[Distutils] Setuptools Bug: all files installed +x

Pete pfein at pobox.com
Tue Apr 22 17:49:05 CEST 2008 

On Apr 21, 2008, at 6:01 PM, Phillip J. Eby wrote:

> At 04:23 PM 4/21/2008 -0400, Pete wrote:
>> I'm not looking for explicit testing support from setuptools for
>> testing here - I'm just asking that a bug that breaks a 3rd party
>> testing package be fixed.
>
> You haven't stated anything yet that sounds like an actual bug to me.

What about the dangerous & broken complaint?

> What nose is doing seems like the bug to me, in fact, since modules  
> exist "in the wild" that are both module and script.  (You yourself  
> gave this as an example.)

No, it's a safety mechanism.  From the nose docs for the --exe flag  
(which forcibly disables such checks):

--exe                 Look for tests in python modules that are  
executable.
                         Normal behavior is to exclude executable  
modules,
                         since they may not be import-safe  
[NOSE_INCLUDE_EXE]

> It certainly might be reasonable...  in a posix-only + svn-only +  
> tar-only world...  to make the assumption that installed permissions  
> could be based in part on source file permissions.  However,  
> setuptools has to support scenarios where none of those  
> environmental conditions apply.  (e.g. Windows, a half-dozen  
> revision control systems, and zip files.)

I fail to see how setting +x on all non-script .py's addresses the  
environments that don't support permissions. Given the complete lack  
of permissions information in non-tar archives, it'd arguably be  
equally valid to set -x (non-executable) on all .py's or to set them  
at random.  What problem does the current behavior solve?

If authors need support for permissions, they clearly need to use an  
archive file format that supports that.  If they don't use such a  
format, they should expect what they get.  For those of us using tar/ 
posix, the fact that setuptools goes out its way to override developer/ 
distributor intent is problematic.  I know what I'm doing, and  
setuptools doesn't let me do it.

> That means that existing executable permissions are not -- and as  
> far as I can see, *cannot* -- be used as a cross-platform basis for  
> determining the permissions to give to installed files.  Some other  
> mechanism to explicitly specify the permissions would need to exist.

If there's a strong reason for +x'ing non-tar archives, perhaps  
setuptools could disable this behavior for archive formats that  
support (ie, tar).

-- 
Pete
pfein at pobox.com

More information about the Distutils-SIG mailing list