Pip: /tmp/pip-build can't be shared by several linux users
A second bug related to the fixed temporary directory /tmp/pip-build.
This does not work if several linux-users use pip.
First user was modwork_egs_d and now the second user modwork_vums_dt tries to use pip:
modwork_vums_dt@workepdevel113:~$ pip install --user pep8
Downloading/unpacking pep8
Downloading pep8-1.3.3.tar.gz
Exception:
Traceback (most recent call last):
File "/usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg/pip/basecommand.py", line 107, in main
status = self.run(options, args)
File "/usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg/pip/commands/install.py", line 263, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg/pip/req.py", line 1032, in prepare_files
self.unpack_url(url, location, self.is_download)
File "/usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg/pip/req.py", line 1159, in unpack_url
retval = unpack_http_url(link, location, self.download_cache, self.download_dir)
File "/usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg/pip/download.py", line 481, in unpack_http_url
unpack_file(temp_location, location, content_type, link)
File "/usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg/pip/util.py", line 558, in unpack_file
untar_file(filename, location)
File "/usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg/pip/util.py", line 472, in untar_file
os.makedirs(location)
File "/usr/lib64/python2.6/os.py", line 157, in makedirs
mkdir(name, mode)
OSError: [Errno 13] Permission denied: '/tmp/pip-build/pep8'
Storing complete log in /home/modwork_vums_dt/.config/pip/pip.log
modwork_vums_dt@workepdevel113:~$ ls -l /tmp/pip-build/
-rw-r--r-- 1 modwork_egs_d modwork_egs_d 185 20. Nov 12:27 pip-delete-this-directory.txt
modwork_vums_dt@workepdevel113:~$ pip --version
pip 1.2.1.post1 from /usr/local/lib/python2.6/site-packages/pip-1.2.1.post1-py2.6.egg (python 2.6)
Related: #725
guettli
All 10 comments
I found a workaround:
export TMPDIR=$HOME/tmp
mkdir -p $TMPDIR
pip install --user ...
Just got bit by this as well. The workaround is fine, but the mode for /tmp/pip-build really should inherit /tmp's permissions.
chrismatta
on 18 Jan 2013
I use "export TMPDIR=$HOME/tmp" in my environment now. But fixing this would be nice.
guettli
on 21 Jan 2013
@chrismatta please explain which permissions from /tmp should be inherited. I don't think the sticky bit from /tmp should be used for the pip-build.
guettli
on 21 Jan 2013
@guiettli I guess it has to do with one's philosophy of what /tmp is for. Traditionally on linux /tmp has been scratch space where anyone can read and write to, so I don't see why making pip-build 0777 would be an issue.
We ran into this recently after multiple users were tyring to install modules into thier pythonbrew environmetns, which doesn't seem to set $TMPDIR, so pip uses the /tmp dir.
chrismatta
on 22 Jan 2013
If you can inject code from one user to the next it is a big security problem. But somehow nobody seems to care.
guettli
on 23 Jan 2013
@chrismatta as @guettli has mentioned out this would introduce a security flaw. What functionality would be provided by letting other users read and write to a given user's temporary pip-build directory (other than introducing a security flaw) ?
d1b
on 23 Jan 2013
So why use /tmp at all? Or maybe pip should use /tmp/pip-build-uid for each user. This is probably more a pythonbrew issue than a pip issue in reality.
chrismatta
on 23 Jan 2013
@chrismatta that is what this pull request does: os.path.join(tempfile.gettempdir(), 'pip-build-%s' % getpass.getuser())
guettli
on 24 Jan 2013
addressed in pull #780
qwcode
on 26 Jan 2013
Related issues
cjerdonek
路
3Comments
dstufft
路
3Comments
lululukas
路
3Comments
GregBorrelly
路
3Comments
imzi
路
3Comments
Most helpful comment
I found a workaround: