1.环境准备
安装基础包
yum install gcc gcc-c++ glibc glibc-devel openssl-devel openssl prce pcre-devel zlib zlib-devel make wget krb5-devel pam-devel libX11-devel xmkmf libXt-devel initscripts libXt-devel imake gtk2-devel rpm-build.x86_64
目录和文件
mkdir -p /root/rpmbuild/{SOURCES,SPECS,RPMS,SRPMS,BUILD,BUILDROOT}
cd /root/rpmbuild/SOURCES
wget https://cloudflare.cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.4p1.tar.gz
tar -xvf openssh-8.4p1.tar.gz
cd openssh-8.4p1
cp contrib/redhat/openssh.spec /root/rpmbuild/SPECS
2.修改spec文件
2.1 参数由0修改为1
%global no_x11_askpass 1 ## line 12
%global no_gnome_askpass 1 ## line 15
2.2 参数注释
#BuildRequires: openssl-devel < 1.1 ## line 103
2.3 添加配置
Source2: sshd ## line 80
2.4 添加一个模板文件
cp /etc/pam.d/sshd /root/rpmbuild/SOURCES/
2.5 修改参数
install -m644 $RPM_SOURCE_DIR/sshd $RPM_BUILD_ROOT/etc/pam.d/sshd ## line 280
2.6 添加参数
cp -r /etc/ssh /etc/ssh_bak ## line 340
2.7 line 344 添加以下配置
%post server
chmod 600 /etc/ssh/ssh_host_*_key
sed -i -e "s/#PasswordAuthentication yes/PasswordAuthentication yes/g" /etc/ssh/sshd_config
sed -i -e "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config
sed -i -e "s/#PermitEmptyPasswords no/PermitEmptyPasswords no/g" /etc/ssh/sshd_config
sed -i -e "s/#UsePAM no/UsePAM yes/g" /etc/ssh/sshd_config
sed -i -e "s/#X11Forwarding no/X11Forwarding yes/g" /etc/ssh/sshd_config
echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha1" >>/etc/ssh/sshd_config
chmod +x /etc/init.d/sshd
mv /usr/lib/systemd/system/sshd.service /opt/
mv /usr/lib/systemd/system/sshd.socket /opt/
/sbin/chkconfig --add sshd
service sshd restart
3.build
cd /root/rpmbuild/SPECS
rpmbuild -bb openssh.spec
执行(%prep): /bin/sh -e /var/tmp/rpm-tmp.8l15y2
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf openssh-8.4p1
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/openssh-8.4p1.tar.gz
+ /usr/bin/tar -xf -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd openssh-8.4p1
......
...过程忽略
......
处理文件:openssh-debuginfo-8.4p1-1.el7.x86_64
Provides: openssh-debuginfo = 8.4p1-1.el7 openssh-debuginfo(x86-64) = 8.4p1-1.el7
Requires(rpmlib): rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rpmlib(CompressedFileNames) <= 3.0.4-1
检查未打包文件:/usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openssh-8.4p1-1.el7.x86_64
写道:/root/rpmbuild/RPMS/x86_64/openssh-8.4p1-1.el7.x86_64.rpm
写道:/root/rpmbuild/RPMS/x86_64/openssh-clients-8.4p1-1.el7.x86_64.rpm
写道:/root/rpmbuild/RPMS/x86_64/openssh-server-8.4p1-1.el7.x86_64.rpm
写道:/root/rpmbuild/RPMS/x86_64/openssh-debuginfo-8.4p1-1.el7.x86_64.rpm
执行(%clean): /bin/sh -e /var/tmp/rpm-tmp.2ugtjy
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-8.4p1
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-8.4p1-1.el7.x86_64
+ exit 0
[root@localhost SPECS]# ll /root/rpmbuild/RPMS/x86_64
总用量 4.4M
-rw-r--r-- 1 root root 593K 12月 3 15:39 openssh-8.4p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 549K 12月 3 15:39 openssh-clients-8.4p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 415K 12月 3 15:39 openssh-server-8.4p1-1.el7.x86_64.rpm
-rw-r--r-- 1 root root 2.8M 12月 3 15:39 openssh-debuginfo-8.4p1-1.el7.x86_64.rpm
4.升级openssh
/root/rpmbuild/RPMS/x86_64
yum localinstall *.rpm