RPM包制作
RPM包制作
制作RPM包一定不要使用管理员进行,因为管理员权限太大,在制作过程当中,一个命令使用错误,后果将是灾难性的。本身制作RPM包也用不到管理员权限,可以使用普通用户进行。
制作步骤:
1.Set up the directory structure
2.Place the sources in the right directory
3.Create a spec file that tells the rpmbuild command what to do
4.Build the source and binary RPMs
# 1.Set up the directory structure
Directory:
BUILD:The rpmbuild command builds software in this directory.
RPMS:The rpmbuild command stores binary RPMs, it creates in this directory.
SOURCES:You should put the sources for the application in this directory.
SPECS:You should place the spec file for each RPM you paln to make in this directory.
SRPMS:The rpmbuild command places source RPMS in this directory.
By default,Rea Hat Linux systems expect RPMs to be built in the /usr/src/redhat directory
# rpmbuild --showrc | grep macros
# 使用rpmbuild工具制作
# 安装工具
yum install rpmdevtools -y
# 执行如下rpmdev-setuptree生成rpmbuild的工作目录
rpmdev-setuptree
# 查看工作目录
tree rpmbuild/
rpmbuild/
├── BUILD # 打包过程中的工作目录
├── RPMS # 存放生成的二进制包
├── SOURCES # 放置打包资源,包括源码打包文件和补丁文件等
├── SPECS # 放置SPEC文档
└── SRPMS # 存放生成的源码包
ll -d rpmbuild/
drwxr-xr-x. 7 root root 72 Aug 21 17:25 rpmbuild/
cd ~/rpmbuild/SPECS/
vim myrpm.spec # 会自动生成模板,修改即可
vim myrpm.spec
Name: nginx
Version: 1.15.2
Release: 1%{?dist}
Summary: Asdas
License: GPL
URL: http://www.localhost
Source0: http://ftp.gnu.org/gnu/hello/%{name}-%{version}.tar.gz
BuildRequires: gettext
%description
Garena self-build Nginx.
%prep
%setup -q
%build
./configure --prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--pid-path=/usr/local/nginx/run/nginx.pid \
--with-http_ssl_module \
--with-http_stub_status_module
make %{?_smp_mflags}
%install
make install DESTDIR=%{buildroot}
%files
%defattr(-,root,root,-)
/usr/local
%changelog
# 执行打包命令
rpmbuild -bb htop2.2.0.spec
rpm包制作的七个部分
# rpm包制作,定义的.spec文件的7个组成部分:
1.introduction section
The introduction section contains information about the package,the type of information shown with the rpm -qi command
Summary:A light download accelerator for Linux
Name:axel
Version:2.4 # 版本号中不能使用“-”,“-”在RPM包中有特殊意义
Release:1%{?dist}
License:GPLv2
Group:Applications/Internet # 必须是这个文件中定义的组:cat /usr/share/doc/rpm-4.11.3/GROUPS
URL:http://axe1.alioth.debian.org/
Packager:marion <marion@sanzhang.com>
Vendor:sanzhang.com,http://www.sanzhang.com
Source:http://aliothdebian.org/frs/download.php/3015/axel-%{version}.tar.gz # %{version}宏,引用上面定义的 Version:2.4
BuildRoot:%{_tmppath}/%{name}-%{version}-%{release}-root # 制作的RPM包放置的位置
BuildRequires:gcc,binutils # 制作RPM包所依赖的其它RPM包
%description # 描述信息
Axel is a program that downloads a file from a FTP or HTTP server throuugh multiple connection,each connection downloads its own part of the file.
2.The prep section # 准备阶段
The prep section,short for prepare,defines the commands necessary to prepare for the build
If you are starting with a compressed tar archive(a tarball) of the sources, the prep section needs to extract the sources
The prep section starts with a %prep statement
This example uses the %setup RPM macro,which knows about tar archives,to extract the files
%prep
%setup
3.The build section
The spec file build section contains the commands to build the software
Usually,this will include just a few commands,since most of the real instructions appear in the Makefile
The build section starts with a %build statement
%build
. /configure\
--etcdir="%{_sysconfdir}"\
--mandir="%{_mandir}"\
--i18n="0"\
--scrip="0"
%{__make} %{?_smp_mflags} # __make引用的是具体命令,?表示引用宏,如果此宏存在就使用,不存在就不使用。
4.The install section
The spec file install sectin holds the commands necessary to install the newly built application or library
In most cases,your install section should clean out the Buildroot directory and run the make install command
The install section starts with a %install statement
%install
%{__rm} -rf %{buildroot} # 安装前,先清理上次的安装
%{__make} install DESTDIR="%{buildroot}"
%find_lang %{name}
5.The clean section
The clean section cleans up the files that the commands in the other sections create
The clean section starts with a %clean statement
%clean
%{__rm} -rf % {buildroot}
5.1 The script section
还可以有一个脚本段,有时候安装,删除,升级等操作,会需要使用脚本。
%pre # 在RPM执行安装前就要执行的脚本
%post # 安装后
%preun # 卸载工作之前就要执行的脚本
%postun # 卸载工作之后就要执行的脚本
6.The files section
Finally,the files section lists the files to go into the binary RPM,along with defined file attributes
The files section starts with a %files statement
The %doc macro marks certain files as documentation
This allows the RPM to distinguish the files holding documentation from the other files in the RPM
%files -f %{name}.lang
%defattr(~,root,root,0775)
%doc API CHANGES COPYING CREDITS README axelrc.example
%doc %{_mandir}/man1/axe1.1*
%doc %{_mandir}/*/man1/axe1.1*
%config %{sysconfdir}/axe1rc
/usr/local/bin/axe1
7.The changelog section # 用来定义我们这个安全包是第几个版本的日志
%changelog
rpmbuild --showrc | grep _topdir # _topdir,以_开头的,是宏;要是以__开头的,则是具体的命令。
-14: _topdir %(echo $HOME)/rpmbuild
如何修改宏并迁移工作目录至当前用户下的定义的工作目录?
在user1y用户家目录下定义一个文件叫 .rpmmacros
vim .rpmmacros
%_topdir /home/user1/rpmbuild
在加目录下创建rpm制作所需要的5个子目录:
mkdir -pv rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
rpmbuild --showrc | grep _topdir # 对当前用户来讲,宏_topdir已经修改成自己定义的路径,
rpm -qi httpd # 所查出的rpm包信息,都需要在rpm包中定义并自动生成。
install /etc/fstab /tmp # 拷贝fstab文件到tpm目录下
install -d /tmp/test # 在tmp下创建test目录
install /etc/sysconfig/network-scripts/ifcfg-eth0 /tmp/hehe # 拷贝ifcfg-eth0文件到tmp目录下,并重命名为hehe文件。
install -D /etc/sysconfig/network-scripts/ifcfg-eth0 /tmp/network-scripts/ifcfg-eth0 # 拷贝ifcfg-eth0文件,指定的拷贝到的目录如果不存在就重新创建。
rpm包制作命令
rpmbuild
选项:
-ba:bulid all,both a binary and source RPM
-bb:build a binary RPM
-bc:Build(compile) the program but do not make the full RPM,stopping just after the %build sectin
-bp:Prepare for building a binary RPM,and stop just after the %prep section
-bi:Create a binary RPM and stop just after the %install sectin
-bl:Check the listing of files for the RPM and generate errors if the buildroot is missing any of the files to be installed
-bs:Build a source RPM only
# Notice:Don't buld packages when you are logged in as the root user.
RPM包制作文件案例
cd ~/rpmbuild/SPECS
vim nginx.spec
Name: nginx
Version: 1.0.14 # 和软件包的版本一定要一致,不然解压的时候会有问题。
Release: 1%(?dist) # 添加自己的标识
Summary: A free,open-source,high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server.
Group: System Environment/Daemons
Vendor: http://www.sanzhang.com
Packager: SANZHANG <LINUXEDU@FOXMAIL.com>
License: BSD
URL: http://www.nginx.org/
BuildRoot: %(_tmppath)/%(name)-%(version)-%(release)-root
BuildRequires: pcre-devel,zlib-devel,openssl-devel
BuildRequires: libxslt-devel,gd-devel
Requires: pcre,openssl,gd # 安装依赖哪些包
# for /usr/sbin/useradd
Requires(pre): shadow-utils # 在执行%prep 脚本时依赖哪些包
Requires(post): chkconfig # # 在执行%post 脚本时依赖哪些包
# for /sbin/service
Requires(preun): chkconfig,initscripts # 卸载前的脚本依赖哪些包
Requires(postun): initscripts # 卸载后的脚本依赖哪些包
Provides: webserver # 此RPM提供的能力
Source0: http://sysoev.ru/nginx/nginx-%(version).tar.gz
Source1: nginx.init
%description
Nginx is a free,open-source,high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Igor Sysoev started development of Nginx in 2002,with the first public release in 2004. Nginx now hosts nearly 12.18%(22.2M) of active sites across all domainx. Nginx is know for its high performance,stability,rich feature set,simple configuration,and low resource consumption.
%prep
%setup -q # -q 静默模式,不显示制作过程
%build
export DESTDIR=%(buildroot)
. /configure \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/tmp/nginx/client/ \
--http-proxy-temp-path=/var/tpm/ningx/proxy/ \
--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
with-pcre
make %{?_smp_mflags} # 如果有多颗CPU,可以加速编译(并行编译)
%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
%{__install} -p -d -m 0755 %{buildroot}/var/run/nginx
%{__install} -p -d -m 0755 %{buildroot}/var/log/nginx
%clean
rm -rf %{buildroot}
%pre
if [ $1 == 1 ]; then # $1表示执行方式,$1=1表示安装
/usr/sbin/useradd -s /bin/false -r nginx 2>/dev/null || : # 第一次安装时,创建一个nginx用户
fi
%post
if [ $1 == 1 ]; then
/sbin/chkconfig --add %{name}
fi
%preun
if [ $1 = 0 ]; then # $1=0 表示卸载 ,$1=2表示升级
/sbin/service %{name} stop >/dev/null 2>&1 # 第一次卸载,先停掉服务,再将服务从服务列表中删除
/sbin/chkconfig --del %{name}
fi
%files
%defattr(-,root,root,-) # 设置默认属性
%doc LICENSE CHANGES README
% {sbindir}/%{name}
%dir /var/run/nginx
%dir /var/log/nginx
%dir /etc/nginx
%config(noreplace) /etc/nginx/win-utf
%config(noreplace) /etc/nginx/mime.types.default
%config(noreplace) /etc/nginx/fastcgi.conf
%config(noreplace) /etc/nginx/fastcgi.conf.default
%config(noreplace) /etc/nginx/fastcgi_params
%config(noreplace) /etc/nginx/fastcgi_params.default
%config(noreplace) /etc/nginx/%{name}.conf
%config(noreplace) /etc/nginx/mime.types
%config(noreplace) /etc/nginx/scgi_params
%config(noreplace) /etc/nginx/scgi_params.default
%config(noreplace) /etc/nginx/uwsgi_params
%config(noreplace) /etc/nginx/uwsgi_params.default
%config(noreplace) /etc/nginx/koi-win
%config(noreplace) /etc/nginx/koi-utf
%config(noreplace) /etc/nginx/%{name}.conf.default
/usr/local/nginx/html/50x.html
/usr/local/nginx/html/index.html
%attr(0755,root,root) %{_initrddir}/%{name}
%changelog
* Wed Apr 11 2020 sanzhang.com <linuxedu@foxmail.com> - 1.0.14-1
- Initial version
# End Of nginx.spec
开始制作RPM包
cd ~/rpmbuild/SPECS
rpmbuild -bp nginx.spec
rpmbuild -bc nginx.spec
rpmbuild -bi nginx.spec
RPM源码包学习站点
rpmfind.net
rpm2cpio file.rpm | cpio -id # 将此rpm包展开,学习具体的文件
spec文件的语法格式
1.# 定义一个宏:
在spec文件中:
define nginx_user nginx
2.# 引用一个宏:
在spec文件中,任意处使用时:
%{nginx_user}
3. 注释中不能使用%
eg:
# this is %prep section 会被识别成prep
如果必须要用,可以改成:
# this is %%prep section
4.RPM必须的字段
跟软件包相关的信息:
Name:
name-version-release.rpm
name-version-release.arch.rpm
Version:
cannot use a dash in the version number
Release:
Group:
/usr/share/doc/rpm-version/GROUPS # 定义到哪个组都可以,没有严格规定。
跟公司相关的信息:
Vendor(非必须):
the company or organization behind an RPM
URL(非必须):
A URL to your company or organization home page,or perhaps to a URL for a particular application
URL:http://www.sanzhang.com/downloads/RPMS
Packager:(可以为空)
An optional name and e-mail address for the person who created the RPM
Packager:Marion linuxedu@formail.com
License(必要):
Provides legal information about the package
License:GPLv2
描述信息:
Summary: # 单行描述信息最好不要超出50个字符
Provides a one-line short description of the package
Should not exceed much more than 50 characters
The %description section allows for longer text describing your package
5.定义软件包的依赖:
Requires:capability
Can put more than one capability,separated by space or comma,on the dependency line
Requires:bash,chkconfig
Can also add version information
Requires:bash >= 2.0
RPM uses a special syntax with parenthesis to indicate script modile
dependencies
Requires:perl(Carp)>=3.2
Provides:capability
Creatint Virtual CAPABILITIES
BuildRequires:capability
Specify what is necessary to build the package
6.构建RPM包的位置:
RPM supports two build-related directories with very similar names,the build directory and the buildroot.
The build directory is the location where RPM actually builds the software,compiling source code,running the configure script,and so on
The buildroot,on the other hand,acts as a staging area that looks like the final installation directory
The name buildroot refers to the fact that the final installation directory is usually the root directory.
BuildRoot:
Buildroot:%{_tmppath}/%{name}-%{version}-
Can access the buildroot using the RPM_BUILD_ROOT environment variable.
7.命名源文件(Naming source files)# source需要放到~/rpmbuild/SOURCES内,即使Source:URL,也只是说明能到这个URL下载到这个source,默认还是去掉URL的前半段,拿后半段去~/rpmbuild/SOURCES路径下找。
Most packages have one or more bundles of source code,which you need to name in the spec file
Can define one or more source tags,counting from 0
Source0:nginx-1.0.12.tar.gz
Source1:nginx.conf
Source2:nginx.init
If you just have one Source directive,you can skip the 0
You can also use FTP or HTTP URLs to name sources
8.Naming patches
Patches are named similar to sources,using a similar syntax
Patch1:httpd-2.2.22-pcre830.patch
Patch3:httpd-2.2.21-mod_proxy-change-state.patch
Can set Patch directives are not numbered sequentially
9. Preparing for the build:%prep
此阶段做了哪些事:
把源码包解压到BUILD路径下
设置环境变量并cd到解压后的源码包中,
The %prep section defines the commands to prepare for the build
In most cases,you can run the simple %setup macro. For example:
%prep
%setup -q
The %patch directive applies a patch to the sources
Need a %patch directive for each patch
10.Building the software:%build
You need to fill in the %build section with all the commands necessary to build the software
For example
%build # 如果不需要编译,此段可留空
./configure --prefix=/usr \
--sysconfdir=/etc/nginx
make %{?_smp_mflags}
11.Installing the software:%install
For example
%install
rm -rf %{buildroot}
make install DESTDIR=%{buldroot}
%{__install} -p -D -m 0644 %{SOURCE5} \
%{buildroot}%{_sysconfdir}/sysconfig/%{name}
%{__install} -p -d -m 0755 %{buildroot}/var/log/nginx
12.Cleaning up after the build:%clean
For example
%clean
rm -rf %{buildroot}
13.Defining installation scripts
%pre
A script run prior to installation
%post
A script run after installation
%preun
A script run before the uninstall
%postun
A script run after the uninstall
14.The %files section holds a list of all the files that RPM should install from the package
This list should be exhaustive,so that the RPM system konws exactly what your package installs.
There are some options,though,to name all the files within a directory to help with packages containing hundreds of files
In the default case,each line under the %files section names a separate file with its full path.
%files
/usr/sbin/nginx
/etc/nginx/nginx.conf
Using glob-style wildcards
%files
/usr/sbin/nginx
/etc/nginx/nginx.*
Can specify whole directories as part of your package
%files
/usr/sbin/nginx
/etc/nginx
%doc Marks a file as a documentation file
%docdir Names a directory that holds documentation
%config
Marks a file as configuration
A special option to the %config directive,noreplace,tells RPM not to overwrite,or replace a configuration file
15.Setting file attributes
%attr
%attr(mode,user,group) filename
If you don't need to specify a value,use a dash,-,to leave the setting as is for the file
%attr(-,root,-) /etc/nginx/nginx.conf
Can combine directives,one after another.
%config %attr(-,root,-) /etc/nginx/nginx.conf
Using the %defattr directive to set the default attributes for all files in the package
%files
%defattr(-,root,root,-)
%doc LICENSE CHANGES README
%dir %/etc/nginx/conf.d
%config (noreplace) /etc/nginx/conf.d/*.conf
16.Adding Change Log Entries
The change log usually appears at the end of a spec file and is marked with %changelog
%changelog
* Fri Feb 17 2012 Marion <linuxedu@foxmail.com> - 1.0.12-1
- Update to new 1.0.12 stable release
* Thu Oct 27 2011 Marion <linuxedu@foxmail.com> - 1.0.8-1
-Update to new 1.0.8 stable release
%setup选项
-a number
Only unpack the source directive of the given number,such as -a 0 for source0:,after changing to the directory.
-b number
Only unpack the source directive of the given number,such as -b 0 for source0:,after changing to the directory.
-c
Create directory before unpacking,used if your sources will not create the directory as part of unpacking.
-D
Do not delete the directory before unpacking.
-n name
Name the directory as name.
-q
Run quietly with minimal output.
-T
Disable the automatic unpacking of the archives.
查看有哪些包组:
less /usr/share/doc/rpm-4.4.2.3/GROUPS
Name:fetion
Version:0.1.1
Release: 1%(?dist)
Summary:fetion robot
Group:Application/Internet
License:GPL
URL:http://www.sanzhang.com
Packager:sanzhang.com <linuxedu@foxmail.com>
Vendor:http://www.sanzhang.com
Source0:fetion-0.1.1.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
#Requires:
%description
fetion robot from Internet.
%package libs
Summary:fetion libraries.
Group:Development/Libraries
Requires:%{name} = %{version}
%description libs
fetion libraries.
%prep
%setup -q
%build
%install
rm -rf $RPM_BUILD_ROOT
%{__install} -p -D -m 0755 fetion %{buildroot}/usr/local/bin/fetion
%{__install} -p -D -m 0755 libACE-5.7.2.so %{buildroot}/usr/local/lib/libACE-5.7.2.so
%{__install} -p -D -m 0755 libACE_SSL-5.7.2.so %{buildroot}/usr/local/lib/libACE_SSL-5.7.2.so
%{__install} -p -D -m 0755 libcrypto.so.4 %{buildroot}/usr/local/lib/libcypto.so.4
%{__install} -p -D -m 0755 libssl.so.4 %{buildroot}/usr/local/lib/libssl.so.4
%clean
rm -rf $RPM_BUILD_ROOT
#%pre
%post
if [ $1 == 1 ]; then
echo "/usr/local/lib" > /etc/ld.so.conf.d/usr_local.conf
/sbin/ldconfig
fi
#%preun
%postun
if [ $1 == 0 ];then
rm -f /etc/ld.so.conf.d/usr_local.conf 2 >/dev/null || :
/sbin/ldconfig
fi
%files
%defattr(-,root,root,-)
%attr(0755,root,root) /usr/local.bin/fetion
%files libs
%defattr(-,root,root,-)
/usr/local/lib/libACE-5.7.2.so
/usr/local/lib/libACE_SSL-5.7.2.so
/usr/local/lib/libcrypto.so.4
/usr/local/lib/libssl.so.4
%changelog
* Mon Apr 2020 sanzhang <linuxedu@foxmail.com>-0.1.1-1
- Initial version
gpg --gen-key # 生成密钥信息
gpg --list-keys # 查看公钥
gpg --export i-a 'sanzhang' > RPM-GPG-KEY-sanzhang # 导出公钥到RPM-GPG-KEY-sanzhang
rpm --addsign nginx-1.0.14-1.i386.rpm # 给包做签名
rpm --import RPM-GPG-KEY-sanzhang # 导入密钥
rpm --import /tmp/RPM-GPG-KEY-sanzhang
rpm -K /tmp/fetion-0.1.1-1.i386.rpm # 校验rpm包是否OK
rpm -qpi /tmp/fetion-0.1.1-1.i386.rpm # 有signature信息
rpm --checksig nginx-1.0.14-1.i386.rpm