Setup an RPM Build Server

From V.S.V., Inc.
Jump to: navigation, search

Overview

This article details how to setup an existing CentOS Server to build your own RPMs.


Related External Documentation:

Changing the timezone,date, and time in Linux

Set Up an RPM Build Environment under CentOS

Fedora - Extra Packages for Enterprise Linux

RHEL/CentOS - Enable EPEL Repository



Make sure you are On Time!

I found that if you tried to pull down EPEL packages while the time on the Build Server was off, there were issues with pulling any associated packages. As a preemptive measure, lets set the time on the Build Server to match those of a North American NTP Server.


Install the ntp package

sudo yum install ntp

If you are prompted to install the CentOS 5 Official Signing Key type y and press Enter.

Update the time on your machine

sudo /sbin/ntpdate 0.north-america.pool.ntp.org


Check and make sure the date and time on the Build Server is accurate.

date



Download the EPEL Package repository

Note: This section needs to be update to use RPMforge instead of EPEL as the version of perl-Net-SNMP is broken on EPEL.

The EPEL Repository is necessary for the perl-NET-SNMP Dependencies that are required of NRPE.

Download the EPEL Repository and use rpm to install it

sudo wget http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
sudo rpm -i epel-release-5-4.noarch.rpm


Verify that the EPEL Repository is installed

sudo yum repolist

The Extra Packages for Enterprise Linux 5 - x86_64 should appear in the repo name list.

repo id                              repo name                                           status
addons                               CentOS-5 - Addons                                   enabled: 0
base                                 CentOS-5 - Base                                     enabled: 3,566
epel                                 Extra Packages for Enterprise Linux 5 - x86_64      enabled: 6,923
extras                               CentOS-5 - Extras                                   enabled: 290
updates                              CentOS-5 - Updates                                  enabled: 720
repolist: 11,499


....


Download the RPM Build packages

Install the following RPM Build Packages.

sudo yum install rpm-build redhat-rpm-config make gcc

During the installation you will prompted to import a GPG Key that is the CentOS 5 Official Signing Key, make sure you respond with y.




Create an Account to build the RPM Packages

Note: you can skip this section if you already have a non-root account.

Create the user pacman for all of your RPM Packaging needs!

adduser pacman -m
passwd pacman

Type in a new password for the pacman user.


Add pacman to the sudoers file

/usr/sbin/visudo


Add in the following entry below the root entry

pacman ALL=(ALL) ALL

Create RPM Build Directories under your home folder

NOTE: NEVER EVER EVER BUILD AN RPM AS ROOT....and I mean EVER!!!! not even if a Squirrel comes up to you and tries to steal your nuts!
You can do untold damage to the system you are working on if you build packages as root!


Make the rpmbuild directories for the RPM Build Environment.


su - pacman
cd /home/pacman
mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros




Optional vim editor Configuration Change

Reading comments in vim can be difficult as the default color of comments is dark blue. We can change the default color scheme by doing the following


Copy the /etc/vimrc file to the home directory.

sudo cp /etc/vimrc /home/pacman/.vimrc


You can view the color schemes available in the following path. For this Article the elflord color scheme is being used as it works quite well.

sudo vim /usr/share/vim/vim70/colors/


Open up your .vimrc file using vim

sudo vim /home/pacman/.vimrc


Add in the the :color definition below the set ruler entry in the .vimrc file. The :color entry will change the default color scheme that pacman will have when using vim.

:color [color_scheme]


Example:

:color elflord


Note that the .vim part is not necessary when setting the color scheme.


You can verify that the color scheme has changed by simply opening up the .vimrc file again using vim.

sudo vim /home/pacman/.vimrc




Signing keys

If your RPMs will be used by anyone other than you, you should sign them. Doing this allows others to verify that the package came from you and is exactly the way you intended it to be.

If you don't already have a GPG key you can follow these [directions].

If you have a key from another machine or a departmental key, you will need to import it. To do that get both the public and private (secret) parts of the key.

$ gpg --import key.pub
$ gpg --import key.sec

You can verify the were imported correctly with:

$ gpg --list-sigs
/home/pacman/.gnupg/pubring.gpg
------------------------------
pub   1024D/1CDB2BA8 2011-05-09
uid                  Pacman (Pacman RPM Build) <pacman@example.com>
sig 3        1CDB2BA8 2011-05-09  Pacman (Pacman RPM Build) <pacman@example.com>
sub   2048g/80C30782 2011-05-09
sig          1CDB2BA8 2011-05-09  Pacman (Pacman RPM Build) <pacman@example.com>


Now that you have the GPG key in your keyring, you need to tell rpmbuild which one it is.

$ vi /home/pacman/.rpmmacros

Add the following lines:

%_signature gpg
%_gpg_name Pacman (Pacman RPM Build) <pacman@example.com>