I have already written article to build a signed rpm from scratch by building a source archive using Red Hat Linux, now in this article I will share the steps to rebuild rpm using source rpm. The source rpm can be collected from official page of respective distribution. In this article I will use httpd source rpm to rebuild the httpd rpm

Steps to Rebuild RPM using Source RPM in Linux (CentOS/RHEL 7)

 

Setting up RPM packaging workspace

This section describes how to set up a directory layout that is the RPM packaging workspace by using the rpmdev-setuptree utility.

 

Prerequisites

The rpmdevtools package must be installed on your system. You can install rpmdevtools using ‘yum‘:

NOTE:
If you do not have an active repository then download rpms with all the list of dependencies using which then you can create an offline repository.
[root@node3 ~]# yum install rpmdevtools

There are some other pre-requisite rpms which are required to rebuild rpm. Some of them are:

  • gcc
  • make
  • cpp

Now depending upon the rpm you plan to rebuild, there are be many more dependencies and pre-requisites which you will have to install manually later:

Run the rpmdev-setuptree utility at a location where you wish to setup the structure to rebuild rpm:

[root@node3 ~]# rpmdev-setuptree

To get this output you would need ‘tree’ utility:

[root@node3 ~]# tree ~/rpmbuild/
/root/rpmbuild/
├── BUILD
├── RPMS
├── SOURCES
├── SPECS
└── SRPMS

5 directories, 0 files

 

Modify source rpm content

In this article I will share the steps to rebuild rpm using source rpm and I will use httpd as my example. I have created a temporary directory where I will perform all my editing for httpd rpm.

[root@node3 ~]# mkdir /tmp/customrpm

Copy the httpd source rpm to this temporary directory

[root@node3 ~]# cp httpd-2.4.6-89.el7_6.src.rpm /tmp/customrpm/

Extract the source rpm using rpm2cpio

[root@node3 ~]# cd /tmp/customrpm

[root@node3 customrpm]# rpm2cpio httpd-2.4.6-89.el7_6.src.rpm | cpio -idm
11022 blocks

Next extract the httpd-2.4.6.tar.bz2 archive so that we can modify the content of httpd

[root@node3 customrpm]# tar -xjvf httpd-2.4.6.tar.bz2

To demonstrate this article I will put some dummy data in one of the files under httpd to verify our changes

[root@node3 customrpm]# cd httpd-2.4.6

[root@node3 httpd-2.4.6]# echo "TEST Deepak" >> README

If you observe we have multiple patch and other configuration files available inside our temporary directory. These contents will be added in the SOURCE directory of the rpm build structure

[root@node3 customrpm]# ls
00-base.conf                           httpd-2.4.6-CVE-2017-3169.patch                 httpd-2.4.6-r1651658.patch
00-dav.conf                            httpd-2.4.6-CVE-2017-7668.patch                 httpd-2.4.6-r1662640.patch
00-lua.conf                            httpd-2.4.6-CVE-2017-7679.patch                 httpd-2.4.6-r1663647.patch
00-mpm.conf                            httpd-2.4.6-CVE-2017-9788.patch                 httpd-2.4.6-r1664565.patch
00-proxy.conf                          httpd-2.4.6-CVE-2017-9798.patch                 httpd-2.4.6-r1668532.patch
00-proxyhtml.conf                      httpd-2.4.6-default-port-worker.patch           httpd-2.4.6-r1674222.patch
00-ssl.conf                            httpd-2.4.6-dhparams-free.patch                 httpd-2.4.6-r1681107.patch
00-systemd.conf                        httpd-2.4.6-full-release.patch                  httpd-2.4.6-r1681114.patch
01-cgi.conf                            httpd-2.4.6-http-protocol-options-define.patch  httpd-2.4.6-r1681289.patch
01-ldap.conf                           httpd-2.4.6-ldaprefer.patch                     httpd-2.4.6-r1683112.patch
01-session.conf                        httpd-2.4.6-mod_authz_dbd-missing-query.patch   httpd-2.4.6-r1684462.patch
action-configtest.sh                   httpd-2.4.6-mpm-segfault.patch                  httpd-2.4.6-r1688399.patch
action-graceful.sh                     httpd-2.4.6-pre_htaccess.patch                  httpd-2.4.6-r1705528.patch
htcacheclean.service                   httpd-2.4.6-r1332643+.patch                     httpd-2.4.6-r1723522.patch
htcacheclean.sysconf                   httpd-2.4.6-r1348019.patch                      httpd-2.4.6-r1726019.patch
httpd-2.4.1-apctl.patch                httpd-2.4.6-r1420184.patch                      httpd-2.4.6-r1737363.patch
httpd-2.4.1-corelimit.patch            httpd-2.4.6-r1506474.patch                      httpd-2.4.6-r1738878.patch
httpd-2.4.1-deplibs.patch              httpd-2.4.6-r1507681+.patch                     httpd-2.4.6-r1748212.patch
httpd-2.4.1-selinux.patch              httpd-2.4.6-r1515372.patch                      httpd-2.4.6-r1775832.patch
httpd-2.4.2-icons.patch                httpd-2.4.6-r1524368.patch                      httpd-2.4.6-r1805099.patch
httpd-2.4.3-apctl-systemd.patch        httpd-2.4.6-r1526189.patch                      httpd-2.4.6-r1811746.patch
httpd-2.4.3-apxs.patch                 httpd-2.4.6-r1527509.patch                      httpd-2.4.6-r1811831.patch
httpd-2.4.3-layout.patch               httpd-2.4.6-r1528556.patch                      httpd-2.4.6-r1811976.patch
httpd-2.4.3-mod_systemd.patch          httpd-2.4.6-r1528958.patch                      httpd-2.4.6-r1824872.patch
httpd-2.4.3-sslsninotreq.patch         httpd-2.4.6-r1530280.patch                      httpd-2.4.6-r1825120.patch
httpd-2.4.4-cachehardmax.patch         httpd-2.4.6-r1530999.patch                      httpd-2.4.6-r1826995.patch
httpd-2.4.4-export.patch               httpd-2.4.6-r1533448.patch                      httpd-2.4.6-r1833014.patch
httpd-2.4.4-malformed-host.patch       httpd-2.4.6-r1537535.patch                      httpd-2.4.6-rewrite-clientaddr.patch
httpd-2.4.4-mod_unique_id.patch        httpd-2.4.6-r1542327.patch                      httpd-2.4.6-rewrite-dir.patch
httpd-2.4.4-r1337344+.patch            httpd-2.4.6-r1553540.patch                      httpd-2.4.6-rotatelogs-zombie.patch
httpd-2.4.6                            httpd-2.4.6-r1555539.patch                      httpd-2.4.6-rotatelog-timezone.patch
httpd-2.4.6-89.el7_6.src.rpm           httpd-2.4.6-r1556473.patch                      httpd-2.4.6-sigint.patch
httpd-2.4.6-ab-overflow.patch          httpd-2.4.6-r1556818.patch                      httpd-2.4.6-ssl-ecdh-auto.patch
httpd-2.4.6-ab-ssl-error.patch         httpd-2.4.6-r1560093.patch                      httpd-2.4.6-ssl-error-free.patch
httpd-2.4.6-apachectl-httpd-env.patch  httpd-2.4.6-r1569006.patch                      httpd-2.4.6-ssl-large-keys.patch
httpd-2.4.6-apachectl-status.patch     httpd-2.4.6-r1570327.patch                      httpd-2.4.6-sslmultiproxy.patch
httpd-2.4.6-ap-ipv6.patch              httpd-2.4.6-r1573626.patch                      httpd-2.4.6-statements-comment.patch
httpd-2.4.6-bomb.patch                 httpd-2.4.6-r1587053.patch                      httpd-2.4.6.tar.bz2
httpd-2.4.6-CVE-2013-4352.patch        httpd-2.4.6-r1593002.patch                      httpd-2.4.6-uds.patch
httpd-2.4.6-CVE-2013-5704.patch        httpd-2.4.6-r1594625.patch                      httpd-2.4.6-upn.patch
httpd-2.4.6-CVE-2013-6438.patch        httpd-2.4.6-r1604460.patch                      httpd.conf
httpd-2.4.6-CVE-2014-0098.patch        httpd-2.4.6-r1610013.patch                      httpd.logrotate
httpd-2.4.6-CVE-2014-0117.patch        httpd-2.4.6-r1610396.patch                      httpd.service
httpd-2.4.6-CVE-2014-0118.patch        httpd-2.4.6-r1618851.patch                      httpd.spec
httpd-2.4.6-CVE-2014-0226.patch        httpd-2.4.6-r1621601.patch                      httpd-ssl-pass-dialog
httpd-2.4.6-CVE-2014-0231.patch        httpd-2.4.6-r1624349.patch                      httpd.sysconf
httpd-2.4.6-CVE-2014-3581.patch        httpd-2.4.6-r1631119.patch                      httpd.tmpfiles
httpd-2.4.6-CVE-2015-3183.patch        httpd-2.4.6-r1633085.patch                      index.html
httpd-2.4.6-CVE-2015-3185.patch        httpd-2.4.6-r1634529.patch                      manual.conf
httpd-2.4.6-CVE-2016-0736.patch        httpd-2.4.6-r1650310.patch                      README.confd
httpd-2.4.6-CVE-2016-2161.patch        httpd-2.4.6-r1650655.patch                      ssl.conf
httpd-2.4.6-CVE-2016-5387.patch        httpd-2.4.6-r1650677.patch                      userdir.conf
httpd-2.4.6-CVE-2016-8743.patch        httpd-2.4.6-r1651083.patch                      welcome.conf
httpd-2.4.6-CVE-2017-3167.patch        httpd-2.4.6-r1651653.patch

 

Create RPM Content Archive

Next we will archive the content after our changes are done. My new archive will be available under /tmp.

[root@node3 customrpm]# tar -cjvf ../httpd-2.4.6.tar.bz2  httpd-2.4.6/*

So now since I have a new archive with me I will remove the extra content from my temporary directory.

[root@node3 customrpm]# rm -rf httpd-2.4.6 httpd-2.4.6.tar.bz2 httpd-2.4.6-89.el7_6.src.rpm

 

Update SOURCES directory

Next we will copy the new archive to SOURCES directory which can be further used to rebuild rpm (httpd)

[root@node3 customrpm]# cp /tmp/httpd-2.4.6.tar.bz2 /root/rpmbuild/SOURCES/

 

Update SPEC File

Also copy the httpd.spec file to SPEC directory as we will need this to rebuild rpm with a new version

[root@node3 customrpm]# cp httpd.spec /root/rpmbuild/SPECS/

Modify the version of rpm

[root@node3 customrpm]# cd /root/rpmbuild/SPECS/
[root@node3 SPECS]# vim httpd.spec

<Updated the Release Number>
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.6
Release: 90%{?dist}

<Added change log>
%changelog
* Fri Jun 21 2019 Deepak Prasad <deepak.prasad@nokia.com> - 2.4.6-90
- Test Changes

 

Rebuild RPM

If you check the spec file, you will find below section:

BuildRequires: autoconf, perl, pkgconfig, findutils, xmlto
BuildRequires: zlib-devel, libselinux-devel, lua-devel
BuildRequires: apr-devel >= 1.4.0, apr-util-devel >= 1.2.0, pcre-devel >= 5.0
BuildRequires: systemd-devel
Requires: /etc/mime.types, system-logos >= 7.92.1-1

Requires(pre): /usr/sbin/useradd
Requires(pre): /usr/sbin/groupadd
Requires(preun): systemd-units
Requires(postun): systemd-units
Requires(post): systemd-units

So before we start with rebuild rpm, we have to make sure the build machine has these rpms installed and those files available on your host.

Now we are done with our complete prerequisites so it is time for us to start with rebuild rpm.

[root@node3 SPECS]# rpmbuild -ba httpd.spec

Here -ba means Build binary and source packages (after doing the %prep, %build, and %install stages).

To get the complete list of dependencies you can initiate rpmbuild and it will throw you the dependencies list:

[root@node3 SPECS]# rpmbuild -ba httpd.spec
error: Failed build dependencies:
        autoconf is needed by httpd-2.4.6-90.el7.x86_64
        xmlto is needed by httpd-2.4.6-90.el7.x86_64
        zlib-devel is needed by httpd-2.4.6-90.el7.x86_64
        libselinux-devel is needed by httpd-2.4.6-90.el7.x86_64
        lua-devel is needed by httpd-2.4.6-90.el7.x86_64
        apr-devel >= 1.4.0 is needed by httpd-2.4.6-90.el7.x86_64
        apr-util-devel >= 1.2.0 is needed by httpd-2.4.6-90.el7.x86_64
        pcre-devel >= 5.0 is needed by httpd-2.4.6-90.el7.x86_64
        systemd-devel is needed by httpd-2.4.6-90.el7.x86_64
        openssl-devel >= 1:1.0.1e-37 is needed by httpd-2.4.6-90.el7.x86_64
        libxml2-devel is needed by httpd-2.4.6-90.el7.x86_64

So now we can manually install these dependency rpms:

[root@node3 SPECS]# yum -y install autoconf xmlto zlib-devel libselinux-devel lua-devel apr-devel apr-util-devel pcre-devel systemd-devel openssl-devel libxml2-devel

Once we are done, let us re-trigger the rebuild rpm command.

[root@node3 SPECS]# rpmbuild -ba httpd.spec
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.u33j1b
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd /root/rpmbuild/BUILD
+ rm -rf httpd-2.4.6
+ /usr/bin/bzip2 -dc /root/rpmbuild/SOURCES/httpd-2.4.6.tar.bz2
+ /usr/bin/tar -xf -
+ STATUS=0

<Output Trimmed>

Checking for unpackaged file(s): /usr/lib/rpm/check-files /root/rpmbuild/BUILDROOT/httpd-2.4.6-90.el7.x86_64
Wrote: /root/rpmbuild/SRPMS/httpd-2.4.6-90.el7.src.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/httpd-2.4.6-90.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/httpd-devel-2.4.6-90.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/noarch/httpd-manual-2.4.6-90.el7.noarch.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/httpd-tools-2.4.6-90.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/mod_ssl-2.4.6-90.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/mod_proxy_html-2.4.6-90.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/mod_ldap-2.4.6-90.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/mod_session-2.4.6-90.el7.x86_64.rpm
Wrote: /root/rpmbuild/RPMS/x86_64/httpd-debuginfo-2.4.6-90.el7.x86_64.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.5JJBBV
+ umask 022
+ cd /root/rpmbuild/BUILD
+ cd httpd-2.4.6
+ rm -rf /root/rpmbuild/BUILDROOT/httpd-2.4.6-90.el7.x86_64
+ exit 0

So our rebuild rpm step is complete using source rpm. At the end of execution you can see the path of the new rpm files.

 

Verify new rpm

I will install the new rpm to verify the changes which I had done to the README file of our httpd rpm.

[root@node3 SPECS]# rpm -Uvh /root/rpmbuild/RPMS/x86_64/httpd-2.4.6-90.el7.x86_64.rpm /root/rpmbuild/RPMS/x86_64/httpd-tools-2.4.6-90.el7.x86_64.rpm
Preparing...                          ################################# [100%]
Updating / installing...
   1:httpd-tools-2.4.6-90.el7         ################################# [ 50%]
   2:httpd-2.4.6-90.el7               ################################# [100%]

Verify if the rpm is successfully installed

[root@node3 SPECS]# rpm -qa | grep httpd
httpd-tools-2.4.6-90.el7.x86_64
httpd-2.4.6-90.el7.x86_64

Get the path of README file where we did the changes of our source rpm:

[root@node3 SPECS]# rpm -ql httpd-2.4.6-90.el7.x86_64 | grep README
/etc/httpd/conf.d/README
/usr/share/doc/httpd-2.4.6/README
/usr/share/httpd/error/README
/usr/share/httpd/icons/README
/usr/share/httpd/icons/README.html

So looks like our changes are present as expected:

[root@node3 SPECS]# grep TEST /usr/share/doc/httpd-2.4.6/README
TEST Deepak

 

Lastly I hope the steps from the article to rebuild RPM using source RPM on Red Hat Linux was helpful. So, let me know your suggestions and feedback using the comment section.

 

Leave a Reply

Your email address will not be published. Required fields are marked *