Building an RPM with koji

Installing koji on your Fedora system is a bit of an involved task; the procedure can be followed here.

After installing the koji software with:

yum install fedora-packager

and running the command:

/usr/bin/fedora-packager-setup

It was a straightforward procedure to enable the web certificate for the Fedora BuildSystem website.

When trying to run the command:
LoneWolf@LoneWolf:rpmbuild$
koji build dist-f14 –scratch SRPMS/less 418-1.fc14.src.rpm
It yielded the following error:
Error: [(‘SSL routines’, ‘SSL3_READ_BYTES’, ‘sslv3 alert certificate revoked’), (‘SSL routines’, ‘SSL3_WRITE_BYTES’, ‘ssl handshake failure’)]

Not sure what to do about that one.

Posted in SBR600 | Leave a comment

Creating a Custom CentOS-5.5 ISO Image

I required a script to customize the installation of CentOS-5.5-x86_64 for minimalist installations in Fedora KVM. I wanted the option to install any type of server while installing as few packages as possible. The following files will create a usable image when created on a CentOS host but each file must be present in the same directory (along with both CentOS-5.5 DVD images) to work properly:
README
, ks.cfg, comps.xml, Create-ISO.sh

Hope this helps someone out.

This is a step-by-step from the file Create-ISO.sh listed above. This blog only covers the steps relating to the creation of a DVD repository and the creation of an ISO image file. For more information on using the files above, refer to the README file listed above.
##### BUILD THE DVD ######

The first step in creating an istallation repository is to mimic the structure found on the CentOS installation DVD:

# In the current directory, create an iso build directory:
timer “Building iso directory tree”

if [ $burntype == “kickstart” ]; then
mkdir -p ./kickstart_build/{isolinux,images,ks}
else
mkdir -p ./kickstart_build/{isolinux,images}
fi

***Note the use of the curly braces for grouping of directories; this allows multiple directories to be created on the same branch of the installation tree.

The following directory tree of the Centos-5.5 DVD is going to be re-created in a custom directory, with a hand-picked selection of RPMs:

mnt
├── CentOS
├── images
│   ├── pxeboot
│   └── xen
├── isolinux
├── NOTES
└── repodata

# Mount the CentOS DVD image, avoid read-only mount error message
mount -o loop ./CentOS-5.5-x86_64-bin-DVD-1of2.iso /mnt > /dev/null 2>&1

##### COPY FILES FROM THE CentOS DVD #####
timer “Copying files to iso”

This directory contains kernel images that are maps to create directory structures on a new filesystem:

# Copy all the files from the isolinux directory on CentOS disc 1 into your kickstart_build/isolinux directory.
cp -R /mnt/isolinux/* ./kickstart_build/isolinux

The .discinfo file contains information about the installation disc such as release version, arch, number of discs and the location of installation directories. This is the .discinfo file from the CentOS-5.5 DVD:

1272326751.405938
Final
x86_64
1
CentOS/base
/home/buildcentos/CENTOS/5.5/en/x86_64/CentOS
CentOS/pixmaps

# Copy .discinfo from the CentOS disc 1 into your kickstart_build/isolinux directory.
cp /mnt/.discinfo ./kickstart_build

This directory contains files that enable a bootable environment for both flash drives (diskboot.img) and cd-roms (boot.iso):

# Copy all the files from the images directory on CentOS disc 1 into your kickstart_build/isolinux/images directory.
cp -R /mnt/images/* ./kickstart_build/images

This file is parsed by the anaconda installer and contains information about software groups. The comps.xml serves as the outline for the package selection menu in the GUI installer, and gives the installer a framework for package selection in a kickstart installation.

# Copy your customized comps.xml to kickstart_build.
cp -f ./comps.xml ./kickstart_build/comps.xml
chmod 644 ./kickstart_build/comps.xml

A kickstart file is not normally found on an installation DVD, this file will enable the iso file to autoinstall according to your specific instructions:

# Your kickstart config file will go into the kickstart_build/ks directory.
if [ $burntype == “kickstart” ]; then
timer “Configuring kickstart files”
cp ./ks.cfg ./kickstart_build/ks/ks.cfg

These files need their permissions changed because the directory structure is READ ONLY; mkisofs will return an error if the filestructure is not read-only:

# Change permissions on 3 files:
chmod 664 ./kickstart_build/isolinux/isolinux.bin
chmod 664 ./kickstart_build/isolinux/isolinux.cfg
chmod 664 ./kickstart_build/ks/ks.cfg

This option uses openssl to insert password hashes into your custom kickstart for both the root and regular user:

# Change the root password in the ks.cfg file
createPassword “Please enter a root password.”
sed -i ‘s/^rootpw .*$/rootpw –iscrypted ‘$passhash’/’ ./kickstart_build/ks/ks.cfg

# Change the user password in the ks.cfg file
read -p “Please enter a username. ” username
createPassword “Please enter a user password.”
sed -i ‘s/^user .*$/user –name=’$username’ –password=’$passhash’ –iscrypted/’ ./kickstart_build/ks/ks.cfg

The next two modifications are necessary to redirect the installer to the kickstart file, otherwise, the installer would use the default GUI installer with user interaction:

# Modify the “isolinux.cfg” file, this is done so that the kickstart runs automatically.
# Change the line: “default linux” to “default ks”
sed -i ‘s/^default linux$/default ks/’ ./kickstart_build/isolinux/isolinux.cfg

# Change the line: “append ks initrd=initrd.img” to “append ks=cdrom:/CentOS-VM-ks.cfg initrd=initrd.img”
sed -i ‘s/^[ ]*append ks initrd=initrd.img$/ append ks=cdrom:\/ks\/ks.cfg initrd=initrd.img/’ ./kickstart_build/isolinux/isolinux.cfg
fi

The createrepo software enables you to build update repositories as well as installation repositories:

# Install createrepo so that you can create a repository.
if [ ! $(rpm -q createrepo) ]; then
yum -y install createrepo
fi

Now that the directory structure is in place and the necessary software is installed on the system, you can load RPMs into the DVD installation repository. Hopefully all the dependencies for RPM packages are resolved for all individual and group entries in your comps.xml file:

# Load RPMs on to new DVD.
timer “Copying RPM files”

if [ ! -d ./kickstart_build/CentOS ]; then
mkdir ./kickstart_build/CentOS
fi

cp -R ./custom_rpms/* ./kickstart_build/CentOS

With all the RPMs in the directory tree, it is time to build the repository from the directory structure that has been created:

# Build repository on the new DVD
timer “Building repository”
cd ./kickstart_build

declare -x discinfo=$(head -1 .discinfo)
createrepo -u “media://$discinfo” -g comps.xml .

cd ../

Returning the status of any changed files to read-only is essential for the successful creation of an iso image file:

if [ $burntype == “kickstart” ]; then
# Change permissions back to default for “isolinux.cfg” and “isolinux.bin”
chmod 555 ./kickstart_build/isolinux/isolinux.cfg
chmod 444 ./kickstart_build/isolinux/isolinux.bin
fi

# Create the iso file.
timer “Building image file”
mkisofs -r -N -L -d -J -T -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -V “$label” -boot-load-size 4 -boot-info-table  -o “$filename” kickstart_build/

Although this program (in its entirety) will produce a usable image, there are some aspects of the build that I was not able to get working completely:

# Add checksum to iso (not working !!!):
# implantisomd5 ./CentOS-VM.iso

# Record DVD automatically (not tested):
#growisofs -Z /dev/cdrom=./CentOS-VM.iso

umount /mnt

Writing this program forced me to look closely at the booting process for a RHEL-based installation DVD and also gave me some insight into: RPMs, kickstart files, repositories, and xml files. It also spawned the notion to create an update repository for my virtual machine network(s); the process of creating a network repository is quite similar to creating an installation repo.

😀

Posted in SBR600 | 1 Comment

Terminal Application for KVM Backup on Fedora

I Wrote this script to assist with backups when using virtualization in Fedora. Excuse any bugs, as I am not quite finished debugging all the code (delete is not finished). Any suggestions or improvements are always welcome, I eventually would like to create a zenity version of this script (time permitting). You can link to the code here. ):}>

 

Posted in SBR600 | 1 Comment

Building a Fedora RPM with “mock”

The mock program creates chroots and builds RPM packages in them. To install mock on your system, enter “yum install mock” in terminal (as the root user). Details for the mock project can be found here.
LoneWolf@LoneWolf:~$ su –
root@LoneWolf:~# yum install mock 

You must now add your user account to the mock group in order to run the software as a regular user. It is not good practice to build RPMS as the “root” user because there is a chance that you could compromise your OS installation; building RPM packages should never be performed as root. It should also be noted that the recommended practice is to create a new “build” user to run mock as there are security considerations to running as your regular user account. If you are concerned with security, create a new user with: “useradd -G groupname username“, and run mock as this user. To add your regular username to the mock group, enter the following command in terminal as root: “usermod -a -F groupname username“.
root@LoneWolf:~# usermod -a -G mock LoneWolf

There are problems associated with running mock with SELinux; an SELinux policy module can be installed as outlined here (Under the heading “Using Mock with SELinux). Execute the following commands to install this module:
mkdir /root/selinux.local
cd /root/selinux.local

wget http://fedoraproject.org/w/uploads/2/2f/PackageMaintainers_MockTricks_mock.if
wget http://fedoraproject.org/w/uploads/7/73/PackageMaintainers_MockTricks_mock.fc
wget http://fedoraproject.org/w/uploads/0/0b/PackageMaintainers_MockTricks_mock.te

yum -y install selinux-policy-devel checkpolicy
make -f /usr/share/selinux/devel/Makefile

Change to the user account you will use to run mock, and run the command:
mock -r fedora-your-distribution_releaseyour_arch /path/to/SRPM
Use the SRPM that you created as outlined in the post “Building a Fedora RPM“.

root@LoneWolf:selinux.local# logout
LoneWolf@LoneWolf:~$ mock -r fedora-14-x86_64 rpmbuild/SRPMS/less-418-1.fc14.src

This resulted in the following error :(…
checking for working terminal libraries… Cannot find terminal libraries – configure failed
error: Bad exit status from /var/tmp/rpm-tmp.6ua9eg (%build)
Since:
“Package ncurses-devel-5.7-9.20100703.fc14.x86_64 already installed…”
“Package ncurses-5.7-9.20100703.fc14.x86_64 already installed…”
“Package gcc-4.5.1-4.fc14.x86_64 already installed…”
I’ll have to figure out which library it is looking for.

Going back and executing “rpmbuild -ba list.spec” in the SPECS directory yielded this:
Requires(rpmlib):
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires:
libc.so.6()(64bit)
libc.so.6(GLIBC_2.11)(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3)(64bit)
libc.so.6(GLIBC_2.3.4)(64bit)
libc.so.6(GLIBC_2.4)(64bit)
libtinfo.so.5()(64bit)
rtld(GNU_HASH)

A quick search of the above entries at Linux Packages Search narrowed down the packages needed. This meant adding these two lines to the less.spec file:
BuildRequires:  kobo, kobo-rpmlib
Requires: glibc, ncurses-libs
This generated another error message after another rpmbuild -ba less.spec:

LoneWolf@LoneWolf:SPECS$ rpmlint ../RPMS/x86_64/less-418-1.fc14.x86_64.rpm
less.x86_64: E: explicit-lib-dependency ncurses-libs
less.x86_64: W: spurious-executable-perm /usr/share/doc/less-418/COPYING
less.x86_64: W: spurious-executable-perm /usr/share/doc/less-418/INSTALL
less.x86_64: W: spurious-executable-perm /usr/share/doc/less-418/LICENSE
1 packages and 0 specfiles checked; 1 errors, 3 warnings.
Shortening the Requires: entry to
Requires: glibc and rebuilding AGAIN eliminated this error.

As it turned out, the packages: glibc and ncurses-libs were already installed but the packages: kobo and kobo-rpmlib were not.
root@LoneWolf:~# yum -y install kobo kobo-rpmlib
LoneWolf@LoneWolf:SPECS$ mock -r fedora-14-x86_64 ../SRPMS/less-418-1.fc14.src.rpm
ERROR: Exception(../SRPMS/less-418-1.fc14.src.rpm) Config(fedora-14-x86_64) 0 minutes 44 seconds
checking for working terminal libraries… Cannot find terminal libraries – configure failed

After adding ncurses-devel to the BuildRequires section in my SPEC file, the build for “less” finally executed without error. It should be noted that because mock runs in a chroot environment, it does not have access to system libraries, unless they are included in the BuildRequires section of your .spec file.

The build for gawk went rather smoothly after applying the knowledge learned from building the less package.

Next topic: Building an RPM with koji

Posted in SBR600 | Leave a comment

Building a Fedora RPM

The RPM build process starts with having the proper software on your system. I installed the packages below (as the root user):
root@LoneWolf:~# yum groupinstall “Fedora Packager”
root@LoneWolf:~# yum install rpmlint yum-utils

Package rpmlint-1.0-2.fc14.noarch already installed and latest version
Package yum-utils-1.1.28-1.fc14.noarch already installed and latest version
Nothing to do

Change to a regular user account to build RPMs; it is best if you do not execute builds as the root user, it could really mess up your system if something gets installed improperly.
root@LoneWolf:~# logout

The directory structure for an RPM build must now be set up:
LoneWolf@LoneWolf:~$ rpmdev-setuptree

This command makes a directory called “rpmbuild” in your home directory:
LoneWolf@LoneWolf:~$ dir
Desktop    Downloads  Pictures    rpmbuild Videos
Documents  Music      Public    Templates

There are six directories inside the “rpmbuild” directory:
LoneWolf@LoneWolf:~$ cd /home/LoneWolf/rpmbuild/
LoneWolf@LoneWolf:rpmbuild$ dir
BUILD  BUILDROOT  RPMS    SOURCES  SPECS    SRPMS

First your source code packages must be in the “SOURCES” directory:
cp /home/LoneWolf/Desktop/MakeTest/*.gz.* rpmbuild/SOURCES/

As you can see I am trying to build RPMS for “less” and “gawk”. These packages are found here.
LoneWolf@LoneWolf:~$ cd rpmbuild/SOURCES
LoneWolf@LoneWolf:SOURCES$ dir
gawk-3.1.8.tar.gz  less-418.tar.gz

The next step is to change to the “SPECS” directory:
LoneWolf@LoneWolf:rpmbuild$ cd SPECS/

You then must generate a “spec” file for your RPM build. Skeleton spec files for the new RPM packages are generated with the command: rpmdev-newspec filename
LoneWolf@LoneWolf:SPECS$ rpmdev-newspec gawk-3.1.8
Skeleton specfile (minimal) has been created to “gawk-3.1.8.spec”.

LoneWolf@LoneWolf:SPECS$ rpmdev-newspec less-418
Skeleton specfile (minimal) has been created to “less-418.spec”.

Then edit the spec files for your RPM(s); some helpful resources can be found here:
Internet Resources:
Rpm specs file syntax
Packaging software with RPM, Part 1

rpm-guide.pdf (chapters 8,9,10 )

Handy Terminal Commands:
List the metadata for an RPM:
rpm -qi packagename

List the shared object and program dependencies for an RPM:
rpm -qR packagename

After reading (hopefully all) of the material posted above and with your (hopefully error-free) “spec” file ready to go, it is time to make an RPM! Execute the command:
rpmbuild -ba SPECS/yourRPMname.spec
LoneWolf@LoneWolf:rpmbuild$ rpmbuild -ba SPECS/less-418.spec

Result:
error: File not found: /home/LoneWolf/rpmbuild/BUILDROOT/less-418-1.fc14.x86_64/usr/doc/less-418/LICENSE
It would seem that one of the %doc files under the %files section in the specfile needs some fine-tuning.

Debugging specfiles can be tedious! The program “rpmlint” is used to check three files generated from your build: name.spec, your SRPM and your RPM. The “rpmlint” command is executed by entering “rpmlint /path/to/file“. After fixing all the errors reported from running rpmlint, this was the result from building the “less” package:
LoneWolf@LoneWolf:SPECS$ rpmlint ../RPMS/x86_64/less-418-1.fc14.x86_64.rpm
less.x86_64: W: spurious-executable-perm /usr/share/doc/less-418/COPYING
less.x86_64: W: spurious-executable-perm /usr/share/doc/less-418/INSTALL
less.x86_64: W: spurious-executable-perm /usr/share/doc/less-418/LICENSE
1 packages and 0 specfiles checked; 0 errors, 3 warnings.

LoneWolf@LoneWolf:SPECS$ rpmlint ../SRPMS/less-418-1.fc14.src.rpm
1 packages and 0 specfiles checked; 0 errors, 0 warnings.

LoneWolf@LoneWolf:SPECS$ rpmlint less.spec
0 packages and 1 specfiles checked; 0 errors, 0 warnings.

I am unsure about the warnings generated by running rpmlint on my RPM package; defining the executables as “%doc files” or defining the executables as just “files” makes no difference in this error message. From what I can gather, defining executables in the %files section of a SPEC file is considered bad practice because this may introduce additional dependencies in the finished RPM.

My “.spec” file for the “less” package is shown below:

Name:           less
Version:        418
Release:        1%{?dist}
Summary:        This is the distribution of “less”, a page navigator similar to “more” or “pg”

Group:          Applications/Text
License:        GPLv3+
URL:            http://www.greenwoodsoftware.com/less/
Source0:        http://ftp.gnu.org/gnu/less/%{name}-%{version}.tar.gz
BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

%description
Less is a program similar to more.
Less allows backward  movement in the file as well as forward movement.

%prep
%setup -q

%build
%configure
make %{?_smp_mflags}

%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root,-)
# Same as /usr/bin
%{_bindir}/*
# Same as path to man pages
%{_mandir}/*/*
%doc LICENSE
%doc COPYING
%doc  INSTALL
%doc NEWS
%doc README

%changelog
*Sat Jan 23 2011 – ldsoura (at) learn.senecac.on.ca 418-1
-Verbose descriptions for changes in packages are put here.
-This keeps track of specific changes and bug fixes in new builds.
-Note the the date and the version must both be present in the first line of changelog.

This next topic is a continuation of testing to assure that the RPM you have built will install without errors. Next topic: Building a Fedora RPM with “mock”.

Posted in SBR600 | Leave a comment

Adventures in Compiling Open Source Software

I first downloaded the zipped files “less” and “wget” using links from the GNU software collection website. I started with building the package “less” using the following commands:

root@LoneWolf:MakeTest# dir
less-418  less-418.tar.gz  wget-latest.tar.gz

Untar the files from the zipped archive:
root@LoneWolf:MakeTest# tar -xvzf less-418.tar.gz

Change to the unzipped directory.
root@LoneWolf:MakeTest# cd less-418

Run the “configure” script:
root@LoneWolf:less-418# ./configure

Run the “make” command:
root@LoneWolf:less-418# make

See how long it took for the “make” command to execute:
root@LoneWolf:less-418# time make
make: Nothing to be done for `all’.

real    0m0.005s
user    0m0.004s
sys    0m0.001s

Test the command by executing the binary file:
root@LoneWolf:less-418# ./less README

The program compiled without errors or dependencies and the binary executed as expected.

I then tried to build the “wget” package, but it required the dependency “Libidn”.
Change back to the directory where the downloaded zipped archives reside:
root@LoneWolf:less-418# cd ../
root@LoneWolf:MakeTest# dir
less-418  less-418.tar.gz  wget-latest.tar.gz

Untar the “wget” archive:
root@LoneWolf:MakeTest# tar -xvzf wget-latest.tar.gz
root@LoneWolf:MakeTest# dir
less-418  less-418.tar.gz  wget-1.12  wget-latest.tar.gz

Change to the untarred directory:
root@LoneWolf:MakeTest# cd wget-1.12/

Run the configure script:
root@LoneWolf:wget-1.12# ./configure

I received the following error for a missing shared library file:
configure: WARNING: Libidn not found

I opted to pick another package, and downloaded the file “gawk”.
root@LoneWolf:wget-1.12# cd ../
root@LoneWolf:MakeTest# wget http://ftp.gnu.org/gnu/gawk/gawk-3.1.8.tar.gz
–2011-01-13 13:05:36–  http://ftp.gnu.org/gnu/gawk/gawk-3.1.8.tar.gz
Resolving ftp.gnu.org… 140.186.70.20
Connecting to ftp.gnu.org|140.186.70.20|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 2627635 (2.5M) [application/x-gzip]
Saving to: “gawk-3.1.8.tar.gz.1”

100%[======================================>] 2,627,635   1.59M/s   in 1.6s

2011-01-13 13:05:37 (1.59 MB/s) – “gawk-3.1.8.tar.gz.1” saved [2627635/2627635]

I untarred the archive:
root@LoneWolf:MakeTest# tar -xvzf gawk-3.1.8.tar.gz.1

Changed to the untarred directory:
root@LoneWolf:MakeTest# cd gawk-3.1.8

Ran the “configure” script:
root@LoneWolf:gawk-3.1.8# ./configure

This time I was successful in having no errors or dependencies, so I ran the “make” command.
root@LoneWolf:gawk-3.1.8# make

Checked to see how much time it took to run “make”:
root@LoneWolf:gawk-3.1.8# time make
real    0m0.107s
user    0m0.051s
sys    0m0.046s

I then tested the command by running the binary:
root@LoneWolf:gawk-3.1.8# ./gawk ‘END{print NR}’ README
114

It showed that there are 114 lines in gawk’s “README” file.

Manually configuring programs from tarballs is a time consuming process, but is sometimes necessary in situations where there is no other alternative, such as having a ready-made package that a package manager can install for you. Resolving dependencies can be a real challenge if there are many extra files that are required by the software that you are trying to compile. Compiling from source code is not for the impatient!
The next step is to create RPM files  from the two zipped archives for “list” and “gawk”. This procedure is outlined in my RPM-Writing Lab blog post.

Posted in SBR600 | Leave a comment