SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I would like to know if there is a way to make sure the package I am upgrading to have the latest security patches.
Should I download the 13.1 packages and then replace them with packages from security advisories where they exist? Or will they already be up to date in the tree?
Also, is there a simple way to download the newer versions of packages only for the packages I have installed?
Disclaimer: I have searched but could not find a simple answer for my first query.
I would have to say pretty much install the latest updates that drop. As far as verifying, you could verify against the slackware repositories and/or from the authors of the programs themselves.
That is written assuming a full install, while I have quite a minimal install.
I only want to upgrade the packages I have installed, and wonder how to do that.
While upgradepjg */*.txz, it seems it would make sense in my case as long as I do the glibc and other core stuff first.
The second part of my question is asking if I can avoid downloading the out of date versions that ship with 13.1 and have vulnerabilities as well as downloading the packages, and just download the updated version straight away.
For example, sudo-1.7.2p6-i486-1.txz ships with 13.1 but has a security problem and sudo-1.7.4p6-i486-1.txz has been released to fix it.
I would prefer to avoid downloading both, but is there any easy way to do that?
That is written assuming a full install, while I have quite a minimal install.
I only want to upgrade the packages I have installed, and wonder how to do that.
While upgradepjg */*.txz, it seems it would make sense in my case as long as I do the glibc and other core stuff first.
The second part of my question is asking if I can avoid downloading the out of date versions that ship with 13.1 and have vulnerabilities as well as downloading the packages, and just download the updated version straight away.
For example, sudo-1.7.2p6-i486-1.txz ships with 13.1 but has a security problem and sudo-1.7.4p6-i486-1.txz has been released to fix it.
I would prefer to avoid downloading both, but is there any easy way to do that?
You didn't specify in your original post that you checked upgrade.txt
As far as upgrading the packages installed, I am trying to relate how I do it in fedora; normally, I run a yum update and it takes care of that. I was thinking maybe you can do the same in slackware? I never worked with it, therefore I thought I would give you ideas on how to do it.
I think you may be able to accomplish this with slackpkg if you forgo the install-new part (and then just see if there are any new packages that you might legitimately need) -- you just have to change the mirror to 13.1. However you should still follow UPGRADE.TXT roughly even with slackpkg (and be sure to upgrade slackpkg *first* or you will get gpg/md5 errors). Otherwise you could script something to grab packages that you already have, but that's a bit of work.
Beware the libata switchover! As mentioned in UPGRADE.TXT, there are detailed instructions in CHANGES_AND_HINTS.TXT.
Personally, I prefer to change steps 3,4,5 and 6 in UPGRADE.TXT to:
Edit /etc/slackpkg/mirrors to point to a 13.1 mirror.
Edit /etc/slackpkg/blacklist to blacklist kernel versions I do not use.
'slackpkg download slackpkg'
'upgradepkg /var/cache/packages/slackware/ap/slackpkg-2.81.1-noarch-1.tgz'
(If you replace the old slackpkg and blacklist files with the new versions then:
Edit /etc/slackpkg/mirrors to point to a 13.1 mirror.
Edit /etc/slackpkg/blacklist to blacklist kernel versions you do not use.)
'slackpkg update'
'slackpkg install-new'
'slackpkg upgrade-all' (After this you can start to deal with the new config files; slackpkg really helps here. 'slackpkg new-config' will give you have another chance to go through the list and process the new config files)
'slackpkg clean-system'
If you use slackpkg, then security fixes in /patches should be included.
It is also worthwhile to do 'cd /etc; find . -name "*.new" -print'. There are sometimes some new config files that slackpkg ignores e.g. /etc/passwd.new
Yep slackpkg is now official. It's a very easy way to upgrade security patches. Get on the slackware security mailing list and you will be emailed whenever there are updates.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.