Hello Python packagers.
Our pip has a custom patch that warns if "pip install" is run as root
(emit-a-warning-when-running-with-root-privileges.patch). That I think is a good
idea to have, as many users will still find "sudo pip install" instructions on
the Internet and they can potentially nuke their system.
What I realized today is that this warning is visible when we use pip during
packaging of rpm packages (e.g. with %pyproject_install):
+ /usr/bin/python3 -m pip install --root
/builddir/build/BUILDROOT/python-pytest-4.4.2-0.fc33.x86_64 --no-deps
--disable-pip-version-check --progress-bar off --verbose --ignore-installed
--no-warn-script-location --no-index --no-cache-dir --find-links
pyproject-wheeldir pytest==4.4.2
WARNING: Running pip install with root privileges is generally not a good idea.
Try `python3 -m pip install --user` instead.
...
It would be nice if we were able to suppress this warning.
There are several options to handle this I could brainstorm myself:
1) Add a custom --no-warn-root-privileges option and use it in our macros. This
is a problem because we are introducing downstream only API. When others use
this flag with upstream pip, it fails.
2) Hide the warning when $RPM_BUILD_ROOT is set. This sounds good for our macro
invocations, however it would also hide the warning when using naïve "pip
install foo" in spec. We might want to keep the warning in such cases.
3) Introduce an environment variable (e.g. PIP_NOWARN_ROOT) and set it from our
macros. Like (1), this adds a new API, however with upstream pip, it "simply"
does nothing.
4) Introduce our warning upstream, but make it opt-in only. Have
--warn-root-privileges / --no-warn-root-privileges options. In Fedora, only
patch the default value. (We could also propose our defaults upstream, but IIRC
there were reservation when we tried to upstream this patch.) IMHO This might be
the best approach, but arguably also the most complex one.
5) Hide the warning when --root is set. When using "sudo pip install" with
custom --root, users are more likely to do it on purpose and it would remove the
warning in all our macros without a need to touch them. IMHO This solution has
the best effort/gain ratio.
What do you think?
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
_______________________________________________
python-devel mailing list -- python-devel@lists.fedoraproject.org
To unsubscribe send an email to python-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org
