本文主要是介绍华为欧拉openeuler 22.03 lts 制作openssh 9.1 rpm包 修复安全漏洞升级更新,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
1. 处理源码
tar -zxf openssh-9.1p1.tar.gz
cd openssh-9.1p1/contrib/redhat/
cp -p sshd.pam sshd.pam.old
cp -p sshd.init sshd.init.old
cd ../../
#重新打包源码
tar -czf openssh-9.1p1.tar.gz openssh-9.1p1
2. 处理openssh.spec
注释的地方如下:
94 #PreReq: initscripts >= 5.00
103 #BuildRequires: openssl-devel < 1.1
3. 手动创建目录
mkdir -p /root/rpmbuild/{SPECS,SOURCES}
4. 拷贝源码到目录
cp openssh-9.1p1.tar.gz x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
5.切换目录进行rpm包制作
cd rpmbuild/SPECS/
rpmbuild -ba openssh.spec
6.查看构建的成果
tree RPMS/x86_64/
RPMS/x86_64/
├── openssh-9.1p1-1.x86_64.rpm
├── openssh-askpass-9.1p1-1.x86_64.rpm
├── openssh-askpass-gnome-9.1p1-1.x86_64.rpm
├── openssh-clients-9.1p1-1.x86_64.rpm
├── openssh-debuginfo-9.1p1-1.x86_64.rpm
├── openssh-debugsource-9.1p1-1.x86_64.rpm
└── openssh-server-9.1p1-1.x86_64.rpm
tree SRPMS/
SRPMS/
└── openssh-9.1p1-1.src.rpm
7.安装测试
升级安装只需要三个包:
openssh-9.1p1-1.x86_64.rpm
openssh-clients-9.1p1-1.x86_64.rpm
openssh-server-9.1p1-1.x86_64.rpm
# 备份配置文件
cp -p /etc/ssh /etc/ssh-backup
cp -p /etc/pam.d/sshd /etc/pam.d/sshd-backup
# 升级安装
yum localinstall *.rpm
# 覆盖/etc/pam.d/sshd
cat /etc/pam.d/sshd
#%PAM-1.0
auth required pam_sepermit.so
auth include password-auth
account required pam_nologin.so
account include password-auth
password include password-auth
## pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_loginuid.so
## pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open env_params
session optional pam_keyinit.so force revoke
session include password-auth
# 配置ssh
chmod 400 /etc/ssh/ssh_host_*
echo 'UsePAM yes' >> /etc/ssh/sshd_config
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_config
# 重启sshd服务
systemctl restaret sshd
# 验证测试连接即可
rpm -qa | grep openssh
openssh-server-9.1p1-1.x86_64
openssh-9.1p1-1.x86_64
openssh-clients-9.1p1-1.x86_64
ssh -V
OpenSSH_9.1p1, OpenSSL 1.1.1m 14 Dec 2021
systemctl status sshd | grep running
Active: active (running) since Fri 2022-10-21 10:59:17 CST; 11min ago
└─2259192 grep --color=auto running
# selinux firewalld已关闭
这篇关于华为欧拉openeuler 22.03 lts 制作openssh 9.1 rpm包 修复安全漏洞升级更新的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!