030*_*030 20 yum software-installation scientific-linux nginx
根据此文档在 Scientific Linux 上安装 Nginx失败:
[vagrant@localhost ~]$ sudo su -c 'rpm -Uvh http://dl.fedoraproject.org/pub/epe
l/6/x86_64/epel-release-6-8.noarch.rpm'
Retrieving http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch
.rpm
warning: /var/tmp/rpm-tmp.gdSOR9: Header V3 RSA/SHA256 Signature, key ID 0608b89
5: NOKEY
Preparing... ########################################### [100%]
1:epel-release ########################################### [100%]
[vagrant@localhost ~]$ sudo yum install nginx
Loaded plugins: security
Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Pl
ease verify its path and try again
[vagrant@localhost ~]$
版本信息
[vagrant@localhost ~]$ uname -a
Linux localhost.localdomain 2.6.32-431.el6.x86_64 #1 SMP Thu Nov 21 13:35:52 CST
2013 x86_64 x86_64 x86_64 GNU/Linux
[vagrant@localhost ~]$ cat /etc/*{release,version}
Scientific Linux release 6.5 (Carbon)
Scientific Linux release 6.5 (Carbon)
cat: /etc/*version: No such file or directory
[vagrant@localhost ~]$
注意: sudo yum update -y在开始安装nginx之前发出
禁用其他软件包的安装
[vagrant@localhost ~]$ sudo yum install vim -y
Loaded plugins: security
Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Pl
ease verify its path and try again
[vagrant@localhost ~]$
URLGRABBER 调试器日志
2014-08-03 14:22:44,437 attempt 1/10: https://mirrors.fedoraproject.org/metalink
?repo=epel-6&arch=x86_64
INFO:urlgrabber:attempt 1/10: https://mirrors.fedoraproject.org/metalink?repo=ep
el-6&arch=x86_64
2014-08-03 14:22:44,438 opening local file "/var/cache/yum/x86_64/6.5/epel/metal
ink.xml.tmp" with mode wb
INFO:urlgrabber:opening local file "/var/cache/yum/x86_64/6.5/epel/metalink.xml.
tmp" with mode wb
* About to connect() to mirrors.fedoraproject.org port 443 (#0)
* Trying IP... * connected
* Connected to mirrors.fedoraproject.org (IP) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* NSS error -8018
* Closing connection #0
* Problem with the SSL CA cert (path? access rights?)
2014-08-03 14:22:50,071 exception: [Errno 14] PYCURL ERROR 77 - "Problem with th
e SSL CA cert (path? access rights?)"
INFO:urlgrabber:exception: [Errno 14] PYCURL ERROR 77 - "Problem with the SSL CA
cert (path? access rights?)"
2014-08-03 14:22:50,072 retrycode (14) not in list [-1, 2, 4, 5, 6, 7], re-raisi
ng
INFO:urlgrabber:retrycode (14) not in list [-1, 2, 4, 5, 6, 7], re-raising
Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Pl
ease verify its path and try again
在尝试安装 nginx 之前和之后输出 yum update
[vagrant@localhost ~]$ sudo yum update -y
Loaded plugins: security
Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Pl
ease verify its path and try again
[vagrant@localhost ~]$
yum --disablerepo="epel" 更新
[vagrant@localhost ~]$ sudo yum --disablerepo="epel" update
Loaded plugins: security
Setting up Update Process
No Packages marked for Update
小智 33
问题是 nss 包太旧了。这个旧版本无法与curl使用旧版本 nss 库的 Fedora 站点通信。
只需将您的 nss 版本更新到最新,它就解决了 EPEL repo 更新的问题:
$ sudo yum clean all
$ sudo yum --disablerepo="epel" update nss
注意:此版本的nss-3.14.3-4.el6_4.x86_64适用于 EPEL 存储库。
gar*_*Red 20
如果以下失败:
yum check-update
但:
yum --disablerepo="epel" check-update
工作,然后运行:
URLGRABBER_DEBUG=1 yum check-update 2> debug.log
并检查debug.log:
PYCURL ERROR 77 - "Problem with the SSL CA cert (path? access rights?)"
如果找到此消息,请尝试:
yum --disablerepo="epel" reinstall ca-certificates
如果这不能解决问题,那么您可能需要更新您的 ca 证书:
yum --disablerepo="epel" update ca-certificates
如果这无法解决问题,请备份您当前的 CA 证书:
cp /etc/pki/tls/certs/ca-bundle.crt /root/
并运行:
curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt
解释
日志显示您系统的 SSL 证书错误。
您系统上的 CA 证书包可能以某种方式损坏,yum -disablerepo="epel" reinstall ca-certificates上面的命令只是用新版本覆盖您的。这不太可能是答案,因为所有其他存储库都在工作 - 如果存在重大 SSL 问题,那么所有存储库都会失败。
curl...上面的命令用更新的版本替换系统的 CA 证书包。CA 证书包包含您的系统信任的所有根 CA 证书。
在这种情况下,EPEL 存储库具有您的系统不信任的新 SSL 证书(由新的根 CA 签名)。CentOS 存储库继续使用其稍旧的证书。
| 归档时间: |
|
| 查看次数: |
76339 次 |
| 最近记录: |