Installing software and keeping your installation up-to-date with security patches




Some general questions:

1. Is there a general model across all distros as to how software should be installed and the installation kept up-to-date ?
ie. I am expecting there to be a GUI-based or CLI command to check for security patches for the kernel or updates for all my installed software, that I can invoke each time I boot up. Is this the case ?

2. Is there generally one generic 'Linux' version of any given software that should run on any distro or will you need a specific version for your distro ? If there are different versions, how different are they and how specifically do these differences arise (if all distros are using the same kernel). If there are differences should one still be able, by recompiling, to generate a new version suitable for your specific distro or would this be very complicated ?




Although they're labelled 1 and 2 I see about 7 questions there :) I'd recommend doing some research about Linux distributions:

In a nutshell, the majority of distributions of GNU/Linux run on versions of the same Linux kernel see Most major distributions are also built around a package manager, which manages updates installing and uninstalling software. Different package managers have separate "libraries" called repositories that host these software packages, so not every package is available on every manager, but most popular applications are available in most managers.

The other option is to build a program from source. This is more manual and generally will require manual upgrades and manual dependency resolution so I wouldn't recommend if you're a newbie unless absolutely necessary. Since this builds from source code its usually:
a.) only available for open source software
b.) will work with any architecture since you're locally compiling


Although they're labelled 1 and 2 I see about 7 questions there :)

Many questions but really I'm only concerned with one thing: security. It has been many years since I have used Linux but my recollection was that there was a standard command which could be issued to check for updates/security patches for all the installed software (Yast in SUSE I think I used), so I would invoke this every time I booted up to ensure I had all the latest security patches. In looking for a distro to use today I have found an interesting advancement which wasn't popular years ago: bootable USB installs with persistence. It seems this could offer many of the benefits of the cloud without having to actually rely on a cloud provider. So far I have tried installing Puppy and Porteus but what I find surprising is that neither seem to have a package manager that has a function to check for updates. ie. they both have managers to find and install individual packages but not a function for checking for updates to ALL software and I am trying to understand why this is the case. How do people not see this as a huge security risk ? On the Porteus forum it was suggested that I could watch the Slackware changeLog and install new updates manually as they became available but again, I am amazed that an automated tool to do this does not already exist. So, after all that rambling I guess my question boils down to:

Is it not considered best practice to update your system as updates become available and is there any Live distro with persistence that supports this ?
$100 Digital Ocean Credit
Get a free VM to test out Linux! Hosting Donations
Consider making a donation

Members online