dkg-cli install fails on Linux when run with sudo because the installer forces NVM/Node.js installation as root #7
Description
Critical Installation Failure: Root Privilege Enforcement Breaks NVM/Node.js Setup on Linux
Description
The main DKG Node installer script (install-dkg-node.sh) contains a critical flaw on Linux systems: it requires root privileges and installs NVM and Node.js under /root/.nvm. This causes npm ci/npm install commands inside dkg-engine (Phase 2) to fail consistently with permission errors, git+ssh access denied, postinstall script failures, or silent exit code 3.
This is the #1 reason why server operators (especially on Ubuntu, Pop!_OS, Debian VPS) fail to install the node even when they have appropriate hardware and configuration.
Steps to Reproduce
-
On any Ubuntu/Debian-based system (including Pop!_OS), run:
dkg-cli install
-
The script asks for sudo password → user enters it
-
Installation proceeds smoothly until Phase 2 (dkg-engine)
-
npm ciornpm installinsidedkg-engine/currentfails → installer exits with code 3 -
Even running
sudo dkg-cli installdirectly produces the same failure
Expected Behavior
The installer should:
- Work reliably whether run with or without sudo
- Always install and use NVM/Node.js in the original user's home directory (
/home/username/.nvm) - Only elevate to root when truly needed (apt, mysql, systemd services)
- Running
dkg-cli installas a normal user (recommended) should complete successfully in 10–20 minutes
Actual Behavior
The script contains this check in install_packages_linux():
if [[ "$(id -u)" != "0" ]]; then
error "This script must be run as root on Linux"
exit 1
fiThis forces root execution, which then installs NVM/Node.js under /root/.nvm instead of the user's home directory, causing all subsequent npm operations to fail.
Root Cause
When the script runs as root:
- NVM is installed to
/root/.nvm - Node.js packages are installed with root ownership
- Phase 2 (dkg-engine) attempts to run
npm ci/npm installwhich:- Cannot access user's SSH keys for git+ssh dependencies
- Encounters permission conflicts
- Fails postinstall scripts
- Exits silently with code 3
Suggested Fix (Tested & Working)
1. Remove the root enforcement check (lines ~549–556):
- if [[ "$(id -u)" != "0" ]]; then
- error "This script must be run as root on Linux"
- exit 1
- fi2. Install and load NVM as the real user:
Replace the NVM installation block in install_packages_linux() with:
info "Using NVM at $NVM_DIR (user: $REAL_USER)"
if [[ ! -s "$NVM_DIR/nvm.sh" ]]; then
info "Installing NVM for $REAL_USER..."
sudo -u "$REAL_USER" bash -c 'curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash'
fi
# Load NVM from user's directory
export NVM_DIR="$REAL_HOME/.nvm"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"3. Ensure proper environment variable detection:
# Detect real user even when run with sudo
REAL_USER="${SUDO_USER:-$USER}"
REAL_HOME=$(eval echo "~$REAL_USER")
NVM_DIR="$REAL_HOME/.nvm"Environment
- OS: Ubuntu 20.04 / 22.04 / 24.04, Pop!_OS 22.04, Debian 12
- Architecture: x86_64 / arm64
- Node version: Any (script manages via NVM)
- DKG Node: main branch (latest as of November 2025)
Impact
- Severity: Critical
- Affected Users: All Linux users attempting fresh installations
- Workaround: Complex manual NVM setup before running installer
- User Experience: Installation appears to work until Phase 2, wasting 10+ minutes of setup time
Additional Notes
This issue affects thousands of potential node operators who abandon the installation after repeated failures. The error messages are often cryptic (exit code 3, permission denied, silent failures) making it difficult for users to diagnose.
The suggested fix has been tested successfully on:
- Ubuntu 22.04 LTS (Pop!_OS)
- Debian 12
- Ubuntu 24.04 LTS
After implementing this fix, the installation completes successfully without requiring any manual intervention.