[Errno 14] HTTP Error 403: Forbidden Trying other mirror. Error: Cannot open/read repomd.xml file for repository: updates

Hi Everyone,

I'm trying to updated my client machines using yum from a local repository server setup on my network.
My clients are running Red hat ES 5 and Centos 5 and my local repository is running Red hat ES 4.
when using yum on my local repository it updates its self fine. I have configured yum to point to my local repository server on /etc/yum.conf and added the following [updates] and baseurl=http://oak/rhel4es-i386/RPMS.updates on the local repository server. When running the yum update command on this local repository it updates fine.

The problem happens when I try updating from my clients. I have also configured yum on my clients machines to point to the local repository but I get errors when updating them with yum update command.

Error from clients:
Centos Client
[root@dragon ~]# yum update
Loading "installonlyn" plugin
Setting up Update Process
Setting up repositories
http://oak.corporatebank.co.za/centos5-i386/RPMS.updates/repodata/repomd.xml: [Errno 14] HTTP Error 403: Forbidden
Trying other mirror.
Error: Cannot open/read repomd.xml file for repository: updates
[root@dragon ~]#

Redhat client
[ajays@silverfir ~]$ su
[root@silverfir gugu]# clear
[root@silverfir gugu]# yum update
Loading "installonlyn" plugin
Setting up Update Process
Setting up repositories
http://oak.corporatebank.co.za/rhel5es-i386/RPMS.updates/repodata/repomd.xml: [Errno 14] HTTP Error 403: Forbidden
Trying other mirror.
Error: Cannot open/read repomd.xml file for repository: updates

When updating from my local repository it completes fine check exmple below:

 xscreensaver            i386       1:4.18-5.rhel4.14  updates           5.6 M
 xterm                   i386       192-8.el4        updates           168 k
 ypbind                  i386       3:1.17.2-13      updates            33 k
 zsh                     i386       4.2.0-4.EL.4.5   updates           1.6 M
Installing for dependencies:
 audit                   i386       1.0.15-3.el4_6.1  updates           201 k
 keyutils-libs           i386       1.0-2            updates            16 k
 libgssapi               i386       0.8-1            updates            19 k
 libsmi                  i386       0.4.5-2.el4      updates           2.3 M
 nfs-utils-lib           i386       1.0.6-8.z1       updates            49 k
 systemtap-runtime       i386       0.5.14-1         updates            31 k

Transaction Summary
Install     13 Package(s)        
Update     350 Package(s)        
Remove       0 Package(s)        
Total download size: 487 M
Is this ok [y/N]: n
Exiting on user Command
[root@oak ~]#

I suspect this is cause by a proxy server but I don't know what questions to ask to the guys managing the proxy as I'm not 100% sure that it's it. Also when accessing any web site from my two clients I get the following error:

                               â    Configuration of the proxy server failed.    â                              
                               â   This might be caused by an incorrect proxy    â                              
                               â  setting specified by an environment variable   â                              
                               â     or returned by a scripting proxy hook.      â                              
                               â                                                 â                              
                               â    The correct syntax for proxy settings are    â                              
                               â   a host name optionally followed by a colon    â                              
                               â  and a port number. Example: 'localhost:8080'.  â                              
                               â                                                 â                              
                               â                     [ OK ]                      â                              

Any help is highly appreciated.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

have you alredy set up apache or any other webeserver on your local repository? an not really sure if you need that to setup respository but since you have http url it should be required

i will suggest you to check if you can browse the url  from other clients using standard browser. if no then you have to allow access to the directory in apache

LinuxDukeAuthor Commented:
Yes Apache has been setup on the local repository and its running. I can access the repository from any client internet explorer or mozilla browser but not from my two linux clients.

This is what I get when checking apache on my local repository:
 apache   26389  1998  0 Jan27 ?        00:00:00 /usr/sbin/httpd
apache   26390  1998  0 Jan27 ?        00:00:00 /usr/sbin/httpd
apache   26391  1998  0 Jan27 ?        00:00:00 /usr/sbin/httpd
apache   26392  1998  0 Jan27 ?        00:00:00 /usr/sbin/httpd
apache   26393  1998  0 Jan27 ?        00:00:00 /usr/sbin/httpd
apache   26394  1998  0 Jan27 ?        00:00:01 /usr/sbin/httpd
apache   26395  1998  0 Jan27 ?        00:00:00 /usr/sbin/httpd
apache   26396  1998  0 Jan27 ?        00:00:00 /usr/sbin/httpd
root     27894 27849  0 15:14 pts/0    00:00:00 grep httpd
[root@oak etc]# telnet localhost 80
Connected to localhost.localdomain (
Escape character is '^]'.
<title>501 Method Not Implemented</title>
<h1>Method Not Implemented</h1>
<p>] to / not supported.<br />
Connection closed by foreign host.
[root@oak etc]#

This is what I get when using telnet from my client to the local repository:
[root@silverfir gugu]# telnet 80
Connected to oak.corporatebank.co.za (
Escape character is '^]'.
<title>501 Method Not Implemented</title>
<h1>Method Not Implemented</h1>
<p>] to / not supported.<br />
Connection closed by foreign host.
[root@silverfir gugu]#

LinuxDukeAuthor Commented:
Any idea why yum is not updating to my local repository or what could be stoping access to web sites from my client machines.
The Ultimate Tool Kit for Technolgy Solution Provi

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy for valuable how-to assets including sample agreements, checklists, flowcharts, and more!

check your httpd.conf file that might be something you can look for and see if you have really configured host properly

another thing is if you have entry for your oak.corporatebank.co.za in your dns or hosts file

to check that try to ping oak.corporatebank.co.za from your client machine and check if its pininging

am digning off for the days so will check progress in moring hope it works
LinuxDukeAuthor Commented:
Hi dhaval,

I am able to ping oak.corporatebank.co.za from all my clients and I had it already on my /etc/hosts file.
I have checked httpd.conf file and could only pick up the error I'm getting when running yum update from my clients which is : ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var and not to sure where this is used as I'm not to good with apache configuration. I have attached my http.conf file maybe you will pick up something from it.

I have also gone through the mrepo logs and discovered that one of my client silverfir created the following two logs mrepo-wwwaccess_log and mrepo-wwwerro_log :
mrepo-wwwaccess_log |more - - [31/Jan/2008:15:25:29 +0200] "]" 501 203
[Thu Jan 31 15:25:29 2008] [error] [client] Invalid method in request ]

This is a bit funny as the is no logs getting written to the /var/log/yum on my clients.
Hope you might lead me to the right direction.


ok your conf file looks ok to me... now what i need to know is

 1 did you put your respository under /var/www/http ( which is root for your webserver )
 2 did you used creatrepo command ? to creat respository aleternatly you can use yum-arch i guess ( if you are on redhat/fedore you will have createrepo )

LinuxDukeAuthor Commented:
Know my repository is under /var/www/mrepo for question 2 I'm not to sure if the command creatrepo was used as the repository was already setup by someone else. Please have a look below for question1 answer.

[root@oak www]# ls
cgi-bin  error  html  icons  manual  mrepo  usage
[root@oak www]# cd mrepo/
[root@oak mrepo]# ls
centos4-i386  HEADER.shtml  README.shtml  rhel5es-i386
centos5-i386  livna-8-i386  rhel4es-i386
[root@oak mrepo]# pwd
[root@oak mrepo]#
LinuxDukeAuthor Commented:
Hi dhaval,

The is a proxy account that has been locked, it has been unlocked and the clients started updating.
I have attached a text file to show you the out put of the two clients yum updates Centos Dragon and Redhat Silverfir. It looks like the updates are going through but I'm not to sure is they are getting installed as I only see package updated then at the end exit after running transaction check because of missing dependency in the packages.

Another thing I have hashed out the entry in the  /etc/hosts for oak the local repository and it's still going.So I think the proxy account that was locked out was the problem but not to sure these updates are working fine. If you can clearify that for me please. I also need to find out why nothing is getting logged on yum.log for clients and local repository. In the local repository nothing is getting loged on the mrepo.log file what can be making logs not to work.
Check below my cat statement:
 [root@oak log]# ls
acpid            boot.log.2  cron.3  lastlog    maillog.4   mrepo.log         Pegasus      rpmpkgs.3         secure.2   spooler.3   xianserver.bak
anaconda.log     boot.log.3  cron.4  mail       messages    mrepo.log.1       ppp          rpmpkgs.4         secure.3   spooler.4   Xorg.0.log
anaconda.syslog  boot.log.4  cups    maillog    messages.1  mrepo.log.2       prelink.log  samba             secure.4   squid       yum.log
anaconda.xlog    cron        dmesg   maillog.1  messages.2  mrepo.log.3       rpmpkgs      scrollkeeper.log  spooler    wtmp
boot.log         cron.1      gdm     maillog.2  messages.3  mrepo.log.4       rpmpkgs.1    secure            spooler.1  wtmp.1
boot.log.1       cron.2      httpd   maillog.3  messages.4  mrepo_update.log  rpmpkgs.2    secure.1          spooler.2  xianserver
[root@oak log]# cat mrepo.log
[root@oak log]#

oh okie :) great seems is working fine

and for logs i would just ask you to double check location of log file in yum.conf on your clients its should be assigned to "logfile"  
btw m this errors means those packages are not available in repository so you  should download them and keep it in repository else some dependency may fail

Error: Unable to satisfy dependencies
Error: Package yelp needs libgtkembedmoz.so()(64bit), this is not available.
Error: Package yelp needs libxpcom_core.so()(64bit), this is not available.
Error: Package yelp needs libxpcom.so()(64bit), this is not available.
Error: Package glibc-devel needs glibc-headers = 2.5-12, this is not available.
Error: Package nss conflicts with prelink <= 0.3.9-2.
Error: Package sabayon needs sabayon-apply = 2.12.4-3.el5, this is not available.
Error: Package yelp needs gecko-libs =, this is not available.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
LinuxDukeAuthor Commented:
I will look at the logging problem then put a new post for it if the is still a problem.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Distributions

From novice to tech pro — start learning today.