[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Converting shell script to RPM

From: "Mike A. Harris" <mharris opensourceadvocate org>
To: <rpm-list redhat com>
Subject: Re: Converting shell script to RPM
Date: Mon, 9 Jul 2001 15:15:28 -0400 (EDT)

On Mon, 9 Jul 2001, Timur Tabi wrote:

>Date: Mon, 09 Jul 2001 13:05:16 -0500
>From: Timur Tabi <ttabi@interactivesi.com>
>To: rpm-list@redhat.com
>Reply-To: rpm-list@redhat.com
>Content-Type: text/plain; charset=us-ascii; format=flowed
>Subject: Re: Converting shell script to RPM
>
>Mike A. Harris wrote:
>
>>$RPM_BUILD_ROOT
>>
>>In your install stage, you should be installing to a buildroot,
>>not to the actual system in use.
>>
>I don't understand that.    What's a buildroot?  I read the
>documentation on it, but it just makes absolutely no sense to me.
>
>"The buildroot tag is used to define an alternate build root. The name
>is a bit misleading, as the build root is actually used when the
>software is /installed/ during the build process."
>
>Which build process?  The build process for the rpm-file itself?

By default, unless you specify otherwise, when you build an RPM
package as user 'root', when the %install stage is executed, it
is actually installing the software on your _live_ system.  Any
files in the package will overwrite and destroy files of the same
name on your system.  This is bad, very bad.  If you have some
bad command in the %install section, or hidden away in some
makefile or install script, it can do serious damage to your
installed machine.

Building software and producing RPM packages should not in any
way modify the existing configuration or filesystem layour or
installed software on the machine that the packages are being
built on.  This is where buildroot comes in.

All RPM packages should in their spec files specify:

Buildroot: %{_tmppath}/%{name}-%{version}-root

or something very similar.  Most RPM packages out there specify
exactly the above, some specify /var/tmp/%{name}-%{version}-root
instead, but that is bad because it assumes the build system has
space in /var/tmp.  Using %{_tmppath} allows one to change the
buildroot for ALL builds, by merely specifying a different
_tmppath in ~/.rpmmacros for example.

The Buildroot directory is where software will get _installed_ to
during the build and packaging process.  So instead of %install
actually copying/moving files during build time on your live
system, it is installing into a fake buildroot instead.  This
helps ensure that your system does not get hosed when building
packages.

Just imagine the followiing bad command in %install:

chmod 600 /usr/share/doc/*

For whatever reason someone put it there...

If that gets executed during rpm packaging, your REAL SYSTEM now
has all files/dirs in /usr/share/doc/ mode 600.

Using the buildroot would make this be all files in:

/wherever/your/buildroot/is/usr/share/doc/*

and is thus harmless.  So, when using buildroots, any commands
that are installing files into the buildroot, or are manipulating
files in the buildroot must have the path specified beginning
with $RPM_BUILD_ROOT.

So instead of:

install -m755 foo /usr/bin

you should have:

install -m755 foo $RPM_BUILD_ROOT/usr/bin

You should also build packages as a non root user for additional
safety, by creating a ~/.rpmrc and ~/.rpmmacros configuration.

Here's mine:
[.rpmrc]
include:        /usr/lib/rpm/rpmrc
macrofiles: /usr/lib/rpm/macros:/usr/lib/rpm/%{_target}/macros:/etc/rpm/macros.specspo:/etc/rpm/macros:/etc/rpm/%{_target}/macros:~/.etc/.rpmmacros

[.etc/.rpmmacros]
# ROOT of the buildsystem
%_topdir        /home/mharris/rpmbuild

%_sourcedir     %{_topdir}/%{name}-%{version}
%_specdir       %{_sourcedir}

%_tmppath       %{_topdir}/tmp
%_builddir      %{_topdir}/BUILD
%_buildroot     %{_topdir}/%{_tmppath}/%{name}-%{version}-root
%_rpmdir        %{_topdir}/RPMS
%_srcrpmdir     %{_topdir}/SRPMS

%_rpmfilename   %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm

# Customized tags for local builds
%packager       Mike A. Harris <mharris@opensourceadvocate.org>
%distribution   Personal Build

# GNU GPG config below
%_signature     gpg
%_gpg_name      Mike A. Harris <mharris@opensourceadvocate.org>
%_gpg_path      /home/mharris/.gnupg

Then you make your dirs with:

mkdir -p ~/rpmbuild/{SRPMS,RPMS,tmp,BUILD}

tastes great... less filling..

Hope this is helpful.

Take care,
TTYL

----------------------------------------------------------------------
    Mike A. Harris  -  Linux advocate  -  Open Source advocate
       Opinions and viewpoints expressed are solely my own.
----------------------------------------------------------------------
Definition: MCSE - Must Consult Someone Experienced

References:
- Re: Converting shell script to RPM
  - From: Timur Tabi <ttabi@interactivesi.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []