LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
LinkBack Search this Thread
Old 12-18-2007, 04:36 PM   #1
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,846

Rep: Reputation: 128Reputation: 128
Keeping Slackware 12.0 patched with security updates


Ok, I know this has probably been discussed a thousand times, but I can't seem to find information on how to keep my Slackware 12.0 install updated with all the relevant security updates.

I've browsed through my local friendly Slackware mirror, and read the Changelog.txt, and I see that since I installed Slackware there's a few patches that have been issued to fix various security issues. Is it a simple case of downloading the /patches/packages packages, and then upgradepkg'ing the lot? I presume not, as this will likely break some things, but a pointer in the right direction would be very much appreciated
 
Old 12-18-2007, 05:01 PM   #2
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,112

Rep: Reputation: Disabled
It is really as simple as that.
There was the exceptional case once where there was a package added to Slackware as a "patch" because it was needed by another program which was updated, but that will likely not happen again anytime soon.
So, the "upgrade *.tgz" is basically all you need to do... in runlevel 3 or even better, in runlevel 1.

Eric
 
Old 12-18-2007, 05:18 PM   #3
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,846

Original Poster
Rep: Reputation: 128Reputation: 128
Should have known, this is Slackware after all
 
Old 12-18-2007, 07:03 PM   #4
allend
Senior Member
 
Registered: Oct 2003
Location: Melbourne
Distribution: Slackware-current
Posts: 3,283

Rep: Reputation: 802Reputation: 802Reputation: 802Reputation: 802Reputation: 802Reputation: 802Reputation: 802
Have a look at slackpkg. Once you have setup your /etc/slackpkg/mirrors and /etc/slackpkg/blacklist files then (as root):
#slackpkg update
#slackpkg upgrade-all

Works great for keeping a stable Slack install up to date.
 
Old 12-18-2007, 09:41 PM   #5
rworkman
Slackware Contributor
 
Registered: Oct 2004
Location: Tuscaloosa, Alabama (USA)
Distribution: Slackware
Posts: 1,904

Rep: Reputation: Disabled
Quote:
Originally Posted by allend View Post
Have a look at slackpkg. Once you have setup your /etc/slackpkg/mirrors and /etc/slackpkg/blacklist files then (as root):
#slackpkg update
#slackpkg upgrade-all

Works great for keeping a stable Slack install up to date.
Indeed, but I think you're after:
Code:
# slackpkg install patches
# slackpkg upgrade-all
The first will install any packages that might happen to be *added* to /patches (such as the *rare* case that Eric mentioned), and the second will upgrade everything to the version in /patches.
 
0 members found this post helpful.
Old 12-18-2007, 10:40 PM   #6
Linux For Ever
Member
 
Registered: Jun 2006
Location: KSA
Distribution: Slackware 12.2
Posts: 49

Rep: Reputation: 15
This is the way i use:

Code:
wget -c -t 0 -T 10 ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/*
Now just type
Code:
upgradepkg *.tgz
and enjoy.
 
Old 12-18-2007, 10:40 PM   #7
gilead
Senior Member
 
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,123

Rep: Reputation: 151Reputation: 151
Quote:
Originally Posted by rworkman View Post
Indeed, but I think you're after:
Code:
# slackpkg install patches
# slackpkg upgrade-all
The first will install any packages that might happen to be *added* to /patches (such as the *rare* case that Eric mentioned), and the second will upgrade everything to the version in /patches.
Just so I understand this properly... Does that mean the full process would be:
Code:
# slackpkg update
# slackpkg install patches
# slackpkg upgrade-all
The man page recommends running the update step first to get the latest package lists.
 
Old 12-19-2007, 05:27 AM   #8
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,846

Original Poster
Rep: Reputation: 128Reputation: 128
Quote:
Originally Posted by allend View Post
Once you have setup your /etc/slackpkg/mirrors and /etc/slackpkg/blacklist files then (as root):
#slackpkg update
#slackpkg upgrade-all
I've had a look at slackpkg, and I uncommented the lines in /etc/slackpkg/blacklist for kernel-ide, kernel-modules, kernel-source, kernel-headers, aaa_elflibs and /extra/udev-alternate-versions - is there anything else I need to blacklist? I don't run any proprietary video drivers and most software I've compiled from slackbuilds.

In the mean time, I'll download the patches and upgradepkg them.
 
Old 12-19-2007, 08:04 AM   #9
rworkman
Slackware Contributor
 
Registered: Oct 2004
Location: Tuscaloosa, Alabama (USA)
Distribution: Slackware
Posts: 1,904

Rep: Reputation: Disabled
Quote:
Originally Posted by gilead View Post
Just so I understand this properly... Does that mean the full process would be:
Code:
# slackpkg update
# slackpkg install patches
# slackpkg upgrade-all
The man page recommends running the update step first to get the latest package lists.
Yes, that's correct.
 
Old 12-19-2007, 08:15 AM   #10
rworkman
Slackware Contributor
 
Registered: Oct 2004
Location: Tuscaloosa, Alabama (USA)
Distribution: Slackware
Posts: 1,904

Rep: Reputation: Disabled
Quote:
Originally Posted by pwc101 View Post
I've had a look at slackpkg, and I uncommented the lines in /etc/slackpkg/blacklist for kernel-ide, kernel-modules, kernel-source, kernel-headers, aaa_elflibs and /extra/udev-alternate-versions - is there anything else I need to blacklist? I don't run any proprietary video drivers and most software I've compiled from slackbuilds.

In the mean time, I'll download the patches and upgradepkg them.
If you've upgraded any of the stock Slackware packages with new versions *not* in /patches, then you'll need to blacklist those packages. Slackpkg's goal is to sync your installed packages with those in the official tree, so it will "upgrade" those custom packages to the versions in the official tree.
 
Old 12-19-2007, 02:04 PM   #11
simcox1
Member
 
Registered: Mar 2005
Location: UK
Distribution: Slackware
Posts: 794
Blog Entries: 2

Rep: Reputation: 30
Quote:
Is it a simple case of downloading the /patches/packages packages, and then upgradepkg'ing the lot?
Surely this is the easiest method? Instead of using slackpkg etc, just create a directory called patches, and subscribe to the slackware security mailing list. Whenever there's an update, go to a mirror and download it. Easy.
 
Old 12-19-2007, 04:03 PM   #12
adriv
Member
 
Registered: Nov 2005
Location: Diessen, The Netherlands
Distribution: Slackware 14.1
Posts: 658

Rep: Reputation: 38
My favorite: Kslackcheck.
 
Old 12-19-2007, 04:25 PM   #13
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,846

Original Poster
Rep: Reputation: 128Reputation: 128
I received a message from a user here at LQ (pyllyukko) who's written a fairly impressive script, available here: http://null.maimed.org/~pyllyukko/files/swsp.sh

I've not used it yet, but it seems to do a *lot* of stuff with verifying GPG signatures, md5sums and generally automating the process of fetching the security patches.

I haven't tested it, as I'm just going to go down the init 3 and updatepkg route, but thought someone might need it if they ever stumble across this thread in the future...
 
Old 12-19-2007, 05:20 PM   #14
pwc101
Senior Member
 
Registered: Oct 2005
Location: UK
Distribution: Slackware
Posts: 1,846

Original Poster
Rep: Reputation: 128Reputation: 128
I did the update (init 1 followed by upgradepkg *.tgz), and all seems to be working well

Phew!
 
Old 12-20-2007, 01:36 PM   #15
adriv
Member
 
Registered: Nov 2005
Location: Diessen, The Netherlands
Distribution: Slackware 14.1
Posts: 658

Rep: Reputation: 38
Quote:
Originally Posted by pwc101 View Post
I've not used it yet, but it seems to do a *lot* of stuff with verifying GPG signatures, md5sums and generally automating the process of fetching the security patches.
Which is exactly what Kslackcheck does for you automagically.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Slackware security updates !!! JKoder Linux - Security 1 06-09-2006 07:31 AM
Slackware security updates - for how long? Nobber Slackware 12 04-03-2006 11:54 AM
Wine, Security patched kernel. xconspirisist Linux - Software 8 02-17-2004 05:13 PM
best practices: keeping system patched phildog Fedora 3 01-28-2004 05:10 PM
Slackware Security Update: unzip vulnerability patched phoeniXflame Slackware 5 08-26-2003 12:52 PM


All times are GMT -5. The time now is 05:21 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration