Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 2 May 2017 at 09:36, Nico Kadel-Garcia wrote: > On Mon, May 1, 2017 at 9:14 AM, Nick Coghlan wrote: >> On 1 May 2017 at 22:47, Nico Kadel-Garcia wrote: >>> On Sun, Apr 30, 2017 at 10:30 PM, Nick Coghlan wrote:

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Mon, May 1, 2017 at 9:14 AM, Nick Coghlan wrote: > On 1 May 2017 at 22:47, Nico Kadel-Garcia wrote: >> On Sun, Apr 30, 2017 at 10:30 PM, Nick Coghlan wrote: >>> If the intended benefit of this change remains unclear, it may help to

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 26 April 2017 at 19:19, Michal Cyprian wrote: > The other possibility is to limit the pip install location change > to distutils and pip [2]. This is the "safer" option, but does > not cover all corner cases. For example, Python software built > locally using cmake or

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 1 May 2017 at 22:47, Nico Kadel-Garcia wrote: > On Sun, Apr 30, 2017 at 10:30 PM, Nick Coghlan wrote: >> If the intended benefit of this change remains unclear, it may help to >> focus on a specific concrete case, which would be that the following >>

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 1 May 2017 at 22:47, Nico Kadel-Garcia wrote: > On Sun, Apr 30, 2017 at 10:30 PM, Nick Coghlan wrote: >> If the intended benefit of this change remains unclear, it may help to >> focus on a specific concrete case, which would be that the following >>

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Sun, Apr 30, 2017 at 10:30 PM, Nick Coghlan wrote: > On 1 May 2017 at 09:59, Nico Kadel-Garcia wrote: >> Wouldn't it be more effective, more safe, and more efficient to >> improve the existing support for doing "the right thing", rather than >> trying to

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 1 May 2017 at 09:59, Nico Kadel-Garcia wrote: > Wouldn't it be more effective, more safe, and more efficient to > improve the existing support for doing "the right thing", rather than > trying to outsmart a build and deployment system that is essentially > outside your

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 1 May 2017 at 09:59, Nico Kadel-Garcia wrote: > Wouldn't it be more effective, more safe, and more efficient to > improve the existing support for doing "the right thing", rather than > trying to outsmart a build and deployment system that is essentially > outside your

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Thu, Apr 27, 2017 at 2:32 AM, Nick Coghlan wrote: > On 27 April 2017 at 11:47, Nico Kadel-Garcia wrote: >> On Wed, Apr 26, 2017 at 7:13 AM, Charalampos Stratakis >>> At the present time, running sudo pip3 in Fedora is not safe. >>> Pip shares its

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Fri, 28 Apr 2017, Nick Coghlan wrote: On 28 April 2017 at 00:07, Stephen John Smoogen wrote: Would this give any future PEP some groundswell of approval? I think so - once the Debian/Ubuntu and Fedora/RHEL/CentOS ecosystems share a common way of doing things at the

Re: What is your opinion on "sudo pip" fix for Fedora 27?

> On Apr 27, 2017, at 11:08 AM, Barry Warsaw wrote: > > Also note that `pip install` defaults to --user in Debian, and that alleviates > a lot of the "well that didn't work, let me add sudo" urges. Upstream, this > bug tracks that, although it's long standing without much

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 28 April 2017 at 02:01, Charalampos Stratakis wrote: > Fedora's equivalent to dirtbike is rewheel [0][1] and it would be great if > these projects could be unified somehow, however that's a separate > conversation for another time. > > I'd be happy to take a closer look

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Apr 27, 2017, at 12:01 PM, Charalampos Stratakis wrote: >Fedora's equivalent to dirtbike is rewheel [0][1] and it would be great if >these projects could be unified somehow, however that's a separate >conversation for another time. > >I'd be happy to take a closer look at dirtbike and maybe

Re: What is your opinion on "sudo pip" fix for Fedora 27?

Fedora's equivalent to dirtbike is rewheel [0][1] and it would be great if these projects could be unified somehow, however that's a separate conversation for another time. I'd be happy to take a closer look at dirtbike and maybe initiate some discussions when I get some free time. [0]

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Apr 27, 2017, at 04:52 PM, Nick Coghlan wrote: >From my perspective, the main goal of the change is to make it >possible to fully recover from "sudo pip install " by doing >"sudo pip uninstall ", and the approach Debian took is >sufficient to achieve that in almost all cases. So +1 from me for

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Apr 27, 2017, at 06:21 AM, Donald Stufft wrote: >For whatever it’s worth, at some point in time I plan on attempting to >formalize the Debian solution (or something akin to it) within a PEP and try >to get baked in support for it in Python. > >I also feel required to point out that ``sudo pip

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 28 April 2017 at 00:07, Stephen John Smoogen wrote: > On 27 April 2017 at 02:32, Nick Coghlan wrote: >> At this moment, this is NOT true for Fedora and derivatives. Instead, >> the remediation step here is "sudo pip uninstall X && sudo dnf >> reinstall "

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Thu, Apr 27, 2017 at 11:48:06PM +1000, Nick Coghlan wrote: > On 27 April 2017 at 23:04, Daniel P. Berrange wrote: > > On Thu, Apr 27, 2017 at 04:32:09PM +1000, Nick Coghlan wrote: > >> Their approach means that any harm caused by "sudo pip install X" can > >> subsequently

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 27 April 2017 at 02:32, Nick Coghlan wrote: > On 27 April 2017 at 11:47, Nico Kadel-Garcia wrote: >> On Wed, Apr 26, 2017 at 7:13 AM, Charalampos Stratakis >>> At the present time, running sudo pip3 in Fedora is not safe. >>> Pip shares its installation

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 27 April 2017 at 23:04, Daniel P. Berrange wrote: > On Thu, Apr 27, 2017 at 04:32:09PM +1000, Nick Coghlan wrote: >> Their approach means that any harm caused by "sudo pip install X" can >> subsequently be fully reversed by doing "sudo pip uninstall X". >> >> At this

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 27 April 2017 at 23:04, Daniel P. Berrange wrote: > On Thu, Apr 27, 2017 at 04:32:09PM +1000, Nick Coghlan wrote: >> Their approach means that any harm caused by "sudo pip install X" can >> subsequently be fully reversed by doing "sudo pip uninstall X". >> >> At this

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Thu, Apr 27, 2017 at 04:32:09PM +1000, Nick Coghlan wrote: > On 27 April 2017 at 11:47, Nico Kadel-Garcia wrote: > > On Wed, Apr 26, 2017 at 7:13 AM, Charalampos Stratakis > >> At the present time, running sudo pip3 in Fedora is not safe. > >> Pip shares its installation

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 27 April 2017 at 19:34, Fabio Valentini wrote: > If the "only" reason to change the current behavior is to prevent > users from nuking their systems (be it by accident, or by following > outdated instructions from the web), then why not prevent running > "sudo pip" at

Re: What is your opinion on "sudo pip" fix for Fedora 27?

> On Apr 27, 2017, at 2:32 AM, Nick Coghlan wrote: > > Debian and derivatives already mitigate the potential harm for these > cases by requiring the "--install-layout=deb" option to be passed to > get distutils to install into the system directories rather than doing > it by

Re: What is your opinion on "sudo pip" fix for Fedora 27?

If the "only" reason to change the current behavior is to prevent users from nuking their systems (be it by accident, or by following outdated instructions from the web), then why not prevent running "sudo pip" at all? Adding a small patch to pip to print an explanatory message ("This is unsafe,

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 26 April 2017 at 19:19, Michal Cyprian wrote: > The other possibility is to limit the pip install location change > to distutils and pip [2]. This is the "safer" option, but does > not cover all corner cases. For example, Python software built > locally using cmake or

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 27 April 2017 at 02:30, Colin Walters wrote: > I'll note as an aside that the other host system > management tool we use in Fedora is rpm-ostree, part of > Atomic Host: https://github.com/projectatomic/rpm-ostree > > Due to the read-only bind mount over /usr provided by the

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 27 April 2017 at 11:47, Nico Kadel-Garcia wrote: > On Wed, Apr 26, 2017 at 7:13 AM, Charalampos Stratakis >> At the present time, running sudo pip3 in Fedora is not safe. >> Pip shares its installation directory with dnf, can remove >> dnf-managed files and generally break

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On 27 April 2017 at 11:47, Nico Kadel-Garcia wrote: > On Wed, Apr 26, 2017 at 7:13 AM, Charalampos Stratakis >> At the present time, running sudo pip3 in Fedora is not safe. >> Pip shares its installation directory with dnf, can remove >> dnf-managed files and generally break

Re: What is your opinion on "sudo pip" fix for Fedora 27?

On Wed, Apr 26, 2017 at 7:13 AM, Charalampos Stratakis wrote: > Forwarding to fedora-devel as well > > Charalampos Stratakis > Associate Software Engineer > Python Maintenance Team, Red Hat > > - Original Message - > From: "Michal Cyprian" > To:

Re: What is your opinion on "sudo pip" fix for Fedora 27?

> Our first attempt to make sudo pip safe on Fedora [0] was This seems to be using "Fedora" to mean a *host* system, and I'd agree there. I'll note as an aside that the other host system management tool we use in Fedora is rpm-ostree, part of Atomic Host:

Re: What is your opinion on "sudo pip" fix for Fedora 27?

Forwarding to fedora-devel as well Charalampos Stratakis Associate Software Engineer Python Maintenance Team, Red Hat - Original Message - From: "Michal Cyprian" To: python-de...@lists.fedoraproject.org Sent: Wednesday, April 26, 2017 11:19:00 AM Subject: What is

What is your opinion on "sudo pip" fix for Fedora 27?

At the present time, running sudo pip3 in Fedora is not safe. Pip shares its installation directory with dnf, can remove dnf-managed files and generally break the Python 3 interpreter. Our first attempt to make sudo pip safe on Fedora [0] was based on using a different binary