From: Mark Hammond
>> 1. Installed copies of both Python 2.3 and 2.4.
>> 2. EITHER MSVC 6 and 7 (both versions) OR mingw
> Yes, that is true for all practical intent, if your installation
> has extension modules. However, for a pure-python distribution, you
> need *no* compilers installed. In that case, we still have a problem
> - at the moment, the installation is guaranteed to fail for either
> Python 2.3 and before, or for 2.4, depending on which CRTL was used
> to build wininst.exe.
> To clarify, I am talking about only how wininst.exe interacts with
> Python, not extension building related issues (even though they are
> similar).
Ah. I follow. In that case, yes I agree that practicality should beat
purity, and whatever works would make sense. My feeling is that reading
the file into a string and using the Py...RunString function is the
sensible option here.
After all (as I posted in python-dev) OLEAUT32.DLL uses MSVCRT.DLL, and
works happily with MSVC7-compiled DLLs (at least it had better!!!), so
there is at least *some* indication that DLLs can interact with EXEs
which use a different CRT (as long as sufficient care is taken).
Paul.
Thomas,
> You can customize distutils to do *anything* you want by subclassing.
> The basic functionality, however, assumes you are distributing python
> modules, scripts, and extensions. And distutils actually is the easiest
> way imo to also *build* the extensions.
Generally I build and test my modules individually or do releases through an
automated into our build/release management system that is very simple and
as such using distutils wouldn't fit in very easily/well.
> IIRC, you can also use the borland compiler to build the extensions -
> see the output of 'python setup.py build_ext --help-compiler'.
Thanks I had just noticed that...but as I am trying to move away from that
compiler - and only have it on my machine for legacy reason it's not needed.
>>
>> I know you can change the bitmap displayed during the install but can you
>> change the icon that is displayed for the *.exe that is generated?
>
> You can change the icon of the
> Lib/site-packages/distutils/command/wininst.exe with any tool of your
> choice, *before* building the installer.
I would like to do this programatically instead of doing it manually. Anyone
know of a python tool that can do that...or is that gonna have to be a
project of my own? I am also interested to know why you stressed the
*before* statement - surely I could change the icon on the produced *.exe?
and as such after building the installer?
Thanks...
--
Phil
"Requirements - what are they I just hack something together that does what
I think they want" ;)
This email has been sent to you from an email content scanning filter
located on the server [python.org]. If you have any queries relating
to this email, please direct them to postmaster.
Report Details -----------------------------------------------
Administrator Email Reply Address: postmaster
Email sent to: messano(a)unina.it
Inflex ID: 0203230623666
Report Details -----------------------------------------------
AntiVirus Results...
SWEEP virus detection utility
Version 3.78, February 2004 [Linux/Intel]
Includes detection for 87441 viruses, trojans and worms
Copyright (c) 1989,2004 Sophos Plc, www.sophos.com
System time 23:06:01, System date 03 February 2004
Command line qualifiers are: -archive -all -rec -sc
IDE directory is: /usr/local/sav
Using IDE file rirc-a.ide
Using IDE file randex-y.ide
Using IDE file dumaru-k.ide
Using IDE file dumaru-y.ide
Using IDE file dloaderl.ide
Using IDE file inorb.ide
Using IDE file mmdloada.ide
Using IDE file eyeveg-b.ide
Using IDE file sdbot-dc.ide
Using IDE file bagle-a.ide
Using IDE file stawin-a.ide
Using IDE file agobot-p.ide
Using IDE file mimail-q.ide
Using IDE file mimail-s.ide
Using IDE file divix-a.ide
Using IDE file mydoom-a.ide
Using IDE file mydoom-b.ide
Using IDE file gaggle-b.ide
Using IDE file inor-c.ide
Using IDE file proxin-a.ide
Using IDE file sdbot-w.ide
Using IDE file flopcopy.ide
Quick Sweeping
00:02 ergymth.pif
>>> Virus 'W32/MyDoom-A' found in file /usr/local/inflex/tmp/inf_0203230623666/unpacked/ergymth.pif
00:02 _headers_
00:02 textfile0
00:02 textfile1
00:02 textfile2
5 files swept in 2 seconds.
1 virus was discovered.
1 file out of 5 was infected.
Please send infected samples to Sophos for analysis.
For advice consult www.sophos.com, email support(a)sophos.com
or telephone +44 1235 559933
End of Sweep.
File NAME/TYPE Scan Results
0203230623666 from:distutils-sig@python.org to: messano(a)unina.itType scanning off.
Name scanning off.
Text scanning off.
END OF MESSAGE.
End.
.
From: Keith Jackson [mailto:krjackson@lbl.gov]
> A single S/MIME email from you or Jack would totally suffice for me
for
> the short term. That way I could look in the archive, verify the sig,
> and know that the hashes are valid. (Assuming you and Jack aren't
> really black hats. :)
Ironically, that message just came through with an "invalid digital
signature" warning. I've no idea what Outlook (yes, I know, so sue me)
considers in making this judgement, but I no longer trust anything you
say, in case you are not who you say you are :-)
On a more serious note, this demonstrates why I don't trust digital
signatures much. Unless this really *was* someone else masquerading as
Keith, what do I do? I've never seen a genuinely hacked download, to my
knowledge, but I *have* seen warnings and errors from invalid
signatures.
So ignoring signature errors is the correct approach, based on the
evidence I have encountered!
I'm not trying to argue the case, just to demonstrate how the world
looks
from the POV of security-naive people like me...
Paul.
Okay, I love what I can do with distutils in windows - i.e. create a binary
distribution of a module/package/etc
But I have a few questions:
If I write a script to generate all the details of the distribution - files
list, etc - how do I force the script to make it into a binary distro? Do I
modify the arguement list passed to the script to 'fake' that it was called
with this? Cos I may well just want to run a script and have that as default
behaviour.
I have seen that there is the facility to build extension modules into the
distro by actually building them from source - is it recommended to do it
this way - what about including pre-built extensions? I have tried adding
them to the 'data_files' option and it seems to work - although by default
they don't end up where I would expect. Has anyone else played with that?
I know you can change the bitmap displayed during the install but can you
change the icon that is displayed for the *.exe that is generated?
Well I think that is enough questions for now...
--
Phil
"Requirements - what are they I just hack something together that does what
I think they want" ;)
Subject: Your mail to kde-transl-request(a)chemia.polsl.gliwice.pl
In-Reply-To: <200402031751.i13HpTr30181(a)mer.chemia.polsl.gliwice.pl>, from distutils-sig(a)python.org
Reply-To: kde-transl-approval(a)chemia.polsl.gliwice.pl
This pre-recorded message is being sent in response to your recent
email to kde-transl-request(a)chemia.polsl.gliwice.pl
.
All routine administrative requests (including subscriptions and
unsubscriptions) concerning this mailing list are handled by an
automated server. Please read this message carefully to find the
information relevant to you.
SUBSCRIBING
===========
To subscribe to kde-transl, send the following in the body (not
the subject line) of an email message to "Majordomo(a)chemia.polsl.gliwice.pl
":
subscribe kde-transl
This will subscribe the account from which you send the message to
the kde-transl list.
If you wish to subscribe another address instead (such as a local
redistribution list), you can use a command of the form:
subscribe kde-transl other-address(a)your_site.your_net
UNSUBSCRIBING
=============
To unsubscribe from kde-transl, send the following in the body (not
the subject line) of an email message to "Majordomo(a)chemia.polsl.gliwice.pl
":
unsubscribe kde-transl
This will unsubscribe the account from which you send the message.
If you are subscribed with some other address, you'll have to send
a command of the following form instead:
unsubscribe kde-transl other-address(a)your_site.your_net
If you don't know what address you are subscribed with, you can send
the following command to see who else is on the list (assuming that
information isn't designated "private" by the owner of the list):
who kde-transl
If you want to search non-private lists at this server, you can do that
by sending a command like:
which string
This will return a list of all entries on all lists that contain "string".
HELP
====
To find out more about the automated server and the commands it
understands, send the following command to "Majordomo(a)chemia.polsl.gliwice.pl
":
help
If you feel you need to reach a human, send email to:
kde-transl-approval(a)chemia.polsl.gliwice.pl
From: M.-A. Lemburg [mailto:mal@egenix.com]
>> I'm not trying to argue the case, just to demonstrate how the
>> world looks from the POV of security-naive people like me...
> Perhaps distutils should simply start to add MD5 or SHA hash
> sums of the created archives to the meta-data which gets uploaded
> to e.g. PyPI. That way, the user can easily see whether a mirror
> has the correct packages or not. Better than nothing, I'd say,
> and easy to implement even without having to go through all the
> PKI stuff :-)
That sounds sensible. Everything needed is part of Python, no
requirements on the user, some level of check for those that
care. I can't see a downside...
Paul.
A virus was found in a message sent by this
account.
--- Scan information follows ---
Result: Virus Detected
Virus Name: W32.Novarg.A@mm
File Attachment: test.zip
Attachment Status: deleted
--- Original message information follows ---
From: distutils-sig(a)python.org
To: cduke(a)fvc.com
Date: Tue, 3 Feb 2004 04:25:54 +0100
Subject: test
Received: from python.org ([81.53.39.146])
by rollei.fvc.com (SAVSMTP 3.1.0.29) with SMTP id M2004020219292614959
for <cduke(a)fvc.com>; Mon, 02 Feb 2004 19:29:26 -0800
