Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
makes your own rpms

So where I work we have around 100 or so RH9 servers. Most of these are cranking 24/7 and its the general rule of thumb around here that if something isn't broke.. lets not fix it. So as you may know RH9 isn't supported anymore. So if a new openssh problem is released.. there is no offical RH patch for 9. So what can you do?


Well you have two options..

1) remove the openssh rpms and install from source (yuck!)

2) grab a nice.. say core3 source rpm and rebuild it (yes!)


well I guess you know which one i like. For me to rebuild the source on all machines would take awhile. If i build a rpm made for RH9 it will work on the rest of my servers. So I have a dedicated apt server that hosts all the RH9 rpms and updates. Once i place an update there others will find it and install the update.. then i'm done.


So here are some simple instructions for building your own rpm.. the easy way.


So lets grab and install the core2 openssh source rpm


rpm -ivh


now lets try to build the rpm


rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec


we now see we get something like this (probably anyway)


[root@monitor root]# rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec
error: Failed build dependencies:
       sharutils is needed by openssh-3.6.1p2-34
       gnome-libs-devel is needed by openssh-3.6.1p2-34
[root@monitor root]#


so we have some depandancy issues. DAMN! the good thing is they can easily be worked out. . so both of these packages are avaliable for RH9 so we can either install them or work around it. Installing them is staight forward. My goal is to teach you how to work around these.. so lets so that.


so edit the file /usr/src/redhat/SPECS/openssh.spec

look for the following line. (line #123 on my file)


BuildPreReq: openssl-devel, perl, sharutils, tcp_wrappers, zlib-devel


change it to


BuildPreReq: openssl-devel, perl, tcp_wrappers, zlib-devel


now lets run it again


[root@monitor root]# rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec
error: Failed build dependencies:
       gnome-libs-devel is needed by openssh-3.6.1p2-34
[root@monitor root]#


great.. down to the gnome library devel package. so now lets ax that out


so look for this line

line #16 for me


%define no_gnome_askpass 0


and change it to

%define no_gnome_askpass 1


now lets run rpmbuild command again


NOTE: on my system.. i don't place the path to kerberos in my path. I need kerberos auth on my system. if you don't want it.. look for %define kerberos5 1 and make it a 0


rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec


now thats all my depandancies.. you may have more that you will need to install rpms for to get it to compile.. this is just a gernal doc on how to keep a system upgraded by working with a fedora source rpm. It makes my life 10x easier :)


now i see it made this


Wrote: /usr/src/redhat/SRPMS/openssh-3.6.1p2-34.src.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-3.6.1p2-34.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-clients-3.6.1p2-34.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-server-3.6.1p2-34.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-debuginfo-3.6.1p2-34.i386.rpm


there's my new rpms i can dist out to all other RH9 servers.. so openssh will continue to be secure


J to the Y strikes again!


good post as usual jy, pinned !






I'm doing a page that i will provide my custom spec files and such




I will try to keep that updated if there is even just a little interest in it


Here is what i have completed so far












i'm hoping to make an apt sit for my upgrades for rh9 soon. Here are the rpm's i've built from a fully upgraded RH9 system based on the offical Redhat upgrades


[root@test SPECS]# ls /usr/src/redhat/RPMS/i386/
apr-0.9.4-23.i386.rpm                   openssl-debuginfo-0.9.7a-40.i386.rpm
apr-debuginfo-0.9.4-23.i386.rpm         openssl-devel-0.9.7a-40.i386.rpm
apr-devel-0.9.4-23.i386.rpm             openssl-perl-0.9.7a-40.i386.rpm
apr-util-0.9.4-17.i386.rpm              pcre-4.5-3.i386.rpm
apr-util-debuginfo-0.9.4-17.i386.rpm    pcre-debuginfo-4.5-3.i386.rpm
apr-util-devel-0.9.4-17.i386.rpm        pcre-devel-4.5-3.i386.rpm
aspell-0.50.5-3.fc3.i386.rpm            php-4.3.9-3.i386.rpm
aspell-debuginfo-0.50.5-3.fc3.i386.rpm  php-debuginfo-4.3.9-3.i386.rpm
aspell-devel-0.50.5-3.fc3.i386.rpm      php-devel-4.3.9-3.i386.rpm
bind-9.2.4-2.i386.rpm                   php-domxml-4.3.9-3.i386.rpm
bind-chroot-9.2.4-2.i386.rpm            php-gd-4.3.9-3.i386.rpm
bind-debuginfo-9.2.4-2.i386.rpm         php-imap-4.3.9-3.i386.rpm
bind-devel-9.2.4-2.i386.rpm             php-ldap-4.3.9-3.i386.rpm
bind-libs-9.2.4-2.i386.rpm              php-mbstring-4.3.9-3.i386.rpm
bind-utils-9.2.4-2.i386.rpm             php-mysql-4.3.9-3.i386.rpm
file-4.10-2.i386.rpm                    php-ncurses-4.3.9-3.i386.rpm
file-debuginfo-4.10-2.i386.rpm          php-odbc-4.3.9-3.i386.rpm
httpd-2.0.52-3.i386.rpm                 php-pear-4.3.9-3.i386.rpm
httpd-debuginfo-2.0.52-3.i386.rpm       php-pgsql-4.3.9-3.i386.rpm
httpd-devel-2.0.52-3.i386.rpm           php-snmp-4.3.9-3.i386.rpm
httpd-manual-2.0.52-3.i386.rpm          php-xmlrpc-4.3.9-3.i386.rpm
httpd-suexec-2.0.52-3.i386.rpm          postfix-2.1.5-2.2.i386.rpm
mod_ssl-2.0.52-3.i386.rpm               postfix-debuginfo-2.1.5-2.2.i386.rpm
net-snmp-5.1.2-11.i386.rpm              postfix-pflogsumm-2.1.5-2.2.i386.rpm
net-snmp-libs-5.1.2-11.i386.rpm         sendmail-8.13.1-2.i386.rpm
net-snmp-perl-5.1.2-11.i386.rpm         sendmail-cf-8.13.1-2.i386.rpm
net-snmp-utils-5.1.2-11.i386.rpm        sendmail-debuginfo-8.13.1-2.i386.rpm
openssh-3.9p1-7.i386.rpm                sendmail-devel-8.13.1-2.i386.rpm
openssh-clients-3.9p1-7.i386.rpm        sendmail-doc-8.13.1-2.i386.rpm
openssh-debuginfo-3.9p1-7.i386.rpm      vsftpd-2.0.1-5.i386.rpm
openssh-server-3.9p1-7.i386.rpm         vsftpd-debuginfo-2.0.1-5.i386.rpm


thanks to dallas for offering me some bandwidth/space

I just did a rpm for gnome 2.8 for redhat 9

Quote:So as you may know RH9 isn't supported anymore

and yet Jy ignores that obvious advice and 'keeps the dream alive' [img]<___base_url___>/uploads/emoticons/default_laugh.png[/img]


very nice idea Jy.. and well executed too.


Forum Jump:

Users browsing this thread: 1 Guest(s)