Installation: It might be better to use nvm

[gabrielschulhof]

I have found that if I use the instructions at

https://github.com/tessel/t2-start/blame/gh-pages/install.md#L35

I end up having permission problems when I subsequently try to npm install t2-cli. It might be better to use

https://github.com/creationix/nvm#install-script

[Student007]

@gabrielschulhof I absolutely agree with you. I think it would be better to found the hole development of the t2 cli onto NVM in general at all operating systems (for that reason I created https://github.com/Student007/t2-reference-VMs for my own contribution to the Tessel-Project - but without NVM).

There is a basic problem with using NVM: The usb lib and global cli access needs root permissions (by default). The problem is NPM isn't able to switch permission what are needed while running npm install -g t2-cli (at the moment - I belief this will change in the future because CLI depending projects will become more important same as permission requirements). But today fixing this needs deep knowledge about the usb package and also platform scripting.

@Frijol I think we should add some notes about skill requirements if a contribution-easy badge is added. Here the requirements to get it done are knowledge about switching platform dependent things. But a good starting point would be Writing cross-platform Node.js.

[Student007]

related to https://github.com/tessel/t2-start/issues/57

[LinusU]

I don't think it's a good idea to recommend nvm, it's simply not our place to decide what the end user should use and it actually places more responsibility on us if we start doing that.

I use the system installed Node.js and it works perfectly fine. I think that the real problem here is how packages are handled on Linux. Global installations simply require root, that's a design decision and not a bug.

I believe the correct way to solve this is to run sudo npm install -g t2-cli on Linux, and on other platforms (Win & OS X) skip the sudo part. Sounds good?

[Student007]

I believe the correct way to solve this is to run sudo npm install -g t2-cli on Linux, and on other platforms (Win & OS X) skip the sudo part. Sounds good?

@LinusU :+1: Yes, the more no sudo the best.

Could you explain why this isn't possible for Linux - would it be possible to install the t2-cli in usermode ? In my opinion it should be possible technical. Especially Linux-Fans will not accept to install things as root if not reasonable explained why it is necessary. And my current feeling is it could be possible to make it without sudo because you can use USB and t2 commands as user without sudo.

[LinusU]

The only reason is because npm installs to /usr/local/... which is owned by root on Linux systems. Since Linux is a true multiuser system it makes it accessible to all users, meaning that anyone can run t2 .... That's why root is required, since it could potentially affect more than just the current user.

I don't know if npm has a way to install globally per user (e.g. to $HOME/.npm or something), but if we want to no require root on Linux, fixing it in npm is the way to go. This applies to any other cli app distributed with Node.js, e.g. gulp, mocha, trash, etc...

[Student007]

@LinusU is there no easy way to provide the ability to require each user to install t2-cli themself without sudo ? I belief because of the targeted group of customers this would be reasonable (Linux users are paranoids). So I would :+1: for adding a t2 start document entry about how to install `t2-cli wihtout sudo but only for the current user. I think we also should make a difference about NVM for Windows or no Windows. I think about something like second option to install as a sub-link in the docs.

That way it would not confuse people going the basic standard way but also provides more information about what is possible and what isn't.

About changing NPM you are absolutely right - that is no option.

[johnnyman727]

I think adding sudo to the npm install for the Linux tab is reasonable and anyone who is using Linux and is interested in Tessel has likely used Node before and thus is not worried about any security issues with using npm as root.

[LinusU]

@johnnyman727 I agree, also, people are used to running package managers as root (e.g. sudo apt-get ...) so I don't think it will be that strange that npm runs with sudo.

[johnnyman727]

+1

[Student007]

-1 ... do not agree.

The reason is, root permissions are only necessary for node apps what will use low port numbers same as system services. Of cause basic linux users would accept to install a node module as root, but advanced users would ask questions. And my suggestion is to explain how to install without requiring sudo. I do not ask for no sudo for first way :smile:

[johnnyman727]

@Student007 this guide is meant to make getting started with Tessel as easy and fast as possible for as many people as possible. Having too much instruction can be just as much of a cognitive load as too few instructions.

I see where you're coming from but I think if advanced users are wary of using root, they probably already know how (or how how to Google) an alternative way.

[LinusU]

@Student007 Using root is only necessary for installing, not for actually running. I would actually argue that this is the correct way of installing, since you want to make the command available to all users of the machine (which most often is only one thought).

I don't think that advanced users will think it's weird. sudo is always required when installing things, you can't use apt-get, yum, etc. without it. This is a design decision of the Linux operating system.

I personally would prefer to install things on the personal account, under /home/linus. But that requires a lot of shoehorning, and messing with environmental variables just to get things working. It's a nice pattern, but it's not how the current dists are made to work.

This is how it works for every other npm distributed command line tool. npm install -g simply requires root on Linux.

About changing NPM you are absolutely right - that is no option.

I actually meant the other way around, if you really want to be able to install stuff without root than we need to fix it in npm. It's probably already possible by overriding some environmental variables to get npm to install things under your home directory instead.

That being said, I don't think that it's up to us to provide those instructions. At the very most we could link to some page somewhere explaining how it could work. But we are really shoehorning here. If you don't want t2 installed globally (with sudo) than you probably don't want node and npm installed globally.

[Student007]

At the very most we could link to some page somewhere explaining how it could work. :+1:

[jverne]

All good points regarding nvm and installing as a privileged user. I just want to jump in and suggest that one of the compromises we can make if we have to support a Homebrew style writeable /usr/local for global npm support is to make it writable for the "admin" group, but still owned by a privileged user.

This is somewhat compliant with both POSIX desires, and the need for things like Homebrew and npm to own things there. This also means you can login as a different user, and as long as that user is a member of admin, it should work for them, as well. I recall Homebrew already does this, but I don't use brew, so someone can correct me if this is not the case.

But, like I said, this "should" work. I have not tried it, but I'm not sure how the default umask setting for admin users would play with this. This might be a non-starter without umask changes. In which case, ignore this comment.

[LinusU]

I just want to jump in and suggest that one of the compromises we can make if we have to support a Homebrew style writeable /usr/local for global npm support is to make it writable for the "admin" group, but still owned by a privileged user.

We can't really do anything about it on our end though since that would be up to homebrew?

[jverne]

It would be up to whatever state /usr/local is in, which is not controllable by anyone here, but is relevant for the purposes of having a start page that works. This is not specific to Homebrew. Homebrew often precipitates the problem, though.

If the intention is to have, or suggest in the start page, a writable /usr/local (which looks like the only option for installing t2-cli without nvm, as "sudo" seems to fail miserably) then also recommending group ownership instead of user ownership may be a cleaner workaround.

[rwaldron]

@LinusU just reading this now...

I agree, also, people are used to running package managers as root (e.g. sudo apt-get ...) so I don't think it will be that strange that npm runs with sudo.

That's really compelling, I will use this argument in the future :)

[johnnyman727]

Just want to note that we'll be covering the topic of updating the installation procedures at the Steering Committee next week (Tuesday). If anyone has any more opinions, add them now!

[Frijol]

relevant: this thread https://twitter.com/ag_dubs/status/750436509946417152