Menu
so I am trying to setup up a ssh bastion server, but I have problem setting up EPEL in order to install Python3.6.
I am using CentOS Linux release 7.4.1708 (Core)
So I am trying to install EPEL first by using
sudo yum -y install epel-release (I did of course sudo yum -y update before and it worked fine), but it told me Package 'epel-release' not found
Therefore I tried different approach using RedHat Package Manager:
sudo rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
This installs package succesfully and I can see both epel.repo and epel-testing.repo in etc/yum.repos.d (I copy their contains at the end of post)
However, now, whenever I try to do something with yum, whether it is update or install of some package it gives me the following error (for example I used yum -y install Python3.6 or I have also tried installing tsclient or python-pip):
[root@scw-39016b yum.repos.d]# yum install -y Python3.6
Loaded plugins: fastestmirror
base | 3.6 kB 00:00
centos-kernel | 2.9 kB 00:00
epel/armhfp/metalink | 42 kB 00:00
Could not parse metalink https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=armhfp error was
No repomd file
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=<repoid> ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable <repoid>
or
subscription-manager repos --disable=<repoid>
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
File /var/cache/yum/armhfp/7/epel/metalink.xml does not exist
I have tried million ways going around this already and nothing seems to help :(
I reinstalled it like 5 times, I have done sudo yum clean all, I have tried uncommenting baseurl and commenting metalink in repo files and other way too, etc..., but nothing helps :(
Can someone let me know, please, what is causing this error?
I read somewhere that it might do with enabling / disabling certain repositories, but I don't understand how to cope with it..
Many thanks !!!
epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch/debug
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://download.fedoraproject.org/pub/epel/7/SRPMS
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
epel-testing.repo
[epel-testing]
name=Extra Packages for Enterprise Linux 7 - Testing - $basearch
baseurl=http://download.fedoraproject.org/pub/epel/testing/7/$basearch
metalink=https://mirrors.fedoraproject.org/metalink?repo=testing-epel7&arch=$basearch
failovermethod=priority
enabled=0
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-testing-debuginfo]
name=Extra Packages for Enterprise Linux 7 - Testing - $basearch - Debug
baseurl=http://download.fedoraproject.org/pub/epel/testing/7/$basearch/debug
metalink=https://mirrors.fedoraproject.org/metalink?repo=testing-debug-epel7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-testing-source]
name=Extra Packages for Enterprise Linux 7 - Testing - $basearch - Source
baseurl=http://download.fedoraproject.org/pub/epel/testing/7/SRPMS
metalink=https://mirrors.fedoraproject.org/metalink?repo=testing-source-epel7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
667
The problem is, even if we are installing epel via rpm, the path of baseurl configured in epel.repo and epel-testing.repo files are not valid because https://download.fedoraproject.org/ doesn’t exist.
Valid path is : https://dl.fedoraproject.org/pub/
So amend the base url in /etc/yum.repos.d/epel.repo from this : baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
to this :baseurl=http://dl.fedoraproject.org/pub/epel/7/$basearch
148
We have a very similar problem and I've seen several pleas for help with the most common response being "don't use 'https' but that exposes you to MITM attacks". There has to be a better answer.
We just did a fresh install of CentOS Linux release 7.7.1908 (Core) on a server and like the OP whenever we attempt sudo yum install epel-release, we break yum.
Here is the install:
-bash-4.2$ sudo yum install epel-release
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.sonic.net
* extras: mirror.fileplanet.com
* updates: mirror.fileplanet.com
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-11 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================================================================================================================================================================
Package Arch Version Repository Size
===================================================================================================================================================================================================================================
Installing:
epel-release noarch 7-11 extras 15 k
Transaction Summary
===================================================================================================================================================================================================================================
Install 1 Package
Total download size: 15 k
Installed size: 24 k
Is this ok [y/d/N]: y
Downloading packages:
epel-release-7-11.noarch.rpm | 15 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : epel-release-7-11.noarch 1/1
Verifying : epel-release-7-11.noarch 1/1
Installed:
epel-release.noarch 0:7-11
Complete!
Now if we even just try to run yum list it fails:
-bash-4.2$ yum list
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=<repoid> ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable <repoid>
or
subscription-manager repos --disable=<repoid>
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true
Cannot retrieve metalink for repository: epel/x86_64. Please verify its path and try again
And here is /etc/yum.repos.d/epel.repo:
-bash-4.2$ cat epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch/debug
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
#baseurl=http://download.fedoraproject.org/pub/epel/7/SRPMS
metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
So is the problem with the repository we're trying access or the fact that we are trying to access using the "https" protocol? If the former, how do I find the right repository? If the latter, how do we go about diagnosing the underlying problem? This is a pretty fresh install -- all we've really done is installed autos and mounted the home directory, installed rvm and created some users and groups.
FWIW, yum check-update doesn't report anything and yum update curl (with or without "--disablerepo=epel") didn't do anything either.
I've been banging my head against this for a day now and need professional help. ;-/
There is another piece to this puzzle, which is why I suspect the underlying problem has to do with "https". We ran into this problem why trying to install MongoDB using these instructions: https://docs.mongodb.com/v4.0/tutorial/install-mongodb-on-red-hat/#using-rpm-packages-recommended
We created /etc/yum.repos.d/mongodb-org-4.0.repo with the contents:
[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
and then tried to install MongoDB and got a somewhat different error:
-bash-4.2$ sudo vi /etc/yum.repos.d/mongodb-org-4.0.repo
-bash-4.2$ sudo yum install -y mongodb-org
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.keystealth.org
* extras: mirror.fileplanet.com
* updates: mirrors.sonic.net
https://repo.mongodb.org/yum/redhat/7/mongodb-org/4.0/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized."
Trying other mirror.
It was impossible to connect to the CentOS servers.
This could mean a connectivity issue in your environment, such as the requirement to configure a proxy,
or a transparent proxy that tampers with TLS security, or an incorrect system clock.
You can try to solve this issue by using the instructions on https://wiki.centos.org/yum-errors
If above article doesn't help to resolve this issue please use https://bugs.centos.org/.
One of the configured repositories failed (MongoDB Repository),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:
1. Contact the upstream for the repository and get them to fix the problem.
2. Reconfigure the baseurl/etc. for the repository, to point to a working
upstream. This is most often useful if you are using a newer
distribution release than is supported by the repository (and the
packages for the previous distribution release still work).
3. Run the command with the repository temporarily disabled
yum --disablerepo=mongodb-org-4.0 ...
4. Disable the repository permanently, so yum won't use it by default. Yum
will then just ignore the repository until you permanently enable it
again or use --enablerepo for temporary usage:
yum-config-manager --disable mongodb-org-4.0
or
subscription-manager repos --disable=mongodb-org-4.0
5. Configure the failing repository to be skipped, if it is unavailable.
Note that yum will try to contact the repo. when it runs most commands,
so will have to try and fail each time (and thus. yum will be be much
slower). If it is a very temporary problem though, this is often a nice
compromise:
yum-config-manager --save --setopt=mongodb-org-4.0.skip_if_unavailable=true
failure: repodata/repomd.xml from mongodb-org-4.0: [Errno 256] No more mirrors to try.
https://repo.mongodb.org/yum/redhat/7/mongodb-org/4.0/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized.”
However, now if I try this I get the "(Unknown)" error.
It's very confusing.
36
We fixed this by updating curl. I believe yum uses libcurl under the hood, and it seems that older versions of curl cannot negotiate the TLS connection to the epel repo.
yum update curl --disablerepo=epel
You are using armhfp as your arch and there is no repo for it in the epel metalink you are looking at.
If you download the link below, you would get a file named, metalink. You will see that there is no repo that matches repo=epel-7&arch=armhfp. This is the source of your problem.
https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=armhfp
You need to use some other mirror that provides CentOS-7 support for armhfp arch.
e.g., http://mirror.centos.org/altarch/7/os/armhfp/
In order to use it, you need to remove epel-release RPM and install the following:
rpm -ivh http://mirror.centos.org/altarch/7/os/armhfp/Packages/centos-userland-release-7-4.1708.el7.centos.0.1.armv7hl.rpm
Then do a yum install for your package.
4
I had this issue on a VM. I just changed the metalink https access and set it at standard http like this : metalink=http://mirrors.fedoraproject.org....
4
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
