I know everyone would like me to jump right in to talking about audit, but I want to take a detour first to make a couple posts that will be referenced in future articles. So, I'd like to get the first one out of the way which is building your own packages with rpm.
The reason we need to do this is that not everything that you might want is in Fedora. Sometimes a package is so hard to package that no distribution actually has it. For example, it may violate packaging guidelines as the build scripts are too complex to change without a whole lot of study. In a future blog post we will need to build one of these.
To start off with, you may want to have a specific account on your system for building packages. If so, make one and log into that account so that we can set things up.
When I build packages, I like to have things in specific places. I like to have tar file, spec file, and patches all in one directory named after the package. I do not like all sources jumbled together. We can get this with a little planning.
I prefer to have the following directory layout:
│ ├── noarch
│ └── x86_64
To get this layout, do the following in your build account home directory:
Next we want to add a .rpmmacros file to the home directory that will use this structure for building packages. The following assumes the account is "builder". Copy and change it as appropriate to your build account. Save it as .rpmmacros. The explanations are all inline.
Now just a couple more changes and we are all set. If this is a brand new account, you might want to have rm, cp, and mv all asking permission to prevent accidents.
And lastly, its also good get a couple prerequisite build packages installed.
This concludes setting up an environment to build packages for Fedora or RHEL. You can now test your setup by building the most recent audit rpm (after installing audit prerequisite rpms).
Next we need to install some prerequisite packages for building the audit package:
Note that under normal circumstances, you do not install audit-libs-devel to build the audit package. There is a self-test for the golang binding that needs libaudit.so in the system path. One of these days I'll fixup the test so that it uses the freshly built one. In any event, we can now do the build:
Note that even though the above references a Fedora 24 rpm, it doesn't make any difference since its just the source rpm. If everything goes to plan, you will have packages in working/RPMS. If you want to see the exploded audit source code, after building its located in working/BUILD/audit-2.7.2/. If you want to see all the files that make up the audit build, they are in working/audit/. Everything is nice and neat.
Its good to check with a simple rpm before we build a challenging package.