Security Avisories and spi

General talk about packaging procedures and packages.
Post Reply
User avatar
Posts: 41
Joined: 31. May 2011, 17:41

Security Avisories and spi

Post by Bart » 14. Dec 2016, 21:40

Is it safe to keep updated Salix with spi -u / spi -U? I ask this because it just come out a security fix related to the kernel that with these operations is not downloaded. The concern that I have is to lose any more security fixes.
What is the best way to keep updated Salix?

Posts: 331
Joined: 20. Jun 2016, 20:15

Re: Security Avisories and spi

Post by DidierSpaier » 14. Dec 2016, 22:28

By default kernel installations and upgrades are blacklisted in /etc/slapt-get/slapt-getrc because lilo or eliloconfig (depending if your firmware is BIOS/Legacy or EFI) should run after the kernel upgrade but before rebooting, otherwise the machine won't boot anymore.

But in slapt-get (not in spi) there is an option to bypass the blacklist:

Code: Select all

slapt-get --ignore-excludes --upgrade
Don't forget to run lilo or eliloconfig after that!

User avatar
Salix Warrior
Posts: 3135
Joined: 25. May 2010, 17:02

Re: Security Avisories and spi

Post by mimosa » 17. Dec 2016, 08:32

It may also be worth looking in the wiki about kernel upgrades, and similar. Depending on your situation, you may wish to approach it differently.

Also doing it that way would upgrade everything excluded, not just kernel-related packages, and that may not be what you want to do; in fact, it is probably a bad idea.

There are probably also instructions about this in the forum, if you search.

Post Reply