Re: [CentOS] trouble building an rpm
From: Peter Kjellström c...@nsc.liu.se It's not a good idea to build rpms as root (unless in a throw-away vm). Build as user or even better using mock. Am I missing something or building an rpm as a non-root user for security reason won't do much when, in the end, the rpm will be installed as root...? Apart from protecting the rpm building host. JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble building an rpm
On Tuesday, September 13, 2011 11:20:57 AM John Doe wrote: From: Peter Kjellström c...@nsc.liu.se It's not a good idea to build rpms as root (unless in a throw-away vm). Build as user or even better using mock. Am I missing something or building an rpm as a non-root user for security reason won't do much when, in the end, the rpm will be installed as root...? Apart from protecting the rpm building host. It is true that if you're looking only at the security aspect of hadling a malicious rpm then it won't buy you that much. It will still however: * Keep the rest of the rpms that build-server did safe * Delay the effect one step (you can pick up the malicious binary rpm when testing, before deploying). That said the main reason probably isn't malicious (src)rpms but broken ones. A spec file can easily contain bugs that will change/corrupt/break your build machine (and still produce a valid binary rpm). In the end it's kind of like running your gnome as root. You can do it but common sense and the complexity of the system tells you not to. /Peter signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble building an rpm
On Monday, September 12, 2011 06:00:32 PM Jon Detert wrote: i'm a newbie at building rpms. I made a few rpms years ago, but can't now make one on Centos 5. In /usr/local/rpmbuild, there are 5 subdirs: BUILD RPMS SOURCES SPECS SRPMS tmp It's not a good idea to build rpms as root (unless in a throw-away vm). Build as user or even better using mock. That said, many a broken rpmbuild can be blamed on missing the redhat-rpm-config package (containing lots of rpm macros). If that's not the case I'd try rebuilding a known good src.rpm with rpmbuild --rebuild foo.src.rpm to validate your setup. /Peter When I type: rpmbuild -ba /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec I get 'file not found' errors, for paths in /usr/local/rpmbuild/tmp: error: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d error: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/Ce ntOS-cr.repo RPM build errors: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/Ce ntOS-cr.repo All i did was to: 1) put a tarball in SOURCES, 2) put a spec file in SPECS, 3) rpmbuild -ba my spec file Did I miss a step? If not, here's the contents of my tarball and spec file: The tarball in SOURCES is named: centos-release-cr-ihc-1.tar.gz the contents of which are: drwxr-xr-x root/root 0 2011-09-09 15:40:01 centos-release-cr-ihc-1/ drwxr-xr-x root/root 0 2011-09-09 15:39:57 centos-release-cr-ihc-1/etc/ drwxr-xr-x root/root 0 2011-09-09 15:40:39 centos-release-cr-ihc-1/etc/yum.repos.d/ -rw-r--r-- root/root 523 2011-09-09 15:35:59 centos-release-cr-ihc-1/etc/yum.repos.d/CentOS-cr.repo my spec file is /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec the contents of which are: Summary: Package to set up IHC use of the centos-cr repository Name: centos-release-cr-ihc Version: 1 Release: 1 Source0: centos-release-cr-ihc-1.tar.gz License: GPL Group: IHC-config BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-buildroot %description Package to set up IHC use of the centos-cr repository %prep %setup -q %build %install install -m 0755 -d /etc/yum.repos.d install -m 0755 etc/yum.repos.d/CentOS-cr.repo /etc/yum.repos.d/CentOS-cr.repo %clean rm -rf $RPM_BUILD_ROOT %post echo echo Yay IHC IS Team! %files %dir /etc/yum.repos.d /etc/yum.repos.d/CentOS-cr.repo Thanks, Jon signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble building an rpm
Dear Jon, Install the package rpmdevtools from EPEL repository and setup Your own build tree in $HOME of some non-root user. Please, avoid any builds as root and don't build package as Your current (desktop) non-root user. It's good idea to create user for the packages building. Then setup the build tree in his $HOME directory (execute rpmdev-setuptree). I wish You success! Yours Vesselin On 09/12/2011 07:00 PM, Jon Detert wrote: i'm a newbie at building rpms. I made a few rpms years ago, but can't now make one on Centos 5. In /usr/local/rpmbuild, there are 5 subdirs: BUILD RPMS SOURCES SPECS SRPMS tmp When I type: rpmbuild -ba /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec I get 'file not found' errors, for paths in /usr/local/rpmbuild/tmp: error: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d error: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/CentOS-cr.repo RPM build errors: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/CentOS-cr.repo All i did was to: 1) put a tarball in SOURCES, 2) put a spec file in SPECS, 3) rpmbuild -ba my spec file Did I miss a step? If not, here's the contents of my tarball and spec file: The tarball in SOURCES is named: centos-release-cr-ihc-1.tar.gz the contents of which are: drwxr-xr-x root/root 0 2011-09-09 15:40:01 centos-release-cr-ihc-1/ drwxr-xr-x root/root 0 2011-09-09 15:39:57 centos-release-cr-ihc-1/etc/ drwxr-xr-x root/root 0 2011-09-09 15:40:39 centos-release-cr-ihc-1/etc/yum.repos.d/ -rw-r--r-- root/root 523 2011-09-09 15:35:59 centos-release-cr-ihc-1/etc/yum.repos.d/CentOS-cr.repo my spec file is /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec the contents of which are: Summary: Package to set up IHC use of the centos-cr repository Name: centos-release-cr-ihc Version: 1 Release: 1 Source0: centos-release-cr-ihc-1.tar.gz License: GPL Group: IHC-config BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-buildroot %description Package to set up IHC use of the centos-cr repository %prep %setup -q %build %install install -m 0755 -d /etc/yum.repos.d install -m 0755 etc/yum.repos.d/CentOS-cr.repo /etc/yum.repos.d/CentOS-cr.repo %clean rm -rf $RPM_BUILD_ROOT %post echo echo Yay IHC IS Team! %files %dir /etc/yum.repos.d /etc/yum.repos.d/CentOS-cr.repo Thanks, Jon ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble building an rpm
12.09.2011 20:00, Jon Detert wrote: i'm a newbie at building rpms. I made a few rpms years ago, but can't now make one on Centos 5. In /usr/local/rpmbuild, there are 5 subdirs: BUILD RPMS SOURCES SPECS SRPMS tmp When I type: rpmbuild -ba /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec I get 'file not found' errors, for paths in /usr/local/rpmbuild/tmp: error: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d error: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/CentOS-cr.repo RPM build errors: File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d File not found: /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/CentOS-cr.repo All i did was to: 1) put a tarball in SOURCES, 2) put a spec file in SPECS, 3) rpmbuild -ba my spec file Did I miss a step? If not, here's the contents of my tarball and spec file: The tarball in SOURCES is named: centos-release-cr-ihc-1.tar.gz the contents of which are: drwxr-xr-x root/root 0 2011-09-09 15:40:01 centos-release-cr-ihc-1/ drwxr-xr-x root/root 0 2011-09-09 15:39:57 centos-release-cr-ihc-1/etc/ drwxr-xr-x root/root 0 2011-09-09 15:40:39 centos-release-cr-ihc-1/etc/yum.repos.d/ -rw-r--r-- root/root 523 2011-09-09 15:35:59 centos-release-cr-ihc-1/etc/yum.repos.d/CentOS-cr.repo my spec file is /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec the contents of which are: Summary: Package to set up IHC use of the centos-cr repository Name: centos-release-cr-ihc Version: 1 Release: 1 Source0: centos-release-cr-ihc-1.tar.gz License: GPL Group: IHC-config BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-buildroot %description Package to set up IHC use of the centos-cr repository %prep %setup -q %build %install install -m 0755 -d /etc/yum.repos.d install -m 0755 etc/yum.repos.d/CentOS-cr.repo /etc/yum.repos.d/CentOS-cr.repo %clean rm -rf $RPM_BUILD_ROOT %post echo echo Yay IHC IS Team! %files %dir /etc/yum.repos.d /etc/yum.repos.d/CentOS-cr.repo Directory /etc/yum.repos.d and file /etc/yum.repos.d/CentOS-cr.repo need to be installed into $RPM_BUILD_ROOT and not into actual / during the %install phase. Try something like this: %install install -m 0755 -d $RPM_BUILD_ROOT/etc/yum.repos.d install -m 0755 etc/yum.repos.d/CentOS-cr.repo $RPM_BUILD_ROOT/etc/yum.repos.d and consider working under your home directory. Hope this would help. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble building an rpm
- Original Message - From: Andrew Dorozhkin glukens...@gmail.com To: CentOS mailing list centos@centos.org Sent: Monday, September 12, 2011 11:39:44 AM Subject: Re: [CentOS] trouble building an rpm 12.09.2011 20:00, Jon Detert wrote: i'm a newbie at building rpms. I made a few rpms years ago, but can't now make one on Centos 5. In /usr/local/rpmbuild, there are 5 subdirs: BUILD RPMS SOURCES SPECS SRPMS tmp When I type: rpmbuild -ba /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec I get 'file not found' errors, for paths in /usr/local/rpmbuild/tmp: error: File not found: -- snip -- my spec file is /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec the contents of which are: Summary: Package to set up IHC use of the centos-cr repository -- snip -- %build %install install -m 0755 -d /etc/yum.repos.d install -m 0755 etc/yum.repos.d/CentOS-cr.repo -- snip -- Directory /etc/yum.repos.d and file /etc/yum.repos.d/CentOS-cr.repo need to be installed into $RPM_BUILD_ROOT and not into actual / during the %install phase. Try something like this: %install install -m 0755 -d $RPM_BUILD_ROOT/etc/yum.repos.d install -m 0755 etc/yum.repos.d/CentOS-cr.repo $RPM_BUILD_ROOT/etc/yum.repos.d Thanks! That was the problem, and your solution worked. Regards, Jon ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos