conda环境有访问系统模块,如何防止?

2022-01-10 00:00:00 python conda anaconda

问题描述

我注意到,当我使用 conda 创建新环境时,我可以在该环境中导入未安装的 python 模块.

I noticed that when I create a new enviornment with conda, I can import python modules in that environment that were NOT installed there.

以 keras 为例:虽然模块不在那个环境中:

Example with keras: Although the module is NOT in that enviornment:

(py2) user@user-Precision-7920-Tower:~$ conda list keras
# packages in environment at /home/user/anaconda3/envs/py2:
#
# Name                    Version                   Build  Channel

我仍然可以导入它,显然是从系统(用户)安装,在 conda 之外!

I can still import it, apparently from the system (user) install, outside conda!

(py2) user@user-Precision-7920-Tower:~$ python
Python 2.7.15 | packaged by conda-forge | (default, Mar  5 2020, 14:56:06) 
[GCC 7.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.

>>> import keras
Using TensorFlow backend.
>>> keras.__file__
'/home/user/.local/lib/python2.7/site-packages/keras/__init__.pyc'

其实conda里面的python是可以访问非conda路径的!

In fact, python inside conda has access to non-conda paths!

>>> import sys
>>> 
>>> sys.stdout.write("
".join(sys.path))

/home/user/anaconda3/envs/py2/lib/python27.zip
/home/user/anaconda3/envs/py2/lib/python2.7
/home/user/anaconda3/envs/py2/lib/python2.7/plat-linux2
/home/user/anaconda3/envs/py2/lib/python2.7/lib-tk
/home/user/anaconda3/envs/py2/lib/python2.7/lib-old
/home/user/anaconda3/envs/py2/lib/python2.7/lib-dynload
/home/user/.local/lib/python2.7/site-packages               <-- 
/home/user/anaconda3/envs/py2/lib/python2.7/site-packages>>> 

Conda 应该保持隔离.这条路是怎么走到这里的,如何避免这种情况发生?

Conda is supposed to keep things isolated. How did this path endd up in here, and how to avoid this from happening?

更新:

我的用户级 python 是 2.7,我注意到当我使用 python 2.7 创建新的 conda 环境时总是会发生这种行为,这只是自动将 .local/lib/python2.7/site-packages 添加到 PYTHONPATH.

My user-level python is 2.7, and I noticed this behavior always happen when I create a new conda environment with python 2.7, this just automatically adds the .local/lib/python2.7/site-packages to PYTHONPATH.

如果我使用 python3.x 创建新的 conda 环境,则不会发生这种情况.

If I create new conda environments with python3.x , this does not happen.

这是否意味着不能为与用户级 python 相同的 python 版本创建单独的隔离 conda 环境?

Does this mean that one cannot create a separate isolated conda environment for the same python version as the user-level python?


解决方案

除了 @VikashB 提到的之外,这些可能是使用 pip install --user 安装的软件包造成的.正如@TimRoberts 在评论中提到的那样,填充 sys.path 变量的 site 模块会搜索像 ~/.local/lib/python* 这样的路径/site-packages 默认情况下.

In addition to what @VikashB mentioned, these can result from packages installed with pip install --user. As @TimRoberts alluded to in the comments, the site module, which populates the sys.path variable, searches paths like ~/.local/lib/python*/site-packages by default.

如果您出于某种原因需要保留这些包,则需要将它们移动到非默认位置,以便 site 模块找不到它们.例如,

If you need to keep these packages for some reason, you'll need to move them to a non-default location so the site module doesn't find them. For example,

mkdir ~/.local/lib/py_backup
mv ~/.local/lib/python* ~/.local/lib/py_backup

这将有效地隐藏它们,如果需要,它们仍然可以通过 PYTHONPATH 使用.

This will effectively hide them, and they could still be used through PYTHONPATH if necessary.

否则,只需删除它们,即,

Otherwise, just remove them, i.e.,

rm -r ~/.local/lib/python*

作为参考,不鼓励 Conda 用户使用 --user 标志guide/tasks/manage-environments.html#pip-in-env" rel="nofollow noreferrer">Conda 文档.Conda 环境假设环境完全隔离,因此 OP 报告等泄漏可能导致未定义的行为.

For reference, Conda users are discouraged from using the --user flag in the Conda documentation. Conda environments assume full isolation of environments, so leakage such as OP reports can lead to undefined behavior.

相关文章