Hello - I am running into what I think is a permissions problem with the fs-ops-dir node (directory node) when using PM2. I have a flow that scans a folder, identifies the latest file and ftp's it a NAS folder.
In the launchd script for PM2, the user parameter is correct (my username) but when the node tries to access the folder, it returns an error (Error: EPERM: operation not permitted, scandir). If I stop the Node-RED process from PM2 and launch it directly from the terminal, it works correctly.
Any idea what I can do to fix this? Thanks for your help.
What version of macOS?
What version of NR and node.js? (you can get this from the startup log)
Is there anythng else in the log with that message?
have you tried a google search EPERM: operation not permitted, scandir macos?
What happens if you just send the file to user directory on the Mac?
[Error: EPERM: operation not permitted, open '/Users/rakeshgupta/Documents/MySQLBackup/2021-06-20_DB_Export.sql'] {
errno: -1,
code: 'EPERM',
syscall: 'open',
path: '/Users/rakeshgupta/Documents/MySQLBackup/2021-06-20_DB_Export.sql'
}
(node:52552) Warning: Accessing non-existent property 'MongoError' of module exports inside circular dependency
Yes
I'm not sure what you mean - the file is already in the user directory. As I said in the original message, if I run NR directly (not via PM2), it works correctly.
EDIT: Did you mean instead of ftp? The file is on the same Mac that NR is running on. It is a mySQL export (created with mySQLdump), and NR is ftp'ing the file from the Mac to a NAS.
This suggests the account running PM2 does not have access to /Users/rakeshgupta/Documents
I am not an apple/mac user so have no idea how PM2 is ran but I suspect it is a system account or service account running PM2 that does not (and rightly so) have access to a users docs.
Try either
moving the file to a location all users can access
OR
adjusting permissions on the folder /Users/rakeshgupta/Documents
OR
running PM2 as your user (rakeshgupta)
I would personally recommend option 1 (for security reasons)
I had tried giving all users access to that folder (just to try it!!) and it did not seem to work
PM2 creates a script (launchctl) that is put in the correct user directory, so I thought it was running under that username. I guess not - and that's why I was confused.
Yeah - I think I may have to go that route. Just need to figure out what that would be on the Mac.
My guess is ths is a result of System Integrity Protection (SIP) (which you would have discovered if you had done a google search using the terms I suggested). Here is an explaination of what it is.
Thanks - that's what I had found but it seemed to refer more to the OS folders. Since I was running PM2 (I thought) as the user, I wasn't sure WHY it would not have access to the user folders.
I had forgotten that there is a "public" folder in each user's directory on the Mac. @Steve-Mcl suggestion jogged that memory and is probably a better solution than using the /usr/local/bin directory (it's messy enough as it is!)