V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
• 请不要在回答技术问题时复制粘贴 AI 生成的内容
wsgzao
V2EX  ›  程序员

使用 rpmbuild 制作 Nginx 的 RPM 包

  •  
  •   wsgzao ·
    wsgzao · 2019-01-16 15:38:16 +08:00 · 2108 次点击
    这是一个创建于 2167 天前的主题,其中的信息可能已经有所发展或是发生改变。

    前言

    题图为 RPM 包制作原理图,有时候为了方便源码包的安装,和我们自己订制软件包的需求,我们会把一些源码包按照我们的需求来做成 rpm 包,当有了源码包就可以直接编译得到二进制安装包和其他任意包。spec file 是制作 rpm 包最核心的部分,rpm 包的制作就是根据 spec file 来实现的。在制作自定义 rpm 包的时候最好不要使用管理员进行, 因为管理员权限过大,如果一个命令写错了,结果可能是灾难性的,而制件一个 rpm 包普通用户完全可以实现。本文主要介绍使用 rpmbuild 制作 Nginx 的 RPM 包,大部分步骤已经使用 Bash Shell 自动化完成了,大家可以基于此重新定义。

    使用 rpmbuild 制作 Nginx 的 RPM 包

    更新历史

    2019 年 01 月 16 日 - 初稿

    阅读原文 - https://wsgzao.github.io/post/rpmbuild/

    扩展阅读

    Creating RPM packages - https://docs.fedoraproject.org/en-US/quick-docs/creating-rpm-packages/index.html

    How to create a GNU Hello RPM - https://fedoraproject.org/wiki/How_to_create_a_GNU_Hello_RPM_package/zh-cn

    使用 rpm-build 制作 nginx 的 rpm 包 - http://blog.51cto.com/nmshuishui/1583117


    什么是 RPM

    An RPM package is simply a file containing other files and information about them needed by the system. Specifically, an RPM package consists of the cpio archive, which contains the files, and the RPM header, which contains metadata about the package. The rpm package manager uses this metadata to determine dependencies, where to install files, and other information.

    There are two types of RPM packages:

    • source RPM (SRPM)
    • binary RPM

    SRPMs and binary RPMs share the file format and tooling, but have different contents and serve different purposes. An SRPM contains source code, optionally patches to it, and a SPEC file, which describes how to build the source code into a binary RPM. A binary RPM contains the binaries built from the sources and patches.

    RPM 有五种基本的操作功能:安装、卸载、升级、查询和验证。

    Linux 软件包分为两大类:

    1. 二进制类包,包括 rpm 安装包(一般分为 i386 和 x86 等几种)
    2. 源码类包,源码包和开发包应该归位此类(.src.rpm )

    在 Redhat 下,rpm 包的默认制作路径在 /usr/src/redhat 下,这其中包含了 6 个目录(要求全部大写)。但 Centos 并没有该目录,因此我们不得不自定义工作车间,即使在 Redhat 下有该目录,一般也是自定义到普通用户的家目录下的

    Directory | Usage --- | --- BUILD | 源代码解压以后放的位置,只需提供 BUILD 目录,具体里面放什么,不用我们管,所以真正的制作车间是 BUILD 目录 RPMS | 制作完成后的 rpm 包存放目录,为特定平台指定子目录( i386,i686,ppc ) SOURCES | 收集的源文件,源材料,补丁文件等存放位置
    SPECS | 存放 spec 文件,作为制作 rpm 包的领岗文件,以 rpm 名.spec SRPMS | src 格式的 rpm 包位置 ,既然是 src 格式的包,就没有平台的概念了
    BuiltRoot | 假根,使用 install 临时安装到这个目录,把这个目录当作根来用的,所以在这个目录下的目录文件,才是真正的目录文件。当打包完成后,在清理阶段,这个目录将被删除

    更详细的介绍可以参考 RPM Packaging Guide

    https://rpm-packaging-guide.github.io/

    制作 rpm 包

    如果你只关心如何使用可以直接跳过看下文,这里主要暂时代码和配置文件

    build shell

    # luajit.sh
    LUAVER=2.0.5
    WKDIR="/root/rpmbuild/SOURCES"
    cd $WKDIR
    wget http://luajit.org/download/LuaJIT-$LUAVER.tar.gz
    tar zxf LuaJIT-$LUAVER.tar.gz
    rm LuaJIT-$LUAVER.tar.gz
    cd LuaJIT-$LUAVER
    make BUILDMODE=static
    make install
    export LUAJIT_LIB=/usr/local/lib
    export LUAJIT_INC=/usr/local/include/luajit-2.0
    
    # build.sh
    NGX_VER=1.14.1
    WKDIR="/root/rpmbuild/SOURCES"
    CURRENTDIR=`dirname $(readlink -f "$0")`
    echo $CURRENTDIR
    export LUAJIT_LIB=/usr/local/lib
    export LUAJIT_INC=/usr/local/include/luajit-2.0
    cd $WKDIR
    wget http://nginx.org/download/nginx-$NGX_VER.tar.gz
    tar xzf nginx-$NGX_VER.tar.gz
    rm nginx-$NGX_VER.tar.gz
    mv nginx-$NGX_VER nginx-garena-$NGX_VER
    cd nginx-garena-$NGX_VER/
    
    mkdir -p contrib
    cd contrib/
    git clone git://github.com/bigplum/Nginx-limit-traffic-rate-module.git
    git clone git://github.com/agentzh/headers-more-nginx-module.git
    #git clone git://github.com/gnosek/nginx-upstream-fair.git
    git clone git://github.com/agentzh/echo-nginx-module.git
    #git clone git://github.com/arut/nginx-dav-ext-module.git
    git clone git://github.com/r10r/ngx_http_auth_pam_module.git
    git clone git://github.com/FRiCKLE/ngx_cache_purge.git
    git clone git://github.com/simpl/ngx_devel_kit.git
    git clone git://github.com/openresty/lua-nginx-module.git
    git clone git://github.com/nbs-system/naxsi.git
    rm -rf */.git
    cd ..
    
    cp -r $CURRENTDIR/nginx-template/* $WKDIR/nginx-garena-$NGX_VER/
    cp $CURRENTDIR/nginx-spec /root/rpmbuild/SPECS/
    #cp /root/rules $WKDIR/nginx-garena-$NGX_VER/debian/
    cd $WKDIR
    tar zcf nginx-garena-$NGX_VER.tar.gz nginx-garena-$NGX_VER/
    cd /root/rpmbuild/SPECS/
    rpmbuild -ba nginx-spec
    cd /root/rpmbuild/RPMS/noarch
    
    

    nginx-spec

    # 1.The introduction section 
    Name: nginx-garena                                      # 软件包名称
    Version: 1.14.1                                         # 版本号
    Release: 0                                              # release 号
    Summary: nginx garena rpm                               # 简要描述信息
    Source0: nginx-garena-1.14.1.tar.gz                     # source 主要是引用一下自己定义好的脚本,配置文件之类的内容
    License: GPL                                            # 一定带上(最好是对方源码包的 License ) BSD,GPL,GPLv2
    Group: Rahul                                            # 要全用这里面的一个组:less /usr/share/doc/rpm-version/GROUPS
    BuildArch: noarch               
    BuildRoot: %{_tmppath}/%{name}-buildroot                
    %description                                            # 软件包详述
    Garena self-build Nginx.
    %define _binaries_in_noarch_packages_terminate_build   0
    
    # 2.The Prep section 准备阶段,主要就是把源码包解压到 build 目录下,设置一下环境变量,并 cd 进去
    %prep
    %setup -q %{name}-%{version}                            # 这个宏的作用静默模式解压并 cd
    
    # 3.The Build Section 编译制作阶段,这一节主要用于编译源码
    %build
    CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr/share/nginx/ \
                        --sbin-path=/usr/sbin/nginx \
                        --conf-path=/etc/nginx/nginx.conf \
                        --error-log-path=/var/log/nginx/error.log \
                        --http-log-path=/var/log/nginx/access.log \
                        --pid-path=/var/run/nginx.pid \
                        --lock-path=/var/lock/nginx.lock \
                        --http-client-body-temp-path=/var/lib/nginx/body \
                        --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
                        --http-proxy-temp-path=/var/lib/nginx/proxy \
                        --http-scgi-temp-path=/var/lib/nginx/scgi \
                        --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
                        --with-pcre-jit \
                        --with-http_flv_module \
                        --with-http_mp4_module \
                        --with-file-aio \
    		    --with-http_v2_module \
    		    --with-stream \
    		    --with-stream_ssl_module \
                        --with-http_auth_request_module \
    		    --with-http_slice_module \
    		    --with-threads \
                        --with-http_gunzip_module \
    		    --with-http_random_index_module \
    		    --with-http_secure_link_module \
                        --with-http_geoip_module \
                        --with-http_ssl_module \
                        --with-openssl=/usr/local/src/openssl-1.0.2p \
                        --with-http_addition_module \
                        --with-http_geoip_module \
                        --with-http_gzip_static_module \
                        --with-http_realip_module \
                        --with-ipv6 \
                        --without-mail_pop3_module \
                        --without-mail_imap_module \
                        --without-mail_smtp_module \
                        --add-module=contrib/Nginx-limit-traffic-rate-module \
                        --add-module=contrib/headers-more-nginx-module \
                        --add-module=contrib/echo-nginx-module \
                        --add-module=contrib/ngx_http_auth_pam_module \
                        --add-module=contrib/ngx_cache_purge \
                        --add-module=contrib/ngx_devel_kit \
                        --add-module=contrib/lua-nginx-module \
                        --add-module=contrib/naxsi/naxsi_src
    make -j8
    
    # 4.Install section  这一节主要用于完成实际安装软件必须执行的命令,可包含 4 种类型脚本
    %install
    [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
    make DESTDIR=$RPM_BUILD_ROOT install
    install -m 0755 -d $RPM_BUILD_ROOT/etc/nginx/sites-enabled
    install -m 0755 -d $RPM_BUILD_ROOT/etc/nginx/sites-available
    install -m 0755 -d $RPM_BUILD_ROOT/var/log/nginx
    install -m 0755 -d $RPM_BUILD_ROOT/var/lib/nginx
    install -D -m 644 conf/sites-available/000_stub_status $RPM_BUILD_ROOT/etc/nginx/sites-available/000_stub_status
    install -D -m 644 conf/django_fastcgi_params $RPM_BUILD_ROOT/etc/nginx/django_fastcgi_params
    install -D -m 644 conf/naxsi_core.rules $RPM_BUILD_ROOT/etc/nginx/naxsi_core.rules
    install -D -m 644 conf/sites-available/000_stub_status $RPM_BUILD_ROOT/etc/nginx/sites-enabled/000_stub_status
    install -D -m 644 logrotate.d/nginx $RPM_BUILD_ROOT/etc/logrotate.d/nginx
    install -D -m 644 nginx.service $RPM_BUILD_ROOT/usr/lib/systemd/system/nginx.service
    
    # 5.clean section 清理段,clean 的主要作用就是删除 BUILD
    %clean
    [ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
    %post
    useradd -s /sbin/nologin -d /var/www www-data
    chown -R www-data.www-data /var/log/nginx /var/lib/nginx
    systemctl enable nginx
    echo %{name}-%{version} is successfully installed.
    systemctl start nginx
    # 6.file section 文件列表段,这个阶段是把前面已经编译好的内容要打包了
    %files
    %defattr(-,root,root)
    %dir /etc/nginx
    /etc/nginx/*
    %dir /usr/src/debug/nginx-garena-1.14.1
    /usr/src/debug/nginx-garena-1.14.1/*
    /usr/sbin/nginx
    %dir /usr/share/nginx
    /usr/share/nginx/*
    /etc/logrotate.d/nginx
    /usr/lib/systemd/system/nginx.service
    /usr/lib/debug/*
    /usr/lib/debug/.build-id/*
    %dir /var/log/nginx
    %dir /var/lib/nginx
    %config(noreplace) /etc/nginx/nginx.conf
    
    
    

    Initialize rpmbuild env

    # check current os version and kernel
    cat /etc/redhat-release
    CentOS Linux release 7.5.1804 (Core)
    uname -r
    3.10.0-862.el7.x86_64
    
    # install lua
    sh luajit.sh
    
    # yum install dependencies
    yum install -y gcc pam-devel git rpm-build pcre-devel openssl openssl-devel geoip-devel
    
    # mkdir
    mkdir -p /root/rpmbuild/SOURCES/
    mkdir -p /root/rpmbuild/SPECS/
    mkdir -p /root/rpmbuild/RPMS/noarch
    
    # download openssl
    cd /usr/local/src
    wget https://github.com/openssl/openssl/archive/OpenSSL_1_0_2p.tar.gz
    tar xf OpenSSL_1_0_2p.tar.gz
    mv openssl-OpenSSL_1_0_2p/ openssl-1.0.2p
    
    # confirm these files are correct
    [root@localhost ~]# tree nginx-rpmbuild-centos7/
    nginx-rpmbuild-centos7/
    ├── build.sh
    ├── conf_buid
    │   ├── conf
    │   │   ├── django_fastcgi_params
    │   │   ├── fastcgi.conf
    │   │   ├── fastcgi_params
    │   │   ├── koi-utf
    │   │   ├── koi-win
    │   │   ├── mime.types
    │   │   ├── naxsi_core.rules
    │   │   ├── nginx.conf
    │   │   ├── scgi_params
    │   │   ├── sites-available
    │   │   │   └── 000_stub_status
    │   │   ├── uwsgi_params
    │   │   └── win-utf
    │   ├── logrotate.d
    │   │   └── nginx
    │   ├── nginx.conf
    │   └── nginx.service
    ├── luajit.sh
    ├── nginx-spec
    └── nginx-template
        ├── conf
        │   ├── django_fastcgi_params
        │   ├── naxsi_core.rules
        │   └── sites-available
        │       └── 000_stub_status
        ├── logrotate.d
        │   └── nginx
        ├── nginx.conf
        └── nginx.service
    
    8 directories, 24 files
    
    

    How to build Nginx RPM

    # check nginx stable version from official website
    http://nginx.org/en/download.html
    
    # check configuration
    vim build.sh
    
    NGX_VER=1.14.1
    WKDIR="/root/rpmbuild/SOURCES"
    
    # check nginx version
    vim nginx-spec
    
    replace 1.14.1 to 1.14.2
    
    # run build.sh
    ./build.sh
    
    # RPM package
    Processing files: nginx-garena-1.14.2-0.noarch
    warning: File listed twice: /etc/nginx/nginx.conf
    Provides: config(nginx-garena) = 1.14.2-0 nginx-garena = 1.14.2-0
    Requires(interp): /bin/sh
    Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
    Requires(post): /bin/sh
    Requires: libGeoIP.so.1()(64bit) libc.so.6()(64bit) libc.so.6(GLIBC_2.10)(64bit) libc.so.6(GLIBC_2.11)(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.17)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.3.2)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.7)(64bit) libcrypt.so.1()(64bit) libcrypt.so.1(GLIBC_2.2.5)(64bit) libdl.so.2()(64bit) libdl.so.2(GLIBC_2.2.5)(64bit) libgcc_s.so.1()(64bit) libgcc_s.so.1(GCC_3.0)(64bit) libgcc_s.so.1(GCC_3.3)(64bit) libm.so.6()(64bit) libm.so.6(GLIBC_2.2.5)(64bit) libpam.so.0()(64bit) libpam.so.0(LIBPAM_1.0)(64bit) libpcre.so.1()(64bit) libpthread.so.0()(64bit) libpthread.so.0(GLIBC_2.2.5)(64bit) libpthread.so.0(GLIBC_2.3.2)(64bit) libz.so.1()(64bit) rtld(GNU_HASH)
    warning: Arch dependent binaries in noarch package
    Checking for unpackaged file(s): /usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/nginx-garena-1.14.2-0.x86_64
    Wrote: /root/rpmbuild/SRPMS/nginx-garena-1.14.2-0.src.rpm
    Wrote: /root/rpmbuild/RPMS/noarch/nginx-garena-1.14.2-0.noarch.rpm
    Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.iR5dLd
    + umask 022
    + cd /root/rpmbuild/BUILD
    + cd nginx-garena-1.14.2
    + '[' /root/rpmbuild/BUILDROOT/nginx-garena-1.14.2-0.x86_64 '!=' / ']'
    + rm -rf /root/rpmbuild/BUILDROOT/nginx-garena-1.14.2-0.x86_64
    + exit 0
    
    

    主题内容长度不能超过 20000 个字符

    目前尚无回复
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2730 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 24ms · UTC 07:58 · PVG 15:58 · LAX 23:58 · JFK 02:58
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.