Subversion Repositories ALCASAR

Rev

Rev 3088 | Blame | Compare with Previous | Last modification | View Log

By Rexy

ALCASAR need the following programs that don't be included as RPM in Mageia :
  - coovachilli (the captive portal)
  - ipt_netflow kernel module (netflow log system)
  - wkhtmltopdf (html to pdf renderer)
  - nfdump (collector & processor for netflow data)
  - havp (http antivirus proxy) used before ALCASAR V3.5

This howto explains how to build RPM of these programs in order to keep the distribution clean
The compilation options are set in /etc/rpm/macro.d/*
The .spec & RPM can be test with the tool "rpmlint"

****  Prepare the RPM creation structure ***
- upadate your system : urpmi --auto-update
- install the following RPMs : urpmi kernel-userspace-headers rpm-build gengetopt libtool
- create directories structure in your home : mkdir -p ~/rpmbuild/{SRPMS,SOURCES,SPECS,tmp}
- Option : find the ".rpmmacros" file on mageia wiki (https://wiki.mageia.org/en/Packagers_RPM_tutorial) and copy it in your home directory

****  For Coova-chilli   *****
- install the following RPMs "lib64openssl-devel", "lib64json-c-devel"
- retrieve the last git archive of coova-chilli (https://github.com/coova/coova-chilli).
- Unzip it and test the compilation process ("sh ./bootstrap", "./configure --disable-static --enable-shared --enable-largelimits --enable-chilliredir --enable-chilliscript --with-poll --enable-dhcpopt --enable-libjson --enable-json        --enable-mdns --with-openssl", "make", "make install").
- all is in the /usr/local". Remove the instaled files ("make uninstall") and the binaries ("make clean").
- rename the directory (coovachilli-1.x) and compress it (ie : tar -cvzf coova-chilli-1.x.tar.gz coova-chilli-1.x). Copy this tarball in the directory ~/rpmbuild/SOURCES/.
- copy the SPEC file from the ALCASAR archive to the directory ~/rpmbuild/SPEC
- copy the .patch and SHA256* files in the directory ~/rpmbuild/SOURCES
//- Add the option -Wno-format-truncation à la ligne "%Werror_cflags" du fichier /etc/rpm/macro.d/20build.macros (avoid the following warning : https://github.com/coova/coova-chilli/issues/509) 
- change to the directory ~/pmbuild/SPEC and run the RPM build process : "rpmbuild -bb coova-chilli.spec" (or rpmbuild -ba to create also the SRPMS) 

INFO : .spec tunning :
        - add this 1st line : "%define _disable_ld_no_undefined 1" to avoid errors for unused references (ld)
        - add the line "automake --add-missing" before "make"
        - for 64b version, add 2 lines with "lib64" directory in the section "removing statics binaries" (rm -rf $RPM_BUILD_ROOT/usr/lib/*.la)
        - remove from the archive the unused files for ALCASAR (wpad.dat, wwwdir, etc.) via la directive '%exclude'
        - change %make (deprecated) with %make_build and change %makeinstall (deprecated) with %make_install

**** For HAVP ****
- install the RPM of clamav-devel
- download, uncompress, and test the compilation of the last version of havp (./configure + make)
- copy the tarball in ~/rpmbuild/SOURCES/. copy the patch file ("havp-init.diff") in ~/rpmbuil/SOURCE. Copy and adapt the .spec in ~/rpmbuid/SPEC
- rpmbuild -bb ***.spec

****  For ipt_netflow  ****
- Must be complied on a system which runs the target kernel. So install manually the targeted kernel and the same version of kernel-userspace-headers and reboot (ipt_NETFLOW will not load during this reboot) 
- install the RPMs "kernel-server-devel" (choose the targeted kernel), "lib64iptables-devel"
- download, uncompress and test the compilation of the last version of ipt-netflow (./configure --disable-dkms --disable-snmp-agent, make all install). The module is compiled in the same directory. The libs are copied in the /lib64/iptables (libip6t_NETFLOW.so & libipt_NETFLOW.so)
- test the module : go to the directory of sources and try to load it (insmod ./ipt_NETFLOW.ko), look at "journalctrl -f" to verify. Run "alcasar-iptables.sh" to reload netfilter rules (no errors should appear). Run "alcasar-daemon.sh" to verify that all is ok.
- if all is ok, copy the tarball in rpmbuild/SOURCES.
- Copy and adapt the .spec in rpmbuild/SPECS (change the versions of kernel, kernel source and rpm).
- Run "rpmbuild -bb ****.spec"
- install the fresh rpm (urpmi) and load ALCASAR iptables rules (alcasar-iptables.sh). Great job ;-) 

**** For wkhtmltopdf --> no longer need (included in Mageia7) ****
- download the archive of the binaries of the last version (https://wkhtmltopdf.org/downloads.html) in ~/rpmbuild/SOURCES/wkhtmltox-%{version}_linux-generic-amd64.tar.xz.
- build with: rpmbuild -bb --clean wkhtmltopdf-%{version}-%{release}.spec

**** For nfdump ****
- Download archive of the last stable version (https://github.com/phaag/nfdump)
- install lib64rrdtool-devel, bison, flex

**** For gammu --> only if new version is needed
- see .spec or SRPMS and adapt. !! long time compilation