环境准备
centos6.6
#rpm知识参考
1.#依赖安装
yum install rpm-build gcc make wget openssl-devel krb5-devel pam-devel libX11-devel xmkmf libXt-devel
2.#目录创建
mkdir -p /usr/src/redhat/{SOURCES,SPECS}
cd /usr/src/redhat/SOURCES/
3.#安装文件下载
4.#解压编译文件,或者直接自己写
cd /usr/src/redhat/SOURCES/
# 也可以解压出整包 从里面提取出 openssh-7.5p1/contrib/redhat/openssh.spec 该文件
tar xfz openssh-7.5p1.tar.gz openssh-7.5p1/contrib/redhat/openssh.spec
mv openssh-7.5p1/contrib/redhat/openssh.spec ../SPECS/
chown sshd:sshd /usr/src/redhat/SPECS/openssh.spec
cp /usr/src/redhat/SPECS/openssh.spec /usr/src/redhat/SPECS/openssh.spec_def
5. # 修改几个配置选项 可选项
#关掉no_gnome_askpass no_x11_askpass这两个参数
sed -i -e "s/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
sed -i -e "s/%define no_x11_askpass 0/%define no_x11_askpass 1/g" /usr/src/redhat/SPECS/openssh.spec
#实际编译参数:
+ ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --sysconfdir=/etc/ssh --libexecdir=/usr/libexec/openssh --datadir=/usr/share/openssh --with-default-path=/usr/local/bin:/bin:/usr/bin --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin --with-privsep-path=/var/empty/sshd --with-md5-passwords --with-tcp-wrappers --with-pam --with-kerberos5=/usr
configure: WARNING: unrecognized options: --with-tcp-wrappers
#可以用这个命令查看编译文件里面的参数值 /usr/src/redhat/SPECS/openssh.spec
#rpm --eval "%{?dist}"
#rpm --eval "%{?ver}"
#很多是在文件里设置的初值,部分是在系统文件里定义的,系统默认的变量定义在这个文件 #vim /usr/lib/rpm/macros
#此处我只修改了这些
diff openssh.spec openssh.spec_def
12c12
< %define no_x11_askpass 1
---
> %define no_x11_askpass 0
15c15
< %define no_gnome_askpass 1
---
> %define no_gnome_askpass 0
199d198
< --with-tcp-wrappers
7. 拷贝安装软件到预编译目录
mkdir -p ~/rpmbuild/SOURCES/
cp /usr/src/redhat/SOURCES/openssh-7.5p1.tar.gz ~/rpmbuild/SOURCES/
#执行编译操作
cd /usr/src/redhat/SPECS/
rpmbuild -ba openssh.spec
##############################################################
#编译后生成的目录结构如下
tree -L 2 /root/rpmbuild/
/root/rpmbuild/
├── BUILD
│ └── openssh-7.5p1
├── BUILDROOT
├── RPMS
│ └── x86_64
├── SOURCES
│ └── openssh-7.5p1.tar.gz
├── SPECS
└── SRPMS
└── openssh-7.5p1-1.src.rpm
#安装包的目录如下
ll /root/rpmbuild/RPMS/x86_64/openssh-*
-rw-r----- 1 root root 485104 Jul 20 10:33 /root/rpmbuild/RPMS/x86_64/openssh-7.5p1-1.x86_64.rpm
-rw-r----- 1 root root 610916 Jul 20 10:33 /root/rpmbuild/RPMS/x86_64/openssh-clients-7.5p1-1.x86_64.rpm
-rw-r----- 1 root root 17040 Jul 20 10:34 /root/rpmbuild/RPMS/x86_64/openssh-debuginfo-7.5p1-1.x86_64.rpm
-rw-r----- 1 root root 388568 Jul 20 10:34 /root/rpmbuild/RPMS/x86_64/openssh-server-7.5p1-1.x86_64.rpm
##############################################################
#备份原有的openssh服务
mkdir -p /war/backup/openssh_def
cd /war/backup/openssh_def
tar -cvzf etc_ssh.tar.gz /etc/ssh
cp /etc/pam.d/sshd /etc/pam.d/system-auth .
cp -p /etc/pam.d/sshd /etc/pam.d/sshd_`date +%Y%m%d`
cp -p /etc/pam.d/system-auth /etc/pam.d/system-auth_`date +%Y%m%d`
#执行升级操作
rpm -Uvh /root/rpmbuild/RPMS/x86_64/*.rpm
把新的 /etc/pam.d/sshd文件备份,并恢复原来版本的 /etc/pam.d/sshd
cp -p /etc/pam.d/sshd /root/sshd.afterupgrade
cp /root/sshd.orig /etc/pam.d/sshd
4. 开启PAM
vi /etc/ssh/sshd_config
UsePAM yes
5. 重启sshd服务
#CentOS 6
service sshd restart
#CentOS 7
#systemctl restart sshd
如果有本地yum源,把这几个包放到yum仓库,使用更佳
##################################################################################编译后的最终日志信息
Processing files: openssh-debuginfo-7.5p1-1.x86_64
Checking for unpackaged file(s): /usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openssh-7.5p1-1.x86_64
Wrote: /root/rpmbuild/SRPMS/openssh-7.5p1-1.src.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-7.5p1-1.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-clients-7.5p1-1.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-server-7.5p1-1.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/openssh-debuginfo-7.5p1-1.x86_64.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.gJEJ5t
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-7.5p1
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-7.5p1-1.x86_64
+ exit 0
##################################################################################编译后的最终日志信息