Sorry if this is the wrong channel can t find a more specifi

Question

Sorry if this is the wrong channel can t find a more specific one that looks appropriate Is it just me or is the Yum repo for osquery broken Following the instructions on the website from a fresh VM I get the snippet that I m including in the thread

Michael Barrientos · Answer

```$ curl L | sudo tee etc pki rpm gpg RPM GPG KEY osquery snip $ sudo yum config manager add repo Loaded plugins extras suggestions langpacks priorities update motd adding repo from grabbing file to etc yum repos d osquery s3 rpm repo repo saved to etc yum repos d osquery s3 rpm repo $ sudo yum config manager enable osquery s3 rpm Loaded plugins extras suggestions langpacks priorities update motd $ sudo yum install osquery Loaded plugins extras suggestions langpacks priorities update motd Errno 14 HTTPS Error 403 Forbidden Trying other mirror snip failure repodata repomd xml from osquery s3 rpm repo Errno 256 No more mirrors to try Errno 14 HTTPS Error 403 Forbidden```

theopolis · Answer

Ah let me fix this

theopolis · Answer

It looks like I messed up permission on bucket objects It will take me a few hours to fix since I have a few things to do before I can jump onto a laptop this morning

theopolis · Answer

I just corrected the permissions can you try again

ryanw · Answer

I am following this issue regarding rpm packages <https github com osquery osquery issues 6653> We are seeing this yum error ``` Error requested datatype primary not available ```

ryanw · Answer

Full log output ``` Begin output of yum q y makecache disablerepo= enablerepo=osquery STDOUT STDERR Error requested datatype primary not available End output of yum q y makecache disablerepo= enablerepo=osquery Ran yum q y makecache disablerepo= enablerepo=osquery returned 1```

ryanw · Answer

a little bit more information on the error ``` lt xml version= 1 0 encoding= UTF 8 gt n lt Error gt lt Code gt PermanentRedirect lt Code gt lt Message gt The bucket you are attempting to access must be addressed using the specified endpoint Please send all future requests to this endpoint lt Message gt lt Endpoint gt lt Endpoint gt lt Bucket gt osquery packages lt Bucket gt lt RequestId gt 8280D830C4E0E8E6 lt RequestId gt lt HostId gt JRa9l1M9 PlK UZNt1Zq+Mnw2X63P+pNYEbaPH9QJQeAdlZr7uzXLXP7QfcDYnGJAgV9z7AdKQ= lt HostId gt lt Error gt ``` Our yum config ``` osquery name=Yum Repository baseurl= enabled=1 fastestmirror enabled=0 gpgcheck=1 gpgkey=```

ryanw · Answer

Found that `` works Looks like this will need to be updated

theopolis · Answer

I will move the bucket back to us east 1 in a few hours I moved it to another account that has all infra on east 2

theopolis · Answer

But I ll see if I can update that repo file

theopolis · Answer

If I update that repo file then it fixes it for new installs right But not for those with the yum repo already added

ryanw · Answer

I believe so it appears the migration worked and is working now

theopolis · Answer

Yeap I think the correct thing to do was to move the bucket back to us east 1

Michael Barrientos · Answer

My teammate is having the following problem now ```+ sh c apt get update qq gt dev null E Failed to fetch 301 Moved Permanently IP 52 219 100 196 443 E The repository deb InRelease is no longer signed ```

Michael Barrientos · Answer

Obviously for a debian based install on the most recent one

theopolis · Answer

I think this is an AWS CloudFront caching bug Let me know if it still occurs after a few retries