'fat chance': idiom, slang: a very slight chance; small probability.


Ok lads!... Take him out back, and beat the s*** out of him!!! ;)

I left the Debian/Ubuntu ecosystem some years ago, around 2008 I believe. Never looked back.

Anyway, I'm sorry I do not know anything about Ruby versions, however I can't imagine it'd take very long to compile the appropriate version yourself.

As for the multilib environment, this is all you need:-
http://www.slackware.com/~alien/multilib/

Be sure to allocate your disk space appropriately also! The amount of times I have misjudged what I would need for /usr et al. MATLAB was a bugger for that!

Anyway, have fun!

If you use slackpkg+ then installing and maintaining multilib is trivial.
One thing that has not been mentioned here and may or may not speak against using Slackware (dependent on your view on this topic) is that Slackware can at any given time without further notice cease to provide security updates, even for the current stable version. This means it is your responsibility to keep yourself up to date about potential security problems and solve them yourself (apply patches, upgrade to newer versions of a software if necessary, create packages) if not provided with patched packages by the Slackware developer.

Wrong, and here we go again. FUD, isn't it? Of course you can express your opinion, but this is what you call being a "moderator"? Perhaps a "trolling moderator"? Are you going to say again that Slackware is "dead" if it doesn't receive updates for a few weeks? Let's hope that your post won't trigger a flame fest. I guess that the Slackware ChangeLogs speak for themselves, and yes, Slackware users are responsible for their systems, that's a well known fact.

Slackware ChangeLogs:
http://mirrors.slackware.com/slackwa.../ChangeLog.txt
http://mirrors.slackware.com/slackwa.../ChangeLog.txt
http://mirrors.slackware.com/slackwa.../ChangeLog.txt
http://mirrors.slackware.com/slackwa.../ChangeLog.txt

Sounds pretty ominous. Since this is a Slackware forum, could you provide any specific guidance to the OP that might be helpful? Maybe something like this...

My observation over time has been that the Slackware philosophy is to be prudent with updates. It seems to me that PV tries to weigh the seriousness of the flaw rather than updating whenever a flaw has been identified. It's also true that there have been "lulls in activity" before. That generally happens when there's a large update being prepared and the update will be providing the fix. If you view that as a problem, then I would suggest following mancha's excellent thread that's stickied at the top of the page. Then you can make up your own mind about whether to update now or to wait for an official patch.

Any distro can at any given time and without further notice cease to provide updates.

It's called going out of business (Mandrake q. v.).

Given that Slackware is the oldest named Linux distro, dating from 1993 and older than Debian, just to pick a for instance, and still under active development and that all the others are by definition of lesser lineage, I think Pat and the Slackware team have demonstrated their commitment to the project.

I hate to be blasphemous...oh wait a sec.... no I don't..... while I'm fairly active at updates on my main box I have to admit that while running a dedicated Slackware powered Minecraft server up 24/7 for 28 months ( 4 scheduled reboots iirc ) I set it and forgot it. That is to say, I did not apply one single security update in over 2 years. I ran rkhunter once a month and had a well configured firewall... that's it and the sky did not fall. Never a problem not even a hiccup. While better safe than sorry the fact remains that there is so much low-hanging fruit most hackers are not likely to waste their time. Additionally the odds of being caught by a Linux user as opposed to a Windows user are substantially higher, another reason for hackers to skip a Linux box. Predators always target the weak. I'm not saying don't bother. I'm just saying the threat is by no means urgent and compelling. It's mostly "stitch in time" and "peace of mind". Once in a great while eg: Heartbleed and Shellshock demand immediate attention but these become obvious as the community is very diligent and quick to respond to real threats. Anyone logging into LQ even once a week will become immediately aware of any such moderately urgent threats. Toby is fluffing up a straw dog. It's basically a trivial matter-of-course problem with generally a less than 5 minute fix. BFD. IMHO Patrick's actions are far more than enough to remain safe, secure and happy.

To the OP:

1. You can check http://www.slackware.com/security/ which are posted very quickly. Old versions are supported for about 5 years - every release is LTS!
2. Our, BDFL, may he live long and prosper, is supported by quite a kick-ass team. There is a succession plan. As far as I am concerned, our BDFL is immortal.
3. Each release is complete and ready to use. Slackpkg makes security updates easy.
4. http://slackbuilds.org/ has build scripts (simple shell scripts) to create many binary packages. See also sbopkg.
5. Although there is no automatic packages dependency resolution (that's' your job!), there are numerous 3rd party tools available to assist.
6. Slackware installs quickly and easily; x86_64 multilib is simple.
7. Slackware is great for gaming! Native Steam, WINE, dosbox, and many native games (GOG.com, Humble Bundle). There are a few glitches with WINE and some online game launchers, but that is not an issue with Slackware.
8. Slackware64 mulitilib compiles and runs WINE just fine. The multilib packages includes a shell script to set the environment to force 32-bit compiles. I am running Wine-1.7.43
9. There are usually no significant issues if you need to upgrade any of the release packages to newer version. You will have to keep track to make sure pkgtools and slackpkg do not "downgrade" you!

As you've noticed, we all can go on and on and on and ... (ahem)...about the praises of Slackware. I've been slacking for 20+years. I still fire up those other guys in qemu sometimes, but for me its been the Year of the [Slackware] Linux desktop for 15+ years. Everything here except the wifi router (Openwrt) runs Slackware32/64 stable. I test current new compiles in qemu slackware VMs. My main desktop is a monstrous Slackware64-14.1 multilib hybrid with many added and upgraded packages and customizations. Gimp, Blender, nonlinear video, DVD creating, music, web dev...to much to list. I run a apache, NFS, mumble and sometimes game server (minecraft, urban terror, sauerbraten, ...) off of a HP P4 2.66Ghz 2GB box that dates from mid 2000 with Slackware32 14.1:I am not a programmer (well, assembly Z80 and 8080 on CP/M-80 way, way back, with Basic, Fortran, C) or MIS/IT professional. Just a hobbyist watching videos, gaming, etc. I've scrambled my system numerous times. No worries /home is on a separate drive so its never taken more than 30 min to re-install and reconfigure. All packages (stock, SBo, and custom) are on the NFS.

I hope to see you on freenode irc ##slackware, here on LQ, Steam Slackware group, and Google+ Slackware community (sure its a "ghost town" but that's just so nice and peaceful).

Only that on Slackware this happens without going out of business.
That you run your servers in an insecure manner and didn't get hit by problems is nothing more than anecdotal evidence. I also didn't say that it is impossible to implement security fixes by the user, it may or may not be a 5 minute fix for the user.
All I have said is that you sometimes can't rely on the Slackware developer for getting security fixes and that the user has in those times to do that himself, and that it is up to the user to decide if that is a problem for him or not. Nothing more, nothing less.
I know that it is indeed blasphemous for some people to criticize Slackware, but quite frankly, I don't care.

This thread is going out of tracks, furthermore there is no need to beat a dead horse: in post #12 the OP already stated that he has taken a decision.

@mralk3: if you consider that you got the information you need, maybe you could mark this thread as [SOLVED].

You haven't even got an anecdote, Tobi.

You've got this idée fixe that "Slackware can at any given time without further notice cease to provide security updates", but that idea is just mentally broken in so many ways. Security updates are episodic, (like postal deliveries), not continuous (like electricity supply).

Right now, Gentoo's security advisories "ceased" on May 13th. Who knows when, or if, there will be another one? And in fact, there were no Gentoo security advisories at all between 17 April and 13 May. But there's a good reason for that. There was nothing on 18 April that the Gentoo people considered worth mentioning. And there was nothing on 19 April. And there was nothing on 20 April. And there was nothing on 21 April. And there was nothing on 22 April. And... do you get the concept yet, Tobi?

When the postman doesn't bring you any letters, does it mean that the postal service has ceased? No, it doesn't. It just means there are no letters for you today.

You only have a reason to complain about Slackware's security updates if you can name one of the "Tue Apr 21 23:44:00 UTC 2015" batch of updates that caused actual damage to actual Slackware users between the relevant public disclosure of the vulnerability and 23:44:00 UTC on 21 April 2015.

Meanwhile...
003 days since last logo-branded vulnerability.
https://twitter.com/InfosecHype

(I've already used this, but it's an evergreen, who cares) yeaaah boooy! https://www.youtube.com/watch?v=9vQaVIoEjOM

How has Slackware ever stopped providing updates? -Current has been in continuous evolution since it was out. The only reason a version of Slackware gets released is to actually release a set stable version. Any and all distributions are similar. Slackware's true nature lies in -Current. Yes version releases do go out after a while, but any Slacker worth their salt knows -Current, has, is, and always will be up to date.

Plus, learning to do for yourself can even help you get ahead of -Current at times. Nothing wrong with doing for yourself.

You realize that we are talking about security fixes, not version updates?
Wait, just that I get that right: You seriously demand that I get access to all Slackware boxes, check them for security breaches that are caused by known but not fixed security problems to show you that security fixes should be applied ASAP? Wow, just wow.

Just to make that clear, once again: It has been shown in the past that Slackware can at any given time cease to provide security updates, without further notice, not even on the Slackware security mailing list, due to heavy workload of Mr. Volkerding in the -current branch, so that the Slackware users can't rely on those updates and have occasionally take care of security problems themselves. Like it or not, that is exactly how it is. It doesn't matter at all how Gentoo handles that (I have by the way switched most of my non-server machines to the Arch testing branch, where I get updates as soon as they are available), the OP comes from Debian where this is not at all the case, so this is certainly noteworthy for him.

Anyways, as Didier Spaier said, this thread is solved and gets off topic fast, so if you want to discuss this any further please contact my via PM or email.

I believe Tobi is referring to the Feb 26th -> May 5th gap in updates for 14.1 (not current). Whatever the reason for that gap, people were clearly left hanging for over a month. His point is valid, if somewhat overstated and sensational.