puppet-nodejs
puppet-nodejs copied to clipboard
voxpupuli
Installing as non-root user does not work (access denied)
Affected Puppet, Ruby, OS and module versions/distributions
- Puppet: 4.8.0
- Ruby: 2.1.9p490
- Distribution: within Docker Centos 7 image
- Module version: latest
How to reproduce (e.g Puppet code you use)
nodejs::npm { "install ${service_name} npm packages as user ${service_user}":
ensure => 'present',
user => $service_user,
source => "/home/${service_user}/${service_name}/src/static/package.json",
target => "/home/${service_user}/${service_name}/src/static",
require => Class['nodejs'],
}
What are you seeing
The process is trying to access /root/.npm while it is running as a different user:
e.g. part of the log: npm ERR! { Error: EACCES: permission denied, mkdir '/root/.npm'
What behaviour did you expect instead
I expected that the process was not trying to use anything inside the root dir. When I run npm install in the source directory as that $service_user it works.
Output log
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! addLocal Could not install /home/clariah/wp5_mediasuite/src/static/package.json
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! Linux 4.9.36-moby
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! argv "/usr/bin/node" "/usr/bin/npm" "install" "/home/clariah/wp5_mediasuite/src/static/package.json"
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! node v6.10.3
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! npm v3.10.10
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! path /root/.npm
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! code EACCES
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! errno -13
Notice: /Stage[main]/Rd_infra_service::Implementation::Media_suite/Rd_infra_service::Resource::Service[wp5_mediasuite]/Rd_infra_service::Resource::Webclient[wp5_mediasuite]/Nodejs::Npm[install wp5_mediasuite npm packages as user clariah]/Exec[npm_install_install wp5_mediasuite npm packages as user clariah]/returns: npm ERR! syscall mkdir
erratum: I actually use /home/${service_user}/${service_name}/src/static/ for the source parameter. The one I posted with /home/${service_user}/${service_name}/src/static/package.json was a desperate attempt to make it work.
Also: when I run as root (leaving out the user param) it does work, but then I have to chown the entire node_modules dir with the $service_user, which takes quite long and should be unnecessary.
@jblom Is this still an issue with the latest version of this module/Puppet/Ruby?
after upgrading the module to 3.1.0, the problem still persists. Later I can try upgrading Puppet/Ruby
btw: I have Puppet 4.10.4 on RHEL 7.3 (Maipo)
(this is the production server. So it does not work in the Centos container as well as on a VM with RHEL 7.3)
Any idea what could be wrong?
+1
This is because the npm manifest has a 'home_dir' parameter that is set to '/root' by default. This is then used to set
environment => "HOME=${home_dir}",
Not sure why this is set, if you comment it out, it uses ~/.npm by default. It could possibly only be set if specified?
Otherwise you can set home_dir in your nodejs::npm resource to override.
@fnoop wow super thanks! This works now (the user in combination with the home_dir param):
#This finally works (installing to the service user instead of root)
nodejs::npm { "install ${service_name} npm packages as user ${service_user}":
ensure => 'present',
user => $service_user,
source => "/home/${service_user}/${service_name}/src/static",
target => "/home/${service_user}/${service_name}/src/static",
use_package_json => true,
home_dir => '~/.npm',
subscribe => File["/home/${service_user}/${service_name}/src/static/package.json"],
}
Great! Be careful using ~ in home_dir, you might find that you've actually got ~/~/.npm now.
@fnoop thanks again, you're right. I've changed it to:
home_dir => "/home/${service_user}/.npm",
which avoids that possibility. Now I can actually find the .npm dir in /home/${service_user}
@fnoop @jblom Should there be code changes to make behaviour more flexible/intuitive? Would additional docs help?
@juniorsysadmin at the very least the docs should include that: if you use:
user => 'yourownuser' you need to include home_dir => /home/yourownuser/.npm
Code wise you could hardwire that if the user param is used for a non-root user, by default the home_dir is set properly.
What do you guys think?
@jblom Could you submit a pull request for the README update? That will certainly help others in the future avoid having to figure this out again.
I'm trying to manage node-sass with this module, and a home_dir parameter would make this a little smoother. This particular package just CANT be installed as root, at least in ubuntu. The permissions break down.
Looks like this readme never did get updated and people are still having this issue.
