= Proposed Self Contained Change: Replace Bacula with Bareos =
Change Owner(s): Simone Caronni <negativo17 at gmail.com>
The powerful Bacula network backup solution has switched from being Open
Source friendly to being almost closed source. Originally the project was
conceived totally as Open Source, but since the creation of Bacula Systems and
its proprietary Bacula Enterprise Edition product, the Open Source (now called
"Community Edition") has received less and less updates and is mostly
== Detailed description ==
The most important points that are left "abandoned" are the following:
* Installation scripts and updates to makefiles are not updated anymore.
* New plugins and functionalities are not added anymore, except those in the
* Gaphical (and buggy) console has not received any update in almost two
* Patches and bugs opened in the bug tracker are mostly left abandoned. Even
trivial fixes are not imported in the source.
* Windows binaries are no longer provided, nor the source for the clients has
been updated. Even if compiled with difficulties, there is no support for recent
A former Bacula developer, frustrated by the situation created the fork Bareos
a long time ago from Bacula 5.2.x (the current Fedora and RHEL 7 version).
This version has now received '''a lot of bugfixes''' compared to the original
Bacula source. This makes compilation and installation a lot easier than it
was with Bacula.
On top of this, a '''lot of new features''' have been added; some unique to
Bareos but many available only in the closed source Bacula Enterprise.
Here is the list of new features compared to the current Bacula 5.2.13:
Some highlights include NDMP support for enterprise class storage (NetApp,
etc.), support for enterprise class tape libraries and Windows support
(including Windows Server 2012) with Bareos generated binaries.
For further details on why a Bacula fork was created please look at the
Bareos can also be '''fully compatible with Bacula''' by setting a specific
configuration directive in the Daemon configuration files; thus providing the
option for RHEL 6/7 users to interoperate with Fedora systems.
== Scope ==
To accomplish the goal, the following Bacula packages need to be replaced with
Currently, the same Fedora packages can be rebuilt as they are, to work also
on CentOS/RHEL 5 and 6, upgrading the EPEL or official Bacula packages in the
distributions. This is to have a consistent backup infrastructure across all
the Fedora/CentOS/RHEL ecosystem.
To ease installation, a repository for installing those packages on a
CentOS/RHEL system do exist:
The idea is the same for Bareos: import into Fedora 21 packages that can be
rebuilt for all supported Fedora/RHEL/CentOS releases and provide a repository
that can upgrade any Bacula release currently installed in the system with the
new one. In detail; the upgrade scenarios supported when going from Bacula to
Bareos would be:
From Bacula 2.4:
* RHEL/CentOS 5 with EPEL repository
From Bacula 5.0:
* RHEL/CentOS 6
From Bacula 5.2.13:
* Fedora 18+
* RHEL/CentOS 5
* RHEL/CentOS 6
As written before, the change is impacting only Fedora 21, the list of
upgrades supported are only for users who want a consistent backup solution
across the enterprise.
=== External activities ===
Proposal owners: I'm the current Bacula mantainer in Fedora and will complete
the transition in time for the release.
Other developers: N/A (not a System Wide Change)
Release engineering: the release engineering team should make sure the new
Bareos packages are in place instead of the current Bacula packages for the
Policies and guidelines: N/A (not a System Wide Change)
devel-announce mailing list
So a friend of mine has been wrangling with suexec trying to configure it
for his needs, and he has become quite furious over the fact that suexec
Then he finds out that Debian actually has a version of suexec that lets
you use a conf file to configure suexec. My question is, why the heck isn't
this in Fedora? How is it that Debian can offer both versions, but
I'm honestly surprised that Fedora doesn't offer this little piece of
flexibility. I would think that this would be in Fedora and RHEL, because
of how useful this would be. So what's going on here?
真実はいつも一つ！/ Always, there's only one truth!
Since the modular X repackaging in FC5, we have limited X server updates
such that the ABI does not change. F20 shipped with xserver 1.14.4, for
example, so we might update it to 1.14.7 but not to 1.15.0. With the
reduced driver set in F21 it's now much more reasonable to push updates
to older releases as well.
With that in mind, I ask for feedback on how we'd actually like that to
work. The kernel rebase policy seems like a pretty reasonable model:
F21 would stay on 1.16.x until there's an upstream 1.17.1 release, and
(if F20 were to be affected by this policy) F20 would wait until 1.17.1
had been tested in F21.
One thing we might have to play by ear is the interaction with binary
drivers. The nvidia legacy driver, for instance, does not always have
builds available for arbitrarily new servers, which means updating the X
server might change you to an nvidia driver that no longer supports your
hardware. Depending on how severe that cutoff is, it might be cause to
pin a particular Fedora release at a given server version. I don't
think this is presently a problem, but it could be in the future.
This would also want some coordination with the various desktop
environments; the version of KDE in F21 might have latent bugs only
exposed by switching to F22's X, for example. I have a reasonable idea
of how to test Gnome for that kind of thing, but for the others I'd need
So what do we think? Good idea? Bad idea? Other things to watch for?
Hi, I know how to manually configure the zram, but what's the best way
to do it?
I've seen the unit zram.service of anaconda-core, and it gets activated
when booting with inst.zram=on, but it looks like very anaconda-centric.
Should something like  be packaged and included in the distro? or
maybe we should spin off the anaconda zram.service and do it more
I think this is a very interesting feature for memory constrained VMs
and other devices.
apitrace 5.0 bundles libbacktrace, which looks like is living within the
gcc sources. libbacktrace is not build as a shared library from the gcc
sources, and not packaged.
Is it feasible to build libbacktrace as a shared library and ship it in
a corresponding package? Or should I rather go for a bundling exception
On Wed, Nov 26, 2014 at 03:13:59PM +1000, Noriko Mizumoto wrote:
> Hi Fedora developers
> Having the consensus with FESCo , we FLP (aka translation team) have
> started the process of migration to new fedora.zanata.org instance from
> Transifex . First all translators started to migrate in November 2014
> (still going on).
> Now it is time to migrate all projects. This is expected to start after
> F21 GA. For the owners of the projects, there are two options to choose
> for the migration below.
> One: Delegate us to implement migration
> If this option is chosen, partially automated migration will be
> performed by Zanata team. Once it completes, then the owner visits new
> place and confirms everything intact (Some manual adjustment may be
> Two: Manual migration
> If this option is chosen, the owner performs all the migration process
> by his/her self. Please advise the estimated completion date.
> I have attached the list of all the target projects below. If any
> package is missing and it should be added into the list, please let me know.
> Could all Fedora developers please go through the list and advise which
> option is preferred for your project, so that we will be able to
> schedule them? For option One, we need to know current
> maintainer's/owner's contact.
> Package Name Group
> Anaconda main
> Blivet main
> Firstboot main
> initial-setup main
> pykickstart main
> python-meh main
> system-config-kickstart main
These are all installer team projects. What are we required to do with the
move to Zanata?
David Cantrell <dcantrell(a)redhat.com>
Manager, Installer Engineering Team
Red Hat, Inc. | Westford, MA | EST5EDT
Sshd(8) daemon by default allows remote users to login as root.
1. Is that really necessary?
2. Lot of users use their systems as root, without even creating a non-root user.
Such practices need to be discouraged, not allowing remote root login could be
useful in that.
Does it make sense to disable remote root login by default? If so, do we need to just report it to the maintainer or it would be treated as a feature?
Today it happened a handful of times that my local rpm repository got
wiped out (except for the repodata folder), and owner/group changed to
root/root (including the repodata folder). After playing around a bit, I
noticed that a
$ pkcon refresh
will consistently wipe out my local repository . Putting an audit
watch on an rpm on the repo will actually confirm that PackageKit
removed the file, see below . However, the odd thing is that
PackageKit was last updated Nov 18 on my system, and also downgrading to
PackageKit-1.0.1-1.fc22 from Oct 21 does not help, so I'm wondering
whether it is really PackageKit who is responsible. Updates of yesterday
and today do not really seem to be of any relevance.
Anyone else seeing this? Any ideas how to debug this?
 If it matters, repo file is
$ cat /etc/yum.repos.d/local.repo
name=Local - Source
 $ sudo ausearch -f
type=CONFIG_CHANGE msg=audit(30.11.2014 01:15:48.332:497) : auid=unset
ses=unset op="updated rules"
key=repo list=exit res=yes
type=PROCTITLE msg=audit(30.11.2014 01:15:48.332:498) :
type=PATH msg=audit(30.11.2014 01:15:48.332:498) : item=1
inode=5505054 dev=08:03 mode=file,664 ouid=sandro ogid=sandro rdev=00:00
type=PATH msg=audit(30.11.2014 01:15:48.332:498) : item=0
name=/home/sandro/rpmbuild/repo/ inode=5513217 dev=08:03 mode=dir,775
ouid=sandro ogid=sandro rdev=00:00
type=CWD msg=audit(30.11.2014 01:15:48.332:498) : cwd=/
type=SYSCALL msg=audit(30.11.2014 01:15:48.332:498) : arch=x86_64
syscall=unlink success=yes exit=0 a0=0x7fd7401f88e0 a1=0xffffffff
a2=0x7fd7401f8801 a3=0x7fd763e53970 items=2 ppid=1 pid=1902 auid=unset
uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root
fsgid=root tty=(none) ses=unset comm=PK-Backend
exe=/usr/libexec/packagekitd (deleted) subj=system_u:system_r:rpm_t:s0