[openstack-dev] [all] setup.py executable bit
Davanum Srinivas
davanum at gmail.com
Wed Jun 17 21:23:07 UTC 2015
+1 both to using -x and to removing the shebang.
On Wed, Jun 17, 2015 at 2:47 PM, Doug Hellmann <doug at doughellmann.com> wrote:
> Excerpts from Robert Collins's message of 2015-06-18 06:40:33 +1200:
>> An unintended side effect of the requirements refactoring was that we
>> changed from preserving the 'x' bit on setup.py, to discarding it.
>> This happened when we started writing the file atomically rather than
>> in-place - a good robustness improvement.
>>
>> Previously the requirements sync, which enforces setup.py contents had
>> made no statement about the file mode. Now it unintentionally is.
>>
>> We could do several things:
>> - preserve the file mode (stat the old, use its mode in open on the temp file)
>> - force the mode to be +x
>> - force the mode to be -x [the current behaviour]
>>
>> After a brief IRC discussion in #openstack-olso we're proposing that
>> forcing the mode to be -x is appropriate.
>>
>> Our reasoning is as follows:
>> - './setup.py XYZ' is often a bug - unless the shebang in the
>> setup.py is tolerant of virtualenvs (not all are), it will do the
>> wrong thing in a virtual env. Similarly with PATH.
>> - we don't require or suggest users of our requirements syncronised
>> packages run setup.py at all:
>> - sdists and releases are made in the CI infrastructure
>> - installation is exclusively via pip
>>
>> So it seems like a slight safety improvement to remove the x bit - and
>> possibly (we haven't thought it all the way through yet) also remove
>> the shebang entirely, so that the contract becomes explicitly
>> 'setup.py is not executable'.
>>
>> Please raise concerns or objections here; if there are none I'll
>> likely put up a patch to remove the shebang early next week, or
>> whenever I get reminded of this.
>
> +1 both to using -x and to removing the shebang.
>
> Doug
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
--
Davanum Srinivas :: https://twitter.com/dims
More information about the OpenStack-dev
mailing list