Avoid use of '/tmp' for pip operations

`ipa-run-tests` is not an entry_point script, so
pip during an installation of ipatests package checks
if the file path is executable. If not - just don't set
the executable permission bits.

pip's working directory defaults to /tmp/xxx.
Thus, if /tmp is mounted with noexec such scripts lose
their executable ability after an installation into
virtualenv. This was found on Travis +
freeipa/freeipa-test-runner:master-latest docker image.

Build directory of pip could be changed via env variable
PIP_BUILD, for example.

Fixes: https://pagure.io/freeipa/issue/8009
Signed-off-by: Stanislav Levin <slev@altlinux.org>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
This commit is contained in:
Stanislav Levin
2019-07-11 22:12:54 +03:00
committed by Alexander Bokovoy
parent a2d4e2a61f
commit c7500220c4
2 changed files with 18 additions and 6 deletions

View File

@@ -4,8 +4,9 @@ set -ex
FLAVOR="$1"
ENVPYTHON="$(realpath "$2")"
ENVSITEPACKAGESDIR="$(realpath "$3")"
# 3...end are package requirements
shift 3
ENVDIR="$4"
# 4...end are package requirements
shift 4
TOXINIDIR="$(cd "$(dirname "$0")" && pwd)"
@@ -25,10 +26,21 @@ if [ ! -f "${TOXINIDIR}/tox.ini" ]; then
exit 3
fi
if [ ! -d "${ENVDIR}" ]; then
echo "${ENVDIR}: no such directory"
exit 4
fi
# https://pip.pypa.io/en/stable/user_guide/#environment-variables
export PIP_CACHE_DIR="${TOXINIDIR}/.tox/cache"
mkdir -p "${PIP_CACHE_DIR}"
# /tmp could be mounted with noexec option.
# pip checks if path is executable and if not then doesn't set such
# permission bits
export PIP_BUILD="${ENVDIR}/pip_build"
rm -rf "${PIP_BUILD}"
DISTBUNDLE="${TOXINIDIR}/dist/bundle"
mkdir -p "${DISTBUNDLE}"

View File

@@ -8,7 +8,7 @@ skipsdist=true
# always re-create virtual env. A special install helper is used to configure,
# build and install packages.
recreate=True
install_command={toxinidir}/.tox-install.sh wheel_bundle {envpython} {envsitepackagesdir} {packages}
install_command={toxinidir}/.tox-install.sh wheel_bundle {envpython} {envsitepackagesdir} {envdir} {packages}
changedir={envdir}
setenv=
HOME={envtmpdir}
@@ -17,7 +17,7 @@ deps=
ipatests
commands=
{envbindir}/ipa --help
{envpython} -bb {envbindir}/ipa-run-tests --ipaclient-unittests --junitxml={envdir}/junit-{envname}.xml
{envbindir}/ipa-run-tests --junitxml={envdir}/junit-{envname}.xml {posargs:--ipaclient-unittests}
[testenv:pylint3]
basepython=python3
@@ -34,7 +34,7 @@ commands=
[testenv:pypi]
recreate=True
install_command={toxinidir}/.tox-install.sh pypi_packages {envpython} {envsitepackagesdir} {packages}
install_command={toxinidir}/.tox-install.sh pypi_packages {envpython} {envsitepackagesdir} {envdir} {packages}
changedir={envdir}
setenv=
HOME={envtmpdir}
@@ -46,7 +46,7 @@ deps=
ipaserver
ipatests
commands=
{envpython} -m pytest {toxinidir}/pypi/test_placeholder.py
{envpython} -m pytest {posargs:{toxinidir}/pypi/test_placeholder.py}
[pycodestyle]
# E402 module level import not at top of file