Running git pull from a php script
I was trying the Perfect Workflow, with Git, GitHub, and SSH, but it seems i can't run git pull
. I've tried git status
and it's fine.
When i git pull 2>&1
i get:
error: cannot open .git/FETCH_HEAD: Permission denied
I tried to chmod .git dir to 777 with no luck.
When i run whoami
from the browser it shows me: apache
--- EDIT ---
I just did chown apache:apache -R .git
and now i get:
Could not create directory '/.ssh'. Host key verification failed. fatal: The remote end hung up unexpectedly
Could not create directory '/.ssh'. Host key verification failed. fatal: The remote end hung up unexpectedly
Read and consider your error message. Host keys are stored in the ~/.ssh/known_hosts file. Your Apache user has "/" as its home directory, and it definitely doesn't and shouldn't have write access to the root.
I suggest that you create a user account for this... maybe gitpull-user
or something. Make sure it has a usable home directory, even if it's somewhere atypical. Login as that user and create a shell script that accomplishes what you're trying to do as that user. Of course, you'll also have to copy your appropriate id_rsa key to the user's account, etc.
Configure sudo to launch that script by adding this line to /etc/sudoers
apache ALL = (gitpull-user) NOPASSWD: /path/to/script.sh`
and also if you're having "No TTY" issues:
Defaults:apache !requiretty
Change your PHP script to call sudo -u gitpull-user ./script.sh
It would be possible to change Apache's home directory to a "real" location and just drop the key in there, but that would expose a risk where your data would have to be owned by apache and the key could be read if the daemon were compromised. Establishing a second user provides a level of isolation.