Using PM2 on MacOS: fs-ops-dir node (node-red-contrib-fs-ops) permission issue

UPDATE: This is part of node-red-contrib-fs-ops

Hello - I am running into what I think is a permissions problem with the fs-ops-dir node (directory node) when using PM2. I have a flow that scans a folder, identifies the latest file and ftp's it a NAS folder.

In the launchd script for PM2, the user parameter is correct (my username) but when the node tries to access the folder, it returns an error (Error: EPERM: operation not permitted, scandir). If I stop the Node-RED process from PM2 and launch it directly from the terminal, it works correctly.

Any idea what I can do to fix this? Thanks for your help.

What version of macOS?
What version of NR and node.js? (you can get this from the startup log)
Is there anythng else in the log with that message?
have you tried a google search EPERM: operation not permitted, scandir macos?
What happens if you just send the file to user directory on the Mac?

MacOS Catalina

Node - 14.15.4
Node-RED - 1.2.6

[Error: EPERM: operation not permitted, open '/Users/rakeshgupta/Documents/MySQLBackup/2021-06-20_DB_Export.sql'] {
  errno: -1,
  code: 'EPERM',
  syscall: 'open',
  path: '/Users/rakeshgupta/Documents/MySQLBackup/2021-06-20_DB_Export.sql'
}
(node:52552) Warning: Accessing non-existent property 'MongoError' of module exports inside circular dependency

Yes

I'm not sure what you mean - the file is already in the user directory. As I said in the original message, if I run NR directly (not via PM2), it works correctly.
EDIT: Did you mean instead of ftp? The file is on the same Mac that NR is running on. It is a mySQL export (created with mySQLdump), and NR is ftp'ing the file from the Mac to a NAS.

This suggests the account running PM2 does not have access to /Users/rakeshgupta/Documents

I am not an apple/mac user so have no idea how PM2 is ran but I suspect it is a system account or service account running PM2 that does not (and rightly so) have access to a users docs.

Try either

  • moving the file to a location all users can access
    OR
  • adjusting permissions on the folder /Users/rakeshgupta/Documents
    OR
  • running PM2 as your user (rakeshgupta)

I would personally recommend option 1 (for security reasons)

1 Like

I had tried giving all users access to that folder (just to try it!!) and it did not seem to work

PM2 creates a script (launchctl) that is put in the correct user directory, so I thought it was running under that username. I guess not - and that's why I was confused.

Yeah - I think I may have to go that route. Just need to figure out what that would be on the Mac.

Thanks for your help.

Looks like this will work - I moved the file into Users/rakeshgupta/Public/ folder and now when I run my test flow, I don't get the permissions error.

Thanks a ton for your help

1 Like

My guess is ths is a result of System Integrity Protection (SIP) (which you would have discovered if you had done a google search using the terms I suggested). Here is an explaination of what it is.

Try puting the original file in /usr/local/bin

Thanks - that's what I had found but it seemed to refer more to the OS folders. Since I was running PM2 (I thought) as the user, I wasn't sure WHY it would not have access to the user folders.

I had forgotten that there is a "public" folder in each user's directory on the Mac. @Steve-Mcl suggestion jogged that memory and is probably a better solution than using the /usr/local/bin directory (it's messy enough as it is!)

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.