning: line 95: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh
warning: line 97: prereq is deprecated: PreReq: initscripts >= 5.00
warning: line 132: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-clients
warning: line 137: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-server
warning: line 147: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-extras
warning: line 153: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-extras
error: Failed build dependencies:
        /usr/include/security/pam_appl.h is needed by openssh-9.9p2-1.oe1.bclinux.x86_64
        gtk2-devel is needed by openssh-9.9p2-1.oe1.bclinux.x86_64
        imake is needed by openssh-9.9p2-1.oe1.bclinux.x86_64
        libXt-devel is needed by openssh-9.9p2-1.oe1.bclinux.x86_64

# 检查pam模块版本
[root@harbor rpmbuild]# rpm -qa | grep pam
pam-1.4.0-5.oe1.x86_64
# 根据pam模块版本安装pam-devel依赖包
yum list available --showduplicates | grep pam-devel
yum install pam-devel-1.4.0-5.oe1.x86_64

# 安装依赖包
yum install gtk2-devel imake libXt-devel




四、开始构建RPM包




[root@harbor rpmbuild]# rpmbuild -bb /root/rpmbuild/SPECS/openssh.spec
warning: line 95: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh
warning: line 97: prereq is deprecated: PreReq: initscripts >= 5.00
warning: line 132: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-clients
warning: line 137: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-server
warning: line 147: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-extras
warning: line 153: It's not recommended to have unversioned Obsoletes: Obsoletes: ssh-extras
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.2IHAA8
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf openssh-9.9p2
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/openssh-9.9p2.tar.gz
+ /usr/bin/tar -xof -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd openssh-9.9p2
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz
+ /usr/bin/tar -xof -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ RPM_EC=0
++ jobs -p
+ exit 0
Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.nHd5JR
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.9p2
+ CFLAGS='-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/generic-hardened-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection '
+ export CFLAGS
+ CXXFLAGS='-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/generic-hardened-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection  -fexceptions'
+ export CXXFLAGS
+ FFLAGS='-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/generic-hardened-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection  -fexceptions -I/usr/lib64/gfortran/modules'
+ export FFLAGS
+ FCFLAGS='-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/generic-hardened-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection  -fexceptions -I/usr/lib64/gfortran/modules'
+ export FCFLAGS
+ LDFLAGS='-Wl,-z,relro   -Wl,-z,now -specs=/usr/lib/rpm/generic-hardened-ld'
+ export LDFLAGS
+ '[' 1 = 1 ']'
。。。。。。。。。。。。。






构建完成检查/root/rpmrebuild/RPMS包生成情况。




ls /root/rpmbuild/RPMS/






 五、测试




# 备份ssh执行指令
mkdir /root/ssh-bak
for i in `ls /usr/bin | grep "^ssh"`;do cp /usr/bin/$i /root/ssh-bak/;done

# 备份ssh的pam模块
cp /etc/pam.d/sshd /root/ssh-bak/sshd-pam

# 备份sshd服务
cp /usr/lib/systemd/system/sshd.service /root/ssh-bak/sshd.service

# 安装 openssh


cd /root/rpmbuild/RPMS/
yum localinstall x86_64/openssh*




 







        

            posted on 
2025-03-20 16:59 
gkhost 
阅读(295) 
评论(0) 
 
收藏 
举报

        

    











    
    

    
    

    

        

    

        

            
                
                
            
        

    

    
    

    

    





	






	
		
		

导航