Closed Przemasso closed 9 months ago
Hi @Przemasso! We are experiencing problems with the repos and we are trying to solve it. I'll ping you once we find a solution 👍
We resolved the issue! Could you please check if is it all good? @Przemasso
@therealbobo thanks for swift response! Unfortunately all attempts ends with 403 (via browser, curl, yum). I've cleaned yum cache as well but didn't helped as well.
I checked and I can reproduce the issue on browser and curl but yum works fine on my side. @Przemasso
Hi @therealbobo - I've finally managed to get rid of 403 but had to change 2 things in repo config:
baseurl from:
baseurl=http://download.draios.com/stable/rpm/$basearch
to:
baseurl=https://download.sysdig.com/stable/rpm/$basearch
and gpg key from:
gpgkey=https://s3.amazonaws.com/download.draios.com/DRAIOS-GPG-KEY.public
to:
gpgkey=https://download.sysdig.com/DRAIOS-GPG-KEY.public
are those two something which have changed recently?
The gpg is there from a long time and I think https
as well. 🤔
Hey guys, after I fixed the 403 error above I got "GPG check FAILED" error. If I'm using '--nogpgcheck' parameter I get another error
package sysdig-0.32.0-1.aarch64 does not verify: Header V4 RSA/SHA1 Signature, key ID ec51e8c4: BAD
I'm using Rocky Linux 9 on arm. Have any of you faced this error?
Hi @AndriyKhymera! Are you using sysdig from the rocky linux 9 repository?
@therealbobo, I'm using the following repo:
[draios]
name=draios
baseurl=https://download.sysdig.com/stable/rpm/$basearch
enabled=False
gpgcheck=True
gpgkey=https://download.sysdig.com/DRAIOS-GPG-KEY.public
Installing with:
dnf -d 10 -e 10 -y --enablerepo=draios install sysdig
kernel-devel
kernel-devel aarch64 5.14.0-284.18.1.el9_2 appstream
Uhm, I getting this error:
warning: Signature not supported. Hash algorithm SHA1 not available.
warning: Signature not supported. Hash algorithm SHA1 not available.
And this is probably related to this https://www.redhat.com/en/blog/rhel-security-sha-1-package-signatures-distrusted-rhel-9 . Are you getting the same error? @AndriyKhymera
hey, @therealbobo yeah, that's exactly the problem I have. Using this solved my problem with the installation
update-crypto-policies --set DEFAULT:SHA1
I guess '--nogpgcheck' doesn't work as I expected it to work. Thanks a lot for providing this article
Yes, packages should be signed with SHA256 now because in Linux 9 SHA1 has been deprecated.
https://access.redhat.com/articles/6846411
use this after installation to remove sha1
sudo update-crypto-policies --set DEFAULT:NO-SHA1
Hey @coinnect-project! I totally forgot to ping you! We solved this issue on 0.34.1
😄
Hi, I'm getting 403 error when reaching repo:
http://download.draios.com/stable/rpm/x86_64/repodata/repomd.xml: [Errno 14] HTTP Error 403 - Forbidden
if checking via browser, 403 is returned as well:
403 Forbidden Code: AccessDenied Message: Access Denied
curl from vm returns 403 as well. Any ideas what may be causing it?