From Fedora Project Wiki

翻譯: Caius 'kaio' ChanceCheng-Chia Tseng

簡介

本頁旨在詳細解說製作 RPM 軟體包的方法,特別是指製作 SPEC 檔的方法。不像其他的 RPM 教學指引,本頁有針對 Fedora 的規格作解說,並附上 Fedora 專用的規約 (guideline) 連結。由於本頁內容是以 Fedora Wiki 系統作維護,比起其他教學指引可能資訊還新一些。除了專注於 Fedora 的部份之外,文件中的大部份內容都能用於其他採用 RPM 作為軟體包管理系統的 Linux 散布版。如果你覺得按耐不住了,你可以改看較簡短的 如何製作 RPM 軟體包

目前 Fedora 文件已發行一份給打包者遵守的草擬規約,請見 Packagers Guide

請注意本篇內文並非 Fedora 官方軟體包的規約 打包委員會 才是處理 Fedora 中軟體打包守則與規約的組織。其中最重要的是:

Packaging GuidelinesPackage Naming Guidelines 皆是 Fedora 打包的主要規約。本頁的內容應與規約相容。

若你打算為 Fedora 軟體庫製作個 RPM 軟體包,請遵循 Join the package collection maintainers 中的步驟來做。

準備系統

在你為 Fedora 建立 RPM 軟體包之前,你需要安裝一些核心開發工具,並設置你會用到的帳號:

# yum install @development-tools
# yum install fedora-packager 

你可以特別為 RPM 軟體包的製作建立個傻瓜使用者 (dummy user),以避免建置程序出錯摧毀你的檔案,或將私人金鑰傳給全世界。

你「永遠」都不該以 root 使用者的身份製作 RPM 軟體包。用 root 帳號建置 RPM 非常危險,因為軟體在打包之前就會將二進位檔安裝在系統之中,所以你必須總是使用一般使用者來建置,以免意外污染你的系統。

建立一位名為 makerpm 的傻瓜使用者,將使用者加入 'mock' 群組中,設定個密碼,並以該位使用者身份登入:

# /usr/sbin/useradd makerpm
# usermod -a -G mock makerpm
# passwd makerpm

一旦你以建置用假使用者登入後,在你的家屋目錄中執行以下指令來建立需要的目錄結構:

$ rpmdev-setuptree

rpmdev-setuptree 程式會建立 ~/rpmbuild 目錄與一組子目錄 (例:SPECSBUILD),你將利用它們製作軟體包。同時也會建立 ~/.rpmacros 檔,可用來設定許多選項。

打包規約建議保留檔案的時間戳記;如果你使用 wgetcurl 下載源碼檔案的話,你可以讓程式自動保留時間戳記。如你使用 wget 下載源碼檔案,將「timestamping = on」加入 ~/.wgetrc 組態中。如你使用 curl 的話,則將「-R」加入 ~/.curlrc 組態中。

一般來說往後就不再需要重複以上步驟。

建置 RPM 軟體包的基本要領

製作 RPM 軟體包,你需要先有「.spec」文字檔,這份檔案提供打包軟體的相關資訊。接著針對 SPEC 檔執行 rpmbuild 指令,進行產生軟體包的一系列步驟。

一般來說,你應該將原始 (原生) 來源,例如來自原開發者的 .tar.gz 檔,放進 ~/rpmbuild/SOURCES 目錄中。將 .spec 檔放進 ~/rpmbuild/SPECS 目錄中,並命名為「NAME.spec」,而 NAME 為軟體包的基礎名稱。最後同時製作二進位軟體包與源碼軟體包,先將目錄切換至 ~/rpmbuild/SPECS 並執行:

$ rpmbuild -ba NAME.spec

rpmbuild 會讀取 .spec 檔,並以下列所述階段走過檔案內容。以 % 開頭的字為預先定義的巨集 (請見下方的表格)。

階段 讀取 寫入 動作
%prep (準備) %_sourcedir %_builddir 它會讀取源碼目錄 %_sourcedir 中的源碼及補丁。它解開源碼封存檔,將內容放到建置資料夾 %_builddir (大多是 ~/rpmbuild/BUILD/) 下的子資料夾中,並套用補丁。
%build (建置) %_builddir %_builddir 它編譯編譯文件夾 %_builddir (大多是 ~/rpmbuild/BUILD/)的檔案。這經常包含執行 "./configure ; make" 相似的命令。
%check (檢查) %_builddir %_builddir 檢查軟體是否正常運作。這通常可藉由執行適當修改的「make test」達成。許多套件不會運行這個階段。
%install (安裝) %_builddir %_buildrootdir This reads the files underneath the build directory %_builddir (usually ~/rpmbuild/BUILD/) and writes to a directory underneath the build root directory %_buildrootdir (usually ~/rpmbuild/BUILDROOT). The files that are written are the files that are supposed to be installed when the binary package is installed by an end-user. Beware of the weird terminology: The build root directory is not the same as the build directory. This is often implemented by running "make install".
bin (二進位包) %_buildrootdir %_rpmdir This reads the files underneath the build root directory %_buildrootdir (usually ~/rpmbuild/BUILDROOT/) to create binary RPM packages underneath the RPM directory %_rpmdir (usually ~/rpmbuild/RPMS/). Inside the RPM directory is a directory for each architecture, and a "noarch" directory for packages that apply to any architecture. These RPM files are the packages for users to install.
src (源碼包) %_sourcedir %_srcrpmdir This creates a source RPM package (.src.rpm) inside the source RPM directory %_srcrpmdir (usually ~/rpmbuild/SRPMS). These files are needed for reviewing and updating packages.


As you can tell, certain directories have certain purposes in rpmbuild. These are:

Macro Name Name Usually Purpose
%_specdir Specification directory ~/rpmbuild/SPECS RPM specifications (.spec) files
%_sourcedir Source directory ~/rpmbuild/SOURCES Pristine source package (e.g., tarballs) and patches
%_builddir Build directory ~/rpmbuild/BUILD Source files are unpacked and compiled in a subdirectory underneath this.
%_buildrootdir Build root directory ~/rpmbuild/BUILDROOT Files are installed under here during the %install stage.
%_rpmdir Binary RPM directory ~/rpmbuild/RPMS Binary RPMs are created stored under here.
%_srcrpmdir Source RPM directory ~/rpmbuild/SRPMS Source RPMs are created and stored here.

Should a stage fail, you'll need to look at the output to see why it failed, and change the .spec file (or other input) as needed.

Getting ready to package a particular program

If there are special programs that are required to build or run the program you are packaging, install those other programs and write down what they were (you'll need that information).

To package a program for the Fedora repository, you must package pristine (original) sources, along with the patches and build instructions; it's not okay to start with pre-compiled code. Install the file with the original source (usually a .tar.gz file) in the "~/rpmbuild/SOURCES" directory (of the rpm building user account).

Read through the manual installation instructions for your program; you're going to be automating this by editing a ".spec" file, so you have to understand what you're supposed to do first. It's probably best if you try a "dry run", going through its build and installation procedure without trying to do it via RPM first (that's especially true if you're not familiar with RPM). With a few exceptions, all program binaries and program libraries included in Fedora packages must be built from the source code that is included in the source package.

Split up the program

Application source code is often released with the source code of other external libraries "bundled" into them. Do not bundle external libraries and the application that uses them into a single package. Instead, split them up into separate packages.

Licensing

Only package software that's legal for you to package.

As noted in the packaging guidelines' legal section, if you intend for it to be in the Fedora repository, be sure to follow the Licensing:Main and Packaging:LicensingGuidelines guidelines. In general, you need to only package software that is released as open source software (OSS) using an approved OSS license (such as the GNU GPL, GNU LGPL, BSD-new, MIT/X, or Apache 2.0 licenses). Check to make sure that the software really is licensed this way (e.g., spot-check source code headers, README files, and so on). If there are bundled libraries, make sure they are also OSS.

Reuse existing package information

Try to reuse what you can. Obviously, make sure you aren't packaging something that is already packaged; you can find a list of existing packages in Fedora Package Collection in the Fedora Package Database. Also check the In Progress Review Requests (for packages that are currently being reviewed) and the Retired Packages list. Failing that, see if someone has already started to package it for Fedora. Google for "PROGRAMNAME Fedora rpm" or similar... maybe you can pick up where they started. You can use http://cvs.fedoraproject.org/viewcvs/rpms/ directly to view .spec files (and patches) of any similar packages already in Fedora. You can download the source RPMs using a program from the yum-utils package, by:

$ yumdownloader --source sourcepackage-name

Alternately, an existing source rpm can be retrieved manually by browsing to the Fedora mirror's http or ftp page, select releases/11/Everything/source/SRPMS (replace "11" with the Fedora release you want), and downloading the source RPMs you want (they end in .src.rpm).

Once you have the source RPM, running the following command installs the src.rpm

$ rpm -ivh sourcepackage-name*.src.rpm

which places the package's .spec file into ~/rpmbuild/SPECS and other source and patch files in ~/rpmbuild/SOURCES).

You can also unpack the .src.rpm in a directory using rpm2cpio:

$ mkdir PROGRAMNAME_src_rpm
$ cd PROGRAMNAME_src_rpm
$ rpm2cpio ../PROGRAMNAME-*.src.rpm | cpio -i

Sometimes it's easiest to start with an existing package, and then clean it up for Fedora. RPM Find may help you find rpm's for non-Fedora systems. (You can install source RPMs for other systems the same way as for Fedora). Failing that, you might look at the source package files (not the .deb binary package files) for Ubuntu or Debian (source package files are standard tarballs with a "debian/" subdirectory, possibly associated with patch files). If the FreeBSD ports collection has it, you could download the FreeBSD ports tarball and see if their packaging information helps as a starting point. However, this is sometimes not helpful at all. Different distributions have different rules, and what they do may be quite inappropriate for Fedora.

Creating a spec file

You now need to create a ".spec" file in the "~/rpmbuild/SPECS" directory. You should name it after the program name, e.g., "program.spec". Use the archive name or the name advocated by the software author where you can, but be sure to follow the Package Naming Guidelines.

Creating a blank spec file

When you're creating a spec file for the first time, you can create its initial version using emacs or vim (as of 7.1.270-1), they will automatically create a template for you. E.G.:

 $ cd ~/rpmbuild/SPECS
 $ vi program.spec

Here's an example of what that template will look like:

Name:		
Version:	
Release:	1%{?dist}
Summary:	
Group:		
License:	
URL:		
Source0:	
BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

BuildRequires:	
Requires:	

%description

%prep
%setup -q

%build
%configure
make %{?_smp_mflags}

%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}

%clean
rm -rf %{buildroot}

%files
%defattr(-,root,root,-)
%doc

%changelog


You may have $RPM_BUILD_ROOT instead of %{buildroot}; just be consistent.

You may also use the rpmdev-newspec command to create a spec file for you. rpmdev-newspec NAME-OF-NEW-PACKAGE can create an initial spec file for a new package, tailored to various types of packages. It will guess what kind of template to use based on the package name, or you can specify a particular template; see /etc/rpmdevtools/spectemplate-*.spec for available templates. See rpmdev-newspec --help for more information. For example, to create a new spec file for a python module:

cd ~/rpmbuild/SPECS
rpmdev-newspec python-antigravity
vi python-antigravity.spec

An example: eject

Here's a simple example, a Fedora 9 package for the "eject" program:

Summary: A program that ejects removable media using software control
Name: eject
Version: 2.1.5
Release: 11%{dist}
License: GPL
Group: System Environment/Base
Source: http://metalab.unc.edu/pub/Linux/utils/disk-management/%{name}-%{version}.tar.gz
Source1: eject.pam
Patch1: eject-2.1.1-verbose.patch
Patch2: eject-timeout.patch
Patch3: eject-2.1.5-opendevice.patch
Patch4: eject-2.1.5-spaces.patch
Patch5: eject-2.1.5-lock.patch
Patch6: eject-2.1.5-umount.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
URL: http://www.pobox.com/~tranter
ExcludeArch: s390 s390x
BuildRequires: gettext
BuildRequires: automake
BuildRequires: autoconf
BuildRequires: libtool

%description
The eject program allows the user to eject removable media (typically
CD-ROMs, floppy disks or Iomega Jaz or Zip disks) using software
control. Eject can also control some multi-disk CD changers and even
some devices' auto-eject features.

Install eject if you'd like to eject removable media using software
control.

%prep
%setup -q -n %{name}
%patch1 -p1 -b .versbose
%patch2 -p1 -b .timeout
%patch3 -p0 -b .opendevice
%patch4 -p0 -b .spaces
%patch5 -p0 -b .lock
%patch6 -p1 -b .umount

%build
%configure
make

%install
rm -rf %{buildroot}

make DESTDIR=%{buildroot} install

# pam stuff
install -m 755 -d %{buildroot}/%{_sysconfdir}/pam.d
install -m 644 %{SOURCE1} %{buildroot}/%{_sysconfdir}/pam.d/%{name}
install -m 755 -d %{buildroot}/%{_sysconfdir}/security/console.apps/
echo "FALLBACK=true" > %{buildroot}/%{_sysconfdir}/security/console.apps/%{name}

install -m 755 -d %{buildroot}/%{_sbindir}
pushd %{buildroot}/%{_bindir}
mv eject ../sbin
ln -s consolehelper eject
popd

%find_lang %{name}

%clean
rm -rf %{buildroot}

%files -f %{name}.lang
%defattr(-,root,root)
%doc README TODO COPYING ChangeLog
%attr(644,root,root) %{_sysconfdir}/security/console.apps/*
%attr(644,root,root) %{_sysconfdir}/pam.d/*
%{_bindir}/*
%{_sbindir}/*
%{_mandir}/man1/*

%changelog
* Wed Apr 02 2008 Zdenek Prikryl <zprikryl at, redhat.com> 2.1.5-11
- Added check if device is hotpluggable
- Resolves #438610

You can also use the "BuildRoot:" entry from the template instead, although both are acceptable, the one from the template is the preferred one.

Spec file pieces explained

The RPM Guide, section on creating RPMs, describes the details of how to fill in a spec file. The developerWorks series "Packaging software with RPM" Part 1, Part 2, and Part 3 is also handy. Maximum RPM has the most complete information, but is dated.

You will need to follow the Fedora guidelines, such as the Package Naming Guidelines, Packaging Guidelines, and Package review guidelines.

You can insert comments with a leading "#" character, but don't insert potentially-multiline-macros (words beginning with "%") in a comment (macros are expanded first); if you're commenting out a line, double the percent signs ("%%"). Also, don't use inline comments ("#") on the same line after a script command.

Here are the major fields/areas that you will need to fill in:

  • Name: The (base) name of the package. It must follow the Package Naming Guidelines. In many cases, this will be in all lower case. Elsewhere in the spec file, you can refer to the name using the macro %{name} - that way, if the name changes, the new name will be used by those other locations. This name should match the spec file name.
  • Version: The upstream version number. See Packaging/Naming guidelines - package version for more information. If the version is non-numeric (contains tags that are not numbers or digits), you may need to include the additional non-numeric characters in the release field. If upstream uses full dates to distinguish versions, consider using version numbers of the form yy.mm[dd] (so a 2008-05-01 release becomes 8.05). Elsewhere in the spec file, refer to this value as %{version}.
  • Release: The initial value of the release should normally be "1%{?dist}". Then, increment the number every time you release a new package for the same version of software. If a new version of the software being packaged is released, the version number should be changed to reflect the new software version, and the release number should be reset to 1. See Name Guidelines - package release for more. Packaging/DistTag describes the "dist" tag, which isn't required but can be useful. Use %{release} to reuse this value.
  • Summary: A brief, one-line summary of the package. Use American English, and do not end in a period.
  • Group: This needs to be a pre-existing group, like "Applications/Engineering"; run "less /usr/share/doc/rpm-*/GROUPS" to see the complete list. If you create a sub-package "...-doc" with documentation, use the group "Documentation".
  • License: Its license; for software, this must be an open source software license. Use a standard abbreviation, e.g., "GPLv2+". Try to be specific, e.g., use "GPLv2+" (GPL version 2 or greater) instead of just "GPL" or "GPLv2" where it's true. See Licensing and the Licensing Guidelines for more information. You can list multiple licenses by combining them with "and" and "or", e.g., "GPLv2 and BSD". Call this tag "License"; don't use the older, inaccurately named tag "Copyright".
  • URL: The URL for more information about the program, e.g., the project website. Note: This is NOT where the original source code came from, see "Source" (next!).
  • Source0: The URL for the compressed archive containing (original) pristine source code, as upstream released it. "Source" is synonymous with "Source0". If you give a full URL (and you should), its basename will be used when looking in the SOURCES directory. If possible, embed %{name} and %{version}, so that changes to either will go to the right place. Warning: Source0: and URL: are different - normally they are both URLs, but the "URL:" entry points to the project website, while the "Source0:" entry points to the actual file containing the source code (and is typically a .tar.gz file). As noted in the guidelines, "When downloading sources, patches etc, consider using a client that preserves the upstream timestamps. For example wget -N or curl -R. To make the change global for wget, add this to your ~/.wgetrc: timestamping = on, and for curl, add to your ~/.curlrc: -R." If there is more than one source, name them Source1, Source2, and so on. If you're adding whole new files in addition to the pristine sources, you can list each of them as sources as well, but list them after the pristine sources. A copy of each of these sources will be included in any source package you create (unless you specially direct otherwise). See Packaging/SourceURL for more information on special cases (using revision control, when upstream uses prohibited code, etc.).
  • Patch0: The name of the first patch that you will apply to the source code. If you need to patch the files after they've been uncompressed, you should edit the files, save their differences as a "patch" file in your ~/rpmbuild/SOURCES directory. Patches should make only one logical change, so it's quite possible to have multiple patch files.
  • BuildRoot: This is where files will be "installed" during the "%install" process (which happens after the %build compilation process). Normally you should just leave this line alone; under the usual Fedora setup, this will be a macro that will create a new special directory under /var/tmp. Newer versions of RPM will ignore this value, and instead place the build root in "%{_topdir}/BUILDROOT/".
  • BuildRequires: A comma-separated list of packages required for building (compiling) the program. These are not automatically determined, so you need to include everything needed to build the program. There are a few packages that are so common in builds that you don't need to mention them, such as "gcc"; see the Packaging Guidelines for the complete list of the packages you may omit. You can also specify minimum versions, if necessary, like this: "ocaml >= 3.08". You can have more than one line of BuildRequires (in which case they are all required for building). If you need file /EGGS, you can get its package by running "rpm -qf /EGGS"; if EGGS is a program, you determine its package quickly by running "rpm -qf which EGGS". Try to specify only the minimal set of packages necessary to properly build the package, since each one will slow down a "mock"-based build (e.g., try to use sed instead of perl if you don't really need perl's abilities). Watch out: Some applications permanently disable functions if their package isn't detected during the build; in those cases you may need to include those additional packages. If you have trouble figuring out this list, the "auto-br-rpmbuild" command (from the auto-buildrequires package) may be helpful.
  • Requires: A comma-separate list of packages that are required when the program is installed. Note that the list of packages for Requires (what's required when installing/running) and BuildRequires (what's required to build the binary RPM) are independent; a package may be in one list but not the other, or it could be in both. The dependencies of binary packages are in many cases automatically detected by rpmbuild, so it is often the case that you don't need to specify the Requires tag at all. But if you want to highlight some specific packages as being required, or require a package that rpm can't detect should be required, then add it here.
  • %description - A longer, multi-line description of the program. Use American English. All lines must be 80 characters or less. "Blank lines are assumed to separate paragraphs. Some graphical user interface installation programs will reformat paragraphs... (lines that) start with whitespace, such as a space or tab, will be treated as preformatted text and displayed as is, normally with a fixed-width font." (per the RPM Guide).
  • %prep - Script commands to "prepare" the program, that is, to uncompress it so that it will be ready for building (compiling). Typically this is just "%setup -q" or some variation of it; a common variation is "%setup -q -n NAME" if the source file unpacks into NAME. See the "%prep" section below for more.
  • %build - Script commands to "build" the program, that is, to compile it and get it ready for installing. The program should come with instructions on how to do this. See the "%build" section below for more.
  • %check - Script commands to self-test the program. This is run after %build and before %install, so you should place it there if you have this section. Often it simply contains "make test" or "make check". This is separated from %build so that people can skip the self-test if they desire. This isn't documented in many places.
  • %install - Script commands to "install" the program. The commands should copy the files from the "build directory" %{_builddir} (which would be under ~/rpmbuild/BUILD) into the buildroot directory, %{buildroot} (which would normally be under /var/tmp). See the "%install" section below for more.
  • %clean - instructions to clean out the build root. Typically:
rm -rf %{buildroot}
  • %files - the list of files that will be installed. See the "%files" section below for more.
  • %changelog - Changes in the package. Use the format example above.
  • ExcludeArch: If the package does not successfully compile, build or work on an architecture, then those architectures should be listed in the spec in an ExcludeArch tag.
  • You can add sections so that code will run when packages are installed or removed on the real system (as opposed to just running the %install script, which only does a pseudo-install to the build root). These are called "scriptlets", and they are usually used to update the running system with information from the package. See the "Scriptlets" section below for more.

Don't use the tags "Packager" or "Vendor". Don't use "Copyright" - use "License" instead. Don't create a "relocatable" package - they don't add value in Fedora yet they make things more complicated.

RPM supports subpackages, that is, a single spec file can generate many binary packages. For example, if the documentation is very large, you might generate a separate "-doc" subpackage. See below for more.

%prep section

The "%prep" section describes how to unpack the compressed packages so that they can be built. Typically, this is a set of "%setup" and/or %patch commands, which reference the Source0:, Source1:, etc. lines above. See the Maximum RPM section on %setup and %patch for more details.

Warning: In spec files, don't use in-line comments (a "#" comment on the same line after a command), and don't put macros (words beginning with "%") in a comment unless you quote the "%" as "%%". Macros can cause failures if they are in a comment, because they are always expanded (even when in a comment) and they can expand to multiple lines. This is true for %prep, %build, and so on.

The new RPM 4.4.2.x series adds two new macros, %{patches} and %{sources}, so you can do things like:

for p in %{patches}; do
...
done

These new macros can very useful if you have a large list of patches or sources. However, keep in mind that using these will make your spec incompatible with the rpm used in Fedora 9 and earlier, RHEL, and many other RPM-based distros.

%prep section: %setup command

The "%setup" command unpacks a source package, and takes several switches. Normally you should use "-q" (quiet) to prevent setup from babbling about every file it unpacks. Here are a few switches besides -q:

  • -n name: If the name of the rpm is something other than what the Source unpacks to, use this switch to state the name it unpacks to. E.G., if the tarball unpacks into a directory MYNAME, use %setup -q -n MYNAME
  • -c name: If the tarball doesn't unpack into a single directory, this creates a directory named name and then unpacks into it. Useful if you have one of those annoying tarballs that doesn't have a single common subdirectory embedded in it.

There are more %spec options if you are unpacking multiple files, which is primarily useful if you are creating subpackages (see below). The key ones are:

-a number Only unpack the source directive of the given number, such as –a 0 for source0:, after changing to the directory.
-b number Only unpack the source directive of the given number, such as –b 0 for source0:, before changing to the directory.
-D Do not delete the directory before unpacking.
-T Disable the automatic unpacking of the archives.

%prep section: %patch commands

The "%patch0" command applies patch 0 (similar for 1, 2, etc.). Patches are the normal way to change to the source code if necessary to package it. The normal "-pNUMBER" option applies, which simply passes that argument on to patch.

Patch file names often look like "telnet-0.17-env.patch", that is, %{name}-%{version}-patch_purpose.patch (some people omit -%{version}). Patch files are typically the result of a "diff -u"; if you do this from the subdirectory of ~/rpmbuild/BUILD, you won't have to specify a -p level later. You can use all the normal ways of creating a patch file.

If you're creating a patch file a single file FILENAME, a common way is to copy it to FILENAME.orig, modify it, and then save the results of "diff -u FILENAME.orig FILENAME". If you change directory to "~/rpmbuild/BUILD/NAME", you could create a patch file to change a single file by doing:

cp X/Y.Z X/Y.Z.orig
vim X/Y.Z
diff -u X/Y.Z.orig X/Y.Z > ~/rpmbuild/SOURCES/PKGNAME.REASON.patch

If you're going to edit many files, one easy method is to copy the whole subdirectory underneath BUILD, and then do subdirectory diffs; once you change directory to "~rpmbuild/BUILD/NAME", you can:

cp -pr ./ ../PACKAGENAME.orig/
... many edits ...
diff -u ../PACKAGENAME.orig . > ~/rpmbuild/SOURCES/NAME.REASON.patch

If you edit many files in one patch, you can also copy the original files using some consistent ending such as ".orig" before editing them. Then, you can use "gendiff" (in the rpm package) to create a patch with the differences. Do "man gendiff" for more information.

Try to ensure that in your patch the "context" matches exactly. In old versions of Fedora, the default "fuzz" value was 2, which meant that imprecise matches were acceptable. However, the version of RPM used by Fedora 10 and later have a default fuzz to 0, requiring that matches be exact. You can work around this by adding "%global _default_patch_fuzz 2", but it's better to not have the problem by making the patch match the context exactly.

As explained in Packaging/PatchUpstreamStatus, all patches in Fedora spec files SHOULD have a comment above them about their upstream status. This should document the upstream bug/email that includes it (including the date), or if it's Fedora-unique, why it it unique. The Fedora Project focuses, as much as possible, on not deviating from upstream in the software it includes in the repository - see Staying close to upstream projects for more about why it's important to do this.

%prep section: Unmodified files

Sometimes, you'll package just a straight file that doesn't need to be uncompressed, e.g., a "Source1:" that is just a simple PDF file. These might not be from external sources, e.g., perhaps you've had to create a few additional files that weren't in the original sources so that the package cleanly installs in Fedora. You can "prep" those into the build directory by doing this (replace "1" with whatever number it is):

 cp -p %SOURCE1 .

%build section

The "%build" section is sometimes complicated; here you configure and compile/build the files to be installed.

Many programs follow the GNU configure approach (or some variation). By default, they will install to a prefix of "/usr/local" (/usr/local/bin, /usr/local/lib, etc.), which is a reasonable default for unpackaged files. However, since you are packaging it, you will want to change the prefix to "/usr", since this is now a package maintained by the system itself. If there are any libraries, they'll need to be installed in the right directory, which is either /usr/lib or /usr/lib64 depending on the architecture (the actual value is in %{_libdir}).

Since the GNU "configure" system is so common, rpm pre-defines a macro named "%configure", which invokes GNU configure with the right options (e.g., it changes --prefix to /usr). This means that some variation of this will often work as a build command:

 %configure
 make %{?_smp_mflags}

Sometimes you'll want to override the variables of a makefile; you can easily do that by passing them as parameters to make, like this:

make %{?_smp_mflags} CFLAGS="%{optflags}" BINDIR=%{_bindir}

If you need to do something complicated with GNU-generated configure, take a look at "GNU autoconf, automake, and libtool". A good presentation on these as well as "make" is "Open Source Development Tools: An Introduction to Make, Configure, Automake, Autoconf" by Stefan Hundhammer.

Some programs use Cmake. See Packaging/cmake for some suggestions.

If you include some self-tests (and that's a good idea), put them in a separate "%check" section that immediately follows the "%build" area, instead of including them in %build. That way, it will be easy for the system to skip unnecessary self-tests.

%check section

The "%check" section does testing, often it's "make test". This is not documented in many other sources of RPM info.

%install section

The "%install" section is a set of script commands to "install" the program. The commands in this section should copy the files from a directory inside the "build directory" %{_builddir} (normally ~/rpmbuild/BUILD/something) into the build root directory, %{buildroot} (normally /var/tmp/something), creating the directories inside %{buildroot} as necessary.

Watch out: Some of the terminology is very misleading:

  • The build directory (under which compilations occur during %build) and the build root (where files are copied into during the %install process) are different. The point of the %install process is to copy files, such as those under the build directory, to the right place in the build root. Perhaps "buildroot" should be called "installroot", but it's too late now, the terminology is entrenched.
  • The build directory is normally ~/rpmbuild/BUILD, while the build root (where files get installed to during %install) is normally ~/rpmbuild/BUILDROOT. The %prep stage will normally create a subdirectory underneath the build directory as part of %setup, and populate the build directory with files (based on the source information in %_sourcedir, which is typically in ~/rpmbuild/SOURCES). During %build, the current directory will actually start at %{buildsubdir}, that newly-created subdirectory under the build directory. Typically %{buildsubdir} is something like ~/rpmbuild/BUILD/%{name}-%{version}.
  • The "%install" script is not used when the binary rpm package is installed by the end-user!! The term "%install" is misleading, in fact, the script must not install the programs in the REAL final locations (e.g., in /usr/bin), but under the buildroot %{buildroot}.

Normally, the install script would first erase the %{buildroot} directory, and then do some variation of "make install" (ideally using DESTDIR=%{buildroot}, if the program supports it). Here's an example of an %install section:

%install
rm -rf %{buildroot}
make DESTDIR=%{buildroot} INSTALL="install -p" CP="cp -p" install

Ideally, every program would have a "make install" command that supported the DESTDIR convention. If the program includes a "make install" that supports DESTDIR, where possible, use it. The DESTDIR convention supports redirecting file installations to descend from a specific directory, which is exactly what we want during %install.

Installing a program that does not support DESTDIR can be much harder, and no option is as good as native DESTDIR support. Consider these alternatives:

  • Patch the makefile so that it does support DESTDIR. Create directories inside DESTDIR where necessary (feel free to use "mkdir -p", the "-p" option of mkdir is now standard and widely supported). Be sure to submit the patch upstream.
  • Use "%makeinstall". Many older RPM documents suggest using "%makeinstall", which might work if "make install" doesn't support DESTDIR. However, as noted in the Fedora guidelines, the %makeinstall macro "must NOT be used when make install DESTDIR=%{buildroot} works. %makeinstall is (merely) a kludge that can work with Makefiles that don't make use of the DESTDIR variable...". Unfortunately, this sometimes has subtle failures, which is why %makeinstall should not be used if DESTDIR works. The reason is based on how %makeinstall works. The "%makeinstall" macro expands to something like "make prefix=%{buildroot}%{_prefix} bindir=%{buildroot}%{_bindir} ... install". Many programs will quietly recompile or change parts of the program when values like prefix are changed, resulting in an incorrect installation. See the Fedora guidelines if you want the details on why this approach can fail. You will probably need to create appropriate directories inside %buildroot before calling %makeinstall (e.g., mkdir -p %{buildroot}%{_bindir}/).
  • Consider using the auto-destdir package. This requires "BuildRequires: auto-destdir", and changing "make install" to "make-redir DESTDIR=%{buildroot} install". This only works well if the installation uses only certain common commands to install files, like cp and install; see "man make-redir" for details.
  • Do the installation "by hand", that is, instead of invoking a build system, copy the files to the correct locations. Basically, this would be a sequence that would create directories that weren't already created by the "BuildRequires" packages (typically using install -d or mkdir -p), followed by copying of files from the current directory (inside the build directory) into the buildroot directory (typically using "cp -p" and/or "install -p"). Running "make -n install" may make it easy to determine what this sequence should be. Be sure to create directories inside %buildroot where necessary. One serious problem with this approach is that it's easy to fail to install new or renamed files during an update—so if there's a better approach, use it instead. If you do perform the installation "by hand", be especially careful with updates when using this approach. For example:
%install
rm -rf %{buildroot}
mkdir -p %{buildroot}%{_bindir}/
cp -p mycommand %{buildroot}%{_bindir}/

As noted in the packaging guidelines' timestamp section, "when adding file copying commands in the spec file, consider using a command that preserves the files' timestamps, eg. cp -p or install -p". So, if the makefile lets you override the install command (typically named INSTALL), you might want something like INSTALL="install -p" CP="cp -p" as make parameters, like this:

make INSTALL="install -p" CP="cp -p" DESTDIR=%{buildroot} install

%files section

The %files section identifies what files and directories were added by the package - and thus, which files and directories are owned by the package. Ownership is important - when you type "rpm -qif blah", you'll see who owns blah. This section is used when performing the bin stage, to determine which files are placed into each binary RPM file.

%files Basics

The %files section normally begins with a %defattr line which sets the default file permissions. The format of this is %defattr(<file permissions>, <user>, <group>, <directory permissions>), that is, one can specify the permissions to apply to files and directories in the %files section. The fourth parameter is often omitted. Usually one uses %defattr(-,root,root,-), where "-" means "use the default permissions".

This is followed by names or patterns of the directories or files to be installed and owned by this package. You should use macros for directory names, e.g., use %{_bindir}/myfile instead of /usr/bin/myfile, and %{_sbindir}/killaccount instead of /usr/sbin/killaccount. If a name or pattern begins with "/" when expanded, then it is presumed to have been copied into the %{buildroot} followed by that pattern; when installed on the final system, it will be copied into that name without the buildroot prefix. If you don't precede the pattern with "/", then it is presumed to be in the current directory (e.g., inside the build directory) - this is used for "documentation" files. So if your package just installs /usr/bin/mycommand, then your %files section could simply say:

%files
%defattr(-,root,root,-)
%{_sbindir}/mycommand

Any file or directory identified in the %files section is owned by the defining package. You should make sure that you declare ownership of every new file or directory the package creates. You can use wildcards (*) which match a set of files - this makes the package less sensitive to changes. For example, you can declare that all the files that were copied into %{buildroot}/usr/bin are owned by this package by declaring:

%{_bindir}/*

Note that "%{_bindir}/*" does not claim that this package owns the /usr/bin directory - it claims that all the files that were installed inside the build root 's /usr/bin are owned by the package. If you list a directory in the %files section, then you are claiming that this package owns that subdirectory and all files and directories in it, recursively (all the way down) if they are present in the build root. Do not list the "/usr/bin" or "%{_bindir}" directories directly in your %files list, because that would claim ownership of /usr/bin and everything inside it. Claiming ownership of "%{_bindir}/*" is fine, though; that just claims ownership of the subdirectories and files you placed under %{buildroot}/%{_bindir}. If you create a subdirectory such as %{_datadir}/%{name}, (/usr/share/NAME), you should include that directory in the %files list:

%{_datadir}/%{name}/

It's usually easier to use wildcards for filenames, and that's also better at copying with changes in upstream. Older RPM documentation typically shows long lists under %files with individual names, such as /usr/bin/program1 followed by /usr/bin/program2. Because of the way Fedora now uses buildroots, that is no longer necessary.

It's an error if no file matches the wildcard of a line, so only note the directories that actually matter. Also, you can't identify the same file or directory more than once. Finally, it's an error to have something in the buildroot and not listed under %files; the whole point of copying something into the buildroot is because you intend to have it installed in the final system. If you don't intend that, remove those files during the %install process.

It is also possible to exclude files from a previous match by using a %exclude glob. This can be useful for including "almost all" of the files that match a different glob. However, note that, like any other file glob, even a %exclude glob will fail if it matches nothing. (This might be considered counterintuitive, as the whole point is essentially to ensure that a certain file ISN'T there, so this rule is especially important to remember.)

%files prefixes

You may need to add one or more prefixes to a %files entry (if more than one, use a space to separate them).

Typically there is a "%doc" entry with a list of documentation files that didn't get copied into the buildroot; usually there is at least a README and LICENSE file. You must include the license file, if there is one. You may prefix some of these with %attr(mode, user, group) to set the file permission mode, user, or group. You don't need to claim ownership of the /usr/share/doc/%{name} directory, that's automatic if there's a %doc entry. Any %doc entry must not affect the runtime of the application (if it is in %doc, the program must run properly if it is not present).

There is a potential 'gotcha' with %doc entries: if you have a %doc entry, then you can't use commands during %install to copy files into the documentation directory descending from %_defaultdocdir. That's because if there's a %doc entry, rpmbuild will automatically remove the docdir files created by %install before installing the files listed with %doc. This can hit you if, for example, you want an "examples" subdirectory in the documentation directory. In this case, don't use "%doc" to mark documentation. Instead, create the directories and copy the files into %{buildroot}%{_defaultdocdir}/%{name}-%{version}/ during %install, and make sure that %files includes an entry for "%{_defaultdocdir}/%{name}-%{version}/". They will still be correctly marked as documentation.

If you save configuration files (under /etc - don't put them under /usr), you should normally prefix them with %config(noreplace) unless this program version uses a non-backwards-compatible configuration format (in which case, prefix them with %config).

Prefixing a %files entry with "%attr(mode, user, group)" lets you set the permissions for particular file(s), e.g., "%attr(0644, root, root)". A "-" means "use the default".

If a file is in particular natural language, use %lang to note that. E.G.:

%lang(de) %{_datadir}/locale/de/LC_MESSAGES/tcsh*

Some documentation claims that %license and %readme are valid prefixes; they are not valid in Fedora. Use %doc instead.

%files and Filesystem Hierarchy Standard (FHS)

You should follow the Filesystem Hierarchy Standard (FHS), i.e., ordinary application executables go into /usr/bin, global configuration files go into /etc, ordinary libraries go into /usr/lib, and so on, with one exception: executables that should not normally be executed directly by users or administrators should go into a subdirectory of /usr/libexec; usually you'd refer to the necessary directory as "%{_libexecdir}/%{name}".

You shouldn't be installing files under /usr/local; that is where unpackaged files go. Typically there will be a "prefix" attribute that lets you set the prefix to be "/usr" instead of "/usr/local".

Unfortunately, many programs' "normal" installation routines do not follow the FHS. In particular, many programs normally place architecture-independent libraries under /usr/lib, instead of under /usr/share as the FHS requires. The FHS /usr/lib section says that /usr/lib is for architecture-dependent data (e.g., ELF files like .so files), while /usr/share is for architecture-independent data. That way, systems with different CPUs can share /usr/share. There are many exceptions to this rule in Fedora (e.g., Python and Perl), but Fedora applies this rule more strictly than some distributions. Note, for example, that rpmlint will complain if you put just about anything other than ELF files into /usr/lib.

%files example

Here's a simple example of a %files section:

%files
%defattr(-,root,root,-)
%doc README LICENSE
%{_bindir}/*
%{_sbindir}/*
%{_datadir}/%{name}/

Scriptlets

You can add sections so that code will run when packages are installed or removed on the real system (as opposed to just running the %install script, which only does a pseudo-install to the build root). These are called "scriptlets", and they are usually used to update the running system with information from the package.

The scriptlets in %pre and %post are run before and after a package is installed (respectively). The scriptlets %preun and %postun are run before and after a package is uninstalled. The scriptlets %pretrans and %posttrans are run at start and end of a transaction. See Packaging/ScriptletSnippets for more examples and details. For example, every binary RPM package which stores shared library files (not just symlinks) in any of the dynamic linker's default paths, must call ldconfig in %post and %postun (post-install and post-uninstall). If the package has multiple subpackages with libraries, each subpackage should also have a %post/%postun section that calls /sbin/ldconfig. For example:

%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig

Beware: The "-p" option specifies what command processor to use for the commands on the following lines. If there are no following lines, then using /sbin/ldconfig as the "command processor" is a minor efficiency improvement compared to putting "/sbin/ldconfig" on the next line, and letting the shell invoke it. That's because by using "-p", the shell isn't invoked simply to invoke a single program. But if you have multiple shell commands, don't use "-p" or /sbin/ldconfig after it! Instead, leave it blank, and include the shell commands under it.

If you are going to run programs in scriptlets, they must be installed before you run them. You have to use special variants of the "Requires:" tag, so that the program will be installed before you try to use it. These are of the form "Requires(CONTEXT):", e.g., "Requires(post)".

Most scriptlets (%pre, %post, %preun, and %postun) provide an argument you can use, accessed via $1, which is the number of packages of this name which will be left on the system when the action completes. Don't compare for equality with 2; check if they are greater than or equal than 2, since users can arrange to have multiple versions of a package installed simultaneously. For %pretrans and %posttrans, $1 is always 0.

For example, after adding an info manual to the system the dir file which indexes the info manuals should be updated. Basically, after you install the info manual, you need to run the program install-info. That's fine, except that install-info is part of package info, and there's no guarantee that info is installed unless we require it. Also, if "install-info" fails, we don't want to fail all processing. Here's one way to do that:

Requires(post): info
Requires(preun): info
...
%post
/sbin/install-info %{_infodir}/%{name}.info %{_infodir}/dir || :
%preun
if [ $1 = 0 ] ; then
/sbin/install-info --delete %{_infodir}/%{name}.info %{_infodir}/dir || :
fi

Another scriptlet-like abilility are triggers. You can define triggers for when other packages are installed or uninstalled. See Maximum RPM for more information about triggers.

Macros

Spec files may contain "macro" references (text beginning with "%"), which are replaced with other values. You can follow % by a word, e.g., "%name", but just like shell variables you must bracket the name with {...} if letters or digits immediately follow, e.g., "%{name}".

As noted in the Packaging Guidelines, There are two styles for referring some values such as the rpm Build Root and Optimization Flags:

  • "macro style": %{buildroot}, %{optflags}
  • "variable style": $RPM_BUILD_ROOT, $RPM_OPT_FLAGS

Pick a style and use it consistently throughout your packaging; this document uses "macro style".

Here are some typical macros:

Macro Typical Expansion Meaning
%{_bindir} /usr/bin Binary directory (where executables are usually stored)
%{_builddir} ~/rpmbuild/BUILD Build directory; files are compiled a subdirectory of the build directory. See %buildsubdir.
%{buildroot} ~/rpmbuild/BUILDROOT Build root, where files are "installed" during %install. The %install stage copies files from a subdirectory of %{_builddir} to a subdirectory of %{buildroot}. Historically %{buildroot} was in "/var/tmp/".
%{buildsubdir} %{_builddir}/%{name} Build subdirectory, where files are compiled during %build. It's under %{_builddir}, set after %setup.
%{_datadir} /usr/share Share directory.
%{_defaultdocdir} /usr/share/doc Default documentation directory.
%{dist} .fcNUMBER Distribution+version short name (e.g., ".fc9")
%{fedora} NUMBER Number of fedora release (e.g., 9)
%{_includedir} /usr/include
%{_infodir} /usr/share/info
%{_initrddir} /etc/rc.d/init.d
%{_libdir} /usr/lib
%{_libexecdir} /usr/libexec
%{_localstatedir} /var
%{_mandir} /usr/share/man
%{name} Name of package, set by Name: tag
%{_sbindir} /usr/sbin
%{_sharedstatedir} /usr/com
%{_sysconfdir} /etc
%{version} Version of package, set by Version: tag

To see more about macros you can look in /etc/rpm/* and the "macros" files under "/usr/lib/rpm/", especially /usr/lib/rpm/macros. You can also use "rpm --showrc" to show the values rpm will use for all of the options currently set in rpmrc and macro configuration files.

You can set your own macro values using %global; be sure to define them before you use them. Macro definitions can refer to other macros. For example:

%global myvalue 50

You can use rpmbuild to find the value of some macro, using its "-E" (--eval) option. For example, to find the current expansion of %{_bindir} in myfile.spec, you can run:

rpmbuild -E '%{_bindir}' myfile.spec

Packaging/RPMMacros has more information on macros, as does RPM Guide chapter 9.

Other tags

We noted the "Requires" and "BuildRequires" tags earlier. There are a few other tags for controlling dependencies: Provides, Obsoletes, Conflicts, and BuildConflicts.

  • "Provides:" lets you list virtual package names that this package provides. Sometimes there are several different packages that can provide a function, and using packages won't care which one. In that case, each of the packages that provide the function should "provide" a virtual package, and then using packages can list the virtual package name under "Requires:". For example, several different packages might provide "latex"; if you depend on the virtual package "tex(latex)", then users can choose which package to get "latex" from. If you provide virtual packages, you might also want to use the "alternatives" system, but be careful: "alternatives" settings are system-wide, so if multiple users on the same system might want different defaults, don't use the alternatives system. You can find out what a given package provides (both virtual and non-virtual names) by querying "rpm -q --provides PACKAGENAME". Some virtual packages in Fedora are:
    • MTA : Used for mail transport agents, such as sendmail.
    • tex(latex) : Used for latex
  • "Obsoletes:" lets you state that installing this package should (normally) cause the removal of the other named package(s). This is useful when a package's name changes, or when a package wholly replaces a different package.
  • "Conflicts:" lets you state what packages cannot be installed simultaneously this one. Obviously, try to avoid this if you can; see Packaging/Conflicts if you think you need to use it.
  • "BuildConflicts:" lets you state what packages cannot be installed when building this package. Obviously, try to avoid this if you can.

You can control which architectures a package builds (or doesn't build). For example, if your package can't compile on ppc, you can do this:

ExcludeArch: ppc

There's also an "ExclusiveArch" tag. The valid architectures one can specify in these tags are listed in the Architectures section.

Subpackages

A spec file can define more than one binary package, e.g., client and server, or runtime and developer packages. If there's a large amount of documentation, it may be split into a NAME-doc subpackage. You will always have one spec file and one source RPM (SRPM), even if there are multiple binary RPMs that they generate. A spec file that produces multiple binary packages still has only one creation process, so there is only one %prep, %build, %check, and %install section that creates all the files for all the packages.

In a spec file, use the %package directive to start defining a subpackage:

%package sub_package_name

By default, the subpackage name is PACKAGE_NAME, "-", SUBPACKAGE_NAME; you can use "-n" to override this and make a new name:

%package -n new_sub_package_name

After the %package directive, list the tags for the subpackage. This should include at least the "Summary:" and "Group:" tags and directives "%description SUBPACKAGE_NAME" and "%files SUBPACKAGE_NAME". Anything not specified by the subpackage will be inherited from its parent. For the directives, if you used "-n" with %package, you'll need it again for these directives. You need to specify the name for the other directives, e.g., %pre and %post, if you use them in the subpackage.

See the RPM Guide section on subpackages for more information.

Conditionals

You can insert conditional statements. E.G., you can test if you are creating a binary for a certain architecture with:

%ifarch ARCHITECTURE_NAME

the negated version with:

%ifnarch ARCHITECTURE_NAME

or the more general conditional:

%if TRUE_OR_FALSE

There is an optional "%else" section; all of these are closed with "%endif".

Application Specific Guidelines

There are many application-specific guidelines that can help you (e.g., for specific programming languages, applications, libraries, and build systems). Many of them are listed as part of the Application Specific Guidelines of Packaging/Guidelines. Examples of application-specific guidelines are those for:

Failing that, some other ways of finding application-specific help are:

Miscellaneous hints

Try to write your scripts so that when upstream makes changes, the packaging is likely to work when you change the version number and reload the source file(s). For example, if it contains *.txt files with execute bits, instead of doing:

 chmod a-x Filename1.txt Filename2.txt Filename3.txt

consider doing this, which will handle new filenames that use the same file naming convention:

 chmod a-x *.txt

If you want to see lots of examples of scriptlets, you can show all the scriptlets on installed programs using:

 rpm -qa --queryformat "\n\nPACKAGE: %{name}\n" --scripts | less

Packaging/FrequentlyMadeMistakes has information on frequently-made mistakes.

Don't try to interact with the user; RPM is designed to support batch installs. If an application needs to show a EULA, that needs to be part of its initial execution, not its installation.

You might not want to start services, because in a big install that could slow things down. If you install an init script, consider using chkconfig to arrange for the service to be started and stopped on the next reboot. Before uninstalling you should normally try to stop its services if it's running.

Uninstall should reverse most changes made during installation, but don't remove any user-created files.

Normally, if there are binary executables, a separate "debug" package is created with the symbols, and the symbols are stripped from the normal binary packages. If this shouldn't happen, you can disable the package-creation and stripping with:

%global _enable_debug_package 0
%global debug_package %{nil}
%global __os_install_post /usr/lib/rpm/brp-compress %{nil}

A way to check for the version of Fedora in a spec file for conditional builds is:

%if 0%{?fedora} <= <version>

(The ? causes the macro to evaluate to blank if %fedora is not defined, and this causes the end result to be "0", which is a number and thus ok, while not interfering with the result if there is actually a value for %fedora.)

Note that the previous trick DOES NOT work in Koji "scratch" builds - %fedora is set during the creation of a source RPM. (Thus, this trick does work in actual Koji builds as the system extracts sources from the source RPM and rebuilds the source RPM with the appropriate %fedora value.)

There are also some recommendations and controversial tricks on PackageMaintainers/Packaging Tricks.

GUI programs must have a desktop entry (so that people can invoke it from a graphical menu). The Fedora packaging guidelines discuss desktop files. See also the desktop entry spec (for .desktop files) and icon theme spec (for icon-related materials such as those in /usr/share/icon).

Older RPM documents

Some older documents about RPM have the most information, but some older documents make claims that are no longer true:

  • rpm files are no longer placed in a shared /usr/src/redhat directory. This is an obsolete way of using rpm and not recommended; modern systems set a %{_topdir} instead like ~/rpmbuild.
  • the %install process does not install files in their final location. Instead, it "installs" files to the buildroot.
  • The "rpm" command no longer creates packages (e.g., "rpm -ba" was once legal). Use the separate "rpmbuild" program instead.
  • Many historical specs use the "%define" command to define macros. However, "%define" creates a locally defined submacro within other macro definitions; this is very rarely needed, and using %define incorrectly can cause subtle bugs. For nearly all uses, use "%global" instead. (See PackagingDrafts/global_preferred_over_define.)
  • The "BuildRoot:" value is now ignored.

Quick test with rpmlint

Before trying to build anything from it, you should run rpmlint on the spec file:

rpmlint program.spec

This will catch many errors early. If the reported error doesn't make sense, run it again with the "-i" option (this gives longer messages).

Generally, you should not have errors from rpmlint, but sometimes rpmlint is excessively noisy. The Fedora packaging guidelines explain which ones to ignore, e.g., ignore "no-packager-tag" and "no-signature" errors.

Creating RPMs from the spec file

Once you've create a spec file, say "program.spec", you can create source and binary RPMs by simply running this:

 $ rpmbuild -ba program.spec

If this works, then your binary RPM files will be created underneath ~/rpmbuild/RPMS/ and the source RPM will be in ~/rpmbuild/SRPMS.

When things go wrong, you can "cd" into the appropriate directory and see what's left over. If you want to skip earlier stages, use the "--short-circuit" option; this is handy if you had a successful build, but have an error in the %install section. For example, to restart at the %install stage (skipping earlier stages), do this:

 $ rpmbuild -bi --short-circuit program.spec

If you just want to create a source RPM (.src.rpm), do this in the SPECS directory:

rpmbuild -bs program.spec

This will create the source RPM in ~/rpmbuild/SRPMS. Creating only a source rpm (.src.rpm) is quite quick, because rpm simply needs to copy the .spec file and associated SOURCES files into a .src.rpm file. Creating a binary rpm typically takes much longer, because this requires running the %prep, %build, and %install scripts.

Testing RPMs you've built (including rpmlint)

Run rpmlint on the .spec files, generated binary RPM, and generated source RPM. Rpmlint works on .spec files, binary RPMs, and source RPMs, finding different things in each. You need to eliminate or justify rpmlint warnings before posting a package. If you are in the SPECS directory, do this:

$ rpmlint NAME.spec ../RPMS/*/NAME*.rpm ../SRPMS/NAME*.rpm

Normally rpmbuild will build a binary RPM with debugging information - this will handle that.

If you "cd" to the "~/rpmbuild/RPMS" directory, and then cd to the architecture subdirectory, you'll find some binary rpms. You can quickly see their files and their permissions by using rpmls (check to see that they are what you expect):

$ rpmls *.rpm

If those look okay, you can become root and try to install them:

# rpm -ivp XYZ1.rpm XYZ2.rpm XYZ3.rpm ...

Then, you can test them out. Use it a few different ways and see if it works correctly. If it's a GUI tool, make sure it shows up in the menu (if it doesn't, something is wrong with your .desktop entry).

You can uninstall packages later using:

# rpm -e XYZ1 XYZ2 XYZ3

If that works, you can use Mock to do a more rigorous test that you have accurate build dependencies. Basically, mock will create a nearly-empty environment and try to rebuild the package; if it fails, then you forgot to list something in a "BuildRequires:" statement. See Using Mock to test package builds for more information about how to use Mock; once your account is a member of the "mock" group, you can run commands like this to do local testing:

$ mock -r fedora-9-i386 rebuild path_to_source_RPM

If a mock build fails, or the resulting program doesn't work correctly, then you almost certainly have one or more missing BuildRequires packages.

Once Mock works on your system, you can use Koji (which uses Mock) to do builds on many different systems, some of which you may not have. PackageMaintainers/Join and PackageMaintainers/UsingKoji have more information about Koji. Once it's set up, you can test your source RPM on a variety of platforms by running commands like:

$ koji build --scratch dist-f9 path_to_source_RPM

You can replace dist-f9 with dist-f8, dist-f10, etc., to try other releases. Don't use "dist-rawhide", that's not really rawhide. Remember, the values of %fedora, %fc9, etc., will not be correct for a scratch build, so this won't work if your spec file does something different based on those values.

Your koji builds can only depend on packages that are actually in the TARGET distribution repository. Thus, you can't use koji to build for released distributions if your package depends on other new packages that Bodhi hasn't released yet. You can use koji to build for rawhide (the next unreleased version), even if it depends on other new packages, as long as the other packages were built in the CVS "devel" section as described below. If you need to build against a package that is not yet a stable released update, you can file a ticket with rel-eng at: https://fedorahosted.org/rel-eng/newticket and request that that package be added as a buildroot override.

Helpful tools

The "rpmdevtools" package has a number of helpful tools; "rpm -qil rpmdevtools" will show you what it installs. One particularly useful tool is rpmdev-bumpspec, which has this form:

rpmdev-bumpspec --comment=COMMENT --userstring=NAME+EMAIL_STRING SPECFILES

rpmdev-bumpspec will bump the release tag in the spec file(s), and add a changelog comment with the right datetime and version format. COMMENT should typically start with "- ".

Similarly, "yum-utils" has a number of yum-specific tools. "yumdownloader" is especially helpful; you can download the source RPM of a package by simply running "yumdownloader --source PACKAGENAME". You can then use "rpm -U SOURCEPACKAGENAME" to install the source files. E.G., "yumdownloader --source glib; rpm -Uvh glib*.src.rpm".

The auto-buildrequires package has a pair of nice tools for helping to figure out the proper BuildRequires entries. After installing this package, replace "rpmbuild" with "auto-br-rpmbuild" and you'll see an automatically-generated buildrequires list.

You might find RUST useful (GPL). It is "a drag & drop RPM creation GUI and a 'sandboxing' toolkit that allows you to do software installations within a chrooted environment and automatically generate RPMs from arbitrary source code, without ever seeing a spec file." If you're creating spec files, it can help you determine the %files. Note, however, that it does not create .spec files, nor does it create packages of adequate quality for the Fedora repository; it is primarily a tool for making quick-and-dirty binary RPM packages. (Note: it is no longer at "rusthq.com".)

Alien converts between package formats. It won't produce clean source RPMs, but converting an existing package might provide helpful information.

Guidelines and rules

When you create your packages, you'll need to follow the following rules and guidelines:

There are many official guidelines that will help you with specific circumstances (Java programs, OCaml programs, GNOME programs, etc.); the Packaging Guidelines include cross-references to those guidelines. You can also learn more from the SIGs and Package Maintainers sections. You can also see the list of all Wiki pages about Packaging to see if any apply.

Failing that, you might find some useful recommendations in the unofficial Packaging Drafts and Packaging Drafts To Do. These are unofficial, obviously. You might find ideas from SuSE, Debian, but distributions differ in their rules, so do not presume they can be used directly.

The .spec files that you create must be open source software, as noted in the CLA.

Maintaining the package

Once your package is accepted, you (or your co-maintainers) need to maintain it. See the Package update HOWTO and Package update guidelines for more information. If you update the version in multiple releases of Fedora, do it "backwards" in time, e.g., release for Fedora N, then once that's accepted, Fedora N-1 (the system presumes that later versions of Fedora have the same or later versions of programs).

Encourage the upstream developers to use standard source code release conventions. Using standard conventions makes packaging much easier. For more information, see:

For more information

The Package Maintainers page links to many other useful pages, and the Package update HOWTO describes how to update an existing package you already maintain in Fedora.

For more information, outside of the Fedora Wiki, see:

Note: The rpm5.org site has some documentation, but do not depend on it; that is the home of a fork of RPM maintained by Jeff Johnson. The RPM used by Fedora (and Novell/SuSE) is instead based at rpm.org. lwn.net has a brief article about this.