Alex_Chang 2021-3-21 22:36
解決AWS EC2 上RHEL7 使用 yum 出現 [Errno 14] HTTPS Error 403 - Forbidden
在2017年在AWS EC2上開的一台RHRL7的主機,因為最近要用yum安裝一些套件時,忽然發現會出錯,錯誤如下 [Errno 14] HTTPS Error 403 - Forbidden:<br><br>[quote]<br>Loaded plugins: amazon-id, rhui-lb, search-disabled-repos<br>epel/x86_64/metalink | 6.9 kB 00:00:00 <br>mariadb | 2.9 kB 00:00:00 <br>rhui-REGION-client-config-server-7 | 2.1 kB 00:00:00 <br>https://rhui3.ap-northeast-1.aws.ce.redhat.com/pulp/repos/content/dist/rhel/rhui/server/7/7Server/x86_64/extras/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden<br>Trying other mirror.<br>To address this issue please refer to the below knowledge base article<br><br>https://access.redhat.com/solutions/69319<br><br>If above article doesn't help to resolve this issue please open a ticket with Red Hat Support.<br><br>https://rhui3.ap-northeast-1.aws.ce.redhat.com/pulp/repos/content/dist/rhel/rhui/server/7/7Server/x86_64/optional/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden<br>Trying other mirror.<br>https://rhui3.ap-northeast-1.aws.ce.redhat.com/pulp/repos/content/dist/rhel/rhui/server/7/7Server/x86_64/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden<br>Trying other mirror.<br>https://rhui3.ap-northeast-1.aws.ce.redhat.com/pulp/repos/content/dist/rhel/rhui/server/7/7Server/x86_64/rh-common/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden<br>Trying other mirror.<br>[/quote]<br><br>才知道自從RedHat採取要收費的政策後, 要使用yum 去更新系統也無法使用了.<br>這個時候除了去註冊外, 另外的選擇就是使用CentOS 的repos 來更新系統.<br><br>步驟如下:<br>(1) 移除原先的更新程式<br># rpm -qa | grep yum | xargs rpm -e --nodeps<br># rpm -qa | grep python-iniparse | xargs rpm -e --nodeps<br><br>(2) 安裝CentOS 更新程式,走Hinet 的Repo<br>[quote]<br># cd /tmp<br># wget http://mirror01.idc.hinet.net/CentOS/7/os/x86_64/Packages/yum-3.4.3-168.el7.centos.noarch.rpm<br># wget http://mirror01.idc.hinet.net/CentOS/7/os/x86_64/Packages/python-iniparse-0.4-9.el7.noarch.rpm<br># wget http://mirror01.idc.hinet.net/CentOS/7/os/x86_64/Packages/yum-metadata-parser-1.1.4-10.el7.x86_64.rpm<br># wget http://mirror01.idc.hinet.net/CentOS/7/os/x86_64/Packages/yum-plugin-fastestmirror-1.1.31-54.el7_8.noarch.rpm<br><br>PS: 注意 yum-3.4.3 跟 yum-plugin-fastestmirror 會更新版號..如果 wget 下載不到..請連到<br>http://mirror01.idc.hinet.net/CentOS/7/os/x86_64/Packages/ 找到最新的套件名稱即可<br>[/quote]<br><br>(3) 安裝相關RPM<br># rpm -Uvh *.rpm<br><br>(4) 舊的repo先備份在建立新的 repo file<br>這裡要注意, 檔名可以任意, 但一定要有 .repo 結尾<br># cd /etc/yum.repos.d<br># mkdir bak<br># mv * bak<br># vi hinet.repo<br><br>內容如下, 這裡我使用 Hinet IDC 的 repo, 在台灣的速度還滿快的, 若有需求請自行更改內容<br>[quote]<br># CentOS-Base.repo<br>#<br># The mirror system uses the connecting IP address of the client and the<br># update status of each mirror to pick mirrors that are updated to and<br># geographically close to the client. You should use this for CentOS updates<br># unless you are manually picking other mirrors.<br>#<br># If the mirrorlist= does not work for you, as a fall back you can try the<br># remarked out baseurl= line instead.<br>#<br>#<br><br>[base]<br>name=CentOS-$releasever – Base<br>baseurl=http://mirror01.idc.hinet.net/CentOS/7/os/$basearch/<br>gpgcheck=1<br>gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7<br><br>#released updates<br>[updates]<br>name=CentOS-$releasever – Updates<br>baseurl=http://mirror01.idc.hinet.net/CentOS/7/updates/$basearch/<br>gpgcheck=1<br>gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7<br><br>#additional packages that may be useful<br>[extras]<br>name=CentOS-$releasever – Extras<br>baseurl=http://mirror01.idc.hinet.net/CentOS/7/extras/$basearch/<br>gpgcheck=1<br>gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7<br><br>#additional packages that extend functionality of existing packages<br>[centosplus]<br>name=CentOS-$releasever – Plus<br>baseurl=http://mirror01.idc.hinet.net/CentOS/7/centosplus/$basearch/<br>gpgcheck=1<br>enabled=0<br>gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7<br><br>#contrib – packages by Centos Users<br>[contrib]<br>name=CentOS-$releasever – Contrib<br>baseurl=http://mirror01.idc.hinet.net/CentOS/7/contrib/$basearch/<br>gpgcheck=1<br>enabled=0<br>gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7<br>[/quote]<br><br>(5) 完成後更新資料<br># yum clean all<br># yum update<br><br><br>意外插曲:<br>在使用yum install的時候,如果碰見這樣的錯誤:Couldn’t open file /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7<br><br>這是因為在你的 /etc/yum.repos.d 目錄下有關於yum repository的配置文件中列有如下的GPG key:<br><br> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7<br><br>這個配置告訴YUM,這個repository的GPG key存在於磁盤上。而當YUM在路徑 /etc/pki/rpm-gpg 下找不到這個GPG key的時候,就會報如上的錯誤了。<br><br>解決方案:<br><br># cd /etc/pki/rpm-gpg<br># wget http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7<br><br>然後再次運行 yum 命令就可以成功了。<br><br><br>參考資料:<br>https://tkunlin.medium.com/%E8%A7%A3%E6%B1%BArhel-7-%E7%84%A1%E6%B3%95%E4%BD%BF%E7%94%A8-rhel-repos-fbf79e2d25f0<br>https://www.bbsmax.com/A/RnJWe3ogdq/