[openstack-dev] [all] setup.py executable bit

Robert Collins robertc at robertcollins.net
Wed Jun 17 18:40:33 UTC 2015

An unintended side effect of the requirements refactoring was that we
changed from preserving the 'x' bit on setup.py, to discarding it.
This happened when we started writing the file atomically rather than
in-place - a good robustness improvement.

Previously the requirements sync, which enforces setup.py contents had
made no statement about the file mode. Now it unintentionally is.

We could do several things:
 - preserve the file mode (stat the old, use its mode in open on the temp file)
 - force the mode to be +x
 - force the mode to be -x [the current behaviour]

After a brief IRC discussion in #openstack-olso we're proposing that
forcing the mode to be -x is appropriate.

Our reasoning is as follows:
 - './setup.py XYZ' is often a bug - unless the shebang in the
setup.py is tolerant of virtualenvs (not all are), it will do the
wrong thing in a virtual env. Similarly with PATH.
 - we don't require or suggest users of our requirements syncronised
packages run setup.py at all:
    - sdists and releases are made in the CI infrastructure
    - installation is exclusively via pip

So it seems like a slight safety improvement to remove the x bit - and
possibly (we haven't thought it all the way through yet) also remove
the shebang entirely, so that the contract becomes explicitly
'setup.py is not executable'.

Please raise concerns or objections here; if there are none I'll
likely put up a patch to remove the shebang early next week, or
whenever I get reminded of this.


Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Converged Cloud

More information about the OpenStack-dev mailing list