即使我以root身份运行，在npm安装过程中权限也被拒绝

Question

same as the title. I ran npm install as root but still getting permission error. what should I do? I never got into this type of situation. I tried chmod -R 777 * , chown nobody:nogroup -R * in the project folder but nothing has changed.

Here's the error

Error: Command failed: npm install http fs path passport passport-facebook express-session connect-redis redis express-param compression express-enforces-ssl helmet ms connect-multiparty passport-runkeeper underscore.string moment-timezone nodemailer-ses-transport stripe simple-onesignal sequelize underscore uuid strava-v3 multer sharp bluebird querystring node-libcurl  --save
    npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
    node-pre-gyp info it worked if it ends with ok
    node-pre-gyp verb cli [ '/usr/local/bin/node',
    node-pre-gyp verb cli   '/Users/philipyoonshin_spryfit/spryfit-node/node_modules/node-libcurl/node_modules/.bin/node-pre-gyp',
    node-pre-gyp verb cli   'install',
    node-pre-gyp verb cli   '--fallback-to-build' ]
    node-pre-gyp info using node-pre-gyp@0.6.36
    node-pre-gyp info using node@8.9.4 | darwin | x64
    node-pre-gyp verb command install []
    node-pre-gyp info check checked for "/Users/philipyoonshin_spryfit/spryfit-node/node_modules/node-libcurl/lib/binding/node_libcurl.node" (not found)
    node-pre-gyp http GET https://github.com/JCMais/node-libcurl/releases/download/v1.2.0/node_libcurl-v1.2.0-node-v57-darwin-x64.tar.gz
    node-pre-gyp http 200 https://github.com/JCMais/node-libcurl/releases/download/v1.2.0/node_libcurl-v1.2.0-node-v57-darwin-x64.tar.gz
    node-pre-gyp info install unpacking node_libcurl.node
    node-pre-gyp info tarball done parsing tarball
    node-pre-gyp info ok 
    gyp ERR! configure error 
    gyp ERR! stack Error: EACCES: permission denied, mkdir '/Users/philipyoonshin_spryfit/spryfit-node/node_modules/sharp/build'
    gyp ERR! System Darwin 17.3.0
    gyp ERR! command "/usr/local/bin/node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
    gyp ERR! cwd /Users/philipyoonshin_spryfit/spryfit-node/node_modules/sharp
    gyp ERR! node -v v8.9.4
    gyp ERR! node-gyp -v v3.6.2
    gyp ERR! not ok 
    npm ERR! code ELIFECYCLE
    npm ERR! errno 1
    npm ERR! sharp@0.18.4 install: `node-gyp rebuild`
    npm ERR! Exit status 1
    npm ERR! 
    npm ERR! Failed at the sharp@0.18.4 install script.
    npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

Answer 1

npm always run post-install scripts with a non-privileged users for security reason. So even if you ran the command with sudo , the install scripts will be ran as non-privileged.

This is for obvious security reason, if npm wasn't downgrading the permissions, this means you'd be giving full control of your machine to any npm packages - some of those who might be malicious.