[Pythonmac-SIG] Package Manager questions

Bob Ippolito bob at redivi.com
Wed Jun 9 17:15:43 EDT 2004 

On Jun 9, 2004, at 5:00 PM, Ronald Oussoren wrote:

>
> On 9-jun-04, at 22:32, Bob Ippolito wrote:
>
>>
>> On Jun 9, 2004, at 4:19 PM, Jack Jansen wrote:
>>
>>>
>>> On 9 Jun 2004, at 17:26, eichin at metacarta.com wrote:
>>>> "Problem with dependency: (WriteableBin): This package cannot be
>>>> installed automatically (no Download-URL field"
>>>
>>> As Bob already stated the problem here is the error message.
>>>
>>> The most user-friendly and technically correct error message would  
>>> be something like "The package you tried to install depends on  
>>> package "(WriteableBin)", and that is a package I cannot install  
>>> automatically for you (there is no Download-URL field for it).  
>>> Please select the "(WriteableBin)" package and read the description,  
>>> it should contain instructions on how to proceed".
>>>
>>> Does anyone have any suggestions for saying something equivalent to  
>>> this in a one- or two-line message box?
>>
>> How about a dialog box named "Authenticate" with the following text:
>>
>> PackageManager requires that you type your password.
>>
>> It would also have two fields, "Name" and "Password", with a  
>> disclosure triangle called "Details", that should show information  
>> such as:
>> 	Requested right: system.privilege.admin
>> 	Application:  
>> /System/Library/Frameworks/Python.framework/Versions/2.3/Resources/ 
>> Python.app
>>
>> Additionally, it would have two buttons, "OK" and "Cancel".
>>
>> What do you think?  ;)
>>
>> (yes, I know we need a different dialog for WxPython and TclTkAqua  
>> dependencies.. but it's retarded that we don't just fix this -- the  
>> most common problem -- the right way)
>
> IMHO the existance of (WriteableBin) is a bug in all packman databases  
> (*). We could easily arange to install scripts somewhere else (such as  
> /usr/local/bin, or /Applications/MacPython-2.3/Extras/bin). This can  
> be done using the '--install-scripts=' option of setup.py.
>
> (WriteableLib) and (WritableIncludes) are needed (sadly enough),  
> unless we install a modified version of distutils (see the mailinglist  
> archive for a method of patching distutils at runtime). While I do  
> think distutils should be modified to support multiple include/library  
> diretories, I do not think this problem is serious enough to  
> circumvent the usual procedures (e.g. we need to find someone who is  
> stupid enough to volunteer to write a pep and patch ;)
>
> That said, adding builtin support for (WriteableFOO) would solve some  
> problems and interfacing with SecurityServices is not very hard. The  
> major problem with these pseudo-packages is that they tell the user to  
> perform some "scary" actions, while the wxPython and TclTkAqua  
> dependencies can (and do) point to an installer which is much less  
> scary for a novice user.
>
> Adding generic support for executing arbitrary code as root would be  
> stupid.
>
> BTW. We don't need a different dialog for wxPython, your packaging of  
> pygame proves that you can install non-python packages through  
> packman. wxWidgets could be installed through packman, and wxPython is  
> just like any other random wrapper package (although you need a lot of  
> patience or a fast machine when you want to install from source).
>
> Ronald
>
> (*) The problem is in PackMan for 'source' packages, but there is no  
> such excuse for 'binary' packages.

Here's an excuse:  I'm too busy (or maybe lazy) to bother twiddling the  
setup.py flags ;)  I agree though, but I think we should also fix  
distutils while we're at it.  Since wxPython and TclTkAqua already  
provide .pkg installers, we should probably just exec the package  
installer tool (GUI or otherwise, I guess we could let the user choose)  
to install their packages, instead of reinventing wheels.  Perhaps  
maybe we should start using .pkg files as the standard way of doing  
things, and automating it behind the scenes?  We get nice receipts that  
way, and it makes our work a little bit more reusable for  
PackageManager haters :)

Is /usr/local/bin writable by admin by default?

What if the user is not an admin?

I wrapped Authorization almost 8 months ago, pretty much for this  
specific use case: http://undefined.org/python/#Authorization.

We could display the code that will be executed as root before it  
runs..  We already allow arbitrary admin-level code to execute without  
prompting "This package requires a script to...", which scares me more  
than asking for root and then doing something nasty; I'd be more pissed  
off if someone did rm -rf ~ than rm -rf /bin.  FWIW, the Installer just  
asks for admin access and then the .pkg scripts can do whatever they  
want without any real checks and balances after that point.

-bob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2357 bytes
Desc: not available
Url : http://mail.python.org/pipermail/pythonmac-sig/attachments/20040609/e60db977/smime-0001.bin

More information about the Pythonmac-SIG mailing list