Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
makes your own rpms
#1

So where I work we have around 100 or so RH9 servers. Most of these are cranking 24/7 and its the general rule of thumb around here that if something isn't broke.. lets not fix it. So as you may know RH9 isn't supported anymore. So if a new openssh problem is released.. there is no offical RH patch for 9. So what can you do?

 

Well you have two options..

1) remove the openssh rpms and install from source (yuck!)

2) grab a nice.. say core3 source rpm and rebuild it (yes!)

 

well I guess you know which one i like. For me to rebuild the source on all machines would take awhile. If i build a rpm made for RH9 it will work on the rest of my servers. So I have a dedicated apt server that hosts all the RH9 rpms and updates. Once i place an update there others will find it and install the update.. then i'm done.

 

So here are some simple instructions for building your own rpm.. the easy way.

 

So lets grab and install the core2 openssh source rpm

 



Code:
rpm -ivh http://ayo.freshrpms.net/fedora/linux/2/i386/SRPMS.core/openssh-3.6.1p2-34.src.rpm




 

now lets try to build the rpm

 



Code:
rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec




 

we now see we get something like this (probably anyway)

 



Code:
[root@monitor root]# rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec
error: Failed build dependencies:
       sharutils is needed by openssh-3.6.1p2-34
       gnome-libs-devel is needed by openssh-3.6.1p2-34
[root@monitor root]#




 

so we have some depandancy issues. DAMN! the good thing is they can easily be worked out. . so both of these packages are avaliable for RH9 so we can either install them or work around it. Installing them is staight forward. My goal is to teach you how to work around these.. so lets so that.

 

so edit the file /usr/src/redhat/SPECS/openssh.spec

look for the following line. (line #123 on my file)

 



Code:
BuildPreReq: openssl-devel, perl, sharutils, tcp_wrappers, zlib-devel




 

change it to

 



Code:
BuildPreReq: openssl-devel, perl, tcp_wrappers, zlib-devel




 

now lets run it again

 



Code:
[root@monitor root]# rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec
error: Failed build dependencies:
       gnome-libs-devel is needed by openssh-3.6.1p2-34
[root@monitor root]#




 

great.. down to the gnome library devel package. so now lets ax that out

 

so look for this line

line #16 for me

 



Code:
%define no_gnome_askpass 0




 

and change it to



Code:
%define no_gnome_askpass 1




 

now lets run rpmbuild command again

 

NOTE: on my system.. i don't place the path to kerberos in my path. I need kerberos auth on my system. if you don't want it.. look for %define kerberos5 1 and make it a 0

 



Code:
rpmbuild -ba /usr/src/redhat/SPECS/openssh.spec




 

now thats all my depandancies.. you may have more that you will need to install rpms for to get it to compile.. this is just a gernal doc on how to keep a system upgraded by working with a fedora source rpm. It makes my life 10x easier :)

 

now i see it made this

 



Code:
Wrote: /usr/src/redhat/SRPMS/openssh-3.6.1p2-34.src.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-3.6.1p2-34.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-clients-3.6.1p2-34.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-server-3.6.1p2-34.i386.rpm
Wrote: /usr/src/redhat/RPMS/i386/openssh-debuginfo-3.6.1p2-34.i386.rpm




 

there's my new rpms i can dist out to all other RH9 servers.. so openssh will continue to be secure

 

J to the Y strikes again!

Reply
#2

good post as usual jy, pinned !

 

cheers

 

anyweb

Reply
#3

I'm doing a page that i will provide my custom spec files and such

 

[/url][url=http://www.zcentric.com/linux/]http://www.zcentric.com/linux/

 

I will try to keep that updated if there is even just a little interest in it

 

Here is what i have completed so far

 

openssh

vsftpd

proftpd

openssl

php

httpd

bind

postfix

sendmail

Reply
#4

i'm hoping to make an apt sit for my upgrades for rh9 soon. Here are the rpm's i've built from a fully upgraded RH9 system based on the offical Redhat upgrades

 



Code:
[root@test SPECS]# ls /usr/src/redhat/RPMS/i386/
apr-0.9.4-23.i386.rpm                   openssl-debuginfo-0.9.7a-40.i386.rpm
apr-debuginfo-0.9.4-23.i386.rpm         openssl-devel-0.9.7a-40.i386.rpm
apr-devel-0.9.4-23.i386.rpm             openssl-perl-0.9.7a-40.i386.rpm
apr-util-0.9.4-17.i386.rpm              pcre-4.5-3.i386.rpm
apr-util-debuginfo-0.9.4-17.i386.rpm    pcre-debuginfo-4.5-3.i386.rpm
apr-util-devel-0.9.4-17.i386.rpm        pcre-devel-4.5-3.i386.rpm
aspell-0.50.5-3.fc3.i386.rpm            php-4.3.9-3.i386.rpm
aspell-debuginfo-0.50.5-3.fc3.i386.rpm  php-debuginfo-4.3.9-3.i386.rpm
aspell-devel-0.50.5-3.fc3.i386.rpm      php-devel-4.3.9-3.i386.rpm
bind-9.2.4-2.i386.rpm                   php-domxml-4.3.9-3.i386.rpm
bind-chroot-9.2.4-2.i386.rpm            php-gd-4.3.9-3.i386.rpm
bind-debuginfo-9.2.4-2.i386.rpm         php-imap-4.3.9-3.i386.rpm
bind-devel-9.2.4-2.i386.rpm             php-ldap-4.3.9-3.i386.rpm
bind-libs-9.2.4-2.i386.rpm              php-mbstring-4.3.9-3.i386.rpm
bind-utils-9.2.4-2.i386.rpm             php-mysql-4.3.9-3.i386.rpm
file-4.10-2.i386.rpm                    php-ncurses-4.3.9-3.i386.rpm
file-debuginfo-4.10-2.i386.rpm          php-odbc-4.3.9-3.i386.rpm
httpd-2.0.52-3.i386.rpm                 php-pear-4.3.9-3.i386.rpm
httpd-debuginfo-2.0.52-3.i386.rpm       php-pgsql-4.3.9-3.i386.rpm
httpd-devel-2.0.52-3.i386.rpm           php-snmp-4.3.9-3.i386.rpm
httpd-manual-2.0.52-3.i386.rpm          php-xmlrpc-4.3.9-3.i386.rpm
httpd-suexec-2.0.52-3.i386.rpm          postfix-2.1.5-2.2.i386.rpm
mod_ssl-2.0.52-3.i386.rpm               postfix-debuginfo-2.1.5-2.2.i386.rpm
net-snmp-5.1.2-11.i386.rpm              postfix-pflogsumm-2.1.5-2.2.i386.rpm
net-snmp-debuginfo-5.1.2-11.i386.rpm    proftpd-1.2.10-8.1.fc3.fr.i386.rpm
net-snmp-devel-5.1.2-11.i386.rpm        proftpd-debuginfo-1.2.10-8.1.fc3.fr.i386.rpm
net-snmp-libs-5.1.2-11.i386.rpm         sendmail-8.13.1-2.i386.rpm
net-snmp-perl-5.1.2-11.i386.rpm         sendmail-cf-8.13.1-2.i386.rpm
net-snmp-utils-5.1.2-11.i386.rpm        sendmail-debuginfo-8.13.1-2.i386.rpm
openssh-3.9p1-7.i386.rpm                sendmail-devel-8.13.1-2.i386.rpm
openssh-clients-3.9p1-7.i386.rpm        sendmail-doc-8.13.1-2.i386.rpm
openssh-debuginfo-3.9p1-7.i386.rpm      vsftpd-2.0.1-5.i386.rpm
openssh-server-3.9p1-7.i386.rpm         vsftpd-debuginfo-2.0.1-5.i386.rpm
openssl-0.9.7a-40.i386.rpm




 

thanks to dallas for offering me some bandwidth/space

Reply
#5
I just did a rpm for gnome 2.8 for redhat 9
Reply
#6

Quote:So as you may know RH9 isn't supported anymore
 

and yet Jy ignores that obvious advice and 'keeps the dream alive' [img]<___base_url___>/uploads/emoticons/default_laugh.png[/img]

 

very nice idea Jy.. and well executed too.

Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)