NPM modules won't install globally without sudo
Ubuntu 12.04 and using Chris Lea's PPA for install the following works for me:
npm config set prefix '~/.npm-packages'
and adding $HOME/.npm-packages/bin to $PATH
append to .bashrc
export PATH="$PATH:$HOME/.npm-packages/bin"
see https://stackoverflow.com/a/18277225 from @passy
If you already have $HOME/bin in your path, a simpler solution is just ...
npm config set prefix ~
- New node commands will now install into your
$HOME/bindirectory. - No need to change your path!
Since this discussion is really about reducing the security risks of running sudo, you should also be aware that any node app could potentially be installing an app name that does not match the registered node package name you think you're installing. So there is a security risk that an npm install will replace an existing system command or one you already have in $HOME/bin. If you're concerned, check the bin, and scripts properties in the package.json file of the app you're installing first.
In general, it's safest to:
- (a) Place
$HOME/binlast in your path so system commands are not superseded. - (b) don't include "." or any relative path in your
$PATHso you don't accidentally run a command that happens to be in the current directory.
Reference:
- package.json properties
- npm install
- NodeJS security vulnerabilities: nodesecurity.io.
As for October 2014:
Node.js is available from the NodeSource Debian and Ubuntu binary distributions repository.
curl -sL https://deb.nodesource.com/setup | sudo bash -
sudo apt-get install -y nodejs
That's it.
Outdated answer:
The fastest way without using sudo is like described here by isaac
I strongly encourage you not to do package management with sudo! Packages can run arbitrary scripts, which makes sudoing a package manager command as safe as a chainsaw haircut. Sure, it's fast and definitely going to cut through any obstacles, but you might actually want that obstacle to stay there.
I recommend doing this once instead:
sudo chown -R $USER /usr/local
EDIT:
There are certain security concerns and functionality limitations regarding changing the ownership of /usr/local to the current user:
- if there is another user on the machine who could use global npm packages - do not change the ownership of /usr/local
- https://apple.stackexchange.com/questions/1393/are-my-permissions-for-usr-local-correct
- https://askubuntu.com/questions/261326/is-it-safe-to-chown-usr-local
Having said that, if you want to install global module without using sudo, I don't see any better solution (from pragmatic point of view) than mentioned. Security vs easy of use is very broad topic, and there is no easy answer for that - it just depends on your requirements.