Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Disable krunner's user site to avoid potential conflicts with user-installed packages #1962

Merged
merged 3 commits into from
Mar 22, 2024
Merged

fix: Disable krunner's user site to avoid potential conflicts with user-installed packages #1962

merged 3 commits into from
Mar 22, 2024

Conversation

achimnol
Copy link
Member

@achimnol achimnol commented Mar 22, 2024
edited
Loading

resolves #1959

This PR disables the user-site functionality for the krunner python commands to improve security and potential conflicts with the user-installed packages that may override some packages in the krunner.

Though, it does not disable it for the user-executed service-port apps that use the container's own Python runtime such as Jupyter notebooks (both the frontend server and the kernel processes). This is why I've put -s options individually instead of setting the PYTHONNOUSERSITE=1 environment variable which may propagate to all sub-processes.

Checklist: (if applicable)

  • Milestone metadata specifying the target backport version
  • Mention to the original issue

@achimnol achimnol added this to the 23.09 milestone Mar 22, 2024
@achimnol achimnol added type:bug Reports about that are not working comp:agent Related to Agent component urgency:3 Must be finished within a certain time frame. labels Mar 22, 2024
@achimnol achimnol self-assigned this Mar 22, 2024
@github-actions github-actions bot added the size:S 10~30 LoC label Mar 22, 2024
@achimnol
Copy link
Member Author

Tested the behavior as follows.

Without the "-s" flag (user-site enabled):
image

With the "-s" flag (user-site disabled):
image

@achimnol achimnol added this pull request to the merge queue Mar 22, 2024
Merged via the queue into main with commit 165a2d4 Mar 22, 2024
30 checks passed
@achimnol achimnol deleted the fix/disable-krunner-user-site branch March 22, 2024 22:43
achimnol added a commit that referenced this pull request Mar 22, 2024
@achimnol
fix: Disable krunner's user site to avoid potential conflicts with us…
87e9e9d 
…er-installed packages (#1962)

Backported-from: main (24.03)
Backported-to: 23.09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@achimnol achimnol

Labels
comp:agent Related to Agent component size:S 10~30 LoC type:bug Reports about that are not working urgency:3 Must be finished within a certain time frame.
Projects
None yet
Milestone
23.09
Development

Successfully merging this pull request may close these issues.

Disable user site packages (~/.local) for specific in-container Python components
1 participant
@achimnol