找回密码
 注册
查看: 2610|回復: 0

[教程分享] openssh源码编译rpm包

[複製鏈接]
Zhangjin 發表於 2021-11-11 11:48:04 | 顯示全部樓層 |閱讀模式
一、安装依赖包
yum -y install rpm-build gcc gcc-c++ glibc glibc-devel openssl-devel openssl \
               prce pcre-devel zlib zlib-devel make wget krb5-devel pam-devel libX11-devel \
               xmkmf libXt-devel initscripts libXt-devel imake gtk2-devel
二、下载源码包
#wget http://ftp.riken.jp/Linux/momonga/6/Everything/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz
#wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.xp1.tar.gz
三、构建openssh的rpm包
1、编译环境准备,生成编译目录
#rpmbuild -ba rpmbuild
[root@ansible-test ~]# cd rpmbuild/
[root@ansible-test rpmbuild]# ll
total 0
drwxr-xr-x. 3 root root 27 Oct 21 23:09 BUILD       #存放源代码解压以后的文件,自己无需操作   
drwxr-xr-x. 2 root root  6 Oct 21 23:10 BUILDROOT
drwxr-xr-x. 3 root root 20 Oct 20 05:21 RPMS        #存放制作完成的RPM包,此目录下会有子目录
drwxr-xr-x. 2 root root 84 Oct 20 05:15 SOURCES     #存放收集的原材料和配置文件,源码包,补丁包
drwxr-xr-x. 2 root root 26 Oct 21 23:09 SPECS       #存放spec文件,每个rpm包的制作,都必须要有一个spec文件,用来指导文件。此文件以软件包的名字命名,以spec为扩展名
drwxr-xr-x. 2 root root  6 Oct 20 05:14 SRPMS       #src格式的rpm包的存放位置。无平台相关的概念
2、将源码包放入rpcbuild/SOURCES/目录下
[root@ansible-test rpmbuild]# ll SOURCES/
total 1812
-rw-r--r--. 1 root root 1814595 Oct 18 23:11 openssh-8.xp1.tar.gz   #openssh的源码包
-rw-r--r--. 1 root root     904 Oct 20 05:15 sshd           #pam.d 的认证sshd模块配置文件
-rw-r--r--. 1 root root   29229 Oct 18 23:11 x11-ssh-askpass-1.2.4.1.tar.gz #x11-ssh-askpass  (可选)
3、放入sshd的pam配置文件
[root@ansible-test rpmbuild]# cat SOURCES/sshd
#%PAM-1.0
auth       required     pam_sepermit.so
auth       substack     password-auth
auth       include      postlogin
# Used with polkit to reauthorize users in remote sessions
-auth      optional     pam_reauthorize.so prepare
account    required     pam_nologin.so
account    include      password-auth
password   include      password-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    required     pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open env_params
session    required     pam_namespace.so
session    optional     pam_keyinit.so force revoke
session    include      password-auth
session    include      postlogin
# Used with polkit to reauthorize users in remote sessions
-session   optional     pam_reauthorize.so prepare
4、将openssh源码解压到rpcbuild/BUILD/目录下
[root@ansible-test rpmbuild]# ll BUILD
total 32
drwxr-xr-x. 7 zj zj 16384 Oct 21 23:10 openssh-8.7p1
5、copy 源码中的spec文件
[root@ansible-test rpmbuild]# cp BUILD/openssh-8.7p1/contrib/redhat/openssh.spec SPECS/openssh.spec
6、修改SPECS/openssh.spec文件以下行
11 # Do we want to disable building of x11-askpass? (1=yes 0=no)
12 %global no_x11_askpass 0
13
14 # Do we want to disable building of gnome-askpass? (1=yes 0=no)
15 %global no_gnome_askpass 0
​
89 Source2: sshd
  
104 #BuildRequires: openssl-devel < 1.1
&#8203;
&#8203;
280 #install -m644 contrib/redhat/sshd.pam     $RPM_BUILD_ROOT/etc/pam.d/sshd
281 install -m644 $RPM_SOURCE_DIR/sshd $RPM_BUILD_ROOT/etc/pam.d/sshd
284 install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin/ssh-copy-id
285 install -m755 contrib/ssh-copy-id.1 $RPM_BUILD_ROOT/usr/share/man/man1/ssh-copy-id.1.gz
&#8203;
344 %post server        #安装后需要执行的命令
345 chmod  600  /etc/ssh/ssh_host_*_key
346 sed -i -e  "s/#PermitRootLogin prohibit-password/PermitRootLogin no/g"    /etc/ssh/sshd_config
347 sed -i -e  "s/#PasswordAuthentication yes/PasswordAuthentication yes/g"  /etc/ssh/sshd_config
348 sed -i  -e  "s/#UsePAM no/UsePAM yes/g"  /etc/ssh/sshd_config
349 echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1" >>/etc/ssh/sshd_config
350 chmod +x /etc/init.d/sshd
351 /sbin/chkconfig --add sshd
&#8203;
397 %attr(0755,root,root) %{_bindir}/ssh-copy-id
402 %attr(0644,root,root) %{_mandir}/man1/ssh-copy-id.1*
7、开始构建rpm包,最后输出exit为正常
]# rpmbuild -bb SPECS/openssh.specs
......
+ exit 0
8、最后在RPMS/子目录下生成rpm包
[root@ansible-test rpmbuild]# ll RPMS/x86_64/
total 4896
-rw-r--r--. 1 root root  676024 Oct 22 02:45 openssh-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root   44268 Oct 22 02:45 openssh-askpass-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root   25504 Oct 22 02:45 openssh-askpass-gnome-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root  620576 Oct 22 02:45 openssh-clients-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root 3172464 Oct 22 02:45 openssh-debuginfo-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root  461820 Oct 22 02:45 openssh-server-8.7p1-1.el7.x86_64.rpm如有问题,请留言一起探讨

您需要登錄後才可以回帖 登录 | 注册

本版積分規則

手机版|小黑屋|Linux公社论坛

GMT+8, 2025-6-4 22:14 , Processed in 0.062500 second(s), 16 queries .

Powered by Discuz! X3.5

© 2001-2025 Discuz! Team.

快速回复 返回顶部 返回列表