./nodebb setup Permission denied
-
Using sudo/root when installing NodeBB is incompatible with running NodeBB from another user.
Don't use sudo when running
git clone
, when runningnpm i
, or when running any command involving./nodebb
. -
@wojciech-lisik said in ./nodebb setup Permission denied:
@pitaj if thats the case, than how on Earth installer is going to modify system files?
The setup process doesn't need to modify system files.
-
Installer puts
*.js
into/usr/
andls -alh /usr
givesroot:root
as an owner, so...... -
@wojciech-lisik what does what exactly? Every file created by NodeBB is purely relative to the installation directory (wherever you
git clone
d). -
As @pitaj is advocating, you should not be running or installing NodeBB as root.
As a root user (or using
sudo
), fix the permissions by running the followingchown -R myuser:myuser /path/to/nodebb
, replacingmyuser
and the path to NodeBB as necessary.Then drop out of root and resume setup
./nodebb setup
-
@julian Honestly, I wouldn't
chmod
, just delete and reinstall (or move) in a more appropriate location, and then adjust permissions (if still necessary).@Wojciech-Lisik You shouldn't install programs in
/usr/
, but rather something more like/usr/local/opt/
or, ideally, some subdirectory under your user's home directory (for development). If you're setting up a production server, you'd want to create some directory structure under/etc/
owned by a special, non-root user with the least privilege possible. Most of my setups follow the paradigm of storing server files hosted by NGINX under/usr/share/nginx/
and setting rwx privileges to the special user I set up only in that folder.You should never have to use
sudo
or the root login to install nodebb (or any other web software, for that matter), and doing so can be a huge security risk.Here's a neat Superuser answer that outlines what the intended usage of each folder in a *nix machine is for.
-
@bri said in ./nodebb setup Permission denied:
@julian Honestly, I wouldn't
chmod
, just delete and reinstall (or move) in a more appropriate location, and then adjust permissions (if still necessary).@Wojciech-Lisik You shouldn't install programs in
/usr/
, but rather something more like/usr/local/opt/
or, ideally, some subdirectory under your user's home directory (for development). If you're setting up a production server, you'd want to create some directory structure under/etc/
owned by a special, non-root user with the least privilege possible. Most of my setups follow the paradigm of storing server files hosted by NGINX under/usr/share/nginx/
and setting rwx privileges to the special user I set up only in that folder.You should never have to use
sudo
or the root login to install nodebb (or any other web software, for that matter), and doing so can be a huge security risk.Here's a neat Superuser answer that outlines what the intended usage of each folder in a *nix machine is for.
Nice write but really dont even try to teach me how things should be done in IT. I have setup 1k+ servers in my career and I really have indepth knowledge of how public-facing server should be architectured.
@julian @PitaJ and other wise-heads :: how installer is supposed to write sth to folder which access to is limited by permissions? The only way is to use
sudo
and change ownership of installed file/s aftewards. -
@wojciech-lisik said in ./nodebb setup Permission denied:
I really have indepth knowledge of how public-facing server should be architectured.
You obviously don’t. And now I fear for the customers of those 1k+ servers you’ve set up.
You don’t happen to work for Equifax, do you?
-
@bri said in ./nodebb setup Permission denied:
@wojciech-lisik said in ./nodebb setup Permission denied:
I really have indepth knowledge of how public-facing server should be architectured.
You obviously don’t. And now I fear for the customers of those 1k+ servers you’ve set up.
You don’t happen to work for Equifax, do you?
No, I dont work for Equifax.... I work for completely different company.
Nothing to fear about, trust me -
@julian and this is enough. Im done with any type of conversation with you.
In addition to this :: I will not contribute any of my asset (time/code/whatever you think I have) to NodeBB.