Bash Index : Y - The 'Y' Bash commands : description, flags and examples

mail

yum error : [Errno 14] HTTPS Error 403 - Forbidden

Situation :

yum install / yum update return the error :
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/optional/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden
Trying other mirror.
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden
Trying other mirror.


Error downloading packages:
  open-vm-tools-10.3.10-2.el7.x86_64: [Errno 256] No more mirrors to try.

Details :

While investigating, you may try to open the https://cdn.redhat.com/content/dist/... URLs giving the HTTP 403 errors (see links in the error message above), and receive a warning about a security risk / non-secure connection / ... (the message is browser-specific).
  • This is because the certificates used on cdn.redhat.com web servers are signed by a CA which is unknown (hence not trusted) by your web browser.
  • As for Firefox & al. this is no big deal, and not related with the initial issue.
  • subscription-manager tools have the trusted CA built in, so everything's fine regarding HTTPS.
(source)
Back to the initial topic, this HTTPS Error 403 - Forbidden looks like a registration / subscription issue.

Solution :

  1. Check that the right subscription is attached :
    subscription-manager status
  2. Refresh your subscription details :
    subscription-manager refresh
    This fixed the bug for me, no need to go further. See the "source" link below for extra steps.
mail

yum

Usage :

Install software packages while maintaining dependencies on Red Hat.

Configuration files (details) :

  • /etc/yum.conf : yum main configuration file
  • /etc/yum.repos.d/* : repositories

Flags :

Flag Usage
makecache
makecache fast
download and make usable all the metadata for the currently enabled yum repositories
with fast : just try to make sure the repositories are current
repolist list configured repositories. Filter with all (default) / enabled / disabled
-y --assumeyes assume that the answer to any question which would be asked is yes

Example :

Deal with repositories :

List repositories (source) :

  • yum repolist all
  • verbose mode : yum repolist -v
  • repo IDs only : yum repolist | tail -n +4 | head -n -1 | cut -d' ' -f1

An exclamation mark ! leading a repository name means this repository has expired metadata.

Enable / disable a repository (source) :

  • yum-config-manager --enable repositoryId
  • yum-config-manager --disable repositoryId
repositoryId is displayed when listing repositories.

Deal with packages :

List installed packages (source) :

yum list installed
list all installed packages
yum list installed docker-ce
search a specific package
You'll have to provide the exact package name. Otherwise :
yum list installed | grep packageSearchPattern
yum list output format (source) :
name.arch		[epoch:]version-release		repo or @installed-from-repo

Search a package :

yum search packageSearchPattern
This displays a list of matching patterns, their version, and the repository they belong to or the string installed when applicable.

Get information on a package :

yum info packageSearchPattern

List files provided by a package (installed or not) :

Install package using a given repository :

yum -c /etc/yum.repos.d/myCompany.repo install fetchmail

Install security updates (source) :

List all updates that are security relevant, and get a return code on whether there are security updates :
yum check-update --security
Upgrade packages that have security errata up to the latest available package :
yum update --security
Upgrade packages that have security errata up to the last security errata package :
yum update-minimal --security

Don't forget -y when running non-interactively (like in an Ansible playbook)

Get a summary of advisories not installed yet :
yum updateinfo summary
Modules complémentaires chargés : product-id, search-disabled-repos, subscription-manager
Updates Information Summary: updates
	28 Bugfix notice(s)
	 4 Enhancement notice(s)
Security: kernel-3.10.0-514.26.1.el7.x86_64 is an installed security update
Security: kernel-3.10.0-514.10.2.el7.x86_64 is the currently running version		reboot !
updateinfo summary done
update vs update-minimal :
yum update
update every currently installed package (and ensure that all dependencies are satisfied)
yum update-minimal updateType
like update, but if you have the package foo-1 installed and have foo-2 (bugfix) and foo-3 (enhancement) available, then update-minimal --bugfix will update you to foo-2.

Clear caches (source) :

yum caches downloaded packages (and metadata) in /var/cache/yum, under the control of the keepcache directive of /etc/yum.conf. You may have to clean this cache to reclaim disk space or to clear errors due to corrupted metadata files.
yum clean all
clean all cached information
yum clean packages
remove cached packages only
yum clean metadata
delete metadata for each enabled repository
yum clean headers
delete package headers