Otto background

Linux Hack of the Week #16: Creating RPMs

If you’re a regular Linux user, you probably love how easy it is to install files now. When I started using Unix and Linux, every package involved running the following:

./configure makemake install

Back in the day, this was a problem because between each of those steps it was hard to determine which package contained the missing file libX.h that threw an error. Then if you download that package, you end up repeating the above steps into a downward spiral of dependency nightmares. Using RPMs (RPM Package Manager) solve this problem by installing all dependencies, allowing for auto updates, and having a single point to manage software. The bottom line is that if you are creating software, packaging it in an RPM will make your life much easier.


The tool used to build RPMs is rpm-build. It can be installed simply by using yum. Then, create the build environment:

The RPMbuild area consists of five directories. These include:

SOURCES: Contains the original sources
SPECS: Contains the spec files
BUILD: Temp directory for building
RPMS: Where binary files are stored
SRPMS: Where source RPMs are stored


The file that contains all of the build instructions is called the spec file. Let’s walk through the fields below:

Name: Name of package
Version: Version of package
Release: Release number
Summary: Summary of the app
Source: %{name}-%{version}.tar.gz
Group: Applications/System
Requires: Packages that are required
Packager: Your Name
BuildArchitectures: noarch/x86/etc

%description: Describe the application here

%prep: echo Building %{name}-%{version}-%{release}


tar -zxvf $RPM_SOURCE_DIR/%{name}-%{version}.tar.gz

%build: Executes build macro

%install: Executes install process

mkdir -p $RPM_BUILD_ROOT/data

cp -r $RPM_BUILD_DIR/%{name}-%{version}/* $RPM_BUILD_ROOT/.

%post: #Run post install processes

chkconfig example on


The source file should be placed in the SOURCES directory:

tar -zcvf foo-1.0.tar.gz foo

cp foo-1.0.tar.gz /root/rpmbuild/SOURCES/


Change directory back to your specs directory and run rpmbuild -ba example.spec:

Review the files that were created:


Test your new RPM by performing an install:


Now that you know how to build an RPM, you can package your own custom software. I find that this a great way to distribute open source projects, and having a package will help with adoption. I would recommend starting by creating your first RPM with something easy, and building from there. As always feel free to let me know if you have any questions

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.