On Apr 07, 2014, at 03:36 PM, Matthias Klose wrote: >Am 07.04.2014 15:27, schrieb Barry Warsaw: >> If you sudo -m ensurepip, you will get things installed into >> /usr/lib/python3/dist-packages. That's unfortunate, but it seems like you >> have to willfully try to break your system in order to do that. > >yes, and this is exactly the thing to avoid. The default behaviour must not >install into /usr/lib/python3/dist-packages by default. This is not >unfortunate, this is broken.
Here's a patch.
=== added file 'debian/patches/ensurepip.diff'
--- debian/patches/ensurepip.diff 1970-01-01 00:00:00 +0000
+++ debian/patches/ensurepip.diff 2014-04-07 21:42:48 +0000
@@ -0,0 +1,24 @@
+--- a/Lib/ensurepip/__main__.py
++++ b/Lib/ensurepip/__main__.py
+@@ -1,4 +1,20 @@
++import os
++import sys
+ import ensurepip
+
+ if __name__ == "__main__":
+- ensurepip._main()
++ # We do not want to allow ensurepip to muck with system Python path
++ # /usr/lib since this is Debian's responsibility. Specifically disallow
++ # `sudo python3 -m ensurepip` when not in a virtual environment.
++ if sys.prefix == sys.base_prefix and os.geteuid() == 0:
++ try:
++ import pip
++ except ImportError:
++ raise Exception("""\
++Please ask the administrator to install the python3-pip package, or you
++can install it yourself with `sudo apt-get install python3-pip`. installing
++packages system-wide using pip is considered harmful. If you decide to do
++this anyway, please do not report Python related bugs in the Debian bug
++tracker.""")
++ else:
++ ensurepip._main()
=== modified file 'debian/patches/series.in'
--- debian/patches/series.in 2014-03-22 13:39:34 +0000
+++ debian/patches/series.in 2014-04-07 23:51:30 +0000
@@ -53,3 +53,4 @@
kfreebsd-testsuite.diff
multiarch-extname.diff
tempfile-minimal.diff
+ensurepip.diff
signature.asc
Description: PGP signature
