Hi, all
I got the following error while running 'yum update' frequently
Failed to download metadata for repo 'epel-modular'
This may not be a CentOS issue, but it blocked my daily operation.
So I asked here, sorry if it is not proper.
Is EPEL facing operation issue, or I should check my CentOS configuration
Thanks,
yum update issue related to epel
-
kenplusplus
- Posts: 5
- Joined: 2020/05/04 01:24:02
Re: yum update issue related to epel
Sound like the offical EPEL repo is not stable, so my workaround is to use mirror + removing gpg checking.
Re: yum update issue related to epel
Disabling GPG checking sounds like NOT the right thing to do at all. Ever.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: yum update issue related to epel
Hello, following this one due to similar symptoms
Did you by any chance update the system cryptography settings with
This appears to prevent yum or dnf from accessing EPEL Modular repository as the associated certificate is not strong enough. I feel the certificate on the repo should be updated.
Every time I use the above command to limit system-wide legacy crypto protocols/algorithms I get the same error with the EPEL Modular repo.
If I use
then reboot the issue goes away.
Hope that helps
Monk
Did you by any chance update the system cryptography settings with
Code: Select all
update-crypto-policies --set FUTUREEvery time I use the above command to limit system-wide legacy crypto protocols/algorithms I get the same error with the EPEL Modular repo.
If I use
Code: Select all
update-crypto-policies --set DEFAULTHope that helps
Monk
Re: yum update issue related to epel
If you are correct about the EPEL cert then I would suggest searching on and raising a bug entry on bugzilla.redhat.com in the Fedora EPEL section to report this.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: yum update issue related to epel
Hi TrevorH,
You're right about that, maybe a bug report should be raised - not long worked out the (possible) reason why and spent an inordinate amount of time researching these symptoms. It only occurs with the EPEL Modular repo and not the EPEL repo.
Wonder if anyone else can confirm the symptoms I have described above? Anybody got some test machines about to confirm?
Note if a "yum/dnf update" has been performed recently then the machine may rely on local cached data alone and report all OK. If this occurs a "yum/dnf clean all" followed by update to make the machine connect to remote servers produces the incorrect result again.
Be interested to discover whether this does indeed fix the OP's issue and results of anybody else's testing. What I have described there occurs every time on my side when crypto settings are set to FUTURE.
KR
You're right about that, maybe a bug report should be raised - not long worked out the (possible) reason why and spent an inordinate amount of time researching these symptoms. It only occurs with the EPEL Modular repo and not the EPEL repo.
Wonder if anyone else can confirm the symptoms I have described above? Anybody got some test machines about to confirm?
Note if a "yum/dnf update" has been performed recently then the machine may rely on local cached data alone and report all OK. If this occurs a "yum/dnf clean all" followed by update to make the machine connect to remote servers produces the incorrect result again.
Be interested to discover whether this does indeed fix the OP's issue and results of anybody else's testing. What I have described there occurs every time on my side when crypto settings are set to FUTURE.
KR
Re: yum update issue related to epel
Bug 1832292 filed. I may not have done it correctly, not totally familiar with the process. Any further guidance welcome.
Re: yum update issue related to epel
No reply from OP and no contribution from other members to verify.
To advise, bug report has been verified and it is indeed a cert problem applied to the repo.
Brains more capable than mine are investigating and tabling a fix in due course.
I ask again OP - have you at any stage set the crypto policies to FUTURE if so that is definitively the source of the originally reported issue.
If other compensating controls are in place there is no immediate necessity to set crypto policies to FUTURE but it would be extremely handy to completely mitigate dated protocols.
To advise, bug report has been verified and it is indeed a cert problem applied to the repo.
Brains more capable than mine are investigating and tabling a fix in due course.
I ask again OP - have you at any stage set the crypto policies to FUTURE if so that is definitively the source of the originally reported issue.
If other compensating controls are in place there is no immediate necessity to set crypto policies to FUTURE but it would be extremely handy to completely mitigate dated protocols.