Chris Angelico wrote:
> On Thu, Sep 25, 2014 at 6:50 AM, Steve Dower <steve.do...@microsoft.com>
> wrote:
>> Donald Stufft wrote:
>>> One thing about *nix is even though you can’t write to your normal
>>> Python install location without root, invoking pip with permissions
>>> (assuming you have
>>> them) is as easy as prefacing it with ``sudo`` in most cases. Does
>>> Windows have an equivalent or do you need to launch a whole new shell?
>>
>> Unfortunately not. The "easy way" is for the executable to declare that it
> needs administrative privileges, and then the OS will take over and let you
> approve/reject/sign-in/etc. according to your settings.
>
> When you say the executable declares this, is that a static (compile/link
> time)
> declaration, or a run-time one? That is, could pip defer the declaration until
> it's parsed its command line args and decided that it'll be installing into
> the
> system directory, but NOT make that declaration if it's given --user, or if
> it's
> running inside a venv, or anything else that means it doesn't need that power?
> If so, that could actually be a very powerful feature: a user without admin
> privs (or choosing not to exercise them) is still able to install into a venv,
> but if s/he forgets to activate the venv, the "hey, I want to modify system
> files" prompt will be the alarm that says the situation is not what was
> expected. That's what happens on my Linux system - I get errors back if I
> don't
> use sudo, but in a venv, everything works without being root.
It's a compile time option (it's specified in the manifest you can embed into
an executable) but it is possible to explicitly launch a separate process with
the flag. Most programs that look like they can elevate on-demand are really
launching a background process to do the work - you can't change the user for a
process once it's started in Windows.
This process can obviously be the same one you started with (maybe with
different command line args), and the main observable difference is that you
get fewer access denied errors.
So yes, pip can certainly do this, and if it's already running elevated then it
shouldn't reprompt, but it's not entirely trivial to get this right ("are you
denied write access to that directory because you're not admin or because it's
on read-only media?") and it's considerably easier to try it, fail on access
issues, but provide a flag for the user to force elevation. "pip --sudo install
..." would be fine by me :)
Cheers,
Steve
> ChrisA
>
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
