?
Solved

Upgrading SSH on CentOS 5 - RPM Build Error

Posted on 2012-04-09
19
Medium Priority
?
2,477 Views
Last Modified: 2012-04-10
Hi there,

I'm trying to upgrade OpenSSH from 4.3p2 to 5.8p1
I'm following instructions from: http://dancunningham.co.uk/2011/06/22/upgrade-openssh-on-centos-5/

When I started, 5.8p2  so I just changed it to 5.8p1 and downloaded it myself.

However I get right to the end at rpm build then get an error - I copied in below the error log

#!/bin/sh

  RPM_SOURCE_DIR="/usr/src/redhat/SOURCES"
  RPM_BUILD_DIR="/usr/src/redhat/BUILD"
  RPM_OPT_FLAGS="-O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables"
  RPM_ARCH="i386"
  RPM_OS="linux"
  export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS
  RPM_DOC_DIR="/usr/share/doc"
  export RPM_DOC_DIR
  RPM_PACKAGE_NAME="openssh"
  RPM_PACKAGE_VERSION="5.8p1"
  RPM_PACKAGE_RELEASE="1"
  export RPM_PACKAGE_NAME RPM_PACKAGE_VERSION RPM_PACKAGE_RELEASE
  RPM_BUILD_ROOT="/var/tmp/openssh-5.8p1-buildroot"
  export RPM_BUILD_ROOT
 
  PKG_CONFIG_PATH="/usr/lib/pkgconfig:/usr/share/pkgconfig"
  export PKG_CONFIG_PATH
 
  set -x
  umask 022
  cd "/usr/src/redhat/BUILD"
cd 'openssh-5.8p1'

K5DIR=`rpm -ql krb5-devel | grep include/krb5.h | sed 's,\/include\/krb5.h,,'`
echo K5DIR=$K5DIR


  CFLAGS="${CFLAGS:--O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables}" ; export CFLAGS ;
  CXXFLAGS="${CXXFLAGS:--O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables}" ; export CXXFLAGS ;
  FFLAGS="${FFLAGS:--O2 -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables}" ; export FFLAGS ;
  ./configure --host=i686-redhat-linux-gnu --build=i686-redhat-linux-gnu \
      --target=i386-redhat-linux \
      --program-prefix= \
       --prefix=/usr \
      --exec-prefix=/usr \
      --bindir=/usr/bin \
      --sbindir=/usr/sbin \
      --sysconfdir=/etc \
      --datadir=/usr/share \
      --includedir=/usr/include \
      --libdir=/usr/lib \
      --libexecdir=/usr/libexec \
      --localstatedir=/var \
      --sharedstatedir=/usr/com \
      --mandir=/usr/share/man \
      --infodir=/usr/share/info \
      --sysconfdir=/etc/ssh \
      --libexecdir=/usr/libexec/openssh \
      --datadir=/usr/share/openssh \
      --with-tcp-wrappers \
      --with-rsh=/usr/bin/rsh \
      --with-default-path=/usr/local/bin:/bin:/usr/bin \
      --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
      --with-privsep-path=/var/empty/sshd \
      --with-md5-passwords \
      --with-pam \
       --with-kerberos5=$K5DIR \



make


# Define a variable to toggle gnome1/gtk2 building.  This is necessary
# because RPM doesn't handle nested %if statements.
%if 1
gtk2=yes
%else
      gtk2=no
%endif


exit 0

Any ideas?
0
Comment
Question by:Luke_fleming
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
  • 6
19 Comments
 
LVL 5

Expert Comment

by:kanalQko
ID: 37825869
add Fedora repo to your local yum repos and just type in terminal "yum update openssh" that`s all (probably priority should be changed too)

to add fedora/epel repo run following command "rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm"
when done you could update/install openssh via yum
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37825876
or if you won`t add epel repo, just download that package http://pkgs.org/centos-5-rhel-5/centalt-i386/openssh-5.8p2-16.el5.1.i386.rpm.html (choose i386 or x64)
and install it via RPM or YUM
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37826141
Hi,

If you want to use a precompiled binary you can get it from a repo as the lanalQko indicated.

But if you want to see ehat is wrong with the compilation you should post the error message here. When I wanted to compile I had 2 problems:

- The first one was the error that you have got. I've fixed it by installing pam-devel since it was looking for some pam header files and they are located in pam-devel:
yum install pam-devel

Open in new window

- Then I had a problem with documentation. It was looking for some WARNING* documentation to copy but could not find them there. To fix this I've edited the spec.file and changed the line to read like the second one (Removing WARNING* ):
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO WARNING*

Open in new window

%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO

Open in new window

After this it has successfully finished the compile.
Obsoletes: ssh-server
Checking for unpackaged file(s): /usr/lib/rpm/check-files /var/tmp/openssh-5.9p1-buildroot
Wrote: /usr/src/redhat/RPMS/x86_64/openssh-5.9p1-1.x86_64.rpm
Wrote: /usr/src/redhat/RPMS/x86_64/openssh-clients-5.9p1-1.x86_64.rpm
Wrote: /usr/src/redhat/RPMS/x86_64/openssh-server-5.9p1-1.x86_64.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.27268

Open in new window


I hope this helps.

Cheers,
K.
0
Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

 
LVL 1

Author Comment

by:Luke_fleming
ID: 37826885
Hi,

So first of all I tried installing Fedora repo:

<code>-bash-3.2# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
Retrieving http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
error: skipping http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm - transfer failed - Unknown or unexpected error
warning: u 0x8e45768 ctrl 0x95b2910 nrefs != 0 (download.fedoraproject.org http)
-bash-3.2#</code>

And then I tried loading the OpenSSH package directly:

<code>-bash-3.2# rpm -Uvh http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
Retrieving http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
error: Failed dependencies:
        openssh = 5.8p2-16.el5.1 is needed by openssh-server-5.8p2-16.el5.1.i386
-bash-3.2#</code>


I believe I'm getting these errors becuase in CentOS 5 there are no repos for OpenSSH 4.4+
which is why I was building my own RPM from those instructions in my first post.

KeremE - I will try you solution shortly - see what we get!

Thanks,
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37826925
Hi,

<code>-bash-3.2# rpm -Uvh http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
Retrieving http://centos.alt.ru/repository/centos/5/i386/openssh-server-5.8p2-16.el5.1.i386.rpm
error: Failed dependencies:
        openssh = 5.8p2-16.el5.1 is needed by openssh-server-5.8p2-16.el5.1.i386
-bash-3.2#</code>

You should have 3 rpms ready to install the new version As you can see from what I've posted these are:

openssh-5.9p1-1.x86_64.rpm   or the equivalent i386 version (replace x86_64 with i386)
openssh-clients-5.9p1-1.x86_64.rpm
openssh-server-5.9p1-1.x86_64.rpm

You can not install them successfully without downloading all 3 of them. They all dependent on each other.

KeremE - I will try you solution shortly - see what we get!

Just take your time.

Cheers,
K.
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37826943
If you will configure yum repos properly, then it will install dependencies automatically,
It's better to use yum than rpm installer
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37827286
<code>-bash-3.2# rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
Retrieving http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
error: skipping http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm - transfer failed - Unknown or unexpected error
warning: u 0x8e45768 ctrl 0x95b2910 nrefs != 0 (download.fedoraproject.org http)
-bash-3.2#</code>

Even if you2d succeededt it would not work you're trying to install RHRL 6 version of EPEL. AFAIK you use RHEL 5 !!!
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37827964
KeremE has right therefore you could use EPEL 5 repo

"rpm -ivh http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm"
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828021
Now I'm getting this when trying EPEL 5:

-bash-3.2# rpm -ivh http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
Retrieving http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
error: skipping http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm - transfer failed - Unknown or unexpected error
warning: u 0x8a18768 ctrl 0x9185910 nrefs != 0 (download.fedoraproject.org http)
-bash-3.2#
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37828035
download it manually via wget

cd /tmp
wget http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
rpm -ivh epel-release-5-4.noarch.rpm
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828098
"package epel-release-5-4.noarch is already installed"


I've already tried yum update openssh

But there are no updates for it on my version of Centos 5. So this takes me back to im pretty sure that there is no predefined binaried to upgrade openssh on CentOS 5 ? Anyone know of any others?
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37828138
in that case you could follow up this:

http://survivalguides.wordpress.com/2011/05/20/installing-openssh-5-8-centos-5-5/

I know, you have already followed up similar guide
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828223
I managed to build the RPM by following KeremE's instructions, now I have the three RPM's I need they wont install


-bash-3.2# rpm -Uvh *.rpm
error: Failed dependencies:
        openssh = 4.3p2-82.el5 is needed by (installed) openssh-askpass-4.3p2-82.el5.i386


I believe this is an update for OpenSSH 4.3p2
Obviously - this isnt available by doing yum update openssh....

Any ideas?

Thanks!
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37828284
I've already tried yum update openssh

But there are no updates for it on my version of Centos 5. So this takes me back to im pretty sure that there is no predefined binaried to upgrade openssh on CentOS 5 ? Anyone know of any others?

I don2t think it is possible to replace CentOS supplied OpenSSH over the existing repos. You'll either remove openssh and reinstall using yum after disabling base and updates libraries and enabling epel library. Or you'll need to compile it as I've suggested earlier.

Another option is to get all three rpms and install them manually.

Cheers,
K.
0
 
LVL 5

Expert Comment

by:kanalQko
ID: 37828297
that`s right, anyway I`d recommend you to upgrade whole OS, centos 5 is quite old
0
 
LVL 1

Author Comment

by:Luke_fleming
ID: 37828408
upgrading centOS 5 is a massive job though - especially we have to do it remotely.
I know this is the ideal situation.  Is there any good online guides? Maybe I can start planning it.

Thanks
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 37828608
-bash-3.2# rpm -Uvh *.rpm
error: Failed dependencies:
        openssh = 4.3p2-82.el5 is needed by (installed) openssh-askpass-4.3p2-82.el5.i386


I believe this is an update for OpenSSH 4.3p2
Obviously - this isnt available by doing yum update openssh....

You'll first need to remove the existing OpenSSH askpass module.  Newly compiled rpms do not have a rpm for askpass and therefore it remains there. When it remains it would need the base openssh module. This is a clash. So first remove the SSH askpass module using this command:
rpm -ev openssh-askpass| 

Open in new window


Then do the install using rpms.

Cheers,
K.
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 2000 total points
ID: 37828628
upgrading centOS 5 is a massive job though - especially we have to do it remotely.
I know this is the ideal situation.  Is there any good online guides? Maybe I can start planning it.

If all you need is just a new OpsnSSH upgrading the whole system to CentOS 6 is an overkill. CentOS 5 will have support for 1-2 years more so you can plan the upgrade for a later time.

for the time being removing the ask-pass module should do..

Cheers,
K.
0
 
LVL 1

Author Closing Comment

by:Luke_fleming
ID: 37829330
Amazing!
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Strings in Python are the set of characters that, once defined, cannot be changed by any other method like replace. Even if we use the replace method it still does not modify the original string that we use, but just copies the string and then modif…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn the basics of strings in Python: declaration, operations, indices, and slicing. Strings are declared with quotations; for example: s = "string": Strings are immutable.: Strings may be concatenated or multiplied using the addition and multiplic…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question