by 007

CentOS7 openssh8.4 build

2020.12.03
1.环境准备
安装基础包
yum install gcc gcc-c++ glibc glibc-devel openssl-devel openssl prce pcre-devel zlib zlib-devel make wget krb5-devel pam-devel libX11-devel xmkmf libXt-devel initscripts libXt-devel imake gtk2-devel rpm-build.x86_64

目录和文件
mkdir -p /root/rpmbuild/{SOURCES,SPECS,RPMS,SRPMS,BUILD,BUILDROOT}
cd /root/rpmbuild/SOURCES
wget https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
tar -xvf openssh-8.4p1.tar.gz
cd openssh-8.4p1
cp contrib/redhat/openssh.spec /root/rpmbuild/SPECS
2.修改spec文件

2.1 参数由0修改为1

%global no_x11_askpass 1     ## line 12
%global no_gnome_askpass 1   ## line 15

2.2 参数注释

#BuildRequires: openssl-devel < 1.1 ## line 103

2.3 添加配置

Source2: sshd  ## line 80

2.4 添加一个模板文件

cp /etc/pam.d/sshd  /root/rpmbuild/SOURCES/

2.5 修改参数

install -m644 $RPM_SOURCE_DIR/sshd     $RPM_BUILD_ROOT/etc/pam.d/sshd  ## line 280

2.6 添加参数

cp -r /etc/ssh /etc/ssh_bak  ## line 340

2.7 line 344 添加以下配置

%post server
chmod  600  /etc/ssh/ssh_host_*_key
sed -i -e  "s/#PasswordAuthentication yes/PasswordAuthentication yes/g"  /etc/ssh/sshd_config
sed -i -e  "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g"    /etc/ssh/sshd_config
sed -i -e  "s/#PermitEmptyPasswords no/PermitEmptyPasswords no/g"  /etc/ssh/sshd_config
sed -i  -e  "s/#UsePAM no/UsePAM yes/g"  /etc/ssh/sshd_config
sed -i -e "s/#X11Forwarding no/X11Forwarding yes/g" /etc/ssh/sshd_config
echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1" >>/etc/ssh/sshd_config
chmod +x /etc/init.d/sshd
mv  /usr/lib/systemd/system/sshd.service  /opt/
mv  /usr/lib/systemd/system/sshd.socket  /opt/
/sbin/chkconfig --add sshd
service sshd restart
3.build
cd /root/rpmbuild/SPECS
rpmbuild -bb openssh.spec

执行(%prep): /bin/sh -e /var/tmp/rpm-tmp.8l15y2
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf openssh-8.4p1
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/openssh-8.4p1.tar.gz
+ /usr/bin/tar -xf -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd openssh-8.4p1
......
...过程忽略
......
处理文件:openssh-debuginfo-8.4p1-1.el7.x86_64
Provides: openssh-debuginfo = 8.4p1-1.el7 openssh-debuginfo(x86-64) = 8.4p1-1.el7
Requires(rpmlib): rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(CompressedFileNames) <= 3.0.4-1
检查未打包文件:/usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openssh-8.4p1-1.el7.x86_64
写道:/root/rpmbuild/RPMS/x86_64/openssh-8.4p1-1.el7.x86_64.rpm
写道:/root/rpmbuild/RPMS/x86_64/openssh-clients-8.4p1-1.el7.x86_64.rpm
写道:/root/rpmbuild/RPMS/x86_64/openssh-server-8.4p1-1.el7.x86_64.rpm
写道:/root/rpmbuild/RPMS/x86_64/openssh-debuginfo-8.4p1-1.el7.x86_64.rpm
执行(%clean): /bin/sh -e /var/tmp/rpm-tmp.2ugtjy
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-8.4p1
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-8.4p1-1.el7.x86_64
+ exit 0

[root@localhost SPECS]# ll /root/rpmbuild/RPMS/x86_64
总用量 4.4M
-rw-r--r-- 1 root root 593K 12月  3 15:39 openssh-8.4p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 549K 12月  3 15:39 openssh-clients-8.4p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 415K 12月  3 15:39 openssh-server-8.4p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 2.8M 12月  3 15:39 openssh-debuginfo-8.4p1-1.el7.x86_64.rpm
4.升级openssh
/root/rpmbuild/RPMS/x86_64
yum localinstall *.rpm