Is sudo supposed to be required for globally installed packages on OS X?

[domenic]

Several coworkers have downloaded the default Node.js install from nodejs.org, and can't install packages globally without using sudo. They're running Mac OS X.

We've been solving this by either: (1) chowning directories left and right; or (2) nuking their existing installation and telling them to use homebrew.

Is this intended behavior?

[mfncooper]

The default install probably puts things in /usr/local/bin, which means global installs will try to go there too, and yes, that usually requires sudo. The easiest way to handle this is to set the npm global prefix such that global installs will go somewhere else. (npm config set prefix /some/better/path -g) Make sure that the somewhere else is on the path, so that things will be found.

An alternative would be to have your coworkers use something like nvm, which will install in a writable location as well as let them easily switch between versions. (And it doesn't build Node any more, unless it has to.)

[isaacs]

Using sudo is fine. npm will not run arbitrary build scripts as root, if you're root -- it chown's the package dir to nobody and then runs scripts as nobody.

If packages do other non-gyp things in their install scripts, then they are broken. Complain to the authors.

If you really really need to run package scripts as root, then set the unsafe-perm config to true.

[edef1c]

@domenic I personally npm config set prefix ~/npm and have ~/npm/bin in my PATH.

[MattiSG]

From a user point of view, as it's global, i.e. it makes a command available to all users, it seems logical that admin access is required.

[luk-]

@MattiSG that's not necessarily true. the user on my machine I use for dev work can write to the directory without using sudo, and these commands can be ran by other users on the system if necessary due to how the executable permissions are set up. You don't need root-level permissions to allow a command to be executable to all users.