Home > php > Giving PHP the permission to make a git pull request

Giving PHP the permission to make a git pull request

March 27Hits:1

I would like to allow PHP to execute a Git pull command. But there are some problems with the user and permissions. How did you solve the problem?

PHP runs as user www-data. Therefore I've changed the .git directory owner/group to www-data (chown www-data:www-data -R .git). As it is turned out later www-data has no SSH keys. Is it a good idea to give it one? If yes where to place? Or is it possible to allow it to use a specific key.

Best regards, Bernd


How often do you have to do pull? You can make a cronjob (every 30 minutes or so) for your git user that checks a certain file. If that file has a 1 or in it, it makes a pull. You can give your git user and your www-data user access to this file. PHP writes a 1 into the file -> cronjob (crontab entry of git user) checks if a 1 is in the file -> cronjob clears the 1 -> git makes pull -> and so on This is a secure way with a little delay (cycle of cronjob). PS: dont forgot to clear the 1.

If it was me I would do just about the same thing but I would have the cron job run as a root or another use on the system that has shell access. I think the main reason that www-data is unable to do anything is because it lacks shell access. Just like DrDol said run a cron job every now and then that will make a git pull feel free to overwrite your last pull with the new one if you are getting errors its because ur make a page request in the middle of a pull it may then be best to have each pull go into a folder and that folder then be renamed to the folder www-data is working with, just after that folder gets renamed to something else and then deleted after the new working dir has been renamed.

I'd suggest you give the www-data user it's own copy of the git repo, and it's own SSH key. You can then use Gitolite (or similar) to ensure that it only has read access to the repo. Giving www-data access to your primary repo is not really a great idea.

Related Articles

  • Giving PHP the permission to make a git pull requestMarch 27

    I would like to allow PHP to execute a Git pull command. But there are some problems with the user and permissions. How did you solve the problem? PHP runs as user www-data. Therefore I've changed the .git directory owner/group to www-data (chown www

  • How to do git pull request from intellij idea?January 14

    I have a private project repo on github owned by a company. The repo on github has branches master and dev. At some point in the past I cloned the dev repo. After that I made quite a few changes. Now my manager requires I need to do pull request so t

  • Unchanged files showing in Git pull requestJanuary 20

    We are currently using Git (Visual Studio) in a 5 man team. This is the process we currently follow: User creates a feature branch from master before they start work They implement their feature When the implementation is complete they do a merge fro

  • git pull request with --no-ff flagFebruary 15

    I'm trying to follow this model: http://nvie.com/posts/a-successful-git-branching-model/ And trying to understand how a merge like this would work from a pull request on Github... specifically the "--no-ff" flag: git merge --no-ff hotfix-1.2.1 A

  • Git pull enforce authenticationFebruary 5

    I am trying to learn some basics of github. I want to enforce authentication whenever a git pull request is made. Is it possible to do in a public repository? This is my public test repository https://github.com/SanthanaRajagopalan/JenkinTest When I

  • git request-pull: how to create a (github) pull request on the command line?January 22

    I've cloned a project, and pushed a branch with just a renamed readme file to README. I am trying to create a pull-request on the command line, just to try PR from here instead of a website. $ git request-pull origin/master origin readme:readme The f

  • "Permission denied" when doing a `git pull` in an (Apache - Django - subprocess) stackJuly 7

    I have a Django app on an Apache server that uses subprocess.Popen to do a git pull on a repo stored on that server. It manages to fetch the new commit for the server, but it can't do a checkout: error: git checkout-index: unable to create file run_g

  • Git pulling without root accessSeptember 10

    On a Ubuntu Server 10.10 box, I seem to require root access to use git pull (in my /var/www directory). error: cannot open .git/FETCH_HEAD: Permission denied. I have tried chmodding 0777 /var/www and /var/www/.git, and chowning both of these to my ac

  • Running git pull from a php scriptFebruary 20

    I was trying the Perfect Workflow, with Git, GitHub, and SSH, but it seems i can't run git pull. I've tried git status and it's fine. When i git pull 2>&1 i get: error: cannot open .git/FETCH_HEAD: Permission denied I tried to chmod .git dir to 777

  • Unable to git pull while using puttyOctober 15

    I have two machines (a. Ubuntu machine b. Windows machine) I have cloned code from a github repo in the Ubuntu machine and I am able to run git commands if I login into the Ubuntu machine (directly) But if I login into the Ubuntu machine (using the s

  • Use git pull via ssh command invokeOctober 30

    When I log in to my server via SSH, I am able to use git over ssh (private repository): [email protected]:~$ ssh example.com Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 2.6.32-042stab083.2 i686) * Documentation: https://help.ubuntu.com/ Last login: Thu Oct 30

  • git pull into web root

    git pull into web rootDecember 17

    Hi! I have a question regarding git workflow and ISPConfig: We have a development-server with gitolite installed. All websites we develop are hosted there in git repositories. On my production webserver I have ISPConfig3 installed. Each developer fro

  • git pull conflicts when pulling a non current branchJanuary 2

    I have a problem when manipulating git pull. Consider I have 2 branches on my remote (origin) repository : A and B. The remote B branch is ahead of the local B branch by 1 commit. This additional commit (on the remote B branch) just add a new file, s

  • "git pull" fails, but only remotely?February 12

    When I try to ssh -C [email protected]_server 'cd /home/me/my_repo' it works. When I try to ssh [email protected]_server, then cd /home/me/my_repo' and then git pull it works. But when I try to ssh -C [email protected]_server 'cd /home/me/my_repo' && git pull it fails with Per

  • How do I automate git pulls from a private repository using Github's hooks?June 4

    I'm sure there's plenty of similar questions to this, but mine's a little more specific. I have a server used for testing, and the site owner wants it to automatically update itself when someone pushes to the repositories. I figured I'd use the Githu

  • git workflow: read access + pull request or write access? June 26

    Suppose there is a small team with 1 senior developer and 3 junior developers working on the same repo in a team on a github organization. The senior developer has admin access. What is the most common approach in the industry to setup the access for

  • brew update: failure while executing: git pull --ff --no-rebase --quiet originNovember 3

    I am on a computer at work that has been used by somebody else for the past 4 years. I have no idea how often updated brew. The computer is mostly used for running C jobs. I did brew update and the following came out error: unable to unlink old '.tra

  • How to configure "git pull --ff-only" and "git merge --no-ff"February 9

    A typical git workflow for me is to clone a remote repository and use git pull to keep it up-to-date. I don't want merge commits when I pull, so i use the --ff-only option. I also make local branches for feature work. I want to preserve the branch hi

  • How to get "git pull" to work as expected againAugust 31

    I'm using msysgit (Git for Windows). It used to be that running "git pull" would automatically "git fetch", and then rebase my changes on every branch with the new HEAD from upstream. Now it seems "git pull" usually just give

  • Git - post-receive hook with git pull "Failed to find a valid git directory"January 29

    It's very weird but when setting a git repository and creating a post-receive hook with: echo "--initializing hook--" cd ~/websites/testing echo "--prepare update--" git pull echo "--update completed--" the hook runs indeed,

Copyright (C) 2017 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.404 s.