0000699: bareos-fd fails to start when server is in FIPS mode

ID	Project	Category	View Status	Date Submitted	Last Update

0000699	bareos-core	file daemon	public	2016-09-22 21:47	2023-03-23 16:25

Reporter	bujvary	Assigned To	bruno-at-bareos
Priority	normal	Severity	major	Reproducibility	always
Status	closed	Resolution	fixed
Platform	Linux	OS	CentOS	OS Version	6
Product Version	15.2.2

Summary	0000699: bareos-fd fails to start when server is in FIPS mode
Description	When CentOS 6 is configured to boot in FIPS mode the Bareos File Daemon fails to start when passwords are configured in the bareos-fd.conf file.
Steps To Reproduce	1. Boot server with FIPS mode enabled. 2. Start the bareos-fd service.
Additional Information	The MD5 hash algorithm is not FIPS compliant. I was able to work around this issue by building Bareos without OpenSSL.
Tags	No tags attached.

Date Modified	Username	Field	Change
2016-09-22 21:47	bujvary	New Issue
2016-09-28 11:03	joergs	Note Added: 0002370
2023-03-23 16:25	bruno-at-bareos	Assigned To	=> bruno-at-bareos
2023-03-23 16:25	bruno-at-bareos	Status	new => closed
2023-03-23 16:25	bruno-at-bareos	Resolution	open => fixed
2023-03-23 16:25	bruno-at-bareos	Note Added: 0004939

joergs 2016-09-28 11:03 developer ~0002370	See https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Federal_Standards_And_Regulations-Federal_Information_Processing_Standard.html about how to enable the FIPS mode (basically fips=1 on kernel command line).

bruno-at-bareos 2023-03-23 16:25 manager ~0004939	See new code and documentation https://docs.bareos.org/TasksAndConcepts/BareosSecurityIssues.html#fips-mode