HTTP error 403: forbidden yum occurs when we try to install a package using yum.
As part of our Server Management Services, we assist our customers with several HTTP queries.
Today, let us discuss “[Errno 14] HTTP Error 403 – Forbidden”
What is the error?
Recently, one of our customers came across the error “[Errno 14] HTTP Error 403 – Forbidden” while trying to install a package via yum.
Mostly, this can trigger due to issues with files in repos.d.
The major cause of this error includes,
- A corrupt repo
- Permission of packages
- SELinux issues
How to fix HTTP error 403?
Moving ahead, let us see how our Support Techs fix this error for our customers.
Permission of packages
We check inside the directory structure of the yum server reports invalid permissions for few packages.
-rw-r–r– 1 root root 128676 Mar 12 00:49 pcp-libs-devel-3.10.9-9.0.1.el6.x86_64.rpm
-rw-r–r– 1 root root 104328 Mar 12 00:49 pcp-webapi-3.10.9-9.0.1.el6.x86_64.rpm
-rw-r—– 1 root root 11100 Mar 19 22:30 yum-config-ociSGW-1.0-6.el6.noarch.rpm < — Other User has no read access
-rw-r—– 1 root root 17932 Mar 19 22:30 oraclelinux-release-el6-1.0-6.el6.noarch.rpm
-rw-r–r– 1 root root 934052 Mar 20 02:21 suitesparse-static-3.4.0-9.0.1.el6.x86_64.rpm
-rw-r–r– 1 root root 148644 Mar 20 02:21 suitesparse-devel-3.4.0-9.0.1.el6.i686.rpmThen, for other users inside CentOS/RHEL/OL 6 latest channel directory, we grant read permission on the local yum server.
# cd /var/www/html/yum/OracleLinux/OL6/latest/x86_64/
# chmod -R o+r getpackages/If we perform wget with debugging mode, it will reveal the permission or other access issues.
The diagnosis is as below,
# wget -d http://localyum/yum/OracleLinux/OL6/latest/x86_64/getPackage/oraclelinux-release-el6-1.0-6.el6.noarch.rpm
DEBUG output created by Wget 1.12 on linux-gnu.
–2019-05-06 11:02:17– http://localyum/yum/OracleLinux/OL6/latest/x86_64/getPackage/oraclelinux-release-el6-1.0-6.el6.noarch.rpm
Resolving localyum… x.x.x.x
Caching localyum => x.x.x.x
Connecting to localyum|x.x.x.x|:80… connected.
Created socket 3.
Releasing 0x00000000022931d0 (new refcount 1).
—request begin—
GET /yum/OracleLinux/OL6/latest/x86_64/getPackage/oraclelinux-release-el6-1.0-6.el6.noarch.rpm HTTP/1.0
User-Agent: Wget/1.12 (linux-gnu)
Accept: */*
Host: aeadsvap142-adp
Connection: Keep-Alive
—request end—
HTTP request sent, awaiting response…
—response begin—
HTTP/1.1 403 Forbidden
Date: Mon, 06 May 2019 07:02:25 GMT
Server: Apache/2.4.6 ()
Content-Length: 291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
—response end—
403 Forbidden
Registered socket 3 for persistent reuse.
Skipping 291 bytes of body: [
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don’t have permission to access /yum/OracleLinux/OL6/latest/x86_64/getPackage/oraclelinux-release-el6-1.0-6.el6.noarch.rpm
on this server.</p>
</body></html>
] done.
2019-05-06 11:02:17 ERROR 403: Forbidden.Corrupt repo
If we have a repo file that is corrupt, we may stumble upon this error.
In such a case, we download the file again and then verify the repo.
curl https://URL_to_the_repo > /etc/yum.repos.d/FILENAME.repoThen we verify it:
rpm -Vf /etc/yum.repos.d/FILENAME.repoDisable SELinux
Sometimes, this error could trigger due to the SELinux policy. In order to fix it, we can disable the same.
- To do so, we configure
SELINUX=disabledin the/etc/selinux/configfile:# This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls - Multi Level Security protection. SELINUXTYPE=targeted - Then we reboot the system. Once done, we confirm that the
getenforcecommand returnsDisabled:~]~getenforceDisabled\
[Need help with the fix? We’d be happy to assist]
Conclusion
In short, the HTTP error 403 can occur due to issues with files in repos.d, permissions or SELinux. Today, we saw effective methods our Support Techs employ, in order to fix them.
A very helpful Article, It resolved my problem by disabling the selinux option. Thank You
Hello Amir,
Thanks for the feedback. We are glad to know that our article helps you solves the issue 🙂 .
Thanks for the article. The issue is resolved by disabling SELinux. Thanks again.
Hi,
Thanks for the feedback.We are glad to know that our article helps you solves the issue.
Hello
After a couple of days, at last I fixed that.
I use this command in ubuntu 22.04 $ vim /etc/resolv.conf
Then, change 2 first lines, with 2 DNS that I get from my server support. (to screw the limits)
After rebooting from SSH Putty, the command ran correctly.
((((( with no 403 error )))))
Good time
Same here Nicky/Hiba. Was a painful intermittent problem, but this worked after reading your fine article:
#SELINUX=enforcing
SELINUX=disabled
Kindest regards,
VGJF.
We’re happy to hear that our article was helpful to you in resolving the problem.