CentOS 5 / RHEL 5 -- YUM updates through pro

CentOS 5 / RHEL 5 -- YUM updates through proxy.

[Log in to get rid of this advertisement]

I have been trying all day but so far I am unable to configure yum to use a proxy server to retrieve updates.Due a recent compliance mandate direct internet access had to be removed for a pool of our Cent/RHEL servers. I have added the http_proxy environment variable in /etc/profile using:

export http_proxy=http://ourproxy:8080

export ftp_proxy=http://ourproxy:8080

export gopher_proxy=http://ourproxy:8080

I am using the FQDN of the proxy server, and i can ping that FQDN from the CLI without a problem. When I do this and I reboot the server I can get to the internet through the proxy using links/lynx. Yum however stalls out after loading plugins. I have read in a few places that I need a trailing / after the port number above, adding this and rebooting has no effect.

So I tried specifying the yum.conf file...

proxy=http://ourproxy:8080/. When I do this yum still tries to contact the redhat/cent network directly. No behavior change. If I use tcpdump I can see the server I am running yum on try to directly connect without the proxy, which times out for good reason.

The proxy server I am running is squid, but I can see the server I am running yum on blatantly ignore any proxy settings I have tried so far. I am really in a hole on this one as I have to get several updates to fix vulnerabilities found during our last scan. Any help is greatly appreciated.

Last edited by Rush_898; 11-28-2008 at 05:36 PM.

Rush_898

View Public Profile

View LQ Blog

View Review Entries

View HCL Entries

Find More Posts by Rush_898

11-29-2008, 05:34 PM   #2

rayfordj

Member

Registered: Feb 2008

Location: Texas

Distribution: Fedora, RHEL, CentOS

Posts: 424

Rep:

I had a similar problem with my primary work desktop where I must use a proxy and I must authenticate through the proxy. I added yum options in yum.conf for proxy, proxy_username, and proxy_password. If you do not need to auth with user/pass then you should be able to get away with just proxy option.

I believe this is the format I used that worked...

Code:

proxy=http://proxy.my.org:8080/ This is going from memory because unfortunately my desktop's video card fried last week and took down the system so you may need to try a few different iterations of the value-side of the variable.

Hope this helps.

EDIT: Sorry, just realized that you said you tried that already.

rayfordj

View Public Profile

View LQ Blog

View Review Entries

View HCL Entries

Find More Posts by rayfordj

11-29-2008, 08:44 PM   #3

Rush_898

Member

Registered: Mar 2004

Distribution: debian...

Posts: 30

Original Poster

Rep:

Thanks for your reply! For some reason that was never successful for me. I don't know if that only works for cent/rh < 5 or what the deal is, but for anyone else who stumbles across this issue here is the fix:

Edit /etc/sysconfig/rhn/up2date file and make proper entries for following tags:

enableProxy[comment]=Use a HTTP Proxy

enableProxy=0 (change it to 1)

proxyPassword[comment]=The password to use for an authenticated proxy

proxyPassword= (put proxy password)

proxyUser[comment]=The username for an authenticated proxy

proxyUser= (put proxy username)

httpProxy[comment]=HTTP proxy in hostort format, e.g. squid.redhat.com:3128

httpProxy= (put http_proxy environment variable)

enableProxyAuth[comment]=To use an authenticated proxy or not

enableProxyAuth=0 (Change it to 1)

Once I did this all was well!