`sudo servor --secure` throws `EACCES: permission denied`

[taylorgoolsby]

I'm trying to install the certs so that I won't see the "⚠️ Your connection is not private" screen.

I ran sudo npm i -g servor then sudo servor --secure, and it threw and error saying

(node:4316) UnhandledPromiseRejectionWarning: Error: EACCES: permission denied, uv_cwd
    at module.exports (/Users/me/.nvm/versions/node/v10.20.1/lib/node_modules/servor/servor.js:38:58)
    at process._tickCallback (internal/process/next_tick.js:68:7)
    at Function.Module.runMain (internal/modules/cjs/loader.js:834:11)
    at startup (internal/bootstrap/node.js:283:19)
    at bootstrapNodeJSCore (internal/bootstrap/node.js:623:3)
(node:4316) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 2)
(node:4316) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

I'm on macOS Catalina 10.15.5 (19F96). npm -v 6.14.4 node -v v10.20.1 servor 4.0.2

[lukejacksonn]

Hey 👋 this might be because it is trying to write to a global instance of servor. I tend not to install things globally so might not have tested this.

If you install servor locally in a project then repeat the same steps do you get the same result?

[taylorgoolsby]

Hi!

If I install it as a devDependency, and then run it from a script, like this: "start": "sudo servor --secure" Then I get this error:

(node:2708) UnhandledPromiseRejectionWarning: Error: spawnSync /bin/sh EACCES
    at Object.spawnSync (internal/child_process.js:1002:20)
    at spawnSync (child_process.js:614:24)
    at Object.execSync (child_process.js:661:13)
    at certify (/Users/me/proj/node_modules/servor/cli.js:12:28)
    at /Users/me/proj/node_modules/servor/cli.js:63:7
    at Object.<anonymous> (/Users/me/proj/node_modules/servor/cli.js:99:3)
    at Module._compile (internal/modules/cjs/loader.js:778:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:789:10)
    at Module.load (internal/modules/cjs/loader.js:653:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:593:12)
(node:2708) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:2708) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

[lukejacksonn]

Ok, that one is something to do with trying to run it as sudo through an npm script. To get this to work when using servor as a dev dependency you should:

1. Run npm i -D servor
2. Run sudo servor --secure directly in the terminal once, then kill the server

Now the credentials servor.key and servor.crt should exist in ./node_modules/servor so you should be able to just have this in your package.json scripts:

{
  "start": "servor --secure"
}

I feel like this process could be made more clear. Two things I can think of..

1. Write the generated credentials to the project root directory (rather than to node_modules)
2. When servør is ran as sudo then generate the credentials and exit the process with some messaging like "Credentials for https have been created and added to the trusted store. Please start the server again without sudo."

Do you have any thoughts or preferences here?