The token function cannot be used on CentOS systems
See original GitHub issueI use it on macOS and it works well, but when I run verdaccio on centos system, it doesn’t work, the error is as follows
[root@localhost verdaccio]# docker-compose -f verdaccio.yml logs -f
Attaching to verdaccio
verdaccio | warn --- config file - /verdaccio/conf/config.yaml
verdaccio | warn --- ⚠️ experiments are enabled, we recommend do not use experiments in production, comment out this section to disable it
verdaccio | warn --- - support for token is enabled
verdaccio | warn --- Verdaccio started
verdaccio | warn --- Plugin successfully loaded: verdaccio-htpasswd
verdaccio | warn --- Plugin successfully loaded: verdaccio-audit
verdaccio | warn --- http address - http://0.0.0.0:4873/ - verdaccio/4.4.1
verdaccio | http <-- 404, user: null(192.168.1.128), req: 'POST /-/v1/login', bytes: 37/150
verdaccio | http <-- 404, user: null(192.168.1.128), req: 'POST /-/v1/login', bytes: 37/150
verdaccio | http <-- 409, user: null(192.168.1.128), req: 'PUT /-/user/org.couchdb.user:admin', error: username is already registered
verdaccio | http <-- 409, user: null(192.168.1.128), req: 'PUT /-/user/org.couchdb.user:admin', error: username is already registered
verdaccio | http <-- 200, user: null(192.168.1.128), req: 'GET /-/user/org.couchdb.user:admin?write=true', bytes: 0/51
verdaccio | http <-- 200, user: null(192.168.1.128), req: 'GET /-/user/org.couchdb.user:admin?write=true', bytes: 0/51
verdaccio | (node:7) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
verdaccio | http <-- 201, user: admin(192.168.1.128), req: 'PUT /-/user/org.couchdb.user:admin/-rev/undefined', bytes: 172/589
verdaccio | http <-- 201, user: admin(192.168.1.128), req: 'PUT /-/user/org.couchdb.user:admin/-rev/undefined', bytes: 172/589
verdaccio | (node:7) UnhandledPromiseRejectionWarning: OpenError: IO error: /verdaccio/storage/data/.token-db/LOCK: No such file or directory
verdaccio | at /opt/verdaccio/node_modules/levelup/lib/levelup.js:96:23
verdaccio | at /opt/verdaccio/node_modules/abstract-leveldown/abstract-leveldown.js:30:14
verdaccio | at /opt/verdaccio/node_modules/deferred-leveldown/deferred-leveldown.js:20:21
verdaccio | at /opt/verdaccio/node_modules/encoding-down/node_modules/abstract-leveldown/abstract-leveldown.js:30:14
verdaccio | at /opt/verdaccio/node_modules/leveldown/node_modules/abstract-leveldown/abstract-leveldown.js:30:14
verdaccio | (node:7) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
verdaccio | (node:7) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
My current processing method is to give it root permissions in order to create a .token-db directory. This configuration makes it work, but it is not secure.The docker-compose.yml I use is as follows
version: '3'
services:
verdaccio:
image: verdaccio/verdaccio:token-feat
hostname: verdaccio
container_name: verdaccio
user: root
ports:
- 4873:4873
volumes:
- ./storage:/verdaccio/storage
- ./plugins:/verdaccio/plugins
- ./conf:/verdaccio/conf
restart: always
The configuration is as follows
#
# This is the config file used for the docker images.
# It allows all users to do anything, so don't use it on production systems.
#
# Do not configure host and port under `listen` in this file
# as it will be ignored when using docker.
# see https://verdaccio.org/docs/en/docker#docker-and-custom-port-configuration
#
# Look here for more config file examples:
# https://github.com/verdaccio/verdaccio/tree/master/conf
#
# path to a directory with all packages
storage: /verdaccio/storage/data
# path to a directory with plugins to include
plugins: /verdaccio/plugins
web:
# WebUI is enabled as default, if you want disable it, just uncomment this line
#enable: false
title: Verdaccio
# comment out to disable gravatar support
# gravatar: false
# by default packages are ordercer ascendant (asc|desc)
# sort_packages: asc
auth:
htpasswd:
file: /verdaccio/conf/htpasswd
# Maximum amount of users allowed to register, defaults to "+infinity".
# You can set this to -1 to disable registration.
# max_users: 1000
security:
api:
jwt:
sign:
expiresIn: 60d
notBefore: 1
web:
sign:
expiresIn: 7d
notBefore: 1
# a list of other known repositories we can talk to
uplinks:
npmjs:
url: https://registry.npm.taobao.org/
packages:
'@*/*':
# scoped packages
access: $authenticated
publish: $authenticated
unpublish: $authenticated
proxy: npmjs
'**':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $authenticated
# allow all known users to publish/publish packages
# (anyone can register by default, remember?)
publish: $authenticated
unpublish: $authenticated
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
middlewares:
audit:
enabled: true
# log settings
logs:
- { type: stdout, format: pretty, level: http }
#- {type: file, path: verdaccio.log, level: info}
experiments:
token: true
Issue Analytics
- State:
- Created 4 years ago
- Comments:11 (8 by maintainers)
Top Results From Across the Web
Token-Based Installation Method | Insight Agent Documentation
This article provides step-by-step instructions on installing the Insight Agent using the preferred token-based installer type.
Read more >CQL native functions | CQL for DSE 6.0
The exact signature of the token function depends on the table concerned and of the partitioner used by the cluster.
Read more >Tokens | Vault - HashiCorp Developer
Tokens are the core method for authentication within Vault. Tokens can be used directly or auth methods can be used to dynamically generate...
Read more >Chapter 8. Known issues Red Hat Enterprise Linux 9
The chkconfig package, which updates and queries runlevel information for system services, is not installed by default in RHEL 9. To manage services,...
Read more >Manually installing SSM Agent on CentOS instances
Connect to an CentOS instance, and install SSM Agent on each instance that will run commands using Systems Manager.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Mh, seems this may be the chown issue. Do you use our Docker image? https://verdaccio.org/docs/en/docker.html
It uses specific IDs for user and group (10001 and 65533).
Normally this should generate the path:
https://github.com/verdaccio/monorepo/blob/f565461f5bb2873467eeb4372a12fbf4a4974d17/plugins/local-storage/src/local-database.ts#L436
And the level DB should normally create lockfiles when openen the database. The file is created / written with 644 rights.
You might want to check the owner as @juanpicado wrote (permission problems).