Running a production 12.2 Slack server and wanting to make sure I have all the latest security patches applied to it. Started playing with Slackpkg a bit but I'm really not sure want I am wanting to do other than "upgrade".

I chose the 12.2 mirror I wanted to use by editing out that particular file. I then ran "slackpkg update". After that was complete, I am lost from here.

I understand that I can pick and choose what individual files need updating. But what about a system wide entire update. Is it safe to run the "slackpkg upgrade-all" command in production environment??

I guess, I just don't really know WHAT I need updated. I would assume that if those patches are in the /patch directory, than they must be in there for a reason and I should be using them.

Any help?

upgrade-all will only look for updates to packages that are currently installed, which on stable releases such as 12.2 should only be the stuff in patches. So yes it should be perfectly safe.

But you could just as easily use

Do be careful to take care of any "*.new" files. Slackpkg will notice these and prompt you on what action to take.

As with any production machine I'd expect you do have backups and it's a good idea to keep a copy of the currently installed package just in case something breaks.

With the stable release (12.2) as stated "upgrade-all" never caused me any problem. Now if you were asking about doing it in -current that micht be a different story

Thanks for the answers guys. I played around with the "slackpkg upgrade patches" on my laptop, but I'm a littler nervous about doing it on my server.

I don't use any "pre-built" packages for the core of my server. PHP, Apache, Postfix, Dovecot, & Pure-FTP were compiled and installed by me. Mysql was installed as a binary.

I guess since this is the "core" of my server, the "slackpkg upgrade patches" shouldn't really bother anything too much other than to update my current .tgz package set. Just don't want to break anything.

Then just manually upgrade the packages you want !

Add yourself to the Slackware security mailing list, so you will stay tuned about updates.
If you look at the changelogs, you will notice there's no TONS of updates, so updating your server will be quick, especially if you rsync the patches directory directly on the server.
http://www.slackware.at/data/slackwa.../ChangeLog.txt

For example, you can write a cronjob which upgradepkg * in a directory XYZ every hour. Then you just have to copy selected packages from the rsync downloads to this directory XYZ. Of course, some of them will require a service restart, but anyway...

When you say manually upgrade them, are you still talking about Slackpkg or for me to download them by hand and intall them?

Doing a "slackpkg upgrade patches" gives a nice menu that I can select what I want to upgrade. This is, in fact, the same thing as doing it "manually", correct? There is just no cronjob doing the work...

Either you can manually download them and then run:
Or as stated above, use rsync and cronjob.

No it will just upgrade the ones you select this one time. There is no cronjob or any automated system (unless you add one).

If you have self-compiled packages that you don't want slackpkg to even list, let alone upgrade, add them to /etc/slackpkg/blacklist and you won't be bothered by them in the list.

Thanks guys for the help. I think I got her figured out now. I'm going to go ahead and subscribe to the security mailing list as well.