制作OpenSSH 9.6 for openEuler 22.03 LTS的rpm升级包
OpenSSH作为操作系统底层管理平台软件,需要保持更新以免遭受安全攻击,编译生成rpm包是生产环境中批量升级的最佳途径。本文在国产openEuler 22.03 LTS系统上完成OpenSSH 9.6的编译工作。
一、编译环境
1、准备环境
基于vmware workstation发布的x86虚拟机,最小化安装了openEuler 22.03 LTS,版本信息如下:
[root@localhost ~]# cat /etc/os-release
NAME="openEuler"
VERSION="22.03 LTS"
ID="openEuler"
VERSION_ID="22.03"
PRETTY_NAME="openEuler 22.03 LTS"
ANSI_COLOR="0;31"[root@localhost ~]# rpm -qa|grep openssh
openssh-8.8p1-2.oe2203.x86_64
openssh-server-8.8p1-2.oe2203.x86_64
openssh-clients-8.8p1-2.oe2203.x86_64
[root@localhost ~]# ssh -V
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
[root@localhost ~]# sshd -V
unknown option -- V
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file][-E log_file] [-f config_file] [-g login_grace_time][-h host_key_file] [-o option] [-p port] [-u len]
[root@localhost SPECS]# openssl
OpenSSL> version
OpenSSL 1.1.1m 14 Dec 2021
OpenSSL> exit2、修改系统源为阿里源
[root@localhost ~]# cp /etc/yum.repos.d/openEuler.repo{,.bak}
[root@localhost ~]# sed -i "s/repo.openeuler.org/mirrors.aliyun.com\/openeuler/g" /etc/yum.repos.d/openEuler.repo
[root@localhost ~]# cat /etc/yum.repos.d/openEuler.repo
#generic-repos is licensed under the Mulan PSL v2.
#You can use this software according to the terms and conditions of the Mulan PSL v2.
#You may obtain a copy of Mulan PSL v2 at:
# http://license.coscl.org.cn/MulanPSL2
#THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
#IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
#PURPOSE.
#See the Mulan PSL v2 for more details.[OS]
name=OS
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler[everything]
name=everything
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/everything/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/everything/$basearch/RPM-GPG-KEY-openEuler[EPOL]
name=EPOL
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/EPOL/main/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler[debuginfo]
name=debuginfo
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/debuginfo/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/debuginfo/$basearch/RPM-GPG-KEY-openEuler[source]
name=source
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/source/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/source/RPM-GPG-KEY-openEuler[update]
name=update
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/update/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler
[root@localhost ~]# yum install tree -y3、准备编译所需目录
[root@localhost ~]# cd ~
[root@localhost ~]# mkdir -p rpmbuild/{SOURCES,SPECS}
[root@localhost ~]# tree
.
├── anaconda-ks.cfg
└── rpmbuild├── SOURCES└── SPECS3 directories, 1 file4、准备源码包
4.1、源包版本
官网地址 当前版本
- SHA1 (openssh-9.6.tar.gz) = a6d4cb69811e879e2f158c2e597fd9f444b26506- SHA256 (openssh-9.6.tar.gz) = nejPUhSnG1R1sOmIBi/t+HMNvsRqfN/DJgjwIU2tvqg=- SHA1 (openssh-9.6p1.tar.gz) = de300d09ec79fdbf37de4e6672cce4161439f2c3- SHA256 (openssh-9.6p1.tar.gz) = kQIRwHJVqMWtZUORtA7lmABxDdgRndU2LeCThap6d3w=
附加程序:
x11-ssh-askpass-1.2.4.1
openssl-1.1.1v
4.2、下载实作
[root@localhost ~]# cd rpmbuild/SOURCES/
[root@localhost SOURCES]# wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz --no-check-certificat
--2023-06-05 15:51:44-- https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz
正在解析主机 cdn.openbsd.org (cdn.openbsd.org)... 146.75.115.52, 2a04:4e42:f::820
正在连接 cdn.openbsd.org (cdn.openbsd.org)|146.75.115.52|:443... 已连接。
警告: “cdn.openbsd.org” 的证书不可信。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:1857862 (1.8M) [application/octet-stream]
正在保存至: “openssh-9.6p1.tar.gz”openssh-9.6p1.tar.gz 100%[=========================================================================>] 1.77M 1.28MB/s 用时 1.4s 2023-06-05 15:51:47 (1.28 MB/s) - 已保存 “openssh-9.6p1.tar.gz” [1857862/1857862])[root@localhost SOURCES]# wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz --no-check-certificat
--2023-06-05 15:52:32-- https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz
正在解析主机 src.fedoraproject.org (src.fedoraproject.org)... 38.145.60.20, 38.145.60.21
正在连接 src.fedoraproject.org (src.fedoraproject.org)|38.145.60.20|:443... 已连接。
警告: “src.fedoraproject.org” 的证书不可信。
警告: “src.fedoraproject.org” 的证书还未生效。
证书还未激活
已发出 HTTP 请求,正在等待回应... 200 OK
长度:29229 (29K) [application/x-gzip]
正在保存至: “x11-ssh-askpass-1.2.4.1.tar.gz”x11-ssh-askpass-1.2.4.1.tar.gz 100%[=========================================================================>] 28.54K 106KB/s 用时 0.3s 2023-06-05 15:52:33 (106 KB/s) - 已保存 “x11-ssh-askpass-1.2.4.1.tar.gz” [29229/29229])[root@localhost SOURCES]# wget https://www.openssl.org/source/openssl-1.1.1v.tar.gz --no-check-certificate
--2023-06-05 15:52:54-- https://www.openssl.org/source/openssl-1.1.1v.tar.gz
正在解析主机 www.openssl.org (www.openssl.org)... 34.36.58.177, 2600:1901:0:1812::
正在连接 www.openssl.org (www.openssl.org)|34.36.58.177|:443... 已连接。
警告: “www.openssl.org” 的证书不可信。
警告: “www.openssl.org” 的证书还未生效。
证书还未激活
已发出 HTTP 请求,正在等待回应... 200 OK
长度:9893443 (9.4M) [application/x-tar]
正在保存至: “openssl-1.1.1v.tar.gz”openssl-1.1.1v.tar.gz 100%[=========================================================================>] 9.43M 930KB/s 用时 10s 2023-06-05 15:53:05 (963 KB/s) - 已保存 “openssl-1.1.1v.tar.gz” [9893443/9893443])[root@localhost SOURCES]# vi sshd.pam.oe2203
[root@localhost SOURCES]# cat sshd.pam.oe2203
#%PAM-1.0
auth substack password-auth
auth include postlogin
account required pam_sepermit.so
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session optional pam_motd.so
session include password-auth
session include postlogin
[root@localhost SOURCES]# ll
总用量 12M
-rw-r--r--. 1 root root 1.8M 12月 18 2023 openssh-9.6p1.tar.gz
-rw-r--r--. 1 root root 727 6月 5 15:54 sshd.pam.oe2203
-rw-r--r--. 1 root root 29K 6月 26 2004 x11-ssh-askpass-1.2.4.1.tar.gz
-rw-r--r--. 1 root root 9.5M 1月 22 2024 openssl-1.1.1v.tar.gz5、安装编译所需软件包
[root@localhost SOURCES]# cd ../SPECS
[root@localhost SPECS]# yum install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel -y
Last metadata expiration check: 0:20:36 ago on 2023年06月05日 星期一 15时36分30秒.
Package gcc-10.3.1-10.oe2203.x86_64 is already installed.
Package perl-devel-4:5.34.0-3.oe2203.x86_64 is already installed.
Dependencies resolved.
=========================================================================================================================================================Package Architecture Version Repository Size
=========================================================================================================================================================
Installing:openssl-devel x86_64 1:1.1.1m-24.oe2203 update 1.8 Mpam-devel x86_64 1.5.2-7.oe2203 update 23 krpm-build x86_64 4.17.0-32.oe2203 update 69 kzlib-devel x86_64 1.2.11-24.oe2203 update 90 k
Upgrading:cpp x86_64 10.3.1-19.oe2203 update 9.0 Mgcc x86_64 10.3.1-19.oe2203 update 29 Mlibgcc x86_64 10.3.1-19.oe2203 update 74 klibgomp x86_64 10.3.1-19.oe2203 update 229 kopenssl x86_64 1:1.1.1m-24.oe2203 update 445 kopenssl-libs x86_64 1:1.1.1m-24.oe2203 update 1.4 Mpam x86_64 1.5.2-7.oe2203 update 439 kperl x86_64 4:5.34.0-12.oe2203 update 3.2 Mperl-devel x86_64 4:5.34.0-12.oe2203 update 2.1 Mperl-libs x86_64 4:5.34.0-12.oe2203 update 1.7 Mpython3-rpm x86_64 4.17.0-32.oe2203 update 79 krpm x86_64 4.17.0-32.oe2203 update 492 krpm-libs x86_64 4.17.0-32.oe2203 update 366 kzlib x86_64 1.2.11-24.oe2203 update 88 k
Installing dependencies:babeltrace x86_64 1.5.8-2.oe2203 OS 205 kdebugedit x86_64 5.0-2.oe2203 OS 74 kdwz x86_64 0.14-3.oe2203 OS 119 ke2fsprogs-devel x86_64 1.46.4-7.oe2203 OS 287 kgdb-headless x86_64 11.1-7.oe2203 update 3.5 Mgmp-c++ x86_64 1:6.2.1-1.oe2203 OS 17 kgmp-devel x86_64 1:6.2.1-1.oe2203 OS 449 kisl x86_64 0.16.1-12.oe2203 update 799 kisl-devel x86_64 0.16.1-12.oe2203 update 518 kkeyutils-libs-devel x86_64 1.6.3-3.oe2203 OS 12 kkrb5-devel x86_64 1.19.2-2.oe2203 OS 164 klibipt x86_64 2.0.4-1.oe2203 OS 51 klibselinux-devel x86_64 3.3-1.oe2203 OS 102 klibsepol-devel x86_64 3.3-2.oe2203 OS 362 klibverto-devel x86_64 0.3.2-1.oe2203 OS 17 kpatch x86_64 2.7.6-12.oe2203 OS 123 kpcre2-devel x86_64 10.39-1.oe2203 OS 501 kTransaction Summary
=========================================================================================================================================================
Install 21 Packages
Upgrade 14 PackagesTotal download size: 57 M
Downloading Packages:
...
Upgraded:cpp-10.3.1-19.oe2203.x86_64 gcc-10.3.1-19.oe2203.x86_64 libgcc-10.3.1-19.oe2203.x86_64 libgomp-10.3.1-19.oe2203.x86_64 openssl-1:1.1.1m-24.oe2203.x86_64 openssl-libs-1:1.1.1m-24.oe2203.x86_64 pam-1.5.2-7.oe2203.x86_64 perl-4:5.34.0-12.oe2203.x86_64 perl-devel-4:5.34.0-12.oe2203.x86_64 perl-libs-4:5.34.0-12.oe2203.x86_64 python3-rpm-4.17.0-32.oe2203.x86_64 rpm-4.17.0-32.oe2203.x86_64 rpm-libs-4.17.0-32.oe2203.x86_64 zlib-1.2.11-24.oe2203.x86_64
Installed:babeltrace-1.5.8-2.oe2203.x86_64 debugedit-5.0-2.oe2203.x86_64 dwz-0.14-3.oe2203.x86_64 e2fsprogs-devel-1.46.4-7.oe2203.x86_64 gdb-headless-11.1-7.oe2203.x86_64 gmp-c++-1:6.2.1-1.oe2203.x86_64 gmp-devel-1:6.2.1-1.oe2203.x86_64 isl-0.16.1-12.oe2203.x86_64 isl-devel-0.16.1-12.oe2203.x86_64 keyutils-libs-devel-1.6.3-3.oe2203.x86_64 krb5-devel-1.19.2-2.oe2203.x86_64 libipt-2.0.4-1.oe2203.x86_64 libselinux-devel-3.3-1.oe2203.x86_64 libsepol-devel-3.3-2.oe2203.x86_64 libverto-devel-0.3.2-1.oe2203.x86_64 openssl-devel-1:1.1.1m-24.oe2203.x86_64 pam-devel-1.5.2-7.oe2203.x86_64 patch-2.7.6-12.oe2203.x86_64 pcre2-devel-10.39-1.oe2203.x86_64 rpm-build-4.17.0-32.oe2203.x86_64 zlib-devel-1.2.11-24.oe2203.x86_64 Complete!
[root@localhost SPECS]#6、 编写spec文件
[root@localhost SPECS]# vi /root/rpmbuild/SPECS/openssh.spec
[root@localhost SPECS]# cat openssh.spec
%{?!opensslver: %global opensslver 1.1.1v}
%{?!opensshver: %global opensshver 9.6p1}
%define static_openssl 1# wheather to build openssl
%global no_build_openssl 0#if defined openssl_dir, don't build it
%{?openssl_dir:%global no_build_openssl 1}%global ver %{?opensshver}
%global rel %{?opensshpkgrel}%{?dist}oe2203# OpenSSH privilege separation requires a user & group ID
%global sshd_uid 74
%global sshd_gid 74# Version of ssh-askpass
%global aversion 1.2.4.1# Do we want to disable building of x11-askpass? (1=yes 0=no)
%global no_x11_askpass 1# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%global no_gnome_askpass 1# Do we want to link against a static libcrypto? (1=yes 0=no)
%global static_libcrypto 0# Do we want smartcard support (1=yes 0=no)
%global scard 0# Use GTK2 instead of GNOME in gnome-ssh-askpass
%global gtk2 1# Use build6x options for older RHEL builds
# RHEL 7 not yet supported
%if 0%{?rhel} > 6
%global build6x 0
%else
%global build6x 0
%endif# Do we want kerberos5 support (1=yes 0=no)
%global kerberos5 1# Reserve options to override askpass settings with:
# rpm -ba|--rebuild --define 'skip_xxx 1'
%{?skip_x11_askpass:%global no_x11_askpass 1}
%{?skip_gnome_askpass:%global no_gnome_askpass 1}# Add option to build without GTK2 for older platforms with only GTK+.
# RedHat <= 7.2 and Red Hat Advanced Server 2.1 are examples.
# rpm -ba|--rebuild --define 'no_gtk2 1'
%{?no_gtk2:%global gtk2 0}# Is this a build for RHL 6.x or earlier?
%{?build_6x:%global build6x 1}# If this is RHL 6.x, the default configuration has sysconfdir in /usr/etc.
%if %{build6x}
%global _sysconfdir /etc
%endif# Options for static OpenSSL link:
# rpm -ba|--rebuild --define "static_openssl 1"
%{?static_openssl:%global static_libcrypto 1}# Options for Smartcard support: (needs libsectok and openssl-engine)
# rpm -ba|--rebuild --define "smartcard 1"
%{?smartcard:%global scard 1}# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
%global rescue 0
%{?build_rescue:%global rescue 1}# Turn off some stuff for resuce builds
%if %{rescue}
%global kerberos5 0
%endifSummary: The OpenSSH implementation of SSH protocol version 2.
Name: openssh
Version: %{ver}
%if %{rescue}
Release: %{rel}rescue
%else
Release: %{rel}
%endif
URL: https://www.openssh.com/portable.html
Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
Source2: sshd.pam.oe2203
%if ! %{no_build_openssl}
Source3: https://www.openssl.org/source/openssl-%{opensslver}.tar.gz
%endif
License: BSD
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
Obsoletes: ssh
%if %{build6x}
PreReq: initscripts >= 5.00
%else
Requires: initscripts >= 5.20
%endif
BuildRequires: perl
BuildRequires: /bin/login
%if ! %{build6x}
BuildRequires: glibc-devel, pam
%else
BuildRequires: /usr/include/security/pam_appl.h
%endif
%if ! %{no_x11_askpass}
BuildRequires: /usr/include/X11/Xlib.h
# Xt development tools
BuildRequires: libXt-devel
# Provides xmkmf
BuildRequires: imake
# Rely on relatively recent gtk
%if %{gtk2}
BuildRequires: gtk2-devel
%endif
%endif
%if ! %{no_gnome_askpass}
BuildRequires: pkgconfig
%endif
%if %{kerberos5}
BuildRequires: krb5-devel
BuildRequires: krb5-libs
%endif%package clients
Summary: OpenSSH clients.
Requires: openssh = %{version}-%{release}
Group: Applications/Internet
Obsoletes: ssh-clients%package server
Summary: The OpenSSH server daemon.
Group: System Environment/Daemons
Obsoletes: ssh-server
Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
%if ! %{build6x}
Requires: /etc/pam.d/system-auth
%endif%package askpass
Summary: A passphrase dialog for OpenSSH and X.
Group: Applications/Internet
Requires: openssh = %{version}-%{release}
Obsoletes: ssh-extras%package askpass-gnome
Summary: A passphrase dialog for OpenSSH, X, and GNOME.
Group: Applications/Internet
Requires: openssh = %{version}-%{release}
Obsoletes: ssh-extras%description
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features, as well as removing
all patented algorithms to separate libraries.
This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
%description clients
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.
You'll also need to install the openssh package on OpenSSH clients.%description server
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
the secure shell daemon (sshd). The sshd daemon allows SSH clients to
securely connect to your SSH server. You also need to have the openssh
package installed.%description askpass
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
an X11 passphrase dialog for OpenSSH.%description askpass-gnome
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
an X11 passphrase dialog for OpenSSH and the GNOME GUI desktop
environment.%prep%if ! %{no_x11_askpass}
%setup -q -a 1
%else
%setup -q
%endif%if ! %{no_build_openssl}
%define openssl_dir %{_builddir}/%{name}-%{version}/openssl
mkdir -p openssl
tar xfz %{SOURCE3} --strip-components=1 -C openssl
pushd openssl
./config shared zlib -fPIC
make %{?_smp_mflags}
popd
%endif%build
%if %{rescue}
CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
%endifexport LD_LIBRARY_PATH="%{openssl_dir}"
%configure \--sysconfdir=%{_sysconfdir}/ssh \--libexecdir=%{_libexecdir}/openssh \--datadir=%{_datadir}/openssh \--with-default-path=/usr/local/bin:/bin:/usr/bin \--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \--with-privsep-path=%{_var}/empty/sshd \--with-md5-passwords \--mandir=%{_mandir} \--with-mantype=man \--disable-strip \--with-ssl-dir="%{openssl_dir}" \
%if %{scard}--with-smartcard \
%endif
%if %{rescue}--without-pam \
%else--with-pam \
%endif
%if %{kerberos5}--with-kerberos5=$K5DIR \
%endif%if %{static_libcrypto}
#perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
perl -pi -e "s|-lcrypto|%{openssl_dir}/libcrypto.a -lpthread|g" Makefile
%endifmake %{?_smp_mflags}%if ! %{no_x11_askpass}
pushd x11-ssh-askpass-%{aversion}
%configure --libexecdir=%{_libexecdir}/openssh
xmkmf -a
make -j
popd
%endif# Define a variable to toggle gnome1/gtk2 building. This is necessary
# because RPM doesn't handle nested %if statements.
%if %{gtk2}gtk2=yes
%elsegtk2=no
%endif%if ! %{no_gnome_askpass}
pushd contrib
if [ $gtk2 = yes ] ; thenmake gnome-ssh-askpass2mv gnome-ssh-askpass2 gnome-ssh-askpass
elsemake gnome-ssh-askpass1mv gnome-ssh-askpass1 gnome-ssh-askpass
fi
popd
%endif%install
rm -rf $RPM_BUILD_ROOT
mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshdmake install DESTDIR=$RPM_BUILD_ROOT
echo -e 'PubkeyAcceptedAlgorithms +ssh-rsa\nUsePAM yes\nPermitRootLogin yes\nUseDNS no' >> $RPM_BUILD_ROOT/etc/ssh/sshd_config
install -d $RPM_BUILD_ROOT/etc/pam.d/
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin/ssh-copy-id
install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd%if ! %{no_x11_askpass}
install x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass
ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
%endif%if ! %{no_gnome_askpass}
install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
%endif%if ! %{scard}rm -f $RPM_BUILD_ROOT/usr/share/openssh/Ssh.bin
%endif%if ! %{no_gnome_askpass}
install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
%endifperl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*%clean
rm -rf $RPM_BUILD_ROOT%triggerun server -- ssh-server
if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; thentouch /var/run/sshd.restart
fi%triggerun server -- openssh-server < 2.5.0p1
# Count the number of HostKey and HostDsaKey statements we have.
gawk 'BEGIN {IGNORECASE=1}/^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1}END {exit sawhostkey}' /etc/ssh/sshd_config
# And if we only found one, we know the client was relying on the old default
# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't
# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying
# one nullifies the default, which would have loaded both.
if [ $? -eq 1 ] ; thenecho HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_configecho HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config
fi%triggerpostun server -- ssh-server
if [ "$1" != 0 ] ; then/sbin/chkconfig --add sshdif test -f /var/run/sshd.restart ; thenrm -f /var/run/sshd.restart/sbin/service sshd start > /dev/null 2>&1 || :fi
fi%pre server
%{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || :
%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \-g sshd -M -r sshd 2>/dev/null || :%post server
/sbin/chkconfig --add sshd%postun server
/sbin/service sshd condrestart > /dev/null 2>&1 || :%preun server
if [ "$1" = 0 ]
then/sbin/service sshd stop > /dev/null 2>&1 || :/sbin/chkconfig --del sshd
fi%files
%defattr(-,root,root)
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO
%attr(0755,root,root) %{_bindir}/scp
%attr(0644,root,root) %{_mandir}/man1/scp.1*
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
%if ! %{rescue}
%attr(0755,root,root) %{_bindir}/ssh-keygen
%attr(0755,root,root) %{_bindir}/ssh-copy-id
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
%attr(0755,root,root) %dir %{_libexecdir}/openssh
%attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-pkcs11-helper
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-sk-helper
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
%attr(0644,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
%attr(0644,root,root) %{_mandir}/man8/ssh-sk-helper.8*
%endif
%if %{scard}
%attr(0755,root,root) %dir %{_datadir}/openssh
%attr(0644,root,root) %{_datadir}/openssh/Ssh.bin
%endif%files clients
%defattr(-,root,root)
%attr(0755,root,root) %{_bindir}/ssh
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
%attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
%if ! %{rescue}
%attr(2755,root,nobody) %{_bindir}/ssh-agent
%attr(0755,root,root) %{_bindir}/ssh-add
%attr(0755,root,root) %{_bindir}/ssh-keyscan
%attr(0755,root,root) %{_bindir}/sftp
%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
%attr(0644,root,root) %{_mandir}/man1/sftp.1*
%endif%if ! %{rescue}
%files server
%defattr(-,root,root)
%dir %attr(0111,root,root) %{_var}/empty/sshd
%attr(0755,root,root) %{_sbindir}/sshd
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
%attr(0644,root,root) %{_mandir}/man8/sshd.8*
%attr(0644,root,root) %{_mandir}/man5/moduli.5*
%attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
%endif%if ! %{no_x11_askpass}
%files askpass
%defattr(-,root,root)
%doc x11-ssh-askpass-%{aversion}/README
%doc x11-ssh-askpass-%{aversion}/ChangeLog
%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
%{_libexecdir}/openssh/ssh-askpass
%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
%endif%if ! %{no_gnome_askpass}
%files askpass-gnome
%defattr(-,root,root)
%attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
%endif7、查看当前文件情况
[root@localhost SPECS]# cd /root/rpmbuild && tree
.
├── SOURCES
│ ├── openssh-9.6p1.tar.gz
│ ├── openssl-1.1.1v.tar.gz
│ ├── sshd.pam.oe2203
│ └── x11-ssh-askpass-1.2.4.1.tar.gz
└── SPECS└── openssh.spec2 directories, 5 files二、编译rpm
1、编译
[root@localhost SPECS]# rpmbuild -bb openssh.spec
...
**************************************************
*** ***
*** Please run the same make command again ***
*** ***
**************************************************
make: *** [Makefile:688: configdata.pm] Error 1
错误:/var/tmp/rpm-tmp.nswfUe (%prep) 退出状态不好
...2、提示报错
提示报错 "make: *** [Makefile:688: configdata.pm] Error 1",系因时间不正确所致,修正时间:
[root@localhost SPECS]# date
2023年 06月 05日 星期一 15:02:45 CST
[root@localhost SPECS]# ntpdate -u ntp1.aliyun.com
29 Jan 17:02:23 ntpdate[10034]: step time server 120.25.115.20 offset +20570147.938882 sec
[root@localhost SPECS]# date
2024年 01月 29日 星期一 17:03:09 CST3、再次编译
[root@localhost SPECS]# rpmbuild -bb openssh.spec
警告:行 100:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh
警告:行 136:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-clients
警告:行 141:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-server
警告:行 151:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-extras
警告:行 157:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-extras
正在执行(%prep):/bin/sh -e /var/tmp/rpm-tmp.4HNFWt
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf openssh-9.6p1
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/openssh-9.6p1.tar.gz
+ /usr/bin/tar -xof -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd openssh-9.6p1
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ mkdir -p openssl
+ tar xfz /root/rpmbuild/SOURCES/openssl-1.1.1v.tar.gz --strip-components=1 -C openssl
+ pushd openssl
~/rpmbuild/BUILD/openssh-9.6p1/openssl ~/rpmbuild/BUILD/openssh-9.6p1
+ ./config shared zlib -fPIC
Operating system: x86_64-whatever-linux2
Configuring OpenSSL version 1.1.1v (0x1010116fL) for linux-x86_64
Using os-specific seed configuration
Creating configdata.pm
Creating Makefile**********************************************************************
*** ***
*** OpenSSL has been successfully configured ***
*** ***
*** If you encounter a problem while building, please open an ***
*** issue on GitHub <https://github.com/openssl/openssl/issues> ***
*** and include the output from the following command: ***
*** ***
*** perl configdata.pm --dump ***
*** ***
*** (If you are new to OpenSSL, you might want to consult the ***
*** 'Troubleshooting' section in the INSTALL file first) ***
*** ***
**********************************************************************
+ make -j2
/usr/bin/perl "-I." -Mconfigdata "util/dofile.pl" \"-oMakefile" include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "util/dofile.pl" \"-oMakefile" include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
...
处理文件:openssh-server-9.6p1-oe2203.x86_64
Provides: config(openssh-server) = 9.6p1-oe2203 openssh-server = 9.6p1-oe2203 openssh-server(x86-64) = 9.6p1-oe2203
Requires(interp): /bin/sh /bin/sh /bin/sh /bin/sh /bin/sh
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires(pre): /bin/sh
Requires(post): /bin/sh
Requires(preun): /bin/sh
Requires(postun): /bin/sh
Requires: /bin/bash libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.16)(64bit) libc.so.6(GLIBC_2.17)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.25)(64bit) libc.so.6(GLIBC_2.26)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.3.2)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.33)(64bit) libc.so.6(GLIBC_2.34)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.6)(64bit) libc.so.6(GLIBC_2.7)(64bit) libc.so.6(GLIBC_2.8)(64bit) libcom_err.so.2()(64bit) libcrypt.so.1()(64bit) libcrypt.so.1(XCRYPT_2.0)(64bit) libgssapi_krb5.so.2()(64bit) libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit) libk5crypto.so.3()(64bit) libkrb5.so.3()(64bit) libkrb5.so.3(krb5_3_MIT)(64bit) libpam.so.0()(64bit) libpam.so.0(LIBPAM_1.0)(64bit) libz.so.1()(64bit) rtld(GNU_HASH)
Obsoletes: ssh-server
处理文件:openssh-debuginfo-9.6p1-oe2203.x86_64
Provides: openssh-debuginfo = 9.6p1-oe2203 openssh-debuginfo(x86-64) = 9.6p1-oe2203
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.6p1-oe2203
处理文件:openssh-debugsource-9.6p1-oe2203.x86_64
Provides: openssh-debugsource = 9.6p1-oe2203 openssh-debugsource(x86-64) = 9.6p1-oe2203
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
检查未打包文件:/usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openssh-9.6p1-oe2203.x86_64
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-server-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debugsource-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-clients-9.6p1-oe2203.x86_64.rpm
正在执行(%clean):/bin/sh -e /var/tmp/rpm-tmp.2ymafB
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.6p1
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-9.6p1-oe2203.x86_64
+ RPM_EC=0
++ jobs -p
+ exit 0
[root@localhost SPECS]# 4、保存最终文件
[root@localhost SPECS]# cd /opt
[root@localhost opt]# mkdir openssh-9.6p1-oe2203
[root@localhost opt]# cd openssh-9.6p1-oe2203/
[root@localhost openssh-9.6p1-oe2203]# cp /root/rpmbuild/RPMS/x86_64/*.rpm .
[root@localhost openssh-9.6p1-oe2203]# ll
总用量 16M
-rw-r--r--. 1 root root 4.7M 1月 29 17:25 openssh-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 4.9M 1月 29 17:25 openssh-clients-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 4.0M 1月 29 17:25 openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 786K 1月 29 17:25 openssh-debugsource-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 1.5M 1月 29 17:25 openssh-server-9.6p1-oe2203.x86_64.rpm三、升级测试
1、更新程序
[root@localhost openssh-9.6p1-oe2203]# yum update *
OS 14 kB/s | 3.8 kB 00:00
everything 13 kB/s | 3.8 kB 00:00
EPOL 11 kB/s | 3.0 kB 00:00
debuginfo 27 kB/s | 3.8 kB 00:00
source 20 kB/s | 3.8 kB 00:00
update 8.5 kB/s | 3.5 kB 00:00
Package openssh-debuginfo not installed, cannot update it.
No match for argument: openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
Package openssh-debugsource not installed, cannot update it.
No match for argument: openssh-debugsource-9.6p1-oe2203.x86_64.rpm
Dependencies resolved.
=========================================================================================================================================================Package Architecture Version Repository Size
=========================================================================================================================================================
Upgrading:openssh x86_64 9.6p1-oe2203 @commandline 4.7 Mopenssh-clients x86_64 9.6p1-oe2203 @commandline 4.8 Mopenssh-server x86_64 9.6p1-oe2203 @commandline 1.5 MTransaction Summary
=========================================================================================================================================================
Upgrade 3 PackagesTotal size: 11 M
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Running scriptlet: openssh-9.6p1-oe2203.x86_64 1/1 Upgrading : openssh-9.6p1-oe2203.x86_64 1/6 Upgrading : openssh-clients-9.6p1-oe2203.x86_64 2/6 Running scriptlet: openssh-server-9.6p1-oe2203.x86_64 3/6 Upgrading : openssh-server-9.6p1-oe2203.x86_64 3/6
警告:/etc/ssh/sshd_config 已建立为 /etc/ssh/sshd_config.rpmnew Running scriptlet: openssh-server-9.6p1-oe2203.x86_64 3/6 Cleanup : openssh-clients-8.8p1-2.oe2203.x86_64 4/6 Cleanup : openssh-8.8p1-2.oe2203.x86_64 5/6 Running scriptlet: openssh-server-8.8p1-2.oe2203.x86_64 6/6 Cleanup : openssh-server-8.8p1-2.oe2203.x86_64 6/6 Running scriptlet: openssh-server-8.8p1-2.oe2203.x86_64 6/6 Verifying : openssh-9.6p1-oe2203.x86_64 1/6 Verifying : openssh-8.8p1-2.oe2203.x86_64 2/6 Verifying : openssh-clients-9.6p1-oe2203.x86_64 3/6 Verifying : openssh-clients-8.8p1-2.oe2203.x86_64 4/6 Verifying : openssh-server-9.6p1-oe2203.x86_64 5/6 Verifying : openssh-server-8.8p1-2.oe2203.x86_64 6/6 Upgraded:openssh-9.6p1-oe2203.x86_64 openssh-clients-9.6p1-oe2203.x86_64 openssh-server-9.6p1-oe2203.x86_64 Complete!2、更新配置文件
[root@localhost openssh-9.6p1-oe2203]# ll /etc/ssh/sshd_config*
-rw-------. 1 root root 4.8K 5月 5 2023 /etc/ssh/sshd_config
-rw-------. 1 root root 3.2K 1月 29 17:08 /etc/ssh/sshd_config.rpmnew
[root@localhost openssh-9.6p1-oe2203]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.v8.8p1.bak
[root@localhost openssh-9.6p1-oe2203]# cp /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config
cp:是否覆盖'/etc/ssh/sshd_config'? y
[root@localhost openssh-9.6p1-oe2203]# ll /etc/ssh/sshd_config*
-rw-------. 1 root root 3.2K 1月 29 17:28 /etc/ssh/sshd_config
-rw-------. 1 root root 3.2K 1月 29 17:08 /etc/ssh/sshd_config.rpmnew
-rw-------. 1 root root 4.8K 1月 29 17:28 /etc/ssh/sshd_config.v8.8p1.bak3、重启服务测试
[root@localhost openssh-9.6p1-oe2203]# systemctl restart sshd
[root@localhost openssh-9.6p1-oe2203]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemonLoaded: loaded (/etc/rc.d/init.d/sshd; generated)Active: active (running) since Mon 2024-01-29 17:29:49 CST; 1s agoDocs: man:systemd-sysv-generator(8)Process: 32037 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)Main PID: 32046 (sshd)Tasks: 11 (limit: 4172)Memory: 195.9MCGroup: /system.slice/sshd.service├─ 1500 "sshd: AAAA [priv]" "" "" ""├─ 1504 "sshd: AAAA@notty" "" "" "" ""├─ 1505 /usr/libexec/openssh/sftp-server -l INFO -f AUTH├─ 1794 "sshd: AAAA [priv]" "" "" ""├─ 1824 "sshd: AAAA@pts/0" "" "" "" ""├─ 1825 -bash├─ 1884 su -├─ 1885 -bash├─32046 "sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups"├─32048 systemctl status sshd└─32049 less1月 29 17:29:49 localhost.localdomain systemd[1]: Starting SYSV: OpenSSH server daemon...
1月 29 17:29:49 localhost.localdomain sshd[32043]: /sbin/restorecon: lstat(/etc/ssh/ssh_host_dsa_key.pub) failed: No such file or directory
1月 29 17:29:49 localhost.localdomain sshd[32046]: Server listening on 0.0.0.0 port 22.
1月 29 17:29:49 localhost.localdomain sshd[32046]: Server listening on :: port 22.
1月 29 17:29:49 localhost.localdomain sshd[32037]: Starting sshd:[ 确定 ]
1月 29 17:29:49 localhost.localdomain systemd[1]: Started SYSV: OpenSSH server daemon.4、提示信息消除
服务正常,有一异常提示“/sbin/restorecon: lstat(/etc/ssh/ssh_host_dsa_key.pub) failed: No such file or directory”,消除该提示
[root@localhost openssh-9.6p1-oe2203]# touch /etc/ssh/ssh_host_dsa_key.pub
[root@localhost openssh-9.6p1-oe2203]# systemctl restart sshd
[root@localhost openssh-9.6p1-oe2203]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemonLoaded: loaded (/etc/rc.d/init.d/sshd; generated)Active: active (running) since Mon 2024-01-29 17:31:28 CST; 1s agoDocs: man:systemd-sysv-generator(8)Process: 32303 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)Main PID: 32312 (sshd)Tasks: 11 (limit: 4172)Memory: 195.9MCGroup: /system.slice/sshd.service├─ 1500 "sshd: AAAA [priv]" "" "" ""├─ 1504 "sshd: AAAA@notty" "" "" "" ""├─ 1505 /usr/libexec/openssh/sftp-server -l INFO -f AUTH├─ 1794 "sshd: AAAA [priv]" "" "" ""├─ 1824 "sshd: AAAA@pts/0" "" "" "" ""├─ 1825 -bash├─ 1884 su -├─ 1885 -bash├─32312 "sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups"├─32340 systemctl status sshd└─32341 less1月 29 17:31:28 localhost.localdomain systemd[1]: Starting SYSV: OpenSSH server daemon...
1月 29 17:31:28 localhost.localdomain sshd[32312]: Server listening on 0.0.0.0 port 22.
1月 29 17:31:28 localhost.localdomain sshd[32312]: Server listening on :: port 22.
1月 29 17:31:28 localhost.localdomain sshd[32303]: Starting sshd:[ 确定 ]
1月 29 17:31:28 localhost.localdomain systemd[1]: Started SYSV: OpenSSH server daemon.5、远程发起重新连接,验证登录正常。
相关文章:
制作OpenSSH 9.6 for openEuler 22.03 LTS的rpm升级包
OpenSSH作为操作系统底层管理平台软件,需要保持更新以免遭受安全攻击,编译生成rpm包是生产环境中批量升级的最佳途径。本文在国产openEuler 22.03 LTS系统上完成OpenSSH 9.6的编译工作。 一、编译环境 1、准备环境 基于vmware workstation发布的x86虚…...
DNS配置文件讲解
1. 概述 BIND:Berkeley Internet Name Domain ,伯克利因特网域名解析服务是一种全球使用最广泛的、 最高效的、最安全的域名解析服务程序 2. 安装软件 [rootserver ~]# yum install bind -y 3. bind服务中三个关键文件 /etc/named.conf : 主配置文件…...
142:vue+leaflet 加载tomtom地图(多种形式)
第142个 点击查看专栏目录 本示例介绍如何在vue+leaflet中添加tomtom地图,这里包含了多种形式,诸如中文标记、英文标记、白天地图、晚上地图、卫星影像图,高山海拔地形图等。 直接复制下面的 vue+leaflet源代码,操作2分钟即可运行实现效果 文章目录 示例效果配置方式示例…...
Android Mac电脑更改aar中的文件再打包
一 问题 要在Mac电脑上替换AAR中的文件并重新打包。 二 解决方案 1.解压AAR文件 将AAR文件重命名为.zip,并解压缩它,得到一个文件夹。 2.替换文件 在解压后的文件夹中找到您想替换的文件,将其替换为新文件。 3.重新打包 打开终端&…...
Jmeter脚本录制:抓取IOS手机请求包!
现在移动端的项目越来越多,今天给大家介绍一下,在IOS下Jmeter如何抓包。 1、电脑连上wifi; 2、Jmeter中配置“HTTP代理服务器” 1)启动Jmeter; 2)“测试计划”中添加“线程组”; 3)“测试计划”中添加“HTTP代理服务器”&#…...
大数据分析案例-基于随机森林算法构建电影票房预测模型
🤵♂️ 个人主页:艾派森的个人主页 ✍🏻作者简介:Python学习者 🐋 希望大家多多支持,我们一起进步!😄 如果文章对你有帮助的话, 欢迎评论 💬点赞Ǵ…...
关于Gitlab用户登录提示无限重定向循环ERR_TOO_MANY_REDIRECTS
#工作笔记# 查阅了网上所有相关的记录,都没有解决gitlab登录/users/sign_up/welcome提示ERR_TOO_MANY_REDIRECTS,好在最终解决了,记录在此。 先说下起因: github哼哼不想用了,原因太多,所以内部讨论用git…...
突破瓶颈,提升开发效率:Spring框架进阶与最佳实践-IOC
IOC相关内容 1.1 bean基础配置1.1.1 bean基础配置(id与class)1.1.2 bean的name属性步骤1:配置别名步骤2:根据名称容器中获取bean对象步骤3:运行程序 1.1.3 bean作用范围scope配置1.1.3.1 验证IOC容器中对象是否为单例验证思路具体实现 1.1.3.2 配置bean为非单例1.1.…...
西方网络安全人才培养的挑战及对策
文章目录 前言一、网络安全人才力量发展现状(一)注重从战略上重视网络安全人才培养和发展。(二)注重从多渠道多路径招募网络安全人才。(三)注重分层次分阶段系统规划网络安全人才培养模式。(四)注重通过实践锻炼进一步提升网络攻防实战能力。二、网络安全人才面临的形势…...
计算机网络之三次握手,四次挥手
TCP(传输控制协议)是一种面向连接的、可靠的传输层协议,用于在网络中的两个应用程序之间建立可靠的通信连接。TCP的核心特征之一是它使用“三次握手”过程来建立连接,以及“四次挥手”过程来终止连接。 三次握手(建立…...
深度强化学习(王树森)笔记09
深度强化学习(DRL) 本文是学习笔记,如有侵权,请联系删除。本文在ChatGPT辅助下完成。 参考链接 Deep Reinforcement Learning官方链接:https://github.com/wangshusen/DRL 源代码链接:https://github.c…...
调试OpenHarmony应用/服务
调试流程 DevEco Studio提供了丰富的OpenHarmony应用/服务调试能力,帮助开发者更方便、高效的调试应用/服务。 OpenHarmony应用/服务调试支持使用真机设备调试。使用真机设备进行调试前,需要对HAP进行签名后进行调试。详细的调试流程如下图所示&#x…...
【NGINX】NGINX如何阻止指定ip的请求
业务场景: web页面做了一个功能,在websocket请求失败的情况,会定时向服务端进行重试进行建立连接。 存在的问题是即使这个web系统没人操作的情况下,只要页面没有关闭,即使系统超时了页面也没有发生跳转,这…...
PHP抽奖设置中奖率,以及防高并发
一、中奖率,先在后台设定好奖项名称,抽奖份数,以及中奖百分比 奖品表draw 二、 借助文件排他锁,在处理下单请求的时候,用flock锁定一个文件,如果锁定失败说明有其他订单正在处理,此时要么等待要么直接提示用户"服务器繁忙" 阻塞(等待)模式,一般都是用这个模…...
使用.NET6 Avalonia开发跨平台三维应用
本文介绍在Vistual Studio 2022中使用Avalonia和集成AnyCAD Rapid AvaloniaUI三维控件的过程。 0 初始化环境 安装Avalonia.Templates dotnet new install Avalonia.Templates若之前安装过可忽略此步骤。 1 创建项目 选择创建AvaloniaUI项目 选一下.NET6版本和Avalonia版…...
linux(ubuntu)中crontab定时器命令详解 以及windows中定时器
文章目录 linux(ubuntu)中crontab定时器命令详解基本语法crontab 文件格式通配符示例在Ubuntu中,定时任务cron服务默认被安装。可以通过以下命令操作该服务:其他注意事项windows中定时器任务的创建步骤:常规触发器操作…...
植物病害检测YOLOV8,OPENCV调用
【免费】植物病害检测,10种类型,YOLOV8训练,转换成ONNX,OPENCV调用资源-CSDN文库 植物病害检测,YOLOV8NANO,训练得到PT模型,然后转换成ONNX,OPENCV的DNN调用,支持C,PYTH…...
C++初阶:入门泛型编程(函数模板和类模板)
大致介绍了一下C/C内存管理、new与delete后:C初阶:C/C内存管理、new与delete详解 我们接下来终于进入了模版的学习了,今天就先来入门泛型编程 文章目录 1.泛型编程2.函数模版2.1概念2.2格式2.3函数模版的原理2.4函数模版的实例化2.4.1隐式实例…...
【RT-DETR有效改进】CARAFE提高精度的上采样方法(助力细节长点)
👑欢迎大家订阅本专栏,一起学习RT-DETR👑 一、本文介绍 本文给大家带来的CARAFE(Content-Aware ReAssembly of FEatures)是一种用于增强卷积神经网络特征图的上采样方法。其主要旨在改进传统的上采样方法(就是我们的Upsample)的性能。CARAFE的核心思想是:使用输…...
leetcode 27.移除元素(python版)
需求 给你一个数组 nums 和一个值 val,你需要 原地 移除所有数值等于 val 的元素,并返回移除后数组的新长度。 不要使用额外的数组空间,你必须仅使用 O(1) 额外空间并 原地 修改输入数组。 元素的顺序可以改变。你不需要考虑数组中超出新长度…...
突破不可导策略的训练难题:零阶优化与强化学习的深度嵌合
强化学习(Reinforcement Learning, RL)是工业领域智能控制的重要方法。它的基本原理是将最优控制问题建模为马尔可夫决策过程,然后使用强化学习的Actor-Critic机制(中文译作“知行互动”机制),逐步迭代求解…...
基于距离变化能量开销动态调整的WSN低功耗拓扑控制开销算法matlab仿真
目录 1.程序功能描述 2.测试软件版本以及运行结果展示 3.核心程序 4.算法仿真参数 5.算法理论概述 6.参考文献 7.完整程序 1.程序功能描述 通过动态调整节点通信的能量开销,平衡网络负载,延长WSN生命周期。具体通过建立基于距离的能量消耗模型&am…...
Qt Http Server模块功能及架构
Qt Http Server 是 Qt 6.0 中引入的一个新模块,它提供了一个轻量级的 HTTP 服务器实现,主要用于构建基于 HTTP 的应用程序和服务。 功能介绍: 主要功能 HTTP服务器功能: 支持 HTTP/1.1 协议 简单的请求/响应处理模型 支持 GET…...
Linux 中如何提取压缩文件 ?
Linux 是一种流行的开源操作系统,它提供了许多工具来管理、压缩和解压缩文件。压缩文件有助于节省存储空间,使数据传输更快。本指南将向您展示如何在 Linux 中提取不同类型的压缩文件。 1. Unpacking ZIP Files ZIP 文件是非常常见的,要在 …...
Golang——6、指针和结构体
指针和结构体 1、指针1.1、指针地址和指针类型1.2、指针取值1.3、new和make 2、结构体2.1、type关键字的使用2.2、结构体的定义和初始化2.3、结构体方法和接收者2.4、给任意类型添加方法2.5、结构体的匿名字段2.6、嵌套结构体2.7、嵌套匿名结构体2.8、结构体的继承 3、结构体与…...
群晖NAS如何在虚拟机创建飞牛NAS
套件中心下载安装Virtual Machine Manager 创建虚拟机 配置虚拟机 飞牛官网下载 https://iso.liveupdate.fnnas.com/x86_64/trim/fnos-0.9.2-863.iso 群晖NAS如何在虚拟机创建飞牛NAS - 个人信息分享...
深度学习之模型压缩三驾马车:模型剪枝、模型量化、知识蒸馏
一、引言 在深度学习中,我们训练出的神经网络往往非常庞大(比如像 ResNet、YOLOv8、Vision Transformer),虽然精度很高,但“太重”了,运行起来很慢,占用内存大,不适合部署到手机、摄…...
保姆级【快数学会Android端“动画“】+ 实现补间动画和逐帧动画!!!
目录 补间动画 1.创建资源文件夹 2.设置文件夹类型 3.创建.xml文件 4.样式设计 5.动画设置 6.动画的实现 内容拓展 7.在原基础上继续添加.xml文件 8.xml代码编写 (1)rotate_anim (2)scale_anim (3)translate_anim 9.MainActivity.java代码汇总 10.效果展示 逐帧…...
es6+和css3新增的特性有哪些
一:ECMAScript 新特性(ES6) ES6 (2015) - 革命性更新 1,记住的方法,从一个方法里面用到了哪些技术 1,let /const块级作用域声明2,**默认参数**:函数参数可以设置默认值。3&#x…...
快速排序算法改进:随机快排-荷兰国旗划分详解
随机快速排序-荷兰国旗划分算法详解 一、基础知识回顾1.1 快速排序简介1.2 荷兰国旗问题 二、随机快排 - 荷兰国旗划分原理2.1 随机化枢轴选择2.2 荷兰国旗划分过程2.3 结合随机快排与荷兰国旗划分 三、代码实现3.1 Python实现3.2 Java实现3.3 C实现 四、性能分析4.1 时间复杂度…...