StriderCD global post install fails on bower access to $HOME/.config $HOME/.cache

Question

I am trying to work out the best way to install StriderCD globally. I installed node and npm via the global-enabled fork of nvm, and all paths are working fine for other builds, but none of them require a post install like this.

I've tried both sudo npm install -g strider and also just installing as root without sudo, but I always come across EACCESS errors on .config and .cache folders for bower in the post install step:

> strider@1.6.6 postinstall /usr/local/lib/node_modules/strider
> bower install --allow-root && npm run build

/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/mkdirp/index.js:89
                    throw err0;
                          ^
Error: EACCES, permission denied '/home/ubuntu/.config'

Installed as root, root does not have permissions for it's own $HOME dir, which is very strange unless bower is creating dirs and files with wrong permissions. Can anyone explain this:

> strider@1.6.6 postinstall /usr/local/lib/node_modules/strider
> bower install --allow-root && npm run build

/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/configstore/index.js:56
        throw err;
              ^
Error: EACCES, permission denied '/root/.config/configstore/bower-github.yml'
You don't have access to this file.

    at Error (native)
    at Object.fs.openSync (evalmachine.<anonymous>:500:18)
    at Object.fs.readFileSync (evalmachine.<anonymous>:352:15)
    at Object.create.all.get (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/configstore/index.js:34:29)
    at Object.Configstore (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/configstore/index.js:27:44)
    at readCachedConfig (/usr/local/lib/node_modules/strider/node_modules/bower/lib/config.js:22:23)
    at defaultConfig (/usr/local/lib/node_modules/strider/node_modules/bower/lib/config.js:11:24)
    at Object.<anonymous> (/usr/local/lib/node_modules/strider/node_modules/bower/lib/index.js:40:32)
    at Module._compile (module.js:460:26)
    at Object.Module._extensions..js (module.js:478:10)

Using sudo as ubuntu user and tried chmod -R 777 $HOME/.config I get the same thing on $HOME/.cache! Sigh.

> strider@1.6.6 postinstall /usr/local/lib/node_modules/strider
> bower install --allow-root && npm run build

bower                           EACCES EACCES, permission denied '/home/ubuntu/.cache/bower/registry/bower.herokuapp.com/lookup'

Stack trace:
Error: EACCES, permission denied '/home/ubuntu/.cache/bower/registry/bower.herokuapp.com/lookup'
    at Error (native)
    at Object.fs.mkdirSync (fs.js:747:18)
    at Function.sync (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/bower-registry-client/node_modules/mkdirp/index.js:55:12)
    at new Cache (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/bower-registry-client/lib/util/Cache.js:21:16)
    at RegistryClient.<anonymous> (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/bower-registry-client/lib/lookup.js:163:35)
    at Array.forEach (native)
    at RegistryClient.initCache (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/bower-registry-client/lib/lookup.js:150:34)
    at RegistryClient._initCache (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/bower-registry-client/Client.js:62:27)
    at new RegistryClient (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/bower-registry-client/Client.js:16:10)
    at new PackageRepository (/usr/local/lib/node_modules/strider/node_modules/bower/lib/core/PackageRepository.js:17:28)

Console trace:
Error
    at StandardRenderer.error (/usr/local/lib/node_modules/strider/node_modules/bower/lib/renderers/StandardRenderer.js:82:37)
    at Logger.<anonymous> (/usr/local/lib/node_modules/strider/node_modules/bower/bin/bower:110:22)
    at Logger.emit (events.js:107:17)
    at Logger.emit (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/bower-logger/lib/Logger.js:29:39)
    at /usr/local/lib/node_modules/strider/node_modules/bower/lib/commands/index.js:45:20
    at _rejected (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/q/q.js:844:24)
    at /usr/local/lib/node_modules/strider/node_modules/bower/node_modules/q/q.js:870:30
    at Promise.when (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/q/q.js:1122:31)
    at Promise.promise.promiseDispatch (/usr/local/lib/node_modules/strider/node_modules/bower/node_modules/q/q.js:788:41)
    at /usr/local/lib/node_modules/strider/node_modules/bower/node_modules/q/q.js:556:49
System info:
Bower version: 1.4.1
Node version: 0.12.4
OS: Linux 3.13.0-48-generic x64

Why does bower insist on using $HOME/.config when I'm using --global and also installing with sudo? Is there a way to map this to a different path and make permissions proper? And when I su root -l to install, why does root not have permission to access files or create dirs inside it's own $HOME and/or $HOME/.config? Very confusing.

This is on a brand new updated 14.04 LTS AWS instance. What is the root cause of this error and is it my setup causing the problem or bad config on bower's or Strider's part?

Answer 1

The permissions of your filesystem do seem strange and should be investigated and repaired.

That said, the important part of that first stack trace is configstore, a piece of machinery used to cache or persist data to the disk. Needless to say it will try to write to those locations. That is a place to start.

Permissions problems are called out in the FAQ of the newer conf module, although it doesn't seem to apply to Linux.

In configstore, the config is stored in ~/.config (which is mainly a Linux convention) on all systems, while conf stores config in the system default user config directory. The ~/.config directory, it turns out, often have an incorrect permission on macOS and Windows, which has caused a lot of grief for users.

Would switching to conf fix the problem? Maybe, maybe not. Couldn't hurt to file an issue. It's a pretty trivial replacement. And you could certainly hack around inside of your node_modules to verify whether that fixes it for you.

Both configstore and conf respect the XDG_CONFIG_HOME envrionment variable. However they read it at slightly different times, the former at module require() time, the latter when its class is instantiated.

We should also challenge the assumption of processes running as a specific user (root), since Node programs can process.setuid() and this is relatively common amongst command line tools.

I would modify the various node_modules files being run and sprinkle in some...

console.log('User:', process.getuid());
console.log('Group:', process.getgid());
console.log('Effective user:', process.geteuid());
console.log('Effective group:', process.getegid());

This is useful because either bower or npm may be downgrading permissions at an inconvenient time. Or perhaps something within the npm run build script is doing so.

If you see the users or groups changing throughout the lifecycle of the program, that is a high potential area for bugs. Carefully check that the users or groups printed have full access to the paths that failed. Depending on the precise activity that is going on, it may be necessary to have execute (x) permissions on parent directories going all the way up to the root of the filesystem.