It's a shame that the simplest way to build RPM packages "out of the box" on most distributions is simply to switch to root and run rpmbuild using the default directory hierarchy, usually under /usr/src/redhat. It's a shame because building RPM packages is a potentially dangerous thing to do, and building a poorly-contructed one (e.g. one that doesn't specify a buildroot, or contains errors in the scripts) could result in accidental deletion of important system files if the build is attempted as the root user. By running the build as a regular user, such a package probably won't build successfully but at least it won't cause much damage either.
Building RPM packages as a regular user is straightforward once you've got the environment (a few directories and a ~/.rpmmacros file) set up. You will of course need the rpm-build package installed, whichever method you choose to set up your build environment.
If you're using Fedora Core 3 or later, a simple method of setting up the build environment is to use the rpmdev-setuptree command from the rpmdevtools package in Fedora Extras.
Fedora Core 3 needs to be manually configured to use Fedora Extras.
Install rpmdevtools from Extras
[localhost ~]$ sudo yum install rpmdevtools Setting up Install Process Setting up repositories extras 100% |=========================| 1.1 kB 00:00 updates 100% |=========================| 951 B 00:00 core 100% |=========================| 951 B 00:00 Reading repository metadata in from local files Finished Parsing package install arguments Resolving Dependencies --> Populating transaction set with selected packages. Please wait. ---> Package rpmdevtools.noarch 0:5.0-2.fc5 set to be updated --> Running transaction check Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: rpmdevtools noarch 5.0-2.fc5 extras 59 k Transaction Summary ============================================================================= Install 1 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 59 k Is this ok [y/N]: y Downloading Packages: (1/1): rpmdevtools 100% |=========================| 59 kB 00:00 Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing: rpmdevtools ######################### [1/1] Installed: rpmdevtools.noarch 0:5.0-2.fc5 Complete! [localhost ~]$
Create RPM Build Environment
[localhost ~]$ rpmdev-setuptree [localhost ~]$ ls Desktop download rpmbuild [localhost ~]
This creates an RPM build environment within the ~/rpmbuild directory.
If you're not using a recent Fedora Core release, you'll need to set up the necessary files and directories manually.
Create ~/.rpmmacros file
Using your favourite editor, create a file ~/.rpmmacros containing the following:
%_topdir %(echo $HOME)/rpmbuild %_smp_mflags -j3
[localhost somedir]$ cd ~ [localhost ~]$ mkdir rpmbuild [localhost ~]$ cd rpmbuild [localhost rpmbuild]$ mkdir RPMS SOURCES SPECS SRPMS BUILD [localhost rpmbuild]$ cd ~ [localhost ~]$
That should be sufficient to build RPM packages using your regular user account.
More Advanced Package-Building
Once you're comfortable building packages, you may want to distribute them to other people too. If you do that, you might want to label the packages as being "yours". There are a few ways of doing this.
Signing Your Packages
If you have a GPG key, you can use it to sign your packages. First, identify the key ID of your key:
$ gpg --list-secret-keys /home/paul/.gnupg/secring.gpg ------------------------------------- sec 1024D/161C06B1 1997-09-25 uid Paul Howarth <firstname.lastname@example.org> ssb 2048g/CA62663C 1997-09-25
In this example, my key ID is 161C06B1.
Then, add details of your key to your ~/.rpmmacros file, using your favourite editor:
%_signature gpg %_gpg_name 161C06B1
You should then be able to use the --sign option of rpmbuild and the --resign option of rpm.
Setting 'Packager' and 'Vendor' Tags
Your spec files should not include 'Packager' and 'Vendor' tags (see the Fedora Extras PackagingGuidelines). The identity of the packager is evident from the changelog entries. By not using the 'Packager' tag, you also avoid seeing bad binaries rebuilt by someone else with your name in the header. See also the Maximum RPM definition of the 'Packager' tag at www.rpm.org. You can, however, include information about the packager or vendor in the RPMs you build by adding entries in your ~/.rpmmacros file instead.
%packager Paul Howarth <email@example.com> %vendor city-fan.org repo http://www.city-fan.org/ftp/contrib/