-
-
Notifications
You must be signed in to change notification settings - Fork 8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
alias node for sudoers #43
Comments
Very neat idea. I don't want to add it to my nvm repo since it's a little invasive, but it's not hard for someone who wants to customize their environment. I usually just source the nvm.sh file as root after running "sudo su" or modify root's .bashrc. I want more than just node when I run sudo and this way I get everything in the $NVM_BIN folder. |
You are right, it might be a bit invasive and probably shouldn't be active in the release, but maybe just have it posted here or somewhere in future docs, so that people could find it easy. It took me a bit to figure this out, so probably this could save some time for others. Modifying root's bashrc wasn't an option for my case, since we had a set-up with several users, each with its own node/nvm, and wanted to allow quick running through sudo (sudo node app_name), where necessary. |
This is fantastic, I made the changes and it works like a charm. What if I wanted to do something like I am able to do that with other tools (I remember that forever never had an issue with it), however in my nvm-ized environment, I get Any help would be much appreciated! |
Does "nvm install" need sudo to run error-free? |
@zakdances no, nvm installs node into a local folder inside your git clone of the nvm repo. Unless your user doesn't have write access to your own clone, then it should work fine without sudo. In fact, using sudo can break things since it creates files as the root user. |
Hm, just stumbled upon this one when trying to install grunt globally. Like @mpotra suggested, I had to also alias So that means that not a single node package intended for global availablity can be installed when using nvm by default, right? That should make quite some users having this scenario, I imagine. How about inventing a special nvm mode so the aliases only get activated when users explicitly enter that mode? |
This seems common enough that it should be added to the readme. |
Yes, needing sudo on *nix systtems is very common. As a suggestion, you could try a solution similar to what ruby version manager does http://rvm.io/integration/sudo |
I was just told in the git mailing list that you should only very rarely use sudo. But I see it all the time. Too many opinions about it. |
Using |
If anyone is looking for an easy way to install nvm globally: https://github.com/xtuple/nvm |
There is no need to install node with sudo once you give the |
+1 for nvmsudo solution proposed by @treehau5 |
+1 for @koenpunt point on group access. |
I'm not sure I agree with "reasonable"...more like "endemic".
With this, I agree.
I disagree with it's usage; but, to each their own. |
My use case is to be able to easily upgrade my system-wide services, running on nodejs, in the case of patch/security releases, and for those to be compatible with Travis-CI, which uses I guess the real problem is the generally crappy package manager support that node.js enjoys from most OS vendors. |
Well, to be fair, every other language has to deal with those same crappy OS package managers. Actually, some are quite good, but the problem is maintenance. Sometimes you want 0.11.11 but good luck finding an OS packager maintainer that can (or will) keep up with that pace.
Maybe someone else can chime in...I don't have a good answer because I don't tend toward this particular workflow. Today, I use docker (i.e. LXC container)...before docker existed, I would use VMs. With docker, nvm isn't really needed. You just spin up a container with the exact version you care about. I tend to use nvm on my dev machine, installed via homebrew and install nodes into my local user directory; where sudo is never needed. |
Setting this in alias sudo='sudo env PATH=$PATH:$NVM_BIN' It's part of the nvm installation in vagrant: Vagrantfile config.vm.provision :shell, path: "vagrant/nodejs.sh", privileged: false vagrant/nodejs.sh sudo su vagrant -c "wget -qO- https://raw.githubusercontent.com/creationix/nvm/v0.26.1/install.sh | bash"
echo "
source /home/vagrant/.nvm/nvm.sh
alias sudo='sudo env PATH=\$PATH:\$NVM_BIN'
" >> /home/vagrant/.profile
export NVM_DIR="/home/vagrant/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"
nvm install stable
nvm alias default stable Now I can do |
Thank you @gagle, that was the best solution I found. |
I like the solution pointed at this stackoverflow given by Digital Ocean. It solves the sudo problem and makes it easy to update root versions when needed. |
You shouldn't need |
@gagle for some reason NVM_BIN is not set at a time when ~/.profile is being executed. alias sudo='sudo env PATH=$PATH:$NVM_BIN' to ~/.bashrc after nvm.sh execution |
I believe the entire point of nvm was to make switching/using node easy and avoid these kinds of shenanigans of manually editing certain files for certain users and walking counter-clockwise during a full moon. Rightly or wrongly a lot of node tools/modules REQUIRE being installed globally. Can we please have a global install option when installing nvm? |
@mightypenguin |
So even if I wrote the code to make this cleanly possible there is no way you would consider pulling my changes? |
@mightypenguin i'd be happy to take a look at it, but I'm very skeptical it could be cleanly possible due to all the permissions issues within nvm-managed node dirs. |
@tetreault you should never use |
I believe |
on debian (or ubuntu) based sytem in addition to setting the alias as @mpotra said you might need to run |
authbind is great and all, but what about things like raw-socket? I use net-ping which pulls in raw-socket which can only work as root. Would some libcap thing work to bypass the "haxor crafty packet injection" usermode block? |
"can only work as root" seems like a reason to not use a piece of software, tbh. |
So it appears that setting the CAP_NET_RAW for the node executable will open just a big enough hole for raw-socket to operate without root, maybe, but I"m skeptical (untested because I'm running it as root because I'm not paranoid).
"Microsoft" is also a reason not to use a piece of software, but lots of poor souls use that, because they have no choice. I'd love to go fix everyone elses' software but sometimes you just need root to solve headaches and get it working NOW and in ALL CASES ensured. And if it's just plain simpler to run as root and I accept the ramifications of doing so, it should be trivial. Maybe even a supported method to drop privs (like Apache httpd does?) so the whole process doesn't have to run as root (just the socket thread). And anyway this applet literally can't be exploited / never heard of a privilege escalation problem with Node.js / why be so paranoid when it is clearly unnecessary? Best practice is not the only practice and it's never best for every use case... such as on a VM where yippee you got root and can't do anything, gg hacker bruh. |
At any rate, the way npm works is beyond the scope of this repo. If you want |
|
I wanted to run some old-legacy sdk. This
As suggested I switched to sudo:
Then I read nvm.sh for current user (e.g.
After this I have
|
Here is an ad-hoc workaround you may want to use to run commands temporarily: $ sudo PATH=$PATH bash -c "node ..." For instance: $ sudo PATH=$PATH bash -c "which node npm pnpm"
/home/alex/.nvm/versions/node/v13.10.1/bin/node
/home/alex/.nvm/versions/node/v13.10.1/bin/npm
/home/alex/.nvm/versions/node/v13.10.1/bin/pnpm |
Source - https://stackoverflow.com/questions/21215059/cant-use-nvm-from-root-or-sudo |
Ah this was really a pain as I thought the issue was with my script and wasted a few hours on it 😪 |
When sudoing node, 'command not found' is issued, because on most systems PATH is reset on sudo, for security reasons.
This makes 'sudo node' not work anymore.
Simply adding the following line at the end of the nvm.sh script, would fix it:
alias node='$NVM_BIN/node'
//possibly adding an alias for npm as well?
This assumes .bashrc for user contains these 3 lines:
. ~/.nvm/nvm.sh
enable aliases in sudo
alias sudo='sudo '
The text was updated successfully, but these errors were encountered: