npm command - sudo or not?
Solution 1
It's possible (and advisable) to npm install -g
node modules without sudo
.
Check the permission of your /usr/local/share/npm/bin
folder. I had installed node and npm through brew (without sudo
) and that particular folder ended up being owned by root.
This fixed it for once and for all:
$ sudo chown $(whoami) /usr/local/share/npm/bin
(As for disallowing sudo
with npm: you'd have to tweak npm for that. Your own node code could make use of https://npmjs.org/package/sudo-block, npm install sudo-block
)
EDIT: even though this works, I no longer use -g
. Instead use prefix (see next answer), or better yet use NIX https://unix.stackexchange.com/a/381797 (even on OSX)
Solution 2
In my opinion is the cleanest way to specify the npm prefix:
npm config set prefix ~/.node_modules
And then to add the following to you .bash_profile
export PATH=$HOME/.node_modules/bin:$PATH
Now the packages will install into your user directory and no permissions will be harmend.
EDIT: If you can't install yeoman, create a bash file in one of your PATH directories named yodoctor with the following contents
#!/bin/bash
yo doctor
Make the file executable with
chmod +x yodoctor
And now you should be able to install yeoman.
Solution 3
You can also do:
sudo chown -R $USER /usr/local
and recursively change the files to your current user.
Solution 4
I have found this to be a better solution
sudo chown -R $USER /Users/$USER
This will just change the owner of your user to you and npm should be installed under your user on OS X. Everything that I have been reading says sudo for npm installs is bad and I would have to agree with them as you open yourself up to malicious scripts.
Related videos on Youtube
Comments
-
Kosmetika almost 2 years
Currently I always run
sudo npm install <package-name>
but as I understand it's not correct.I want to have opportunity not to use it as root/Administrator. I followed some advice and used this command
sudo chown -R <username> ~/.npm
but it won't work...for example, it's an output of my
npm install jade
... npm http 200 https://registry.npmjs.org/amdefine npm http GET https://registry.npmjs.org/amdefine/-/amdefine-0.0.5.tgz npm http 200 https://registry.npmjs.org/amdefine/-/amdefine-0.0.5.tgz npm ERR! Error: EACCES, symlink '../jade/bin/jade' npm ERR! { [Error: EACCES, symlink '../jade/bin/jade'] errno: 3, code: 'EACCES', path: '../jade/bin/jade' } npm ERR! npm ERR! Please try running this command again as root/Administrator.
as you see download started successfully but then failed..
I'm wondering what is the best way to disallow sudo on npm?
-
Yiling almost 9 yearsSee npm's recommended options to fix npm permission problem: https://docs.npmjs.com/getting-started/fixing-npm-permissions. This answer (from @febLey) is aligned with NPM's recommendations.
-
harvyS over 5 years-1 to answer, see LFH: /usr is shareable, read-only data. That means that /usr should be shareable between various FHS-compliant hosts and must not be written to. Any information that is host-specific or varies with time is stored elsewhere. Large software packages must not use a direct subdirectory under the /usr hierarchy.