python包的正确权限

Question

I keep seeing this with python packages... a python package installs extra files. In the packaged tar, you get things like this:

-rw-r-----  1 schwehr eng     7 Sep  3 18:10 VERSION

for:

https://github.com/scrapy/scrapy/blob/master/scrapy/VERSION

Then when you python setup.py install as root into a managed environment (eg fink for MacOSX) that uses root permissions, this file gets owned by root and the permissions are preserved. Then the code run as a user is unable to access this file.

This project and other projects with the same issue (typically with the eggs portion of their install) use python setup.py sdist upload.

How are these projects supposed to build a tar that has the proper permissions so that all files are world readable? eg

wget https://pypi.python.org/packages/source/S/Scrapy/Scrapy-0.18.2.tar.gz#md5=14f105e2fdb047c666b944990e691389

tar tfvv Scrapy-0.18.2.tar.gz  | head
drwx------ buildbot/buildbot 0 2013-09-03 10:30 Scrapy-0.18.2/
-rw------- buildbot/buildbot 385 2013-09-03 10:27 Scrapy-0.18.2/MANIFEST.in
-rw------- buildbot/buildbot 140 2013-09-03 10:30 Scrapy-0.18.2/setup.cfg
drwx------ buildbot/buildbot   0 2013-09-03 10:30 Scrapy-0.18.2/bin/
-rw------- buildbot/buildbot 114 2013-09-03 10:27 Scrapy-0.18.2/bin/runtests.bat
-rwx------ buildbot/buildbot 1271 2013-09-03 10:27 Scrapy-0.18.2/bin/runtests.sh
-rwx------ buildbot/buildbot   68 2013-09-03 10:27 Scrapy-0.18.2/bin/scrapy
drwx------ buildbot/buildbot    0 2013-09-03 10:30 Scrapy-0.18.2/scrapy/
-rw------- buildbot/buildbot 2785 2013-09-03 10:27 Scrapy-0.18.2/scrapy/telnet.py
drwx------ buildbot/buildbot    0 2013-09-03 10:30 Scrapy-0.18.2/scrapy/commands/

See also: https://github.com/scrapy/scrapy/issues/377

Answer 1

It happens when sdist tarball is generated with a restrictive umask or when files were created without others/nobody read/execute permissions.

A simple workaround is to broak the umask bits and chmod files before tar'ing

umask 0022 && chmod -R a+rX . && python setup.py sdist upload