search

bpmn-io / bpmn-to-image

Convert BPMN 2.0 diagrams to PDF documents or PNG files.
62 stars 38 forks source link

Installing tool #6

Closed albfan closed 5 years ago

albfan commented 5 years ago

Running the suggested command to install leads to:

$ sudo npm install -g bpmn-to-image
/usr/bin/bpmn-to-image -> /usr/lib/node_modules/bpmn-to-image/cli.js
/usr/bin/npm -> /usr/lib/node_modules/npm/bin/npm-cli.js
/usr/bin/npx -> /usr/lib/node_modules/npm/bin/npx-cli.js

> puppeteer@1.16.0 install /usr/lib/node_modules/bpmn-to-image/node_modules/puppeteer
> node install.js

ERROR: Failed to download Chromium r656675! Set "PUPPETEER_SKIP_CHROMIUM_DOWNLOAD" env variable to skip download.
{ Error: EACCES: permission denied, mkdir '/usr/lib/node_modules/bpmn-to-image/node_modules/puppeteer/.local-chromium'
  -- ASYNC --
    at BrowserFetcher.<anonymous> (/usr/lib/node_modules/bpmn-to-image/node_modules/puppeteer/lib/helper.js:110:27)
    at Object.<anonymous> (/usr/lib/node_modules/bpmn-to-image/node_modules/puppeteer/install.js:64:16)
    at Module._compile (internal/modules/cjs/loader.js:816:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:827:10)
    at Module.load (internal/modules/cjs/loader.js:685:32)
    at Function.Module._load (internal/modules/cjs/loader.js:620:12)
    at Function.Module.runMain (internal/modules/cjs/loader.js:877:12)
    at internal/main/run_main_module.js:21:11
  errno: -13,
  code: 'EACCES',
  syscall: 'mkdir',
  path:
   '/usr/lib/node_modules/bpmn-to-image/node_modules/puppeteer/.local-chromium' }
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! puppeteer@1.16.0 install: `node install.js`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the puppeteer@1.16.0 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2019-05-14T16_11_34_141Z-debug.log

Using the unsafe-perm option it installs correctly:

sudo npm install -g bpmn-to-image --unsafe-perm=true
/usr/bin/bpmn-to-image -> /usr/lib/node_modules/bpmn-to-image/cli.js

> puppeteer@1.16.0 install /usr/lib/node_modules/bpmn-to-image/node_modules/puppeteer
> node install.js

Downloading Chromium r656675 - 110.2 Mb [====================] 100% 0.0s 
Chromium downloaded to /usr/lib/node_modules/bpmn-to-image/node_modules/puppeteer/.local-chromium/linux-656675
+ bpmn-to-image@0.3.1
added 116 packages from 56 contributors in 22.242s
$ npm --version
6.9.0
pinussilvestrus commented 5 years ago

Thanks for reporting!

What about setting the permissions for the global npm package install directory instead of setting the --unsafe-perm flag? This way we could avoid using sudo for global install. Cf. this example.

I'll close this issue since we're not going to change the default install command here. Disabling the need of sudo should be enough. Feel free to re-open if you have further findings.

albfan commented 5 years ago

This issue was about --unsafe-perm=true. Using sudo is not the problem here. I can do a:

$ sudo su -
# npm install bpmn-to-image

And still need that option to install correctly.

sudo is used because modules are installed on /usr/lib/node_modules with is owned by root (same as you do sudo pacman -S or sudo apt-get install) so any user on the distro can use it.

pinussilvestrus commented 5 years ago

I work on a Mac, but setting the permissions for global node_modules and the current user did the trick for me:

sudo chown -R $(whoami) /opt/local/lib/node_modules

Not sure about Ubuntu or other Linux distributions, but setting the permissions for the global install directory should follow to install the package globally without sudo, which made the error disappear in my case.

However, you can still use the --unsafe-perm=true, you're free to use whatever you want to on your local machine. But we simply don't want to commit this solution to our README instructions in an official manner.

albfan commented 5 years ago

You're changing the owner of a global directory to fix npm install. I understand that seems ok for you as the only user of your laptop. But that's a security hole. That user can install anything on npm and hack other users usage of npm.

So forget about sudo, imagine I log with root and have permissions to write everywhere, I still will need --unsafe-perm=true.

I'm ok if you close this issue, I was just reporting in case it helps anyone. The problem seems related with puppeteer and chromium, so it hits here by coincidence.