...
Code Block | ||
---|---|---|
| ||
# Source RPMS to rebuild, and the order to rebuild them in. RPMS_ORDER='log4shib-2.0.0-3.1.src.rpm xerces-c-3.2.1-1.1.src.rpm xml-security-c-2.0.2-3.1.src.rpm curl-openssl-7.63.0-1.1.src.rpm xmltooling-3.0.4-3.1.src.rpm opensaml-3.0.1-3.1.src.rpm shibboleth-3.0.4-3.1.src.rpm' for rpm in $RPMS_ORDER; do echo $rpm; wget "https://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/src/$rpm" done # Build tools, as suggested earlier in the wiki yum install \ automake \ boost-devel \ chrpath \ doxygen \ gcc-c++ \ groff \ httpd24-devel \ libidn-devel \ openldap-devel \ openssl-devel \ redhat-rpm-config \ rpm-build \ stunnel \ unixODBC-devel for rpm in $RPMS_ORDER; do echo $rpm; # The shib source rpm has special instructions, so do that seperately if [[ $rpm != shibboleth* ]]; then sudo rpmbuild --rebuild $rpm # Install what we just built since it may be a dependency of the next build sudo yum localinstall -y /usr/src/rpm/RPMS/x86_64/*.rpm fi if [[ $rpm = curl-openssl* ]]; then # After curl-openssl is installed, subsequent builds should use it, mainly xmltooling export PKG_CONFIG_PATH=/opt/shibboleth/lib64/pkgconfig/ fi done # Shibboleth needs to be built differently since it assumes differently-named apache24 packages. # We need to tell the build to ignore looking for OS packages. On my system, I had to explicitly # point out the path to the OpenSSL cURL build as well. Remember to use -E with sudo so that your export # isthat preservedthe export PKG_CONFIG_PATH=/opt/shibboleth/lib64/pkgconfig/ export is preserved sudo -E rpmbuild --rebuild --without builtinapache -D 'shib_options -with-apxs24=/usr/bin/apxs -with-apr1=/usr/bin/apr-1-config -enable-apache-24' shibboleth* sudo yum localinstall /usr/src/rpm/RPMS/x86_64/shibboleth-3.0.2-1.1.x86_64.rpm # Confirm it has the apache mod you need rpm -qpl /usr/src/rpm/RPMS/x86_64/shibboleth-3.0.2-1.1.x86_64.rpm | grep mod_shib # Expected output: /usr/lib64/shibboleth/mod_shib_24.so # You will need to add a configuration directive to actually load the module # since those are also stored in an atypical directory, /etc/httpd/conf.modules.d/. # The typical shib.conf file for Apache 2.4 will work. ln -s /etc/shibboleth/apache24.config /etc/httpd/conf.modules.d/shib.conf |
...