On Thursday, February 12, 2026 12:33:31 AM CET Rob Gerber wrote: > Elias, > > If anyone from the project is reading this, I do think it is important > that we address this issue soon. Because of the outdated SHA1 signature, > it is essentially impossible to install bacula in more modern operating > systems without overriding or weakening security policies. > > I do not speak for the bacula CE project, but I can say that I have ran > into this issue with Rocky Linux 9 and Alma Linux 9. This was brought up > with the project at that time at least a year ago, and so far no action. > The only solutions that I was aware of were: > > 1. Globally allow SHA1 for package signing (not great). > 2. Disable signature checking altogether for the bacula CE repo only. (not > sure if this is better or worse than globally allowing SHA1 for package > signing). > > At least, option 2 is more granular. Once you install bacula, you're > unlikely to need to do signature verification again, and the official > installation method locks you to a certain version at the repo level. > > I think the latest version of Debian may have bacula 15.x packages in the > official repos, but I haven't personally confirmed this. I do think that
I can confirm that Debian 13 has bacula 15.0.3. > there were a few confusing configuration changes made, to make bacula > default to a 'safe' local only configuration. I would not normally advise > the use of distribution repos to install bacula, but if the signature > situation is unacceptable to you or your organization, that may be the > only option besides making your own repo. I disagree on the matter of distribution repos to install bacula. For example, Debian packages are quite alright and I found no surprises there. On the other hand, official Bacula packages (I tested RHEL/Rocky 9) store their files in /opt/bacula. It's not big deal but still. Anyway, I found no good reason o avoid distribution provided Bacula packages. For years, I used to build my own packages. Regards, -- Josip Deanovic _______________________________________________ Bacula-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-users
