Greetings,

I have Slack 10 running on two machines here, a 'family' network with one
box used only as a server (internet gateway is D-Link router), the other
has effectively replaced Windoze at my workstation. My wife has an XP
laptop, but we are "extremely" happy with the performance of both Linux
computers and the way we are now integrated. We used to have an NT machine
as our file server, but I have worked with Unix for years and decided to
make the plunge into Linux here at home, and will never look back.
Slackware seems like the most "pristine" distribution, but we all got our
favorites, eh?

Anyway, my question is upgrading packages. I regularly check the Slackware
security advisories and upgrade packages that are listed there on both
machines. But when I run slackpkg there are "many" more packages listed
there as upgrades, including libraries, and now the kernel. I am perfectly
happy with my machines, and at my age the phrase "if it works, don't fix
it" is pretty much my motto. Should I be upgrading all the packages that
are listed as upgrades, to insure that future security upgrades work? Or
since this is a private network with the only ports naked to the world
being 80 and 443 (we have Squirrelmail for checking our email away from
the house), maybe I shouldn't even be worrying that much about security
upgrades since we are behind the router/firewall? My Apache, mod_ssl and
PHP setup is compiled from source, as are most all of my addons, games,
etc. and I have no desire to setup iptables on either Linux box.

Thoughts, comments, opinions?

Gary

-----------
The mind is like a barrel, if you leave it open
some jerk will come along and dump garbage in it!




-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 100,000 Newsgroups - 19 Different Servers! =-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In alt.os.linux.slackware, Gary Carlson dared to utter,
> Anyway, my question is upgrading packages. I regularly check the Slackware
> security advisories and upgrade packages that are listed there on both
> machines. But when I run slackpkg there are "many" more packages listed
> there as upgrades, including libraries, and now the kernel.

Don't use slackpkg. The proper way (indeed only supported way) for
upgrading a package is upgradepkg. Just get the new packages from the
security advisories and upgradepkg them.

> I am perfectly
> happy with my machines, and at my age the phrase "if it works, don't fix
> it" is pretty much my motto.

This one is full of Slack.

> Should I be upgrading all the packages that
> are listed as upgrades, to insure that future security upgrades work?

Probably not. slackpkg is likely looking at the -current branch of the
slackware changelog, not the stable branch. The only thing ever really
put in the stable branch are security updates, be they libraries or
otherwise.

- --
It is better to hear the rebuke of the wise,
Than for a man to hear the song of fools.
Ecclesiastes 7:5
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFBUxG9lKR45I6cfKARAo+bAJ4ut1bl3gCxgmDdqGHkyg mAh1/p9gCfeMbw
YrhLOOiCdZXWOPJaKfI5Sqc=
=IJSk
-----END PGP SIGNATURE-----

Gary Carlson wrote:

> Greetings,
>
> I have Slack 10 running on two machines here, a 'family' network with one
> box used only as a server (internet gateway is D-Link router), the other
> has effectively replaced Windoze at my workstation. My wife has an XP
> laptop, but we are "extremely" happy with the performance of both Linux
> computers and the way we are now integrated. We used to have an NT machine
> as our file server, but I have worked with Unix for years and decided to
> make the plunge into Linux here at home, and will never look back.
> Slackware seems like the most "pristine" distribution, but we all got our
> favorites, eh?
>
> Anyway, my question is upgrading packages. I regularly check the Slackware
> security advisories and upgrade packages that are listed there on both
> machines. But when I run slackpkg there are "many" more packages listed
> there as upgrades, including libraries, and now the kernel. I am perfectly
> happy with my machines, and at my age the phrase "if it works, don't fix
> it" is pretty much my motto. Should I be upgrading all the packages that
> are listed as upgrades, to insure that future security upgrades work?

I recommend rsync-ing to a -current mirror (one that stays fairly up to
date), then following the directions in UPGRADE.TXT, which uses upgradepkg
as Alan Hicks said. I've been very happy with Slackware-Current. It's not
for newbies, but you're not a newbie...

> Or
> since this is a private network with the only ports naked to the world
> being 80 and 443 (we have Squirrelmail for checking our email away from
> the house), maybe I shouldn't even be worrying that much about security
> upgrades since we are behind the router/firewall?

My motto is upgrade, whether you think you need it or not. You never know.

> My Apache, mod_ssl and
> PHP setup is compiled from source, as are most all of my addons, games,
> etc. and I have no desire to setup iptables on either Linux box.

Well if you're behind a router/firewall, technically you don't need iptables
on each machine also. Even then, at most I'd only run iptables to block
any ICMP that is fragmented, to drop IGMP, to filter ping, to keep people
from outside the network from trying to log in to your NFS/SAMBA/SSH, etc,
just the traffic you know is definitely not good, wholesome traffic. Other
than that, I view it only as a filter, since I too am behind a
router/firewall (but I use Smoothwall 2.0 Linux).

> Thoughts, comments, opinions?
>
> Gary
>
> -----------
> The mind is like a barrel, if you leave it open
> some jerk will come along and dump garbage in it!
>
>
>
>
> -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> -----== Over 100,000 Newsgroups - 19 Different Servers! =-----

--
BOFH Excuse #64: CPU needs recalibration

Well I had to engage my brain to find the applicable UPGRADE.TXT, but
amazingly managed to find it with very little damage. Thanks to both Neo
and Hicks for your response, help and ideas. I still don't think I want
to mess with iptables but there is bound to be a cold afternoon in my near
future full of time to learn about that!



--


Gary Carlson

--------------------------------------------------

The mind is like a barrel, if you leave it open

some jerk will come along and dump garbage in it!




-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 100,000 Newsgroups - 19 Different Servers! =-----

Gary Carlson wrote:

>Well I had to engage my brain to find the applicable UPGRADE.TXT, but
>amazingly managed to find it with very little damage. Thanks to both Neo
>and Hicks for your response, help and ideas. I still don't think I want
>to mess with iptables but there is bound to be a cold afternoon in my near
>future full of time to learn about that!
>
>
[OT]
Your querry has a very fitting answer which is old like the hills.
Socrates was approached by one of his students, and after a long story
the student asked "To marry or not to marry?"
The answer, which fits your subject, was "Whatever you do, you will be
sorry."
[/OT]

Have fun

Stanislaw
Slack user from Ulladulla.

On Thu, 23 Sep 2004 14:49:14 -0600, NeoSadist wrote:

> I recommend rsync-ing to a -current mirror (one that stays fairly up to
> date), then following the directions in UPGRADE.TXT, which uses upgradepkg
> as Alan Hicks said. I've been very happy with Slackware-Current. It's
> not for newbies, but you're not a newbie...

Thanks for suggesting that I read the directions first. I didn't even
think about it until I read UPGRADE.TXT, but I could really bugger thing
up if I don't upgrade my c libraries first ! You proabaly saved my weekend
Neo :-)


Gary

--


Gary Carlson

--------------------------------------------------

The mind is like a barrel, if you leave it open

some jerk will come along and dump garbage in it!




-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 100,000 Newsgroups - 19 Different Servers! =-----

On Thu, 23 Sep 2004 22:08:31 +0000, Stanislaw Flatto wrote:

<ot>

> Your querry has a very fitting answer which is old like the hills.
> Socrates was approached by one of his students, and after a long story the
> student asked "To marry or not to marry?" The answer, which fits your
> subject, was "Whatever you do, you will be sorry."

My expectations are realistic, my mentor was Murphy (the lawgiver)

> Slack user from Ulladulla.

I bet there's a song that goes with that?

</ot>

Best Regards,

--


Gary Carlson

--------------------------------------------------

The mind is like a barrel, if you leave it open

some jerk will come along and dump garbage in it!




-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 100,000 Newsgroups - 19 Different Servers! =-----

Gary Carlson wrote:

> On Thu, 23 Sep 2004 14:49:14 -0600, NeoSadist wrote:
>
>> I recommend rsync-ing to a -current mirror (one that stays fairly up to
>> date), then following the directions in UPGRADE.TXT, which uses
>> upgradepkg
>> as Alan Hicks said. I've been very happy with Slackware-Current. It's
>> not for newbies, but you're not a newbie...
>
> Thanks for suggesting that I read the directions first. I didn't even
> think about it until I read UPGRADE.TXT, but I could really bugger thing
> up if I don't upgrade my c libraries first ! You proabaly saved my weekend
> Neo :-)
>
> Gary

No problem, bro. Usually I recommend things only because I've learned the
hard way. That's why I guess some people don't know how to take what I
say. It's not that I am saying something else is a bad idea, but more
along the lines of "I've broke my system before, so please don't do that".
Also, forgot to mention, UPGRADE.TXT has you look for *new files, usually
these are in /etc/* area, such as "ls /etc/*/*new". I recommend knowing
what a file is and what it does BEFORE you delete or rename it. I think
once I accidentally deleted /etc/passwd, and after that I couldn't log in
due to me screwing up all my passwords, etc. Just be careful. If you need
any help at all, irc.freenode.net #slackware is a good place to get help,
and also there's a list of support companies at www.slackware.org that can
help you as well.

--
BOFH Excuse #269: Melting hard drives

Gary Carlson wrote:

>
>My expectations are realistic, my mentor was Murphy (the lawgiver)
>
>
>
As I spent quarter of a century testing aerospace systems he was always
sitting in the corner of the lab with a little smile.
Must admit that I never have seen him serious, and VERY few times gave
him good reason to laugh.

Stanislaw.

Gary Carlson wrote:

> Anyway, my question is upgrading packages. I regularly check the Slackware
> security advisories and upgrade packages that are listed there on both
> machines. But when I run slackpkg there are "many" more packages listed
> there as upgrades, including libraries, and now the kernel. I am perfectly
> happy with my machines, and at my age the phrase "if it works, don't fix
> it" is pretty much my motto. Should I be upgrading all the packages that
> are listed as upgrades, to insure that future security upgrades work?

The "many" upgrades available are those from the Slackware-current tree,
which is not necessarily stable (though, it beats the "stable" versions of
some other distros I know of.) The only packages you really *should*
upgrade are the security patches for Slackware-10.0. The rest are optional,
for those that want the latest and greatest versions of everything.

Generally, you should run either Slackware-10, with security patches, OR
Slackware-current (security patches for "-current" are subsumed in the
general package tree.)

Hope that helps,
Jeffrey