#! /bin/bash
#下载并解压openssl
yum install zlib-devel pam-devel -y
wget https://openssl.org/source/openssl-1.0.2p.tar.gz
tar zxvf openssl-1.0.2p.tar.gz
#解决no version information available问题
echo "OPENSSL_1.0.0 { global: *; };" > /tmp/openssl.ld
#编译
cd openssl-1.0.2p
./config shared zlib --prefix=/usr/local/openssl shared -Wl,--version-script=/tmp/openssl.ld -Wl,-Bsymbolic-functions
sed -i 's/SHLIB_MINOR=0.0/SHLIB_MINOR=0.2p/g' Makefile
make -j `cat /proc/cpuinfo|grep processor |wc -l`
make install
#fpm封装
rm -rf /root/SOURCES/*
mkdir -p /root/SOURCES/usr/local/
mkdir -p /root/RPMS/x86_64
cp -rf /usr/local/openssl /root/SOURCES/usr/local/
##安装后执行的脚本
cat <<EOF> /tmp/post_openssl.sh
mv /usr/bin/openssl /usr/bin/openssl.old_\$(date +"%F_%T")
ln -sf /usr/local/openssl/bin/openssl /usr/bin/openssl
echo "/usr/local/openssl/lib" >>/etc/ld.so.conf
ldconfig
EOF
fpm -f -s dir -t rpm -n openssl --epoch 1 -v 1.0.2p --iteration 44.el6 -C /root/SOURCES -p /root/RPMS/x86_64 --verbose --category 'System Environment/Libraries' --description 'The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols.' --url 'http://www.openssl.org/' --license 'OpenSSL' -m 'CentOS BuildSystem <http://bugs.centos.org>' --no-rpm-sign --vendor 'CentOS' --post-install '/tmp/post_openssl.sh' --directories '/usr/local/openssl'
#rpm -ivh /root/RPMS/x86_64/openssl-1.0.2p-44.el6.x86_64.rpm
#rpm -qpi /root/RPMS/x86_64/openssl-1.0.2k-1.el7.x86_64.rpm
#rpm -qp --scripts /root/RPMS/x86_64/openssl-1.0.2k-1.el7.x86_64.rpm
#openssh
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.8p1.tar.gz
tar zxvf openssh-7.8p1.tar.gz
cd openssh-7.8p1
./configure --prefix=/usr/local/openssh --sysconfdir=/etc/ssh --with-pam --with-ssl-dir=/usr/local/openssl --with-md5-passwords --mandir=/usr/share/man --with-zlib --without-hardening
make -j `cat /proc/cpuinfo|grep processor |wc -l`
make install
#fpm封装
rm -rf /root/SOURCES/*
mkdir -p /root/SOURCES/usr/local/
mkdir -p /root/RPMS/x86_64
cp -rf /usr/local/openssh /root/SOURCES/usr/local/
cat <<EOF>/tmp/post_openssh.sh
mv /usr/bin/ssh /usr/bin/ssh.old_\$(date +"F_%T")
mv /usr/bin/sftp /usr/bin/sftp.old_\$(date +"F_%T")
mv /usr/sbin/sshd /usr/sbin/sshd.old_\$$(date +"F_%T")
cp -rf /usr/local/openssh/bin/ssh /usr/bin/ssh
cp -rf /usr/local/openssh/bin/sftp /usr/bin/sftp
cp -rf /usr/local/openssh/sbin/sshd /usr/sbin/sshd
EOF
fpm -f -s dir -t rpm -n openssh --epoch 1 -v 7.8p1 --iteration 131.el6 -C /root/SOURCES -p /root/RPMS/x86_64 --verbose --category 'Applications/Internet' --description 'SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between twountrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. ' --url 'http://www.openssh.com/portable.html' --license 'BSD' -m 'CentOS BuildSystem <http://bugs.centos.org>' --no-rpm-sign --vendor 'CentOS' --post-install '/tmp/post_openssh.sh' --directories '/usr/local/openssh' -d 'openssl >= 1.0.2p'
openssl+openssh
最新推荐文章于 2024-04-06 18:58:56 发布