To avoid environment and user dir influence. 'git am'able fix attached, let me know if you'd like me to push and build this for devel.
Created attachment 1343391 [details] macros.python*: Use -Es/-I to invoke python macro scriptlets To avoid environment and user dir influence.
Seems quite reasonable to me, but my schedule is packed and I won't have time to apply it today. Certainly Orion is welcome to do so if he has time.
Seems like a good idea to me. Please go ahead as I have no time.
Pushed but unable to build right now, I'll leave that to someone else to take care of.
Is there any actual behavior change compared to how the macros were utilized so far? Any use case where this might break something (or how it was broken before)?
There shouldn't be unless you somehow expected the environment to leak into the python calls. Since they're only extracting either versions or paths built into python, I can't think of any case where that would be useful.
Right. Regarding how it was broken before, here's one example: $ mkdir /tmp/distutils # touch /tmp/distutils/__init__.py ; echo $'def get_python_lib(*_):\n print("arbitrary code!")\n return ""' > /tmp/distutils/sysconfig.py $ PYTHONPATH=/tmp rpm -E %python_sitelib arbitrary code!
Oops, bad example, should have been "rpm -E %python2_sitelib" to reproduce the issue with this package. %python_sitelib comes from rpm itself (and has already been fixed in git master there).
python-rpm-macros-3-23.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-c877b9b704
python-rpm-macros-3-23.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-c877b9b704
python-rpm-macros-3-23.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.