制作OpenSSH 9.6 for openEuler 22.03 LTS的rpm升级包
OpenSSH作为操作系统底层管理平台软件,需要保持更新以免遭受安全攻击,编译生成rpm包是生产环境中批量升级的最佳途径。本文在国产openEuler 22.03 LTS系统上完成OpenSSH 9.6的编译工作。
一、编译环境
1、准备环境
基于vmware workstation发布的x86虚拟机,最小化安装了openEuler 22.03 LTS,版本信息如下:
[root@localhost ~]# cat /etc/os-release
NAME="openEuler"
VERSION="22.03 LTS"
ID="openEuler"
VERSION_ID="22.03"
PRETTY_NAME="openEuler 22.03 LTS"
ANSI_COLOR="0;31"[root@localhost ~]# rpm -qa|grep openssh
openssh-8.8p1-2.oe2203.x86_64
openssh-server-8.8p1-2.oe2203.x86_64
openssh-clients-8.8p1-2.oe2203.x86_64
[root@localhost ~]# ssh -V
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
[root@localhost ~]# sshd -V
unknown option -- V
OpenSSH_8.8p1, OpenSSL 1.1.1m 14 Dec 2021
usage: sshd [-46DdeiqTt] [-C connection_spec] [-c host_cert_file][-E log_file] [-f config_file] [-g login_grace_time][-h host_key_file] [-o option] [-p port] [-u len]
[root@localhost SPECS]# openssl
OpenSSL> version
OpenSSL 1.1.1m 14 Dec 2021
OpenSSL> exit2、修改系统源为阿里源
[root@localhost ~]# cp /etc/yum.repos.d/openEuler.repo{,.bak}
[root@localhost ~]# sed -i "s/repo.openeuler.org/mirrors.aliyun.com\/openeuler/g" /etc/yum.repos.d/openEuler.repo
[root@localhost ~]# cat /etc/yum.repos.d/openEuler.repo
#generic-repos is licensed under the Mulan PSL v2.
#You can use this software according to the terms and conditions of the Mulan PSL v2.
#You may obtain a copy of Mulan PSL v2 at:
# http://license.coscl.org.cn/MulanPSL2
#THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
#IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
#PURPOSE.
#See the Mulan PSL v2 for more details.[OS]
name=OS
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler[everything]
name=everything
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/everything/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/everything/$basearch/RPM-GPG-KEY-openEuler[EPOL]
name=EPOL
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/EPOL/main/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler[debuginfo]
name=debuginfo
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/debuginfo/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/debuginfo/$basearch/RPM-GPG-KEY-openEuler[source]
name=source
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/source/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/source/RPM-GPG-KEY-openEuler[update]
name=update
baseurl=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/update/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/openeuler/openEuler-22.03-LTS/OS/$basearch/RPM-GPG-KEY-openEuler
[root@localhost ~]# yum install tree -y3、准备编译所需目录
[root@localhost ~]# cd ~
[root@localhost ~]# mkdir -p rpmbuild/{SOURCES,SPECS}
[root@localhost ~]# tree
.
├── anaconda-ks.cfg
└── rpmbuild├── SOURCES└── SPECS3 directories, 1 file4、准备源码包
4.1、源包版本
官网地址 当前版本
- SHA1 (openssh-9.6.tar.gz) = a6d4cb69811e879e2f158c2e597fd9f444b26506- SHA256 (openssh-9.6.tar.gz) = nejPUhSnG1R1sOmIBi/t+HMNvsRqfN/DJgjwIU2tvqg=- SHA1 (openssh-9.6p1.tar.gz) = de300d09ec79fdbf37de4e6672cce4161439f2c3- SHA256 (openssh-9.6p1.tar.gz) = kQIRwHJVqMWtZUORtA7lmABxDdgRndU2LeCThap6d3w=
附加程序:
x11-ssh-askpass-1.2.4.1
openssl-1.1.1v
4.2、下载实作
[root@localhost ~]# cd rpmbuild/SOURCES/
[root@localhost SOURCES]# wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz --no-check-certificat
--2023-06-05 15:51:44-- https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.6p1.tar.gz
正在解析主机 cdn.openbsd.org (cdn.openbsd.org)... 146.75.115.52, 2a04:4e42:f::820
正在连接 cdn.openbsd.org (cdn.openbsd.org)|146.75.115.52|:443... 已连接。
警告: “cdn.openbsd.org” 的证书不可信。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:1857862 (1.8M) [application/octet-stream]
正在保存至: “openssh-9.6p1.tar.gz”openssh-9.6p1.tar.gz 100%[=========================================================================>] 1.77M 1.28MB/s 用时 1.4s 2023-06-05 15:51:47 (1.28 MB/s) - 已保存 “openssh-9.6p1.tar.gz” [1857862/1857862])[root@localhost SOURCES]# wget https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz --no-check-certificat
--2023-06-05 15:52:32-- https://src.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz
正在解析主机 src.fedoraproject.org (src.fedoraproject.org)... 38.145.60.20, 38.145.60.21
正在连接 src.fedoraproject.org (src.fedoraproject.org)|38.145.60.20|:443... 已连接。
警告: “src.fedoraproject.org” 的证书不可信。
警告: “src.fedoraproject.org” 的证书还未生效。
证书还未激活
已发出 HTTP 请求,正在等待回应... 200 OK
长度:29229 (29K) [application/x-gzip]
正在保存至: “x11-ssh-askpass-1.2.4.1.tar.gz”x11-ssh-askpass-1.2.4.1.tar.gz 100%[=========================================================================>] 28.54K 106KB/s 用时 0.3s 2023-06-05 15:52:33 (106 KB/s) - 已保存 “x11-ssh-askpass-1.2.4.1.tar.gz” [29229/29229])[root@localhost SOURCES]# wget https://www.openssl.org/source/openssl-1.1.1v.tar.gz --no-check-certificate
--2023-06-05 15:52:54-- https://www.openssl.org/source/openssl-1.1.1v.tar.gz
正在解析主机 www.openssl.org (www.openssl.org)... 34.36.58.177, 2600:1901:0:1812::
正在连接 www.openssl.org (www.openssl.org)|34.36.58.177|:443... 已连接。
警告: “www.openssl.org” 的证书不可信。
警告: “www.openssl.org” 的证书还未生效。
证书还未激活
已发出 HTTP 请求,正在等待回应... 200 OK
长度:9893443 (9.4M) [application/x-tar]
正在保存至: “openssl-1.1.1v.tar.gz”openssl-1.1.1v.tar.gz 100%[=========================================================================>] 9.43M 930KB/s 用时 10s 2023-06-05 15:53:05 (963 KB/s) - 已保存 “openssl-1.1.1v.tar.gz” [9893443/9893443])[root@localhost SOURCES]# vi sshd.pam.oe2203
[root@localhost SOURCES]# cat sshd.pam.oe2203
#%PAM-1.0
auth substack password-auth
auth include postlogin
account required pam_sepermit.so
account required pam_nologin.so
account include password-auth
password include password-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session required pam_namespace.so
session optional pam_keyinit.so force revoke
session optional pam_motd.so
session include password-auth
session include postlogin
[root@localhost SOURCES]# ll
总用量 12M
-rw-r--r--. 1 root root 1.8M 12月 18 2023 openssh-9.6p1.tar.gz
-rw-r--r--. 1 root root 727 6月 5 15:54 sshd.pam.oe2203
-rw-r--r--. 1 root root 29K 6月 26 2004 x11-ssh-askpass-1.2.4.1.tar.gz
-rw-r--r--. 1 root root 9.5M 1月 22 2024 openssl-1.1.1v.tar.gz5、安装编译所需软件包
[root@localhost SOURCES]# cd ../SPECS
[root@localhost SPECS]# yum install rpm-build zlib-devel openssl-devel gcc perl-devel pam-devel -y
Last metadata expiration check: 0:20:36 ago on 2023年06月05日 星期一 15时36分30秒.
Package gcc-10.3.1-10.oe2203.x86_64 is already installed.
Package perl-devel-4:5.34.0-3.oe2203.x86_64 is already installed.
Dependencies resolved.
=========================================================================================================================================================Package Architecture Version Repository Size
=========================================================================================================================================================
Installing:openssl-devel x86_64 1:1.1.1m-24.oe2203 update 1.8 Mpam-devel x86_64 1.5.2-7.oe2203 update 23 krpm-build x86_64 4.17.0-32.oe2203 update 69 kzlib-devel x86_64 1.2.11-24.oe2203 update 90 k
Upgrading:cpp x86_64 10.3.1-19.oe2203 update 9.0 Mgcc x86_64 10.3.1-19.oe2203 update 29 Mlibgcc x86_64 10.3.1-19.oe2203 update 74 klibgomp x86_64 10.3.1-19.oe2203 update 229 kopenssl x86_64 1:1.1.1m-24.oe2203 update 445 kopenssl-libs x86_64 1:1.1.1m-24.oe2203 update 1.4 Mpam x86_64 1.5.2-7.oe2203 update 439 kperl x86_64 4:5.34.0-12.oe2203 update 3.2 Mperl-devel x86_64 4:5.34.0-12.oe2203 update 2.1 Mperl-libs x86_64 4:5.34.0-12.oe2203 update 1.7 Mpython3-rpm x86_64 4.17.0-32.oe2203 update 79 krpm x86_64 4.17.0-32.oe2203 update 492 krpm-libs x86_64 4.17.0-32.oe2203 update 366 kzlib x86_64 1.2.11-24.oe2203 update 88 k
Installing dependencies:babeltrace x86_64 1.5.8-2.oe2203 OS 205 kdebugedit x86_64 5.0-2.oe2203 OS 74 kdwz x86_64 0.14-3.oe2203 OS 119 ke2fsprogs-devel x86_64 1.46.4-7.oe2203 OS 287 kgdb-headless x86_64 11.1-7.oe2203 update 3.5 Mgmp-c++ x86_64 1:6.2.1-1.oe2203 OS 17 kgmp-devel x86_64 1:6.2.1-1.oe2203 OS 449 kisl x86_64 0.16.1-12.oe2203 update 799 kisl-devel x86_64 0.16.1-12.oe2203 update 518 kkeyutils-libs-devel x86_64 1.6.3-3.oe2203 OS 12 kkrb5-devel x86_64 1.19.2-2.oe2203 OS 164 klibipt x86_64 2.0.4-1.oe2203 OS 51 klibselinux-devel x86_64 3.3-1.oe2203 OS 102 klibsepol-devel x86_64 3.3-2.oe2203 OS 362 klibverto-devel x86_64 0.3.2-1.oe2203 OS 17 kpatch x86_64 2.7.6-12.oe2203 OS 123 kpcre2-devel x86_64 10.39-1.oe2203 OS 501 kTransaction Summary
=========================================================================================================================================================
Install 21 Packages
Upgrade 14 PackagesTotal download size: 57 M
Downloading Packages:
...
Upgraded:cpp-10.3.1-19.oe2203.x86_64 gcc-10.3.1-19.oe2203.x86_64 libgcc-10.3.1-19.oe2203.x86_64 libgomp-10.3.1-19.oe2203.x86_64 openssl-1:1.1.1m-24.oe2203.x86_64 openssl-libs-1:1.1.1m-24.oe2203.x86_64 pam-1.5.2-7.oe2203.x86_64 perl-4:5.34.0-12.oe2203.x86_64 perl-devel-4:5.34.0-12.oe2203.x86_64 perl-libs-4:5.34.0-12.oe2203.x86_64 python3-rpm-4.17.0-32.oe2203.x86_64 rpm-4.17.0-32.oe2203.x86_64 rpm-libs-4.17.0-32.oe2203.x86_64 zlib-1.2.11-24.oe2203.x86_64
Installed:babeltrace-1.5.8-2.oe2203.x86_64 debugedit-5.0-2.oe2203.x86_64 dwz-0.14-3.oe2203.x86_64 e2fsprogs-devel-1.46.4-7.oe2203.x86_64 gdb-headless-11.1-7.oe2203.x86_64 gmp-c++-1:6.2.1-1.oe2203.x86_64 gmp-devel-1:6.2.1-1.oe2203.x86_64 isl-0.16.1-12.oe2203.x86_64 isl-devel-0.16.1-12.oe2203.x86_64 keyutils-libs-devel-1.6.3-3.oe2203.x86_64 krb5-devel-1.19.2-2.oe2203.x86_64 libipt-2.0.4-1.oe2203.x86_64 libselinux-devel-3.3-1.oe2203.x86_64 libsepol-devel-3.3-2.oe2203.x86_64 libverto-devel-0.3.2-1.oe2203.x86_64 openssl-devel-1:1.1.1m-24.oe2203.x86_64 pam-devel-1.5.2-7.oe2203.x86_64 patch-2.7.6-12.oe2203.x86_64 pcre2-devel-10.39-1.oe2203.x86_64 rpm-build-4.17.0-32.oe2203.x86_64 zlib-devel-1.2.11-24.oe2203.x86_64 Complete!
[root@localhost SPECS]#6、 编写spec文件
[root@localhost SPECS]# vi /root/rpmbuild/SPECS/openssh.spec
[root@localhost SPECS]# cat openssh.spec
%{?!opensslver: %global opensslver 1.1.1v}
%{?!opensshver: %global opensshver 9.6p1}
%define static_openssl 1# wheather to build openssl
%global no_build_openssl 0#if defined openssl_dir, don't build it
%{?openssl_dir:%global no_build_openssl 1}%global ver %{?opensshver}
%global rel %{?opensshpkgrel}%{?dist}oe2203# OpenSSH privilege separation requires a user & group ID
%global sshd_uid 74
%global sshd_gid 74# Version of ssh-askpass
%global aversion 1.2.4.1# Do we want to disable building of x11-askpass? (1=yes 0=no)
%global no_x11_askpass 1# Do we want to disable building of gnome-askpass? (1=yes 0=no)
%global no_gnome_askpass 1# Do we want to link against a static libcrypto? (1=yes 0=no)
%global static_libcrypto 0# Do we want smartcard support (1=yes 0=no)
%global scard 0# Use GTK2 instead of GNOME in gnome-ssh-askpass
%global gtk2 1# Use build6x options for older RHEL builds
# RHEL 7 not yet supported
%if 0%{?rhel} > 6
%global build6x 0
%else
%global build6x 0
%endif# Do we want kerberos5 support (1=yes 0=no)
%global kerberos5 1# Reserve options to override askpass settings with:
# rpm -ba|--rebuild --define 'skip_xxx 1'
%{?skip_x11_askpass:%global no_x11_askpass 1}
%{?skip_gnome_askpass:%global no_gnome_askpass 1}# Add option to build without GTK2 for older platforms with only GTK+.
# RedHat <= 7.2 and Red Hat Advanced Server 2.1 are examples.
# rpm -ba|--rebuild --define 'no_gtk2 1'
%{?no_gtk2:%global gtk2 0}# Is this a build for RHL 6.x or earlier?
%{?build_6x:%global build6x 1}# If this is RHL 6.x, the default configuration has sysconfdir in /usr/etc.
%if %{build6x}
%global _sysconfdir /etc
%endif# Options for static OpenSSL link:
# rpm -ba|--rebuild --define "static_openssl 1"
%{?static_openssl:%global static_libcrypto 1}# Options for Smartcard support: (needs libsectok and openssl-engine)
# rpm -ba|--rebuild --define "smartcard 1"
%{?smartcard:%global scard 1}# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
%global rescue 0
%{?build_rescue:%global rescue 1}# Turn off some stuff for resuce builds
%if %{rescue}
%global kerberos5 0
%endifSummary: The OpenSSH implementation of SSH protocol version 2.
Name: openssh
Version: %{ver}
%if %{rescue}
Release: %{rel}rescue
%else
Release: %{rel}
%endif
URL: https://www.openssh.com/portable.html
Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
Source2: sshd.pam.oe2203
%if ! %{no_build_openssl}
Source3: https://www.openssl.org/source/openssl-%{opensslver}.tar.gz
%endif
License: BSD
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
Obsoletes: ssh
%if %{build6x}
PreReq: initscripts >= 5.00
%else
Requires: initscripts >= 5.20
%endif
BuildRequires: perl
BuildRequires: /bin/login
%if ! %{build6x}
BuildRequires: glibc-devel, pam
%else
BuildRequires: /usr/include/security/pam_appl.h
%endif
%if ! %{no_x11_askpass}
BuildRequires: /usr/include/X11/Xlib.h
# Xt development tools
BuildRequires: libXt-devel
# Provides xmkmf
BuildRequires: imake
# Rely on relatively recent gtk
%if %{gtk2}
BuildRequires: gtk2-devel
%endif
%endif
%if ! %{no_gnome_askpass}
BuildRequires: pkgconfig
%endif
%if %{kerberos5}
BuildRequires: krb5-devel
BuildRequires: krb5-libs
%endif%package clients
Summary: OpenSSH clients.
Requires: openssh = %{version}-%{release}
Group: Applications/Internet
Obsoletes: ssh-clients%package server
Summary: The OpenSSH server daemon.
Group: System Environment/Daemons
Obsoletes: ssh-server
Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
%if ! %{build6x}
Requires: /etc/pam.d/system-auth
%endif%package askpass
Summary: A passphrase dialog for OpenSSH and X.
Group: Applications/Internet
Requires: openssh = %{version}-%{release}
Obsoletes: ssh-extras%package askpass-gnome
Summary: A passphrase dialog for OpenSSH, X, and GNOME.
Group: Applications/Internet
Requires: openssh = %{version}-%{release}
Obsoletes: ssh-extras%description
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features, as well as removing
all patented algorithms to separate libraries.
This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
%description clients
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.
You'll also need to install the openssh package on OpenSSH clients.%description server
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
the secure shell daemon (sshd). The sshd daemon allows SSH clients to
securely connect to your SSH server. You also need to have the openssh
package installed.%description askpass
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
an X11 passphrase dialog for OpenSSH.%description askpass-gnome
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package contains
an X11 passphrase dialog for OpenSSH and the GNOME GUI desktop
environment.%prep%if ! %{no_x11_askpass}
%setup -q -a 1
%else
%setup -q
%endif%if ! %{no_build_openssl}
%define openssl_dir %{_builddir}/%{name}-%{version}/openssl
mkdir -p openssl
tar xfz %{SOURCE3} --strip-components=1 -C openssl
pushd openssl
./config shared zlib -fPIC
make %{?_smp_mflags}
popd
%endif%build
%if %{rescue}
CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
%endifexport LD_LIBRARY_PATH="%{openssl_dir}"
%configure \--sysconfdir=%{_sysconfdir}/ssh \--libexecdir=%{_libexecdir}/openssh \--datadir=%{_datadir}/openssh \--with-default-path=/usr/local/bin:/bin:/usr/bin \--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \--with-privsep-path=%{_var}/empty/sshd \--with-md5-passwords \--mandir=%{_mandir} \--with-mantype=man \--disable-strip \--with-ssl-dir="%{openssl_dir}" \
%if %{scard}--with-smartcard \
%endif
%if %{rescue}--without-pam \
%else--with-pam \
%endif
%if %{kerberos5}--with-kerberos5=$K5DIR \
%endif%if %{static_libcrypto}
#perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
perl -pi -e "s|-lcrypto|%{openssl_dir}/libcrypto.a -lpthread|g" Makefile
%endifmake %{?_smp_mflags}%if ! %{no_x11_askpass}
pushd x11-ssh-askpass-%{aversion}
%configure --libexecdir=%{_libexecdir}/openssh
xmkmf -a
make -j
popd
%endif# Define a variable to toggle gnome1/gtk2 building. This is necessary
# because RPM doesn't handle nested %if statements.
%if %{gtk2}gtk2=yes
%elsegtk2=no
%endif%if ! %{no_gnome_askpass}
pushd contrib
if [ $gtk2 = yes ] ; thenmake gnome-ssh-askpass2mv gnome-ssh-askpass2 gnome-ssh-askpass
elsemake gnome-ssh-askpass1mv gnome-ssh-askpass1 gnome-ssh-askpass
fi
popd
%endif%install
rm -rf $RPM_BUILD_ROOT
mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshdmake install DESTDIR=$RPM_BUILD_ROOT
echo -e 'PubkeyAcceptedAlgorithms +ssh-rsa\nUsePAM yes\nPermitRootLogin yes\nUseDNS no' >> $RPM_BUILD_ROOT/etc/ssh/sshd_config
install -d $RPM_BUILD_ROOT/etc/pam.d/
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin/ssh-copy-id
install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd%if ! %{no_x11_askpass}
install x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass
ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
%endif%if ! %{no_gnome_askpass}
install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
%endif%if ! %{scard}rm -f $RPM_BUILD_ROOT/usr/share/openssh/Ssh.bin
%endif%if ! %{no_gnome_askpass}
install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
%endifperl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*%clean
rm -rf $RPM_BUILD_ROOT%triggerun server -- ssh-server
if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; thentouch /var/run/sshd.restart
fi%triggerun server -- openssh-server < 2.5.0p1
# Count the number of HostKey and HostDsaKey statements we have.
gawk 'BEGIN {IGNORECASE=1}/^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1}END {exit sawhostkey}' /etc/ssh/sshd_config
# And if we only found one, we know the client was relying on the old default
# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't
# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying
# one nullifies the default, which would have loaded both.
if [ $? -eq 1 ] ; thenecho HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_configecho HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config
fi%triggerpostun server -- ssh-server
if [ "$1" != 0 ] ; then/sbin/chkconfig --add sshdif test -f /var/run/sshd.restart ; thenrm -f /var/run/sshd.restart/sbin/service sshd start > /dev/null 2>&1 || :fi
fi%pre server
%{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || :
%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \-g sshd -M -r sshd 2>/dev/null || :%post server
/sbin/chkconfig --add sshd%postun server
/sbin/service sshd condrestart > /dev/null 2>&1 || :%preun server
if [ "$1" = 0 ]
then/sbin/service sshd stop > /dev/null 2>&1 || :/sbin/chkconfig --del sshd
fi%files
%defattr(-,root,root)
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO
%attr(0755,root,root) %{_bindir}/scp
%attr(0644,root,root) %{_mandir}/man1/scp.1*
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
%if ! %{rescue}
%attr(0755,root,root) %{_bindir}/ssh-keygen
%attr(0755,root,root) %{_bindir}/ssh-copy-id
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
%attr(0755,root,root) %dir %{_libexecdir}/openssh
%attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-pkcs11-helper
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-sk-helper
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
%attr(0644,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
%attr(0644,root,root) %{_mandir}/man8/ssh-sk-helper.8*
%endif
%if %{scard}
%attr(0755,root,root) %dir %{_datadir}/openssh
%attr(0644,root,root) %{_datadir}/openssh/Ssh.bin
%endif%files clients
%defattr(-,root,root)
%attr(0755,root,root) %{_bindir}/ssh
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
%attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
%if ! %{rescue}
%attr(2755,root,nobody) %{_bindir}/ssh-agent
%attr(0755,root,root) %{_bindir}/ssh-add
%attr(0755,root,root) %{_bindir}/ssh-keyscan
%attr(0755,root,root) %{_bindir}/sftp
%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
%attr(0644,root,root) %{_mandir}/man1/sftp.1*
%endif%if ! %{rescue}
%files server
%defattr(-,root,root)
%dir %attr(0111,root,root) %{_var}/empty/sshd
%attr(0755,root,root) %{_sbindir}/sshd
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
%attr(0644,root,root) %{_mandir}/man8/sshd.8*
%attr(0644,root,root) %{_mandir}/man5/moduli.5*
%attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
%endif%if ! %{no_x11_askpass}
%files askpass
%defattr(-,root,root)
%doc x11-ssh-askpass-%{aversion}/README
%doc x11-ssh-askpass-%{aversion}/ChangeLog
%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
%{_libexecdir}/openssh/ssh-askpass
%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
%endif%if ! %{no_gnome_askpass}
%files askpass-gnome
%defattr(-,root,root)
%attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
%endif7、查看当前文件情况
[root@localhost SPECS]# cd /root/rpmbuild && tree
.
├── SOURCES
│ ├── openssh-9.6p1.tar.gz
│ ├── openssl-1.1.1v.tar.gz
│ ├── sshd.pam.oe2203
│ └── x11-ssh-askpass-1.2.4.1.tar.gz
└── SPECS└── openssh.spec2 directories, 5 files二、编译rpm
1、编译
[root@localhost SPECS]# rpmbuild -bb openssh.spec
...
**************************************************
*** ***
*** Please run the same make command again ***
*** ***
**************************************************
make: *** [Makefile:688: configdata.pm] Error 1
错误:/var/tmp/rpm-tmp.nswfUe (%prep) 退出状态不好
...2、提示报错
提示报错 "make: *** [Makefile:688: configdata.pm] Error 1",系因时间不正确所致,修正时间:
[root@localhost SPECS]# date
2023年 06月 05日 星期一 15:02:45 CST
[root@localhost SPECS]# ntpdate -u ntp1.aliyun.com
29 Jan 17:02:23 ntpdate[10034]: step time server 120.25.115.20 offset +20570147.938882 sec
[root@localhost SPECS]# date
2024年 01月 29日 星期一 17:03:09 CST3、再次编译
[root@localhost SPECS]# rpmbuild -bb openssh.spec
警告:行 100:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh
警告:行 136:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-clients
警告:行 141:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-server
警告:行 151:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-extras
警告:行 157:It's not recommended to have unversioned Obsoletes:Obsoletes: ssh-extras
正在执行(%prep):/bin/sh -e /var/tmp/rpm-tmp.4HNFWt
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf openssh-9.6p1
+ /usr/bin/gzip -dc /root/rpmbuild/SOURCES/openssh-9.6p1.tar.gz
+ /usr/bin/tar -xof -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd openssh-9.6p1
+ /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ mkdir -p openssl
+ tar xfz /root/rpmbuild/SOURCES/openssl-1.1.1v.tar.gz --strip-components=1 -C openssl
+ pushd openssl
~/rpmbuild/BUILD/openssh-9.6p1/openssl ~/rpmbuild/BUILD/openssh-9.6p1
+ ./config shared zlib -fPIC
Operating system: x86_64-whatever-linux2
Configuring OpenSSL version 1.1.1v (0x1010116fL) for linux-x86_64
Using os-specific seed configuration
Creating configdata.pm
Creating Makefile**********************************************************************
*** ***
*** OpenSSL has been successfully configured ***
*** ***
*** If you encounter a problem while building, please open an ***
*** issue on GitHub <https://github.com/openssl/openssl/issues> ***
*** and include the output from the following command: ***
*** ***
*** perl configdata.pm --dump ***
*** ***
*** (If you are new to OpenSSL, you might want to consult the ***
*** 'Troubleshooting' section in the INSTALL file first) ***
*** ***
**********************************************************************
+ make -j2
/usr/bin/perl "-I." -Mconfigdata "util/dofile.pl" \"-oMakefile" include/crypto/bn_conf.h.in > include/crypto/bn_conf.h
/usr/bin/perl "-I." -Mconfigdata "util/dofile.pl" \"-oMakefile" include/crypto/dso_conf.h.in > include/crypto/dso_conf.h
...
处理文件:openssh-server-9.6p1-oe2203.x86_64
Provides: config(openssh-server) = 9.6p1-oe2203 openssh-server = 9.6p1-oe2203 openssh-server(x86-64) = 9.6p1-oe2203
Requires(interp): /bin/sh /bin/sh /bin/sh /bin/sh /bin/sh
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Requires(pre): /bin/sh
Requires(post): /bin/sh
Requires(preun): /bin/sh
Requires(postun): /bin/sh
Requires: /bin/bash libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.16)(64bit) libc.so.6(GLIBC_2.17)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.25)(64bit) libc.so.6(GLIBC_2.26)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.3.2)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.33)(64bit) libc.so.6(GLIBC_2.34)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.6)(64bit) libc.so.6(GLIBC_2.7)(64bit) libc.so.6(GLIBC_2.8)(64bit) libcom_err.so.2()(64bit) libcrypt.so.1()(64bit) libcrypt.so.1(XCRYPT_2.0)(64bit) libgssapi_krb5.so.2()(64bit) libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit) libk5crypto.so.3()(64bit) libkrb5.so.3()(64bit) libkrb5.so.3(krb5_3_MIT)(64bit) libpam.so.0()(64bit) libpam.so.0(LIBPAM_1.0)(64bit) libz.so.1()(64bit) rtld(GNU_HASH)
Obsoletes: ssh-server
处理文件:openssh-debuginfo-9.6p1-oe2203.x86_64
Provides: openssh-debuginfo = 9.6p1-oe2203 openssh-debuginfo(x86-64) = 9.6p1-oe2203
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Recommends: openssh-debugsource(x86-64) = 9.6p1-oe2203
处理文件:openssh-debugsource-9.6p1-oe2203.x86_64
Provides: openssh-debugsource = 9.6p1-oe2203 openssh-debugsource(x86-64) = 9.6p1-oe2203
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
检查未打包文件:/usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/openssh-9.6p1-oe2203.x86_64
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-server-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-debugsource-9.6p1-oe2203.x86_64.rpm
已写至:/root/rpmbuild/RPMS/x86_64/openssh-clients-9.6p1-oe2203.x86_64.rpm
正在执行(%clean):/bin/sh -e /var/tmp/rpm-tmp.2ymafB
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd openssh-9.6p1
+ rm -rf /root/rpmbuild/BUILDROOT/openssh-9.6p1-oe2203.x86_64
+ RPM_EC=0
++ jobs -p
+ exit 0
[root@localhost SPECS]# 4、保存最终文件
[root@localhost SPECS]# cd /opt
[root@localhost opt]# mkdir openssh-9.6p1-oe2203
[root@localhost opt]# cd openssh-9.6p1-oe2203/
[root@localhost openssh-9.6p1-oe2203]# cp /root/rpmbuild/RPMS/x86_64/*.rpm .
[root@localhost openssh-9.6p1-oe2203]# ll
总用量 16M
-rw-r--r--. 1 root root 4.7M 1月 29 17:25 openssh-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 4.9M 1月 29 17:25 openssh-clients-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 4.0M 1月 29 17:25 openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 786K 1月 29 17:25 openssh-debugsource-9.6p1-oe2203.x86_64.rpm
-rw-r--r--. 1 root root 1.5M 1月 29 17:25 openssh-server-9.6p1-oe2203.x86_64.rpm三、升级测试
1、更新程序
[root@localhost openssh-9.6p1-oe2203]# yum update *
OS 14 kB/s | 3.8 kB 00:00
everything 13 kB/s | 3.8 kB 00:00
EPOL 11 kB/s | 3.0 kB 00:00
debuginfo 27 kB/s | 3.8 kB 00:00
source 20 kB/s | 3.8 kB 00:00
update 8.5 kB/s | 3.5 kB 00:00
Package openssh-debuginfo not installed, cannot update it.
No match for argument: openssh-debuginfo-9.6p1-oe2203.x86_64.rpm
Package openssh-debugsource not installed, cannot update it.
No match for argument: openssh-debugsource-9.6p1-oe2203.x86_64.rpm
Dependencies resolved.
=========================================================================================================================================================Package Architecture Version Repository Size
=========================================================================================================================================================
Upgrading:openssh x86_64 9.6p1-oe2203 @commandline 4.7 Mopenssh-clients x86_64 9.6p1-oe2203 @commandline 4.8 Mopenssh-server x86_64 9.6p1-oe2203 @commandline 1.5 MTransaction Summary
=========================================================================================================================================================
Upgrade 3 PackagesTotal size: 11 M
Is this ok [y/N]: y
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transactionPreparing : 1/1 Running scriptlet: openssh-9.6p1-oe2203.x86_64 1/1 Upgrading : openssh-9.6p1-oe2203.x86_64 1/6 Upgrading : openssh-clients-9.6p1-oe2203.x86_64 2/6 Running scriptlet: openssh-server-9.6p1-oe2203.x86_64 3/6 Upgrading : openssh-server-9.6p1-oe2203.x86_64 3/6
警告:/etc/ssh/sshd_config 已建立为 /etc/ssh/sshd_config.rpmnew Running scriptlet: openssh-server-9.6p1-oe2203.x86_64 3/6 Cleanup : openssh-clients-8.8p1-2.oe2203.x86_64 4/6 Cleanup : openssh-8.8p1-2.oe2203.x86_64 5/6 Running scriptlet: openssh-server-8.8p1-2.oe2203.x86_64 6/6 Cleanup : openssh-server-8.8p1-2.oe2203.x86_64 6/6 Running scriptlet: openssh-server-8.8p1-2.oe2203.x86_64 6/6 Verifying : openssh-9.6p1-oe2203.x86_64 1/6 Verifying : openssh-8.8p1-2.oe2203.x86_64 2/6 Verifying : openssh-clients-9.6p1-oe2203.x86_64 3/6 Verifying : openssh-clients-8.8p1-2.oe2203.x86_64 4/6 Verifying : openssh-server-9.6p1-oe2203.x86_64 5/6 Verifying : openssh-server-8.8p1-2.oe2203.x86_64 6/6 Upgraded:openssh-9.6p1-oe2203.x86_64 openssh-clients-9.6p1-oe2203.x86_64 openssh-server-9.6p1-oe2203.x86_64 Complete!2、更新配置文件
[root@localhost openssh-9.6p1-oe2203]# ll /etc/ssh/sshd_config*
-rw-------. 1 root root 4.8K 5月 5 2023 /etc/ssh/sshd_config
-rw-------. 1 root root 3.2K 1月 29 17:08 /etc/ssh/sshd_config.rpmnew
[root@localhost openssh-9.6p1-oe2203]# cp /etc/ssh/sshd_config /etc/ssh/sshd_config.v8.8p1.bak
[root@localhost openssh-9.6p1-oe2203]# cp /etc/ssh/sshd_config.rpmnew /etc/ssh/sshd_config
cp:是否覆盖'/etc/ssh/sshd_config'? y
[root@localhost openssh-9.6p1-oe2203]# ll /etc/ssh/sshd_config*
-rw-------. 1 root root 3.2K 1月 29 17:28 /etc/ssh/sshd_config
-rw-------. 1 root root 3.2K 1月 29 17:08 /etc/ssh/sshd_config.rpmnew
-rw-------. 1 root root 4.8K 1月 29 17:28 /etc/ssh/sshd_config.v8.8p1.bak3、重启服务测试
[root@localhost openssh-9.6p1-oe2203]# systemctl restart sshd
[root@localhost openssh-9.6p1-oe2203]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemonLoaded: loaded (/etc/rc.d/init.d/sshd; generated)Active: active (running) since Mon 2024-01-29 17:29:49 CST; 1s agoDocs: man:systemd-sysv-generator(8)Process: 32037 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)Main PID: 32046 (sshd)Tasks: 11 (limit: 4172)Memory: 195.9MCGroup: /system.slice/sshd.service├─ 1500 "sshd: AAAA [priv]" "" "" ""├─ 1504 "sshd: AAAA@notty" "" "" "" ""├─ 1505 /usr/libexec/openssh/sftp-server -l INFO -f AUTH├─ 1794 "sshd: AAAA [priv]" "" "" ""├─ 1824 "sshd: AAAA@pts/0" "" "" "" ""├─ 1825 -bash├─ 1884 su -├─ 1885 -bash├─32046 "sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups"├─32048 systemctl status sshd└─32049 less1月 29 17:29:49 localhost.localdomain systemd[1]: Starting SYSV: OpenSSH server daemon...
1月 29 17:29:49 localhost.localdomain sshd[32043]: /sbin/restorecon: lstat(/etc/ssh/ssh_host_dsa_key.pub) failed: No such file or directory
1月 29 17:29:49 localhost.localdomain sshd[32046]: Server listening on 0.0.0.0 port 22.
1月 29 17:29:49 localhost.localdomain sshd[32046]: Server listening on :: port 22.
1月 29 17:29:49 localhost.localdomain sshd[32037]: Starting sshd:[ 确定 ]
1月 29 17:29:49 localhost.localdomain systemd[1]: Started SYSV: OpenSSH server daemon.4、提示信息消除
服务正常,有一异常提示“/sbin/restorecon: lstat(/etc/ssh/ssh_host_dsa_key.pub) failed: No such file or directory”,消除该提示
[root@localhost openssh-9.6p1-oe2203]# touch /etc/ssh/ssh_host_dsa_key.pub
[root@localhost openssh-9.6p1-oe2203]# systemctl restart sshd
[root@localhost openssh-9.6p1-oe2203]# systemctl status sshd
● sshd.service - SYSV: OpenSSH server daemonLoaded: loaded (/etc/rc.d/init.d/sshd; generated)Active: active (running) since Mon 2024-01-29 17:31:28 CST; 1s agoDocs: man:systemd-sysv-generator(8)Process: 32303 ExecStart=/etc/rc.d/init.d/sshd start (code=exited, status=0/SUCCESS)Main PID: 32312 (sshd)Tasks: 11 (limit: 4172)Memory: 195.9MCGroup: /system.slice/sshd.service├─ 1500 "sshd: AAAA [priv]" "" "" ""├─ 1504 "sshd: AAAA@notty" "" "" "" ""├─ 1505 /usr/libexec/openssh/sftp-server -l INFO -f AUTH├─ 1794 "sshd: AAAA [priv]" "" "" ""├─ 1824 "sshd: AAAA@pts/0" "" "" "" ""├─ 1825 -bash├─ 1884 su -├─ 1885 -bash├─32312 "sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups"├─32340 systemctl status sshd└─32341 less1月 29 17:31:28 localhost.localdomain systemd[1]: Starting SYSV: OpenSSH server daemon...
1月 29 17:31:28 localhost.localdomain sshd[32312]: Server listening on 0.0.0.0 port 22.
1月 29 17:31:28 localhost.localdomain sshd[32312]: Server listening on :: port 22.
1月 29 17:31:28 localhost.localdomain sshd[32303]: Starting sshd:[ 确定 ]
1月 29 17:31:28 localhost.localdomain systemd[1]: Started SYSV: OpenSSH server daemon.5、远程发起重新连接,验证登录正常。
相关文章:
制作OpenSSH 9.6 for openEuler 22.03 LTS的rpm升级包
OpenSSH作为操作系统底层管理平台软件,需要保持更新以免遭受安全攻击,编译生成rpm包是生产环境中批量升级的最佳途径。本文在国产openEuler 22.03 LTS系统上完成OpenSSH 9.6的编译工作。 一、编译环境 1、准备环境 基于vmware workstation发布的x86虚…...
DNS配置文件讲解
1. 概述 BIND:Berkeley Internet Name Domain ,伯克利因特网域名解析服务是一种全球使用最广泛的、 最高效的、最安全的域名解析服务程序 2. 安装软件 [rootserver ~]# yum install bind -y 3. bind服务中三个关键文件 /etc/named.conf : 主配置文件…...
142:vue+leaflet 加载tomtom地图(多种形式)
第142个 点击查看专栏目录 本示例介绍如何在vue+leaflet中添加tomtom地图,这里包含了多种形式,诸如中文标记、英文标记、白天地图、晚上地图、卫星影像图,高山海拔地形图等。 直接复制下面的 vue+leaflet源代码,操作2分钟即可运行实现效果 文章目录 示例效果配置方式示例…...
Android Mac电脑更改aar中的文件再打包
一 问题 要在Mac电脑上替换AAR中的文件并重新打包。 二 解决方案 1.解压AAR文件 将AAR文件重命名为.zip,并解压缩它,得到一个文件夹。 2.替换文件 在解压后的文件夹中找到您想替换的文件,将其替换为新文件。 3.重新打包 打开终端&…...
Jmeter脚本录制:抓取IOS手机请求包!
现在移动端的项目越来越多,今天给大家介绍一下,在IOS下Jmeter如何抓包。 1、电脑连上wifi; 2、Jmeter中配置“HTTP代理服务器” 1)启动Jmeter; 2)“测试计划”中添加“线程组”; 3)“测试计划”中添加“HTTP代理服务器”&#…...
大数据分析案例-基于随机森林算法构建电影票房预测模型
🤵♂️ 个人主页:艾派森的个人主页 ✍🏻作者简介:Python学习者 🐋 希望大家多多支持,我们一起进步!😄 如果文章对你有帮助的话, 欢迎评论 💬点赞Ǵ…...
关于Gitlab用户登录提示无限重定向循环ERR_TOO_MANY_REDIRECTS
#工作笔记# 查阅了网上所有相关的记录,都没有解决gitlab登录/users/sign_up/welcome提示ERR_TOO_MANY_REDIRECTS,好在最终解决了,记录在此。 先说下起因: github哼哼不想用了,原因太多,所以内部讨论用git…...
突破瓶颈,提升开发效率:Spring框架进阶与最佳实践-IOC
IOC相关内容 1.1 bean基础配置1.1.1 bean基础配置(id与class)1.1.2 bean的name属性步骤1:配置别名步骤2:根据名称容器中获取bean对象步骤3:运行程序 1.1.3 bean作用范围scope配置1.1.3.1 验证IOC容器中对象是否为单例验证思路具体实现 1.1.3.2 配置bean为非单例1.1.…...
西方网络安全人才培养的挑战及对策
文章目录 前言一、网络安全人才力量发展现状(一)注重从战略上重视网络安全人才培养和发展。(二)注重从多渠道多路径招募网络安全人才。(三)注重分层次分阶段系统规划网络安全人才培养模式。(四)注重通过实践锻炼进一步提升网络攻防实战能力。二、网络安全人才面临的形势…...
计算机网络之三次握手,四次挥手
TCP(传输控制协议)是一种面向连接的、可靠的传输层协议,用于在网络中的两个应用程序之间建立可靠的通信连接。TCP的核心特征之一是它使用“三次握手”过程来建立连接,以及“四次挥手”过程来终止连接。 三次握手(建立…...
深度强化学习(王树森)笔记09
深度强化学习(DRL) 本文是学习笔记,如有侵权,请联系删除。本文在ChatGPT辅助下完成。 参考链接 Deep Reinforcement Learning官方链接:https://github.com/wangshusen/DRL 源代码链接:https://github.c…...
调试OpenHarmony应用/服务
调试流程 DevEco Studio提供了丰富的OpenHarmony应用/服务调试能力,帮助开发者更方便、高效的调试应用/服务。 OpenHarmony应用/服务调试支持使用真机设备调试。使用真机设备进行调试前,需要对HAP进行签名后进行调试。详细的调试流程如下图所示&#x…...
【NGINX】NGINX如何阻止指定ip的请求
业务场景: web页面做了一个功能,在websocket请求失败的情况,会定时向服务端进行重试进行建立连接。 存在的问题是即使这个web系统没人操作的情况下,只要页面没有关闭,即使系统超时了页面也没有发生跳转,这…...
PHP抽奖设置中奖率,以及防高并发
一、中奖率,先在后台设定好奖项名称,抽奖份数,以及中奖百分比 奖品表draw 二、 借助文件排他锁,在处理下单请求的时候,用flock锁定一个文件,如果锁定失败说明有其他订单正在处理,此时要么等待要么直接提示用户"服务器繁忙" 阻塞(等待)模式,一般都是用这个模…...
使用.NET6 Avalonia开发跨平台三维应用
本文介绍在Vistual Studio 2022中使用Avalonia和集成AnyCAD Rapid AvaloniaUI三维控件的过程。 0 初始化环境 安装Avalonia.Templates dotnet new install Avalonia.Templates若之前安装过可忽略此步骤。 1 创建项目 选择创建AvaloniaUI项目 选一下.NET6版本和Avalonia版…...
linux(ubuntu)中crontab定时器命令详解 以及windows中定时器
文章目录 linux(ubuntu)中crontab定时器命令详解基本语法crontab 文件格式通配符示例在Ubuntu中,定时任务cron服务默认被安装。可以通过以下命令操作该服务:其他注意事项windows中定时器任务的创建步骤:常规触发器操作…...
植物病害检测YOLOV8,OPENCV调用
【免费】植物病害检测,10种类型,YOLOV8训练,转换成ONNX,OPENCV调用资源-CSDN文库 植物病害检测,YOLOV8NANO,训练得到PT模型,然后转换成ONNX,OPENCV的DNN调用,支持C,PYTH…...
C++初阶:入门泛型编程(函数模板和类模板)
大致介绍了一下C/C内存管理、new与delete后:C初阶:C/C内存管理、new与delete详解 我们接下来终于进入了模版的学习了,今天就先来入门泛型编程 文章目录 1.泛型编程2.函数模版2.1概念2.2格式2.3函数模版的原理2.4函数模版的实例化2.4.1隐式实例…...
【RT-DETR有效改进】CARAFE提高精度的上采样方法(助力细节长点)
👑欢迎大家订阅本专栏,一起学习RT-DETR👑 一、本文介绍 本文给大家带来的CARAFE(Content-Aware ReAssembly of FEatures)是一种用于增强卷积神经网络特征图的上采样方法。其主要旨在改进传统的上采样方法(就是我们的Upsample)的性能。CARAFE的核心思想是:使用输…...
leetcode 27.移除元素(python版)
需求 给你一个数组 nums 和一个值 val,你需要 原地 移除所有数值等于 val 的元素,并返回移除后数组的新长度。 不要使用额外的数组空间,你必须仅使用 O(1) 额外空间并 原地 修改输入数组。 元素的顺序可以改变。你不需要考虑数组中超出新长度…...
Prompt Tuning、P-Tuning、Prefix Tuning的区别
一、Prompt Tuning、P-Tuning、Prefix Tuning的区别 1. Prompt Tuning(提示调优) 核心思想:固定预训练模型参数,仅学习额外的连续提示向量(通常是嵌入层的一部分)。实现方式:在输入文本前添加可训练的连续向量(软提示),模型只更新这些提示参数。优势:参数量少(仅提…...
基于ASP.NET+ SQL Server实现(Web)医院信息管理系统
医院信息管理系统 1. 课程设计内容 在 visual studio 2017 平台上,开发一个“医院信息管理系统”Web 程序。 2. 课程设计目的 综合运用 c#.net 知识,在 vs 2017 平台上,进行 ASP.NET 应用程序和简易网站的开发;初步熟悉开发一…...
【Redis技术进阶之路】「原理分析系列开篇」分析客户端和服务端网络诵信交互实现(服务端执行命令请求的过程 - 初始化服务器)
服务端执行命令请求的过程 【专栏简介】【技术大纲】【专栏目标】【目标人群】1. Redis爱好者与社区成员2. 后端开发和系统架构师3. 计算机专业的本科生及研究生 初始化服务器1. 初始化服务器状态结构初始化RedisServer变量 2. 加载相关系统配置和用户配置参数定制化配置参数案…...
【项目实战】通过多模态+LangGraph实现PPT生成助手
PPT自动生成系统 基于LangGraph的PPT自动生成系统,可以将Markdown文档自动转换为PPT演示文稿。 功能特点 Markdown解析:自动解析Markdown文档结构PPT模板分析:分析PPT模板的布局和风格智能布局决策:匹配内容与合适的PPT布局自动…...
html css js网页制作成品——HTML+CSS榴莲商城网页设计(4页)附源码
目录 一、👨🎓网站题目 二、✍️网站描述 三、📚网站介绍 四、🌐网站效果 五、🪓 代码实现 🧱HTML 六、🥇 如何让学习不再盲目 七、🎁更多干货 一、👨…...
CSS设置元素的宽度根据其内容自动调整
width: fit-content 是 CSS 中的一个属性值,用于设置元素的宽度根据其内容自动调整,确保宽度刚好容纳内容而不会超出。 效果对比 默认情况(width: auto): 块级元素(如 <div>)会占满父容器…...
比较数据迁移后MySQL数据库和OceanBase数据仓库中的表
设计一个MySQL数据库和OceanBase数据仓库的表数据比较的详细程序流程,两张表是相同的结构,都有整型主键id字段,需要每次从数据库分批取得2000条数据,用于比较,比较操作的同时可以再取2000条数据,等上一次比较完成之后,开始比较,直到比较完所有的数据。比较操作需要比较…...
VisualXML全新升级 | 新增数据库编辑功能
VisualXML是一个功能强大的网络总线设计工具,专注于简化汽车电子系统中复杂的网络数据设计操作。它支持多种主流总线网络格式的数据编辑(如DBC、LDF、ARXML、HEX等),并能够基于Excel表格的方式生成和转换多种数据库文件。由此&…...
rm视觉学习1-自瞄部分
首先先感谢中南大学的开源,提供了很全面的思路,减少了很多基础性的开发研究 我看的阅读的是中南大学FYT战队开源视觉代码 链接:https://github.com/CSU-FYT-Vision/FYT2024_vision.git 1.框架: 代码框架结构:readme有…...
医疗AI模型可解释性编程研究:基于SHAP、LIME与Anchor
1 医疗树模型与可解释人工智能基础 医疗领域的人工智能应用正迅速从理论研究转向临床实践,在这一过程中,模型可解释性已成为确保AI系统被医疗专业人员接受和信任的关键因素。基于树模型的集成算法(如RandomForest、XGBoost、LightGBM)因其卓越的预测性能和相对良好的解释性…...