Docker: npm permission denied

Iam struggling with permission error in using npm in Section 4: Building images
My problem is similar to:

However I can’t find the solution there, that’s why I am creating a new topic
When I follow the instructor still I get this permission error:

Dockerfile

FROM node:14.16.0-alpine3.13
RUN addgroup app && adduser -S -G app app
USER app
WORKDIR /app
COPY . .
RUN npm install
ENV API_URL=http://api.myapp.com/
EXPOSE 3000
CMD [“npm”, “start”]
Step 6/9 : RUN npm install
—> Running in 103nj60a010c2
npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but package-lock.json was generated for lockfileVersion@2. I’ll try to do my best with it!
npm WARN checkPermissions Missing write access to /app
npm ERR! code EACCES
npm ERR! syscall access
npm ERR! path /app
npm ERR! errno -13
npm ERR! Error: EACCES: permission denied, access ‘/app’
npm ERR! [Error: EACCES: permission denied, access ‘/app’] {
npm ERR! errno: -13,
npm ERR! code: ‘EACCES’,
npm ERR! syscall: ‘access’,
npm ERR! path: ‘/app’
npm ERR! }
npm ERR!
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR!
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator.

npm ERR! A complete log of this run can be found in:
npm ERR! /home/app/.npm/_logs/2021-04-02T22_17_49_152Z-debug.log

Then from the above this thread I updated my Docker file.

My new dockerfile contents:

FROM node:16.0.0-alpine3.13
RUN addgroup app && adduser -S -G app app
RUN mkdir /app && chown app:app /app
USER app

WORKDIR /app
COPY . .
RUN npm install

When I try to build the container I get this permission error:

npm ERR! code EACCES
npm ERR! syscall open
npm ERR! path /app/package-lock.json
npm ERR! errno -13
npm ERR! Error: EACCES: permission denied, open '/app/package-lock.json'
npm ERR!  [Error: EACCES: permission denied, open '/app/package-lock.json'] {
npm ERR!   errno: -13,
npm ERR!   code: 'EACCES',
npm ERR!   syscall: 'open',
npm ERR!   path: '/app/package-lock.json'
npm ERR! }
npm ERR! 
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR! 
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/app/.npm/_logs/2021-05-08T12_59_30_045Z-debug.log

I don’t understand, why I am getting this error as the parent directory is owned by the app user, and it also have permissions to read package.lock and package.json files.

If I remove the RUN npm install from Dockerfile and build the container, this is the output of ls -l

-rw-r--r--    1 root     root        660074 May  5 12:33 package-lock.json
-rw-r--r--    1 root     root           813 Mar  5 19:00 package.json

The other user have read permission. And that seems to be the permissions
npm install needs.
Why am I getting permission error here? Please help

1 Like

I researched and tested for 6 Hours and found that the below SCRIPT 1 as shown in Mosh’s lecture video is working only if you use the same version of node in video.

SCRIPT 1 - From Video

FROM node:14.16.0-alpine3.13

RUN addgroup app && adduser -S -G app app
USER app

WORKDIR /app

RUN npm install
EXPOSE 3000

CMD [“npm”, “start”]

SCRIPT 2

Latest and other alpine versions have default use NODE which is overriding our app users so below is the solution to use both NODE user and our app users.

###Using custom user i.e. app###

FROM node:16.10.0-alpine3.14

RUN addgroup app && adduser -S -G app app

USER app

WORKDIR /app

COPY --chown=app:node package*.json ./

RUN npm install

COPY --chown=app:node . .

EXPOSE 3000

CMD [“npm”, “start”]

###Using default user i.e. node###

FROM node:16.10.0-alpine3.14

RUN addgroup app && adduser -S -G app app

USER app

WORKDIR /app

COPY --chown=node:node package*.json ./

RUN npm install

COPY --chown=node:node . .

EXPOSE 3000

CMD [“npm”, “start”]

5 Likes

Thank you! I was pulling my hair out… and I’m bald.

1 Like

Hi

I was going to create a post with my solution as I encountered the same problem. The specific error was with package-lock.json so forcing the user and group of package*.json files to be ‘app’ seems to also work.

FROM node:16.14.0-alpine3.15
RUN addgroup app && adduser -S -G app app
USER app
WORKDIR /app
COPY --chown=app:app package*.json .
RUN npm install
COPY . .
ENV API_URL=http://api.blah.com
EXPOSE 3000

CMD ["npm", "start"]
2 Likes