This error occurs when npm lacks the necessary file system permissions to access directories during package installation. EACCES (Access Denied) typically happens when trying to install global packages or when npm directories are owned by root instead of your user account.
EACCES (Error Access) is a Unix-like system error code indicating that a process lacks sufficient permissions to perform the requested file system operation. When npm attempts to install packages, update the cache, or modify directories like node_modules, it requires read, write, and execute permissions in several locations. This error most commonly occurs in two scenarios: installing global packages that default to system-level directories like /usr/local/lib/node_modules, or working with local projects where directories were created or modified with elevated privileges (using sudo). When files or directories are owned by root but npm runs as your regular user, the operating system blocks access, triggering the EACCES error. The root cause often traces back to installing Node.js or npm packages with sudo, which changes ownership of npm directories from your user to root. This creates a permissions mismatch where npm, running as your user, cannot write to root-owned directories. The problem persists across sessions until permissions are corrected or npm is reconfigured to use user-owned directories. Understanding this error is crucial because using sudo to bypass it seems like an easy fix but actually makes the problem worse by creating more root-owned files. The correct solution involves either changing directory ownership back to your user or configuring npm to use directories where you already have permissions.
The best long-term fix is using nvm, which installs Node.js and npm in your user directory, avoiding all permission issues:
# Uninstall existing Node.js (if needed)
# On Ubuntu/Debian:
sudo apt remove nodejs npm
# On macOS with Homebrew:
brew uninstall node
# Install nvm
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
# Reload shell configuration
source ~/.bashrc # or ~/.zshrc for zsh
# Install Node.js LTS
nvm install --lts
# Set default version
nvm use --lts
nvm alias default node
# Verify installation
node --version
npm --versionAfter installing with nvm, all npm operations run with your user permissions—no more EACCES errors. nvm also makes switching between Node versions easy.
If you want to keep your current Node installation, fix directory ownership:
# Find npm's prefix directory
npm config get prefix
# Usually returns /usr/local
# Fix ownership of npm directories
sudo chown -R $(whoami) $(npm config get prefix)/{lib/node_modules,bin,share}
# Also fix npm cache directory
sudo chown -R $(whoami) ~/.npm
# Fix current project's node_modules if needed
sudo chown -R $(whoami) ./node_modules
# Verify permissions
ls -la $(npm config get prefix)/lib/node_modules
ls -la ~/.npmThe -R flag recursively changes ownership for all subdirectories and files. $(whoami) automatically inserts your username. After running these commands, npm should work without sudo.
Change npm's global installation directory to one in your home folder where you already have permissions:
# Create a directory for global packages in your home folder
mkdir ~/.npm-global
# Configure npm to use the new directory
npm config set prefix '~/.npm-global'
# Add the new directory to your PATH
# For bash, add to ~/.bashrc:
echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.bashrc
# For zsh, add to ~/.zshrc:
echo 'export PATH=~/.npm-global/bin:$PATH' >> ~/.zshrc
# Reload shell configuration
source ~/.bashrc # or source ~/.zshrc
# Verify configuration
npm config get prefix
# Should show /home/yourusername/.npm-global
# Test with a global installation
npm install -g create-react-appNow global packages install in your home directory without permission issues.
Corrupted cache with incorrect ownership can cause EACCES errors:
# Check npm cache location
npm config get cache
# Usually ~/.npm
# Clear cache with force flag
npm cache clean --force
# If that fails with EACCES, fix cache ownership first
sudo chown -R $(whoami) ~/.npm
# Then try cache clean again
npm cache clean --force
# Verify cache is cleared
npm cache verifyThe --force flag removes all cached data. Use npm cache verify to check cache integrity. If you still get errors, delete and recreate the cache directory:
# Remove cache directory
rm -rf ~/.npm
# npm will recreate it on next operation
npm installIf your project's node_modules directory has permission issues:
# Navigate to your project
cd /path/to/your/react-project
# Remove existing node_modules and lock file
rm -rf node_modules package-lock.json
# Fix any remaining permission issues in project directory
sudo chown -R $(whoami) .
# Clean npm cache
npm cache clean --force
# Reinstall dependencies without sudo
npm installNever use sudo npm install in your project. If npm install requires sudo, it means your npm installation has permission problems that need fixing with the methods above.
For Create React App specifically:
# Use npx without global installation
npx create-react-app my-app
# This downloads and runs create-react-app temporarily
# without installing it globallynpm includes a diagnostic tool that checks for common problems:
# Run comprehensive diagnostics
npm doctorThis checks:
- npm registry connectivity
- Node.js and npm versions
- Directory permissions for npm cache and prefix
- Whether you can access required directories
- Git executable availability
Pay attention to any "WARN" or "ERR" messages about permissions. The output will highlight specific directories with permission problems:
Check Value Recommendation
npm ping ok
npm -v v10.2.5 current
node -v v20.10.0 recommended
npm config get registry https://registry.npmjs.org/ ok
which git /usr/bin/git ok
Perms check on cached files ok
Perms check on global dirs Error: EACCES Fix permissions
Perms check on local dirs okFollow the recommendations to fix identified issues.
On macOS with Homebrew:
# Reinstall Node.js without sudo
brew uninstall node
brew install node
# Homebrew installs to /usr/local which should have correct permissions
brew doctor # Checks for issuesOn Linux (Ubuntu/Debian):
# Use NodeSource repository for proper installation
curl -fsSL https://deb.nodesource.com/setup_lts.x | sudo -E bash -
sudo apt-get install -y nodejs
# Then follow ownership fixes from Step 2On Windows:
This error is less common but can occur:
- Run Command Prompt or PowerShell as Administrator
- Install Node.js from official installer (nodejs.org)
- Use npm without sudo (no sudo on Windows)
- Check antivirus isn't blocking npm operations
For Docker/Containers:
# Don't run npm as root in containers
RUN chown -R node:node /app
USER node
RUN npm installUnderstanding Unix File Permissions: The EACCES error stems from Unix permission model. Every file and directory has an owner, group, and permission bits (read, write, execute). When you use sudo, files are created with root as owner. Regular users cannot modify root-owned files. The ls -l command shows ownership: -rw-r--r-- 1 root root means root owns the file. The chown command changes ownership.
Why Sudo Is Dangerous with npm: Running npm with sudo seems convenient but creates cascading problems. Root-owned files in node_modules prevent non-root npm operations. Postinstall scripts run as root have elevated permissions, which is a security risk if malicious packages are installed. Many developers fall into a sudo cycle where each npm error leads to using sudo again, creating more root-owned files.
The Principle of Least Privilege: Security best practice dictates running processes with minimum necessary permissions. npm doesn't need root access for most operations. By configuring npm to use user-owned directories, you follow this principle. If an npm package is compromised, it can only affect your user account, not the entire system.
nvm vs System Node Installation: System package managers (apt, yum, brew) install Node globally, which can cause permission conflicts. nvm installs Node per-user, completely avoiding system directories. nvm also simplifies testing across Node versions and allows multiple versions simultaneously. The only downside is nvm requires shell configuration and isn't system-wide.
Global vs Local Package Installation: Global packages (npm install -g) install in the npm prefix directory, typically requiring permissions. Local packages (npm install) go in ./node_modules, using current directory permissions. Modern best practice favors local installation with npx to execute packages without global installation: npx create-react-app instead of npm install -g create-react-app && create-react-app.
Cache Directory Importance: npm caches downloaded packages in ~/.npm to avoid re-downloading. If this directory has wrong ownership, every npm operation fails. The npm cache verify command checks cache integrity and can repair corruption. In CI/CD environments, consider using npm ci which does a clean install without relying on cache.
CI/CD and Docker Considerations: In containers, avoid running as root user. Use the node user or create a non-root user. Set proper ownership with COPY --chown=node:node or explicit chown commands. For CI systems, use fresh environments for each build to avoid permission accumulation. Many CI platforms provide Node pre-installed with correct permissions.
Windows Subsystem for Linux (WSL) Quirks: WSL2 has a separate Linux filesystem with Unix permissions, but accessing Windows files (/mnt/c/) can cause permission issues. Keep your Node projects in the Linux filesystem (~/ or /home/username/) not in Windows directories. WSL1 has even more permission quirks; upgrade to WSL2 if possible.
Recovery from Severe Permission Corruption: If permissions are severely broken, the nuclear option is removing Node completely and reinstalling with nvm: remove Node with system package manager, delete ~/.npm and all global node_modules directories, install nvm, install Node through nvm, and reinstall packages. This gives you a clean slate with proper permissions.
Prop spreading could cause security issues
Prop spreading could cause security issues
Error: error:0308010C:digital envelope routines::unsupported
Error: error:0308010C:digital envelope routines::unsupported
React Hook "useEffect" is called conditionally. React Hooks must be called in the exact same order in every component render.
React Hook useEffect placed inside a condition
Hook can only be called inside the body of a function component
Hook can only be called inside the body of a function component
Rollup failed to resolve import during build
How to fix "Rollup failed to resolve import" in React