You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Aug 11, 2021. It is now read-only.
npm reports ENOENT on npm install postinstall errors when running as root
We all know that you shouldn't run npm is root on your local system.
What we don't all know is that apparently new versions of npm change the uid to 1001 and if you're running in a virtualized single-user environment, this causes postinstall scripts to break due to permission errors.
How
Apparently there's some uid fudging and whatnot inside of npm.
Steps to Reproduce
Spin up a single-user (root-only) virtual server.
Install node v12.16.2 (or earlier, but after v10.x for certain) via nodejs.org tarball
curl -sS https://webinstall.dev/node@v12 | bash
install a package that runs a pre, install, and/or post script
npm install --save @root/acme
> @root/acme@3.0.10 postinstall /root/srv/try-greenlock/node_modules/@root/acme
> node scripts/postinstall
sh: 1: node: Permission denied
npm WARN try-greenlock@1.0.0 No description
npm WARN try-greenlock@1.0.0 No repository field.
npm ERR! code ELIFECYCLE
npm ERR! syscall spawn
npm ERR! file sh
npm ERR! errno ENOENT
npm ERR! @root/acme@3.0.10 postinstall: `node scripts/postinstall`
npm ERR! spawn ENOENT
npm ERR!
npm ERR! Failed at the @root/acme@3.0.10 postinstall script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2020-04-24T23_10_59_381Z-debug.log
Expected Behavior
Either
return an error message sooner about being root and that not being allowed.
If you console.log(options) when running as root you can clearly see that the uid is set to 1001.
You can also clearly see that ENOENT is hard-coded as a best-effort guess as to what the error is, masking the actual error which I believe is due to selecting a non-existing user.
The text was updated successfully, but these errors were encountered:
coolaj86
changed the title
[BUG] npm reports ENOENT on postinstall errors when root
[BUG] npm falsely reports hard-coded ENOENT on postinstall errors when root
May 13, 2020
coolaj86
changed the title
[BUG] npm falsely reports hard-coded ENOENT on postinstall errors when root
[BUG] npm falsely reports hard-coded ENOENT as postinstall error when root
May 13, 2020
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
What / Why
How
Apparently there's some
uid
fudging and whatnot inside of npm.Steps to Reproduce
curl -sS https://webinstall.dev/node@v12 | bash
Expected Behavior
Either
root
and that not being allowed.ENOENT
uid
s in the first placeReferences
https://github.com/npm/npm-lifecycle/blob/latest/lib/spawn.js#L45
If you
console.log(options)
when running asroot
you can clearly see that theuid
is set to1001
.You can also clearly see that
ENOENT
is hard-coded as a best-effort guess as to what the error is, masking the actual error which I believe is due to selecting a non-existing user.The text was updated successfully, but these errors were encountered: