MacOS – How to get correct file permissions from Macports pip installs

installmacosmacportspermissionpython

Macports sets up the ownership of its Python site-packages directory as root.wheel with world-readable permissions. Python packages instally via port install have the same

# ls -l -d /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages
drwxr-xr-x  151 root  wheel  5134 Mar  8 10:56 /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages

This of course prevents individual users from using pip install to add packages, which is just fine since that really ought to be done as root.

However, if one uses sudo or a root shell to pip install, the packages are installed by pip as readable only by root.wheel (740).

% sudo pip install BeautifulSoup
...
% ls -l -d   /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/BeautifulSoup.py
-rw-r-----  1 root  wheel  79567 Mar  8 11:09 /opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/BeautifulSoup.py

This precludes my user account from actually importing or using the package (*).

How can I get pip to always put reasonable permissions on installed packages?

Update (edit)

I have reworded the question to emphasize that it is about pip installs only. I would also like to emphasize here that the problem is not about needing write permission to the modules. The problem is that the modules are being installed without read permissions.

(*) A hack to fix it is to chmod a+rX the proper permissions (744/755) onto the newly installed package files

Update 2 (solution)

As suggested by both Mark and Ian, and confirmed in a quick test, this has to do with the umask for root. Here is the documentation on how to change /etc/sudoers for OSX. Note that it is not necessarily a good idea to change the umask for all sudo instances!

Best Answer

You can use virtualenv to create a local "copy" of the Python installation that's owned and easily manipulated by you. The advantage to using virtualenv is you can make many copies of the same version of Python, but with different versions of similar packages installed, and then switch between them with the virtualenv command line.

This lets you use different versions of libraries in different projects or incompatible libraries.

To install virtualenv:

sudo pip install virtualenv

And now you can use it yourself, without sudo, to create a virtual python owned by you:

mkdir -p ~/Development/mypythonproject
cd ~/Development/mypythonproject
virtualenv .venv
source .venv/bin/activate

For example:

IanCsiMac:~/Development/keybase-python |ruby-2.1.2| [git::develop]
> which python
/usr/local/bin/python

IanCsiMac:~/Development/keybase-python |ruby-2.1.2| [git::develop]
> source .venv/bin/activate

(.venv)
IanCsiMac:~/Development/keybase-python |ruby-2.1.2| [git::develop]
> which python
/Users/ian/code/keybase-python/.venv/bin/python

(.venv)
IanCsiMac:~/Development/keybase-python |ruby-2.1.2| [git::develop]
> deactivate

IanCsiMac:~/Development/keybase-python |ruby-2.1.2| [git::develop]
> which python
/usr/local/bin/python

You can virtualenv-install in your ~ directory if you want a default python that you control to be available at all times like so:

cd ~
virtualenv venv

And now you've got ~/venv/bin/pip available to you. You can modify your ~/.bash_profile and add:

source venv/bin/activate

Right at the end of it to have your virtualenv available by default in your shell.

Best Answer

Related Solutions

Rollback Python2.7 Installation

How to tell Firewall to allow incoming connections for Python running a specific script? (In this case: SickBeard)

Related Question