Apt-cacher-ng and fedora: "Cannot prepare internal mirrorlist: Status code: 403"

I’ve read a lot of topics about apt-cacher-ng and fedora and I still don’t understand why I can’t get it to work. So, this is my setup:

I followed the notes of unman, setting up a template for a test-cacher VM, editing qrexec policy, I’ve got a fedora-38-test-cached-3 and a debian-11-test-cached-3 VM (yes, I made several attempts). I’ve changed https:// into http://HTTPS/// in the debian template and I can update it and see it in the test-cacher logs.

With fedora, I used this command:

sudo sed -i "s^metalink=https://\(\S\+\)$basearch^metalink=http://HTTPS///\1$basearch\&protocol=http^" /etc/yum.repos.d/*.repo
sudo sed -i "s^https://^http://HTTPS///^" /etc/yum.repos.d/qubes-r4.repo

I copied the fedora_mirrors in test_cacher

Then, upgrading, I got this:

Error: Failed to download metadata for repo ‘fedora’: Cannot prepare internal mirrorlist: Status code: 403 for http://HTTPS///mirrors.fedoraproject.org/metalink?repo=fedora-38&arch=x86_64&protocol=http (IP:

This is what I tried:

In fedora-38-cached-test-3:

sudo dnf upgrade --refresh

In test-cacher:

sudo rm -r /var/cache/apt-cacher-ng/fedora

Same error after adding some lines to acng.conf in test-cacher:

VfilePatternEx: .*fedora.*updateinfo.*xml.zck$
DontCache: .*fedora.*updates.*updateinfo.xml.zck

Copying the acng.conf from shaker don’t change the problem…

So, I think there is something I don’t understand but what?

Status code 403 is a Forbidden error.
You will often see this with fedora mirrors accessed via Tor.
I also see it when using apt-cacher-ng via clearnet.

Since it is an error at the server side, there’s little you can do.
Sometimes a little patience is all you need.

Working with Fedora can be frustrating at times, but generally it will
work. Sometimes it’s necessary to clear the cacher before trying another

1 Like

Ok, thank you for clarifying the message. The thing is: I got this error while trying apt-cacher-ng during my other attempts so I wasn’t sure if there was a problem from my side or no.

I will consider changing some of my templates to debian because I really need to use apt-cache-ng.

As an example, last night I could not update Fedora-38 based templates.
This morning, they updated using apt-cacher-ng.
In one case I had to intervene and manually run sudo dnf clean all
before updating. Then all was well.

I believe that a significant cause of these issues is the Fedora mirror
system, particularly for updates repositories.
With some patience (and cleaning), apt-cacher-ng works fine with Fedora

Yeah but I couldn’t get it to work even once. I suspect that my most of the time poor connection is resulting in this 403 error.

By cleaning, you mean something more than this?

  1. removing everything related to fedora in /var/cache/apt-cacher-ng in the cacher VM
  2. running dnf clean all and removing everything in in /var/cache/dnf in the fedora template to update