一、安装依赖包 yum -y install rpm-build gcc gcc-c++ glibc glibc-devel openssl-devel openssl \
prce pcre-devel zlib zlib-devel make wget krb5-devel pam-devel libX11-devel \
xmkmf libXt-devel initscripts libXt-devel imake gtk2-devel二、下载源码包 #wget http://ftp.riken.jp/Linux/momonga/6/Everything/SOURCES/x11-ssh-askpass-1.2.4.1.tar.gz
#wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.xp1.tar.gz三、构建openssh的rpm包 1、编译环境准备,生成编译目录 #rpmbuild -ba rpmbuild
[root@ansible-test ~]# cd rpmbuild/
[root@ansible-test rpmbuild]# ll
total 0
drwxr-xr-x. 3 root root 27 Oct 21 23:09 BUILD #存放源代码解压以后的文件,自己无需操作
drwxr-xr-x. 2 root root 6 Oct 21 23:10 BUILDROOT
drwxr-xr-x. 3 root root 20 Oct 20 05:21 RPMS #存放制作完成的RPM包,此目录下会有子目录
drwxr-xr-x. 2 root root 84 Oct 20 05:15 SOURCES #存放收集的原材料和配置文件,源码包,补丁包
drwxr-xr-x. 2 root root 26 Oct 21 23:09 SPECS #存放spec文件,每个rpm包的制作,都必须要有一个spec文件,用来指导文件。此文件以软件包的名字命名,以spec为扩展名
drwxr-xr-x. 2 root root 6 Oct 20 05:14 SRPMS #src格式的rpm包的存放位置。无平台相关的概念2、将源码包放入rpcbuild/SOURCES/目录下 [root@ansible-test rpmbuild]# ll SOURCES/
total 1812
-rw-r--r--. 1 root root 1814595 Oct 18 23:11 openssh-8.xp1.tar.gz #openssh的源码包
-rw-r--r--. 1 root root 904 Oct 20 05:15 sshd #pam.d 的认证sshd模块配置文件
-rw-r--r--. 1 root root 29229 Oct 18 23:11 x11-ssh-askpass-1.2.4.1.tar.gz #x11-ssh-askpass (可选)3、放入sshd的pam配置文件 [root@ansible-test rpmbuild]# cat SOURCES/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth substack password-auth
auth include postlogin
# Used with polkit to reauthorize users in remote sessions
-auth optional pam_reauthorize.so prepare
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session include password-auth
session include postlogin
# Used with polkit to reauthorize users in remote sessions
-session optional pam_reauthorize.so prepare4、将openssh源码解压到rpcbuild/BUILD/目录下 [root@ansible-test rpmbuild]# ll BUILD
total 32
drwxr-xr-x. 7 zj zj 16384 Oct 21 23:10 openssh-8.7p15、copy 源码中的spec文件 [root@ansible-test rpmbuild]# cp BUILD/openssh-8.7p1/contrib/redhat/openssh.spec SPECS/openssh.spec6、修改SPECS/openssh.spec文件以下行 11 # Do we want to disable building of x11-askpass? (1=yes 0=no)
12 %global no_x11_askpass 0
13
14 # Do we want to disable building of gnome-askpass? (1=yes 0=no)
15 %global no_gnome_askpass 0
​
89 Source2: sshd
104 #BuildRequires: openssl-devel < 1.1
​
​
280 #install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
281 install -m644 $RPM_SOURCE_DIR/sshd $RPM_BUILD_ROOT/etc/pam.d/sshd
284 install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin/ssh-copy-id
285 install -m755 contrib/ssh-copy-id.1 $RPM_BUILD_ROOT/usr/share/man/man1/ssh-copy-id.1.gz
​
344 %post server #安装后需要执行的命令
345 chmod 600 /etc/ssh/ssh_host_*_key
346 sed -i -e "s/#PermitRootLogin prohibit-password/PermitRootLogin no/g" /etc/ssh/sshd_config
347 sed -i -e "s/#PasswordAuthentication yes/PasswordAuthentication yes/g" /etc/ssh/sshd_config
348 sed -i -e "s/#UsePAM no/UsePAM yes/g" /etc/ssh/sshd_config
349 echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1" >>/etc/ssh/sshd_config
350 chmod +x /etc/init.d/sshd
351 /sbin/chkconfig --add sshd
​
397 %attr(0755,root,root) %{_bindir}/ssh-copy-id
402 %attr(0644,root,root) %{_mandir}/man1/ssh-copy-id.1*
7、开始构建rpm包,最后输出exit为正常 ]# rpmbuild -bb SPECS/openssh.specs
......
+ exit 08、最后在RPMS/子目录下生成rpm包 [root@ansible-test rpmbuild]# ll RPMS/x86_64/
total 4896
-rw-r--r--. 1 root root 676024 Oct 22 02:45 openssh-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root 44268 Oct 22 02:45 openssh-askpass-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root 25504 Oct 22 02:45 openssh-askpass-gnome-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root 620576 Oct 22 02:45 openssh-clients-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root 3172464 Oct 22 02:45 openssh-debuginfo-8.7p1-1.el7.x86_64.rpm
-rw-r--r--. 1 root root 461820 Oct 22 02:45 openssh-server-8.7p1-1.el7.x86_64.rpm如有问题,请留言一起探讨
|