compiling openssh-5.8p1 with default configure parameters

General support questions including new installations

compiling openssh-5.8p1 with default configure parameters

Postby seccentral » 2011/03/25 16:06:48

This is my first post here, so i'd like to say hello to everyone around.

Now to business.
I need to statically build openssh-5.8p1 and the compile fails.
some box information:
CentOS release 5.5 (Final)
arch i686

first thing's first.
yum groupinstall "Development Tools" "Development Libraries"

i got the src.rpm openssh-4.3p2-41.el5.src.rpm from a centos mirror and tried a rpmbuild to get the exact ./configure command for my box
it is as follows:
./configure --build=i686-redhat-linux-gnu --host=i686-redhat-linux-gnu --target=i386-redhat-linux-gnu --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --sysconfdir=/etc/ssh --libexecdir=/usr/libexec/openssh --datadir=/usr/share/openssh --with-tcp-wrappers --with-rsh=/usr/bin/rsh --with-default-path=/usr/local/bin:/bin:/usr/bin --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin --with-privsep-path=/var/empty/sshd --enable-vendor-patchlevel=FC-4.3p2-41 --disable-strip --without-zlib-version-check --with-nss --with-pam --with-selinux --with-linux-audit --with-kerberos5


then i unpack the 5.8p1 sources somewhere and i run that configure with added --with-ldflags=-static option
it fails, complaining that -lpam is not installed, giving the following error:
checking for pam_set_item in -lpam... no
configure: error: *** libpam missing


a grep reveals:
cat config.log | grep -i lpam -A 4
configure:18860: checking for pam_set_item in -lpam
configure:18895: gcc -o conftest -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wno-pointer-sign -fno-strict-aliasing -fno-builtin-memset -fstack-protector-all -std=gnu99 -fstack-protector-all -static conftest.c -lpam -ldl -lcrypto -ldl -lutil -lz -lnsl -lcrypt >&5
/usr/bin/ld: cannot find -lpam
collect2: ld returned 1 exit status
configure:18901: $? = 1
configure: failed program was:
| /* confdefs.h. */


a rpm list:
rpm -qa | grep -i pam
pam_passwdqc-1.0.2-1.2.2
pam_ccreds-3-5
pam-0.99.6.2-6.el5_5.2
pam_krb5-2.2.14-15
pam_pkcs11-0.5.3-23
pam-devel-0.99.6.2-6.el5_5.2
pam_smb-1.1.7-7.2.1


searched google, some say it's a bug -somewhere- and i'm no developer, please assist.
Thank you.
seccentral
 
Posts: 1
Joined: 2011/03/25 15:44:08

Re: compiling openssh-5.8p1 with default configure parameters

Postby pschaff » 2011/03/25 21:35:15

Welcome to the CentOS fora. Reading FAQ & Readme First is recommended for new users.

Backing up a step or two - before we go off on replacing critical core security components with Source Installs - are you familiar TUV's policy of backporting security fixes? Why a static version?

If you must still have a later version read about how to rebuild SRPMs and find a Fedora or other SRPM as a starting place. That will take care of the missing build dependencies that are causing the errors; however, by the time you satisfy them you may find yourself recursively replacing core components and end up with a CentOS/Fedora Frankenstein's Monster.

If your target for the static binary is other than CentOS, you might better start with a recent Fedora version, or Scientific Linux 6.0 (as CentOS 6 is still a pipe dream).
pschaff
Retired Moderator
 
Posts: 18277
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America


Return to CentOS 5 - General Support

Who is online

Users browsing this forum: No registered users and 3 guests