Elwinar

Minimalist by design

Changing the NodeJS global install directory

2016.01.09

When using NodeJS and NPM, one of the recurring problem is that installing globally a package requires one to use sudo. While it is strictly speaking a philosophy question, you shouldn’t allow arbitrary code to run with root privileges.

You may find some advice like this:

what, no sudo?

I strongly encourage you not to do package management with sudo! Packages can run arbitrary scripts, which makes sudoing a package manager command as safe as a chainsaw haircut. Sure, it’s fast and definitely going to cut through any obstacles, but you might actually want that obstacle to stay there.

I recommend doing this once instead:

sudo chown -R $USER /usr/local

That sets your user account as the owner of the /usr/local directory, so that you can just issue normal commands in there. Then you won’t ever have to use sudo when you install node or issue npm commands.

It’s much better this way. /usr/local is supposed to be the stuff you installed, after all.

Irk. This person obviously doesn’t understand how the system is conceived. Yes, /usr/local is for the stuff you installed. But oh mon dieu, why do you want to change its owner ? Irk. Irk. Irk irk irk. /usr is for stuff installed for users, by opposition to the system. It is not meant to be one user’s own special directory to put shit into. This is what ~ is for.

So, given that you are a conscious unix user, there is two solution for you:

  1. Use sudo. Well, installing a NPM, PIP, or any other language package manager is conceptually just another apt-get, pacman, etc. You can install arbitrary packages using those tools, this is not different. It is just a matter of trust.
  2. Install all this stuff locally. Here is what to do:
    1. Create a .npmrc into your ~ directory,
    2. Add the following configuration line into it:
      • prefix=~/.npm
      • cache=~/.npm/cache
    3. Add ~/.npm/bin into your path;

That solution is both more secure for your system because you don’t need sudo anymore to install things globally and better organized because you won’t bother other users with your packages.

Et voilĂ  !