o6asan's soliloquy.

   Last time, I created a repository for my own. This time, I’ll write ‘How to use the repository’.

   Log in a CentOS7 I want to use the repository on, for example the VPS, the VM for development environment, and so on.

1. Install ‘yum-plugin-priorities’.
   Because Base, Updates and Extras repositories have high priority, CentOS doesn’t use my repository package if the same rpm package exists in these three repositories when they are enabled and aren’t changed their priorities. Of course, you can handle this by manual each time, but I prefer using ‘yum-plugin-priorities’ for my frequently used repositories.
   $ sudo yum install yum-plugin-priorities
    
   I think you have to set their priority for frequently used repositories. How do we know what repositories we enable? You can get the information by the next command.
   $ yum repolist
    
   If you do ‘yum repolist all’, you can get the information about all repositories configured.
2. Create a myrepo.repo in the directory /etc/yum.repos.d.
   $ sudo vi /etc/yum.repos.d/myrepo.repo
   Its text is the followings.
   [myrepo]
   name=o6asan’s original RPM packages
   baseurl=http://www17130ue.sakura.ne.jp/~myrepo/x86_64/
   gpgcheck=1
   gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-o6asan
   priority=1
3. Add ‘priority=2‘ to the last line of [base], [updates] and [extras] in /etc/yum.repos.d/CentOS-Base.repo.
4. $ wget http://www17130ue.sakura.ne.jp/~myrepo/x86_64/RPM-GPG-KEY-o6asan
   $ sudo mv RPM-GPG-KEY-o6asan /etc/pki/rpm-gpg/

   Now, I’m ready to use my repository. When I use my repository at the first time, CentOS7 asks about importing RPM-GPG-KEY-o6asan and imports it if I give ‘yes’.

Note) How to delete GPG public key from a client PC.
   The client PC doesn’t have the private key. So ‘gpg --delete-key <email@address>’ gives ‘Unknown system error’. The next command works.
　　$ sudo rpm -e [package]

   For that, you need an exact package name. You can get it by the following.
　　$ rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}n'

   For example, you have the following about CentOS-7 Key.
　　gpg-pubkey-f4a80eb5-53a7ff4b –> gpg(CentOS-7 Key (CentOS 7 Official Signing Key) )
   So you can delete it by the next command.
　　$ sudo rpm -e gpg-pubkey-f4a80eb5-53a7ff4b

   I want to configure my system with event + suEXEC + FPM on さくらの VPS.
   For that I rebuilt php.rpms with ‘--enable-fpm’, but I got fed up with all the dependency things when I used ‘rpm -ivh’. So I decided to create a repository for my own, ha-ha.

On the VPS
1. $ sudo adduser --gid xxxx myrepo
   ‘myrepo’ is a user for the repository and ‘xxxx’ is the gid of the httpd user group.
   $ sudo passwd myrepo
2. $ sudo chmod 710 /home/myrepo
3. $ sudo su - myrepo
4. $ mkdir public_html
5. $ cd public_html
6. $ mkdir x86_64
7. $ exit

   I haven’t written it yet, but I already configure Apache httpd for suEXEC Support. So I have new User and Group on the httpd.conf. If you use the settings on this post for your repository, read my words about httpd configuration on the post as your words on your system.
 
   I removed ‘Options Indexes’ from the httpd conf files, but want to show the indexes of the repository directory. For that I need to use ‘Options Indexes’ in the .htaccess file. So I did the following things.

About httpd on the VPS
1. Change the followings about the userdir.conf (/etc/httpd/conf.d/userdir.conf).
   UserDir enabled normuser1 —>> UserDir enabled normuser1 myrepo
   　　　　↑ This is not for .htaccess but for the user ‘myrepo’.
   AllowOverride FileInfo AuthConfig Limit Indexes
   —>> AllowOverride FileInfo AuthConfig Limit Indexes Options=Indexes
2. $ sudo systemctl restart httpd.service
3. $ sudo su - myrepo
4. $ cd public_html/x86_64
5. $ vi .htaccess
   Its text is ‘Options Indexes’.
6. $ chmod 640 .htaccess
7. $ exit

On the VM for development environment.
1. Log on as the user ‘rpmbuilder’ and rebuild all the rpm files I want.
    
   Note 1) On the post ‘First VPS #5’, I wrote how to rebuild php.rpm. That’s nothing wrong, but yum gives ‘Package PACKAGE_NAME.rpm is not signed’ when I used my repository. We need a signature for rpm files when we use them by yum though we can avoid it by the option ‘--nogpgcheck’ and I used the option for my filezilla.rpm installation.
2. Add my signature to the rpm files.
   $ rpm --addsign rpmbuild/RPMS/x86_64/*
    
   Of course, I need GPG Keys before this step.
   • Log on the VM as a root privilege user.
     $ sudo gpg --gen-key
     $ sudo gpg --export -a 'o6asan' > RPM-GPG-KEY-o6asan
     RPM-GPG-KEY-o6asan is my public key file. I upload this to /x86_64 in myrepo’s DocumentRoot on the VPS by Filezilla client.
     $ sudo gpg -o file.secret --export-secret-key o6asan
     file.secret is my private key file. I move this to rpmbuilder’s home directory.
     $ sudo mv /home/vmowner/file.secret /home/rpmbuilder/file.secret
   • Log on the VM as the user ‘rpmbuilder’
     $ gpg --import file.secret
     This command imports both secret and public keys.
      
     $ vi .rpmmacros
     Add the next two lines.
     %_signature gpg
%_gpg_name <Owner name>
      
     Note 2) Actually, I wanted to create the keys as ‘rpmbuilder’ because I rebuild the rpm files as ‘rpmbuilder’. But I couldn’t. To create GPG Keys requires root privilege.
3. Upload all the rpm files to /x86_64 in myrepo’s DocumentRoot on the VPS.
4. On the VPS.
   $ sudo yum install createrepo
   $ sudo createrepo /path to/x86_64

   Now, I have a repository for my own and the URL is http://www17130ue.sakura.ne.jp/~myrepo/x86_64/.
   I’ll write ‘How to use the repository for my own’ for the next post.

   My original plan for this post was to write an article about suEXEC Support. I want to configure my system with event + suEXEC + FPM on さくらの VPS. About event + suEXEC on Apache httpd it’s OK by CentOS7 default. But about FPM I found a big problem. The default php.rpm of CentOS 7 seems to have no ‘–enable-fpm‘ option at its build. This information you can have by the following command. For this you need to install the package ‘php-devel’. We cannot get the information by ‘php -i’ when we use CentOS rpms.
$ php-config --configure-options
 
   So I have to rebuild the php.rpm with ‘–enable-fpm’. Is this really necessary? Well, OK (^^;).
   I don’t build rpms on my VPS because I don’t want to install devel packages on the VPS, so I created a virtual PC for development environment in the NJ2100. For the virtual PC I used VMware(R) Player 6.0.4 build-2249910 and CentOS7 (Select ‘Development and Creative Workstation’ and check ‘Development Tools’). See the post “How to create a Virtual PC in Windows7 and run CentOS6.4 on it” for reference.
 
   I almost had the same results except about Ethernet. The NJ2100 has SiS Ethernet Controller and CentOS7 on VMware(R) Player couldn’t find the device out. How can I fix this issue? I found a lot of pages about it on the Internet and I’ll recommend this page for you though it’s Japanese.
 
   They tell me the same thing, i.e. use vmnetcfg.exe and vmnetcfglib.dll. They say that VMware Workstation Free Trial version like VMware-workstation-full-10.0.x-xxxxxxx.exe includes the two files. But there was a problem. We can download VMware Workstation 10 still now if we need a production version, but about Free Trial version we can download VMware Workstation 11 only from the vender site right now. Though I downloaded ‘VMware-workstation-full-11.0.0-2305329.exe’ and took a look in the file, I couldn’t find the two files.
 
   I looked for VMware Workstation 10 on the Internet. FINALLY, I got it from filehorse.com and had the two files. Do you need them? I made a zip for you. Is this act gray or illegal? Anyway I had a VM for development environment.
 
   Now I’ll write to rebuild the php.rpm. All procedures I did on the virtual machine and see the official page for reference.

1. I make an unprivileged user(rpmbuilder) for building RPMs and and create the user mockbuild which is a no logon user. It seems to be used by the command ‘rpm’ and originated in IUS.
   $ sudo useradd rpmbuilder
   $ sudo passwd rpmbuilder
    
   $ sudo useradd -s /sbin/nologin mockbuild
2. Create directories for RPM building under rpmbuilder’s home.
   $ sudo su - rpmbuilder
   $ mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
   $ echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros
3. Download the source rpm from vault.centos.org.
   $ wget http://vault.centos.org/7.0.1406/updates/Source/SPackages/
php-5.4.16-23.el7_0.3.src.rpm
4. Install.
   $ rpm -ivh php-5.4.16-23.el7_0.3.src.rpm
5. Edit php.spec
   $ $ cd ~/rpmbuild/SPECS/
   $ vi php.spec
   Add ‘–enable-fpm ‘ as the line 869.
6. $ rpmbuild -ba php.spec
    
   It shows packages resolving Dependencies. Install all of them. After that try again.
   $ rpmbuild -ba php.spec
    
   Now I had a php.rpm with ‘–enable-fpm’ option.

   By the way, my VM has GUI, so I wanted to use FileZilla as FTP client software. But I couldn’t find its rpm on the official repositories. Then I made a filezilla.rpm. For this I needed the package wxGTK3-devel, so I installed epel repository.

1. $ sudo yum install epel-release
2. $ wget ftp://fr2.rpmfind.net/linux/fedora/linux/development/rawhide/source/
SRPMS/f/filezilla-3.10.0-1.fc22.src.rpm
   $ rpm -ivh filezilla-3.10.0-1.fc22.src.rpm
   $ cd ~/rpmbuild/SPECS/
   $ rpmbuild -ba filezilla.spec

   That’s it!