(Python) Python installed with choco requires Administrator permission to modify, breaking pip.
Closed this issue · 4 comments
Checklist
- I have verified that this is the correct repository, and the package is maintained by the chocolatey-community user.
- I have verified that this is happening in the latest available version of the package.
Chocolatey Version
2.3.0
Chocolatey License
None
Package Version
All of them
Current Behaviour
When choco installs python it restricts modify permission to administators for the install directory. This means that pip is unable to properly manage packages and fails with
WARNING: Failed to write executable - trying to use .deleteme logic
ERROR: Could not install packages due to an OSError: [WinError 2]
The system cannot find the file specified: 'C:\\Python312\\Scripts\\isort.exe' -> 'C:\\Python312\\Scripts\\isort.exe.deleteme'
Relevant issue: https://github.com/pypa/pip/issues/9023
This appears to affect all versions of python.
Expected Behaviour
The Users permission level having sufficient privileges to modify the directories, so that pip can be run as user.
Steps To Reproduce
Download Python with chocolatey.
run pip install pylint
To fix manually change permission in the security tab of the property page of the python folder.
Afterwards it works. However a minor version update will break it again.
Environment
- Operating System: Microsoft Windows NT 10.0.22635.0
- PowerShell Version: 5.1.22621.4005
- Shell: PowerShellChocolatey Log
Not applicable.Anything else?
Probably the easiest way would be to ensure the directory has correct permissions inside the install script.
When choco installs python it restricts modify permission to administators for the install directory. This means that pip is unable to properly manage packages and fails with
This is intentional. As per the windows system permissions, system wide software changes should generally require administrator permissions.
You should be able to use pip to install system packages if you elevate the cmd window to administrator.
As an insecure workaround, use the /NoLockdown package parameter to not limit write permissions to administrators only.
https://community.chocolatey.org/packages/python313
The Users permission level having sufficient privileges to modify the directories, so that pip can be run as user.
A user without administrative permission should use the --user flag to install pip packages in their own user context.
pip 20.0 or newer (pypa/pip#7002) switches to --user automatically when system folders are not writable. In #2250, I fixed permissions for installed folders and files, so that the detection for --user works. The fix is included as part of Python 3.12.5. If you still get an error with that version, a verbose log may be useful.
I did get that on 3.12.5. How to get a log? Should it be a chocolatey log, or pip log?
A wild guess is that changes in #2250 do not work as expected, so chocolatey.log may be more useful. It's still good to collect command line outputs from pip --verbose install xxx, anyway.
To fix manually change permission in the security tab of the property page of the python folder.
I wonder if such manual changes can cause unexpected results. Did you try completely uninstall python 3.12, verify that C:\Python312 no longer exists and reinstall it?