Skip to content
Latchkey

pnpm "EACCES" on the Store / node_modules - Fix Permissions in CI

pnpm writes to a global store and hard-links into node_modules. EACCES means the user running pnpm cannot write to the store or the project - almost always a store/dir owned by root from an earlier step.

What this error means

pnpm fails with EACCES: permission denied writing to the store path or node_modules. It commonly appears after a step ran as root (or a cached layer was created as root) and a later step runs as a non-root user.

pnpm output
ERR_PNPM_... EACCES  permission denied, mkdir '/root/.pnpm-store/v3/...'
# or
EACCES: permission denied, symlink '...' -> '/app/node_modules/.pnpm/...'

Common causes

Store or node_modules owned by root

A previous root-run step (or a Docker layer built as root) created the store or node_modules owned by root; the non-root build user then cannot write there.

A store path the build user cannot access

A store-dir under a root-only location (e.g. /root/.pnpm-store) is unwritable for a non-root CI user.

How to fix it

Fix ownership and use a writable store

Hand the store/modules back to the build user and point the store at a writable path.

Terminal
sudo chown -R "$(id -u):$(id -g)" "$HOME/.pnpm-store" node_modules 2>/dev/null || true
pnpm config set store-dir "$HOME/.pnpm-store"
pnpm install

Avoid root-owned state

  1. Do not mix root and non-root pnpm runs in the same workspace.
  2. Set store-dir to a user-owned path (e.g. under $HOME).
  3. Run pnpm as the same user that owns the workspace.

How to prevent it

  • Keep the store and node_modules owned by the build user.
  • Point store-dir at a user-writable path.
  • Never mix root and non-root pnpm runs.

Related guides

Tired of flaky CI? Latchkey auto-heals failed jobs and retries them for you. Start free →