In our previous demo we built a binary file from a shell script. Now, we will name it as “findit” and create a RPM package.

The binary file that we created still depends on bash.

   1) Install rpm-build package

yum install rpm-build

   2) Install rpmdevtools.noarch package

After this step on Redhat or Centos 7 distributions you will see following directories have been created automatically.

But if it does not exist, you should consider creating them manually.

To avoid possible system libraries and other files damage, you should NEVER build an RPM with the root user. You should always use an unprivileged user for this purpose.

I am switching to another user. Then will create directories.

   3) Create directories under your user’s home

mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}

Next command will overwrite an existing .rpmmacros file if it exists, so check that you don’t already have one before continuing.

After running the two commands above, your environment is set up to build most RPMs without further setup.

   4) Now, package your shell script into a tar.gz file and move that to SOURCES directory. 

Here I recommend to use locate directory because depending on your distribution rpm-build directories may change. On Redhat 7 you can find it under /usr/src/redhat/SOURCES/ but in our case, as I set it up manually, we have directories under our home folder.

   5) Create a .spec file that describes where everything is

Before showing you my .spec file, it is good to share general information about its content.

  1. Preamble – The preamble section contains information about the package being built and define any dependencies to the package. In general, the preamble consists of entries, one per line, that start with a tag followed by a colon, and then some information.
  2. %prep – In this section, we prepare the software for building process. Any previous builds are removed during this process and the source file(.tar) file is expanded, etc.
  3. One more key thing is to understand there are pre-defined macros available to perform various shortcut options to build rpm. You may be using this macros when you try to build any complex packages. In the below example, I have used a macro called %setup which removes any previous builds, untar the source files and changes the ownership of the files. You can also use sh scripts under %prep section to perform this action but %setup macro simplifies the process by using predefined sh scripts.
  4. %description – the description section usually contains description about the package.
  5. %build – This is the section that is responsible for performing the build. Usually the %build section is an sh script.
  6. %install – the % install section is also executed as sh script just like %prep and %build. This is the step that is used for the installation.
  7. %files – This section contains the list of files that are part of the package. If the files are not part of the %files section then it wont be available in the package. Complete paths are required and you can set the attributes and ownership of the files in this section.
  8. %clean – This section instructs the RPM to clean up any files that are not part of the application’s normal build area. Lets say for an example, If the application creates a temporary directory structure in /tmp/ as part of its build, it will not be removed. By adding a sh script in %clean section, the directory can be removed after the build process is completed.

Be careful to use same name as your script for .spec file also within its content. Check my spec file:

   6) Build your spec file for rpm package creation

rpmbuild -ba findit.spec

Note: If you are using SuSE Linux, if rpmbuild is not available, try using “rpm -ba” to build the rpm package.


   7) Verify source and binary RPM files

   8) Sign your RPM package (Optional)

1. First, generate a gpg key pair.

2. Verify your gpg key.

3. Share your gpg key with RPM DB

First, export your gpg key into a test file with following command:

sudo gpg –export -a “Mufit Saka” > RPM-GPG-KEY-Saka

4. Configure your ~/.rpmmacros file

5. You can sign each RPM file individually:

sudo rpm –addsign ../rpmbuild/RPMS/noarch/findit-1.0-1.el6.noarch.rpm

If because of any reason above command is not working, try to check your .rpmmacros file:

%_gpg_name  => Use the Real Name you used to create your key

If gpg_name is the same name with your package creation step, type then following command:

6. Check the signature to make sure it was signed

To sign a package during build operation add –sign option.

sudo rpmbuild -ba –sign //name//.spec

   9) Install the package and start to use it