Hide Forgot
Demonstration why this is strongly desired: $ LOCAL_PYLIB=~/.local/lib/python$(rpm -E '%{python_version}') $ mkdir -p "${LOCAL_PYLIB}/site-packages" $ touch "${LOCAL_PYLIB}/site-packages/commands.py" $ > "${LOCAL_PYLIB}/site-packages/commands_override.pth" cat <EOF import sys; sys.__plen = len(sys.path) . import sys; new=sys.path[sys.__plen:]; del sys.path[sys.__plen:]; p=getattr(sys,'__egginsert',0); sys.path[p:p]=new; sys.__egginsert = p+len(new) EOF $ pcs help > Traceback (most recent call last): > File "/usr/sbin/pcs", line 13, in <module> > import cluster > File "/usr/lib/python2.6/site-packages/pcs/cluster.py", line 21, in <module> > from subprocess import getstatusoutput > ImportError: cannot import name getstatusoutput This can be prevented with "-s" option to Python interpreter. Something similar can be achieved with PYTHONPATH et al. environment variable manipulation. This can be prevented with "-E" option to Python interpreter. Modified bits, regardless if on filesystem or in runtime (this case) are not supportable in principle, whether the modification is noticable or completely hidden (this case) --> make "pcs" run Python with "-Es" flags For inspiration see: https://pagure.io/clufter/91a2bd5d87952eabe767bb464c43ed2d40d80e33
Created attachment 1265359 [details] proposed fix Test: Added -Es flags to shebang in pcs executable: #!/usr/bin/python -Es
If I may suggest something, it's perhaps more forward-looking to use: > %{__python*} setup.py build --executable='%{__python*} -Es' unlike as with clufter which already uses setup.cfg heavily anyway. Note that this is also what Fedora's %py*_build packaging macros (also coming to RHEL 7.4, but it's likely not possible to use them, yet: [bug 1297522]) for Python utilize. (I would personally be interested in whether using this new form actually helps to overcome [bug 1353934] issue, see also [bug 1297522 comment 11].)
After Fix: [vm-rhel72-1 ~] $ rpm -q pcs pcs-0.9.157-1.el7.x86_64 [vm-rhel72-3 ~] $ which pcs /usr/sbin/pcs [vm-rhel72-3 ~] $ head -n1 $(which pcs) #!/usr/bin/python -Es
This change requires a test that the original reproducer does not cause the misbehavior and everything other works.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:1958