This directory contains RPM packaging files for building SSS packages for RHEL 8, RHEL 9, and RHEL 10.
./rpm-build/build-rpm.sh rhel9./rpm-build/build-rpm.sh rhel8./rpm-build/build-rpm.sh rhel10./rpm-build/build-rpm.sh all- Docker installed and running
- User has permission to run Docker commands
The script will automatically use Rocky Linux container images as build environments.
For local builds on RHEL/Rocky/AlmaLinux:
# RHEL 8 / Rocky 8 / AlmaLinux 8
sudo dnf install -y epel-release
sudo dnf install -y rpm-build rpmdevtools gcc libsodium-devel fuse3 fuse3-devel
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
# Build
./rpm-build/build-rpm.sh --no-container rhel8# RHEL 9 / Rocky 9 / AlmaLinux 9
sudo dnf install -y epel-release
sudo dnf install -y rpm-build rpmdevtools gcc libsodium-devel fuse3 fuse3-devel
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
# Build
./rpm-build/build-rpm.sh --no-container rhel9# RHEL 10 / Rocky 10 / AlmaLinux 10
sudo dnf install -y epel-release
sudo dnf install -y rpm-build rpmdevtools gcc libsodium-devel fuse3 fuse3-devel
# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
# Build
./rpm-build/build-rpm.sh --no-container rhel10Usage: ./rpm-build/build-rpm.sh [OPTIONS] TARGET
TARGETS:
rhel8 Build for RHEL 8
rhel9 Build for RHEL 9
rhel10 Build for RHEL 10
all Build for RHEL 8, 9, and 10
OPTIONS:
-h, --help Show help message
-c, --clean Clean build artifacts before building
-n, --no-container Build locally (requires proper RHEL environment)
./rpm-build/build-rpm.sh --clean all./rpm-build/build-rpm.sh --no-container rhel9./rpm-build/build-rpm.sh rhel10Built RPM packages will be placed in the rpm-build/ directory:
sss-1.2.0-1.el8.x86_64.rpm- Binary package for RHEL 8sss-1.2.0-1.el8.src.rpm- Source package for RHEL 8sss-1.2.0-1.el9.x86_64.rpm- Binary package for RHEL 9sss-1.2.0-1.el9.src.rpm- Source package for RHEL 9sss-1.2.0-1.el10.x86_64.rpm- Binary package for RHEL 10sss-1.2.0-1.el10.src.rpm- Source package for RHEL 10sss-1.2.0-1.fc42.x86_64.rpm- Binary package for Fedora 42sss-1.2.0-1.fc42.src.rpm- Source package for Fedora 42
# Install EPEL (for libsodium)
sudo dnf install -y epel-release
# Install the RPM
sudo dnf install -y ./rpm-build/sss-1.2.0-1.el8.x86_64.rpm# Install EPEL (for libsodium)
sudo dnf install -y epel-release
# Install the RPM
sudo dnf install -y ./rpm-build/sss-1.2.0-1.el9.x86_64.rpm# Install EPEL (for libsodium)
sudo dnf install -y epel-release
# Install the RPM
sudo dnf install -y ./rpm-build/sss-1.2.0-1.el10.x86_64.rpmThe RPM package includes:
/usr/bin/sss- Main SSS command/usr/bin/ssse- Editor mode (symlink to sss)/usr/bin/sss-agent- SSH agent-style key agent/usr/bin/sss-askpass-tty- TTY password prompt/usr/bin/sss-askpass-gui- GUI password prompt- Documentation files (README.md, LICENSE)
- Man pages (if available)
The RPM spec file is located at sss.spec in the project root. You can customize:
- Version and release numbers
- Dependencies
- Build options
- File locations
- Changelog entries
If you get errors about missing libsodium, ensure EPEL is enabled:
sudo dnf install -y epel-release
sudo dnf install -y libsodium-devel # For building
sudo dnf install -y libsodium # For runtimeSSS requires FUSE3 (not FUSE2) for filesystem mounting. On RHEL 8 systems:
sudo dnf install -y fuse3 fuse3-libs # For runtime
sudo dnf install -y fuse3-devel # For buildingNote: RHEL 9+ includes FUSE3 by default.
If you get permission errors with Docker:
# Add your user to the podman/docker group (if using rootless containers)
# For docker:
sudo usermod -aG docker $USER
# For podman: no group needed, rootless by default
# Log out and log back in for changes to take effectThe spec file requires Rust 1.70 or newer. If your system Rust is too old:
# Install rustup (recommended)
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source $HOME/.cargo/env
rustup update stableTo host your RPMs in a local repository:
# Create repository directory
mkdir -p ~/sss-repo
# Copy RPMs
cp rpm-build/*.rpm ~/sss-repo/
# Create repository metadata
createrepo ~/sss-repo
# Serve via HTTP (optional)
cd ~/sss-repo
python3 -m http.server 8000Then on client machines:
# Create repo file
sudo tee /etc/yum.repos.d/sss.repo <<EOF
[sss]
name=SSS Repository
baseurl=http://your-server:8000
enabled=1
gpgcheck=0
EOF
# Install
sudo dnf install sssWhen updating the version:
- Update
Cargo.tomlversion field - Update
sss.specVersion field - Add changelog entry in
sss.spec - Update VERSION in
build-rpm.shif not parsing from Cargo.toml - Rebuild RPMs
You can integrate RPM building into your CI/CD pipeline:
# Example GitHub Actions workflow
jobs:
build-rpms:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Build RPMs
run: |
./rpm-build/build-rpm.sh all
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: rpm-packages
path: rpm-build/*.rpmThe packaging scripts are distributed under the same license as SSS.