RPM包制作

RPM包制作

制作RPM包一定不要使用管理员进行,因为管理员权限太大,在制作过程当中,一个命令使用错误,后果将是灾难性的。本身制作RPM包也用不到管理员权限,可以使用普通用户进行。

制作步骤:
	1.Set up the directory structure
	2.Place the sources in the right directory
	3.Create a spec file that tells the rpmbuild command what to do
	4.Build the source and binary RPMs

# 1.Set up the directory structure
	Directory:
		BUILD:The rpmbuild command builds software in this directory.
		RPMS:The rpmbuild command stores binary RPMs, it creates in this directory.
         SOURCES:You should put the sources for the application in this directory.
         SPECS:You should place the spec file for each RPM you paln to make in this directory.
         SRPMS:The rpmbuild command places source RPMS in this directory.
         
	By default,Rea Hat Linux systems expect RPMs to be built in the /usr/src/redhat directory
	# rpmbuild --showrc | grep macros
	
	# 使用rpmbuild工具制作
	# 安装工具
	yum install rpmdevtools -y
	# 执行如下rpmdev-setuptree生成rpmbuild的工作目录
	rpmdev-setuptree
	# 查看工作目录
	tree rpmbuild/
		rpmbuild/
        ├── BUILD  # 打包过程中的工作目录
        ├── RPMS   # 存放生成的二进制包
        ├── SOURCES  # 放置打包资源,包括源码打包文件和补丁文件等
        ├── SPECS  # 放置SPEC文档
        └── SRPMS  # 存放生成的源码包

		
	ll -d rpmbuild/
		drwxr-xr-x. 7 root root 72 Aug 21 17:25 rpmbuild/
	
	cd ~/rpmbuild/SPECS/
	vim myrpm.spec  # 会自动生成模板,修改即可
vim myrpm.spec 

Name:       nginx
Version:    1.15.2
Release:    1%{?dist}
Summary:    Asdas

License:    GPL
URL:        http://www.localhost
Source0:    http://ftp.gnu.org/gnu/hello/%{name}-%{version}.tar.gz

BuildRequires:  gettext

%description
Garena self-build Nginx.

%prep
%setup -q


%build
./configure --prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--pid-path=/usr/local/nginx/run/nginx.pid \
--with-http_ssl_module \
--with-http_stub_status_module


make %{?_smp_mflags}
%install
make install DESTDIR=%{buildroot}

%files
%defattr(-,root,root,-)
/usr/local


%changelog

# 执行打包命令
rpmbuild -bb htop2.2.0.spec  

rpm包制作的七个部分

# rpm包制作,定义的.spec文件的7个组成部分:
	1.introduction section
		The introduction section contains information about the package,the type of information shown with the rpm -qi command
		
		Summary:A light download accelerator for Linux
		Name:axel
		Version:2.4  # 版本号中不能使用“-”,“-”在RPM包中有特殊意义
		Release:1%{?dist}
		License:GPLv2
		Group:Applications/Internet  # 必须是这个文件中定义的组:cat /usr/share/doc/rpm-4.11.3/GROUPS 
		URL:http://axe1.alioth.debian.org/
		
		Packager:marion <marion@sanzhang.com>
		Vendor:sanzhang.com,http://www.sanzhang.com
		
		Source:http://aliothdebian.org/frs/download.php/3015/axel-%{version}.tar.gz  # %{version}宏,引用上面定义的 Version:2.4
		BuildRoot:%{_tmppath}/%{name}-%{version}-%{release}-root # 制作的RPM包放置的位置
		
		BuildRequires:gcc,binutils # 制作RPM包所依赖的其它RPM包
		
		%description # 描述信息
		Axel is a program that downloads a file from a FTP or HTTP server throuugh multiple connection,each connection downloads its own part of the file.

	2.The prep section # 准备阶段
		The prep section,short for prepare,defines the commands necessary to prepare for the build
		If you are starting with a compressed tar archive(a tarball) of the sources, the prep section needs to extract the sources
		The prep section starts with a %prep statement
			This example uses the %setup RPM macro,which knows about tar archives,to extract the files
			%prep
			%setup

	3.The build section
		The spec file build section contains the commands to build the software
		Usually,this will include just a few commands,since most of the real instructions appear in the Makefile
		The build section starts with a %build statement
		
		%build
		. /configure\
			--etcdir="%{_sysconfdir}"\
			--mandir="%{_mandir}"\
			--i18n="0"\
			--scrip="0"
		%{__make} %{?_smp_mflags}  # __make引用的是具体命令,?表示引用宏,如果此宏存在就使用,不存在就不使用。

	
	4.The install section
		The spec file install sectin holds the commands necessary to install the newly built application or library
        In most cases,your install section should clean out the Buildroot directory and run the make install command
        The install section starts with a %install statement
        
        %install
        %{__rm} -rf %{buildroot}  # 安装前,先清理上次的安装
        %{__make} install DESTDIR="%{buildroot}"
        %find_lang %{name}
	

	5.The clean section
		The clean section cleans up the files that the commands in the other sections create
		The clean section starts with a %clean statement
		
		%clean
		%{__rm} -rf % {buildroot}
	
	5.1 The script section
		还可以有一个脚本段,有时候安装,删除,升级等操作,会需要使用脚本。
		%pre # 在RPM执行安装前就要执行的脚本
		%post # 安装后
		%preun # 卸载工作之前就要执行的脚本
		%postun  # 卸载工作之后就要执行的脚本
		
		
	6.The files section
		Finally,the files section lists the files to go into the binary RPM,along with defined file attributes
		The files section starts with a %files statement
		The %doc macro marks certain files as documentation
			This allows the RPM to distinguish the files holding documentation from the other files in the RPM 
		
		%files -f %{name}.lang
		%defattr(~,root,root,0775)
		%doc API CHANGES COPYING CREDITS README axelrc.example
		%doc %{_mandir}/man1/axe1.1*
		%doc %{_mandir}/*/man1/axe1.1*
		%config %{sysconfdir}/axe1rc
			/usr/local/bin/axe1

	7.The changelog section # 用来定义我们这个安全包是第几个版本的日志
		%changelog
rpmbuild --showrc | grep _topdir # _topdir,以_开头的,是宏;要是以__开头的,则是具体的命令。
	-14: _topdir	%(echo $HOME)/rpmbuild

如何修改宏并迁移工作目录至当前用户下的定义的工作目录?
在user1y用户家目录下定义一个文件叫 .rpmmacros

vim .rpmmacros
	
	%_topdir	/home/user1/rpmbuild

在加目录下创建rpm制作所需要的5个子目录:
	mkdir -pv rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
	
rpmbuild --showrc | grep _topdir  # 对当前用户来讲,宏_topdir已经修改成自己定义的路径,
	
rpm -qi httpd  # 所查出的rpm包信息,都需要在rpm包中定义并自动生成。

install /etc/fstab /tmp  # 拷贝fstab文件到tpm目录下
install -d /tmp/test # 在tmp下创建test目录
install /etc/sysconfig/network-scripts/ifcfg-eth0 /tmp/hehe # 拷贝ifcfg-eth0文件到tmp目录下,并重命名为hehe文件。
install -D /etc/sysconfig/network-scripts/ifcfg-eth0 /tmp/network-scripts/ifcfg-eth0 # 拷贝ifcfg-eth0文件,指定的拷贝到的目录如果不存在就重新创建。

rpm包制作命令

rpmbuild
	选项:
		-ba:bulid all,both a binary and source RPM
		-bb:build a binary RPM
		-bc:Build(compile) the program but do not make the full RPM,stopping just after the %build sectin 
		-bp:Prepare for building a binary RPM,and stop just after the %prep section
		-bi:Create a binary RPM and stop just after the %install sectin
		-bl:Check the listing of files for the RPM and generate errors if the buildroot is missing any of the files to be installed
		-bs:Build a source RPM only

# Notice:Don't buld packages when you are logged in as the root user.

RPM包制作文件案例

cd ~/rpmbuild/SPECS
vim nginx.spec

Name:	nginx
Version:	1.0.14  # 和软件包的版本一定要一致,不然解压的时候会有问题。
Release:	1%(?dist)  # 添加自己的标识 
Summary:	A free,open-source,high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server.
Group:	System Environment/Daemons
Vendor:	http://www.sanzhang.com
Packager:	SANZHANG <LINUXEDU@FOXMAIL.com>
License:	BSD
URL:	http://www.nginx.org/
BuildRoot:	%(_tmppath)/%(name)-%(version)-%(release)-root

BuildRequires:	pcre-devel,zlib-devel,openssl-devel
BuildRequires:	libxslt-devel,gd-devel
Requires:	pcre,openssl,gd  # 安装依赖哪些包
# for /usr/sbin/useradd
Requires(pre):	shadow-utils  # 在执行%prep 脚本时依赖哪些包
Requires(post):	chkconfig  # # 在执行%post 脚本时依赖哪些包
# for /sbin/service
Requires(preun):	chkconfig,initscripts  # 卸载前的脚本依赖哪些包
Requires(postun):	initscripts  # 卸载后的脚本依赖哪些包
Provides:			webserver # 此RPM提供的能力

Source0:	http://sysoev.ru/nginx/nginx-%(version).tar.gz
Source1:	nginx.init

%description
Nginx is a free,open-source,high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Igor Sysoev started development of Nginx in 2002,with the first public release in 2004. Nginx now hosts nearly 12.18%(22.2M) of active sites across all domainx. Nginx is know for its high performance,stability,rich feature set,simple configuration,and low resource consumption.

%prep
%setup -q  # -q 静默模式,不显示制作过程

%build
export DESTDIR=%(buildroot)
. /configure \
	--sbin-path=/usr/sbin/nginx \
	--conf-path=/etc/nginx/nginx.conf \
	--error-log-path=/var/log/nginx/error.log \
	--http-log-path=/var/log/nginx/access.log \
	--pid-path=/var/run/nginx/nginx.pid \
	--lock-path=/var/lock/nginx.lock \
	--user=nginx \
	--group=nginx \
	--with-http_ssl_module \
	--with-http_flv_module \
	--with-http_stub_status_module \
	--with-http_gzip_static_module \
	--http-client-body-temp-path=/var/tmp/nginx/client/ \
	--http-proxy-temp-path=/var/tpm/ningx/proxy/ \
	--http-fastcgi-temp-path=/var/tmp/nginx/fcgi/ \
	with-pcre
make %{?_smp_mflags} # 如果有多颗CPU,可以加速编译(并行编译)

%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
%{__install} -p -d -m 0755 %{buildroot}/var/run/nginx
%{__install} -p -d -m 0755 %{buildroot}/var/log/nginx

%clean
rm -rf %{buildroot}

%pre
if [ $1 == 1 ]; then  # $1表示执行方式,$1=1表示安装
	/usr/sbin/useradd -s /bin/false -r nginx 2>/dev/null || :  # 第一次安装时,创建一个nginx用户
fi

%post
if [ $1 == 1 ]; then
	/sbin/chkconfig --add %{name}
fi

%preun
if [ $1 = 0 ]; then # $1=0 表示卸载 ,$1=2表示升级 
	/sbin/service %{name} stop >/dev/null 2>&1 # 第一次卸载,先停掉服务,再将服务从服务列表中删除
	/sbin/chkconfig --del %{name}
fi

%files
%defattr(-,root,root,-) # 设置默认属性
%doc LICENSE CHANGES README
% {sbindir}/%{name}
%dir /var/run/nginx
%dir /var/log/nginx
%dir /etc/nginx
%config(noreplace) /etc/nginx/win-utf
%config(noreplace) /etc/nginx/mime.types.default
%config(noreplace) /etc/nginx/fastcgi.conf
%config(noreplace) /etc/nginx/fastcgi.conf.default
%config(noreplace) /etc/nginx/fastcgi_params
%config(noreplace) /etc/nginx/fastcgi_params.default
%config(noreplace) /etc/nginx/%{name}.conf
%config(noreplace) /etc/nginx/mime.types
%config(noreplace) /etc/nginx/scgi_params
%config(noreplace) /etc/nginx/scgi_params.default
%config(noreplace) /etc/nginx/uwsgi_params
%config(noreplace) /etc/nginx/uwsgi_params.default
%config(noreplace) /etc/nginx/koi-win
%config(noreplace) /etc/nginx/koi-utf
%config(noreplace) /etc/nginx/%{name}.conf.default
/usr/local/nginx/html/50x.html
/usr/local/nginx/html/index.html
%attr(0755,root,root) %{_initrddir}/%{name}

%changelog
* Wed Apr 11 2020 sanzhang.com <linuxedu@foxmail.com> - 1.0.14-1
- Initial version

# End Of nginx.spec

开始制作RPM包

cd ~/rpmbuild/SPECS
rpmbuild -bp nginx.spec
rpmbuild -bc nginx.spec
rpmbuild -bi nginx.spec

RPM源码包学习站点

rpmfind.net


rpm2cpio file.rpm | cpio -id # 将此rpm包展开,学习具体的文件

spec文件的语法格式

1.# 定义一个宏:
	在spec文件中:
		define nginx_user nginx
2.# 引用一个宏:
	在spec文件中,任意处使用时:
		%{nginx_user}

3. 注释中不能使用%
	eg:
		# this is %prep section  会被识别成prep
		如果必须要用,可以改成:
		# this is %%prep section

4.RPM必须的字段
	跟软件包相关的信息:
        Name:
            name-version-release.rpm
            name-version-release.arch.rpm
        Version:
            cannot use a dash in the version number
        Release:
        Group:
            /usr/share/doc/rpm-version/GROUPS # 定义到哪个组都可以,没有严格规定。
        
	跟公司相关的信息:
		Vendor(非必须):
			the company or organization behind an RPM
		URL(非必须):
			A URL to your company or organization home page,or perhaps to a URL for a particular application
			URL:http://www.sanzhang.com/downloads/RPMS
			
		Packager:(可以为空)
			An optional name and e-mail address for the person who created the RPM 
			Packager:Marion linuxedu@formail.com
		License(必要):
			Provides legal information about the package
			License:GPLv2

	描述信息:
		Summary: # 单行描述信息最好不要超出50个字符
			Provides a one-line short description of the package
			Should not exceed much more than 50 characters
		The %description section allows for longer text describing your package

5.定义软件包的依赖:
	Requires:capability
		Can put more than one capability,separated by space or comma,on the dependency line
			Requires:bash,chkconfig
		Can also add version information
			Requires:bash >= 2.0
		RPM uses a special syntax with parenthesis to indicate script modile
		dependencies
			Requires:perl(Carp)>=3.2
	Provides:capability
		Creatint Virtual CAPABILITIES
	BuildRequires:capability
		Specify what is necessary to build the package

6.构建RPM包的位置:
	RPM supports two build-related directories with very similar names,the build directory and the buildroot.
		The build directory is the location where RPM actually builds the software,compiling source code,running the configure script,and so on
		The buildroot,on the other hand,acts as a staging area that looks like the final installation directory
			The name buildroot refers to the fact that the final installation directory is usually the root directory.
	
	BuildRoot:
		Buildroot:%{_tmppath}/%{name}-%{version}-
		Can access the buildroot using the RPM_BUILD_ROOT environment variable.

7.命名源文件(Naming source files)# source需要放到~/rpmbuild/SOURCES内,即使Source:URL,也只是说明能到这个URL下载到这个source,默认还是去掉URL的前半段,拿后半段去~/rpmbuild/SOURCES路径下找。
	Most packages have one or more bundles of source code,which you need to name in the spec file
	Can define one or more source tags,counting from 0
		Source0:nginx-1.0.12.tar.gz
		Source1:nginx.conf
		Source2:nginx.init
	If you just have one Source directive,you can skip the 0
	You can also use FTP or HTTP URLs to name sources

8.Naming patches
	Patches are named similar to sources,using a similar syntax
		Patch1:httpd-2.2.22-pcre830.patch
		Patch3:httpd-2.2.21-mod_proxy-change-state.patch
	Can set Patch directives are not numbered sequentially

9. Preparing for the build:%prep
	此阶段做了哪些事:
		把源码包解压到BUILD路径下
		设置环境变量并cd到解压后的源码包中,
	The %prep section defines the commands to prepare for the build
	In most cases,you can run the simple %setup macro. For example:
		%prep
		%setup -q
	The %patch directive applies a patch to the sources
		Need a %patch directive for each patch

10.Building the software:%build
	You need to fill in the %build section with all the commands necessary to build the software 
	For example 
		%build  # 如果不需要编译,此段可留空
		./configure --prefix=/usr \
			--sysconfdir=/etc/nginx
		make %{?_smp_mflags}

11.Installing the software:%install
	For example
	%install
	rm -rf %{buildroot}
	make install DESTDIR=%{buldroot}
	%{__install} -p -D -m 0644 %{SOURCE5} \
		%{buildroot}%{_sysconfdir}/sysconfig/%{name}
	%{__install} -p -d -m 0755 %{buildroot}/var/log/nginx

12.Cleaning up after the build:%clean
	For example
	%clean
	rm -rf %{buildroot}

13.Defining installation scripts
	%pre
		A script run prior to installation
	%post
		A script run after installation
	%preun
		A script run before the uninstall
	%postun
		A script run after the uninstall

14.The %files section holds a list of all the files that RPM should install from the package
	This list should be exhaustive,so that the RPM system konws exactly what your package installs.
	There are some options,though,to name all the files within a directory to help with packages containing hundreds of files  

	In the default case,each line under the %files section names a separate file with its full path.
		%files
		/usr/sbin/nginx
		/etc/nginx/nginx.conf
Using glob-style wildcards
	%files
	/usr/sbin/nginx
	/etc/nginx/nginx.*
Can specify whole directories as part of your package
	%files
	/usr/sbin/nginx
	/etc/nginx

%doc Marks a file as a documentation file
%docdir Names a directory that holds documentation
%config
	Marks a file as configuration
	A special option to the %config directive,noreplace,tells RPM not to overwrite,or replace a configuration file

15.Setting file attributes
%attr
%attr(mode,user,group) filename
If you don't need to specify a value,use a dash,-,to leave the setting as is for the file
	%attr(-,root,-) /etc/nginx/nginx.conf
Can combine directives,one after another.
	%config %attr(-,root,-) /etc/nginx/nginx.conf
Using the %defattr directive to set the default attributes for all files in the package
	%files
	%defattr(-,root,root,-)
	%doc LICENSE CHANGES README
	%dir %/etc/nginx/conf.d
	%config (noreplace) /etc/nginx/conf.d/*.conf

16.Adding Change Log Entries
	The change log usually appears at the end of a spec file and is marked with %changelog
		%changelog
		* Fri Feb 17 2012 Marion <linuxedu@foxmail.com> - 1.0.12-1
		- Update to new 1.0.12 stable release 
		* Thu Oct 27 2011 Marion <linuxedu@foxmail.com> - 1.0.8-1
		-Update to new 1.0.8 stable release

%setup选项

-a number
	Only unpack the source directive of the given number,such as -a 0 for source0:,after changing to the directory.
-b number
	Only unpack the source directive of the given number,such as -b 0 for source0:,after changing to the directory.
-c
	Create directory before unpacking,used if your sources will not create the directory as part of unpacking.
-D
	Do not delete the directory before unpacking.
-n name
	Name the directory as name.
-q
	Run quietly with minimal output.
-T
	Disable the automatic unpacking of the archives.
查看有哪些包组:
	less /usr/share/doc/rpm-4.4.2.3/GROUPS
Name:fetion
Version:0.1.1
Release:	1%(?dist)
Summary:fetion robot

Group:Application/Internet
License:GPL
URL:http://www.sanzhang.com
Packager:sanzhang.com <linuxedu@foxmail.com>
Vendor:http://www.sanzhang.com

Source0:fetion-0.1.1.tar.bz2
BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root

#Requires:

%description
fetion robot from Internet.

%package libs
Summary:fetion libraries.
Group:Development/Libraries
Requires:%{name} = %{version}

%description libs
fetion libraries.

%prep
%setup -q

%build

%install
rm -rf $RPM_BUILD_ROOT
%{__install} -p -D -m 0755 fetion %{buildroot}/usr/local/bin/fetion
%{__install} -p -D -m 0755 libACE-5.7.2.so %{buildroot}/usr/local/lib/libACE-5.7.2.so
%{__install} -p -D -m 0755 libACE_SSL-5.7.2.so %{buildroot}/usr/local/lib/libACE_SSL-5.7.2.so
%{__install} -p -D -m 0755 libcrypto.so.4 %{buildroot}/usr/local/lib/libcypto.so.4
%{__install} -p -D -m 0755 libssl.so.4 %{buildroot}/usr/local/lib/libssl.so.4

%clean
rm -rf $RPM_BUILD_ROOT

#%pre
%post
if [ $1 == 1 ]; then
	echo "/usr/local/lib" > /etc/ld.so.conf.d/usr_local.conf
	/sbin/ldconfig
fi

#%preun

%postun
if [ $1 == 0 ];then
	rm -f /etc/ld.so.conf.d/usr_local.conf 2 >/dev/null || :
	/sbin/ldconfig
fi

%files
%defattr(-,root,root,-)
%attr(0755,root,root) /usr/local.bin/fetion

%files libs
%defattr(-,root,root,-)
/usr/local/lib/libACE-5.7.2.so
/usr/local/lib/libACE_SSL-5.7.2.so
/usr/local/lib/libcrypto.so.4
/usr/local/lib/libssl.so.4

%changelog
* Mon Apr 2020 sanzhang <linuxedu@foxmail.com>-0.1.1-1
- Initial version




gpg --gen-key  # 生成密钥信息
gpg --list-keys # 查看公钥
gpg --export i-a 'sanzhang' > RPM-GPG-KEY-sanzhang # 导出公钥到RPM-GPG-KEY-sanzhang
rpm --addsign nginx-1.0.14-1.i386.rpm  # 给包做签名

rpm --import RPM-GPG-KEY-sanzhang # 导入密钥
	rpm --import /tmp/RPM-GPG-KEY-sanzhang
rpm -K /tmp/fetion-0.1.1-1.i386.rpm # 校验rpm包是否OK

rpm -qpi /tmp/fetion-0.1.1-1.i386.rpm # 有signature信息

rpm --checksig nginx-1.0.14-1.i386.rpm
posted on 2021-08-23 09:30  jueyuanfengsheng  阅读(1112)  评论(0编辑  收藏  举报