0

I mad simple php script for git pull 

<?php
$output = shell_exec("cd /var/www/domain.tld/html/test/ && git pull 2>&1");
echo "<pre>$output</pre>";

named it git.php and gave it 755

the output was 

error: cannot open .git/FETCH_HEAD: Permission denied

but when try from the terminal 

$ git pull
Already up-to-date.

i checked the directories ownership , my user is "savvy"

drwxrwsr-x  4 savvy savvy     4096 Jul 13 05:40 test

and the files inside 

$ ls -la test/
total 20
drwxrwsr-x 4 savvy savvy 4096 Jul 13 05:40 .
drwxr-xr-x 7 savvy savvy 4096 Jul 13 05:38 ..
drwxrwsr-x 8 savvy savvy 4096 Jul 13 05:41 .git
-rw-rwSr-- 1 savvy savvy   19 Jul 13 05:39 test.php

.git 

$ ls -la .git/
total 60
drwxrwsr-x 8 savvy savvy 4096 Jul 13 05:41 .
drwxrwsr-x 4 savvy savvy 4096 Jul 13 05:40 ..
drwxrwsr-x 2 savvy savvy 4096 Jul 13 05:39 branches
-rw-rwSr-- 1 savvy savvy  268 Jul 13 05:39 config
-rw-rwSr-- 1 savvy savvy   73 Jul 13 05:39 description
-rw-rwSr-- 1 savvy savvy   97 Jul 13 05:41 FETCH_HEAD
-rw-rwSr-- 1 savvy savvy   23 Jul 13 05:39 HEAD
drwxrwsr-x 2 savvy savvy 4096 Jul 13 05:39 hooks
-rw-rwSr-- 1 savvy savvy  104 Jul 13 05:41 index
drwxrwsr-x 2 savvy savvy 4096 Jul 13 05:39 info
drwxrwsr-x 3 savvy savvy 4096 Jul 13 05:39 logs
drwxrwsr-x 4 savvy savvy 4096 Jul 13 05:39 objects
-rw-rwSr-- 1 savvy savvy   41 Jul 13 05:40 ORIG_HEAD
-rw-rwSr-- 1 savvy savvy  107 Jul 13 05:39 packed-refs
drwxrwsr-x 5 savvy savvy 4096 Jul 13 05:39 refs

~/.ssh

drwx------ 2 savvy savvy 4096 Jul 13 04:56 .ssh

inside

$ ls -la .ssh/
total 36
drwx------ 2 savvy savvy 4096 Jul 13 04:56 .
drwxr-xr-x 4 savvy savvy 4096 Jul 12 08:34 ..
-rw-r--r-- 1 savvy savvy  398 Jul 12 05:46 authorized_keys
-rw-rw-r-- 1 savvy savvy   59 Jul 11 10:10 config
-rw------- 1 savvy savvy 1679 Jul 11 07:44 id_rsa
-rw-rw-r-- 1 savvy savvy  398 Jul 12 05:21 id_rsa.pub
-rw-r--r-- 1 savvy savvy 1768 Jul 13 05:08 known_hosts
Improve this question
8
  • How are you running your php script? As which user? Commented Jul 13, 2016 at 10:44
  • calling it from the url : domain.tld/git.php and created git.php with savvy user Commented Jul 13, 2016 at 10:47
  • The url is served by a webserver, which is running as which user? You may need to add the webserver's user to your group. Commented Jul 13, 2016 at 10:48
  • $ ps aux|grep nginx|grep -v grep root 12433 0.0 0.2 85892 1400 ? Ss Jul12 0:00 nginx: master process /usr/sbin/nginx www-data 12435 0.0 0.3 86188 1620 ? S Jul12 0:09 nginx: worker process www-data 12436 0.0 0.4 86556 2104 ? S Jul12 0:01 nginx: worker process www-data 12437 0.0 0.3 86188 1620 ? S Jul12 0:09 nginx: worker process www-data 12438 0.0 0.3 86532 1868 ? S Jul12 0:08 nginx: worker process Commented Jul 13, 2016 at 10:53
  • i add www-data user to savvy group and same result Commented Jul 13, 2016 at 11:06

1 Answer 1

Reset to default
1

I solve this problem by the following

Step #1: copy /home/savvy/.ssh to /var/www/

# cp -R /home/savvy/.ssh /var/www/

Step #2: gave the /var/www directory to www-data user

# chown -R www-data:www-data /var/www/

Step #3: login as www-data user

$ su
Password: 
# su -s /bin/bash www-data

Step #4: clone the repo into my directory /var/www/domain.tld/html/test/

Step #5: call the git.php file i made already domain.tld/git.php

Result

From bitbucket.org:repo/test
8e9f67c..185cd9e  master     -> origin/master
Updating 8e9f67c..185cd9e
Fast-forward
test.php | 1 +
1 file changed, 1 insertion(+)
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

In my setup I have a git repo with group write access, and the solution was to add www-data to that group: sudo gpasswd -a www-data mygitgroup. After restarting apache2 in systemctl calling the PHP script would now successfully fetch from Git.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.