[Distutils] no access to resources unpacked as root
Phillip J. Eby
pje at telecommunity.com
Tue Jan 24 02:18:10 CET 2006
At 12:42 AM 1/24/2006 +0000, Matt Goodall wrote:
>The Twisted process starts up as root to open low ports, etc and then,
>once up and running, sheds privileges and continues to run as a normal
>user. Many of the resources that are buried in the eggs are located with
>resource_filename at module import time; some when the application is
>still running as root.
>
>The resources are unpacked from the egg into /root/.python-eggs/ and
>(correctly, I think) given 600 (rw-------) file access permissions. The
>problem is that the user the application ends up running as cannot access
>the unpacked resource files and fails with a PermissionDenied error.
>
>Now, I can move some uses of resource_filename to happens later but I
>don't think I can replace all of them without changing APIs.
>
>Has anyone else tackled this problem or can anyone offer any advice on how
>to avoid the problem in the first place?
The simplest approach is probably to mark the eggs as not zip-safe, or to
configure easy_install to install them unzipped.
More information about the Distutils-SIG
mailing list