php run git got "ssh Permission denied"

Question

I'm trying to run git pull in a php script from a browser, but I got "sh: connect to host git.assembla.com port 22: Permission denied"

my php script:

<?php
$output=array();
$returnVar=0;
chdir("/var/www/html");
exec('git pull [email protected]:andrewadel.git master 2>&1', $output , $returnVar);
// exec('pwd', $output , $returnVar);
echo "<pre>\n";
echo "return status: $returnVar\n\n";
print_r($output);
echo "</pre>\n";

---

when I manually run the script as "apache", everything is fine

bash-4.1$ whoami
apache
bash-4.1$ php gitsync.php
<pre>
return status: 0

Array
(
    [0] => From git.assembla.com:andrewadel
    [1] =>  * branch            master     -> FETCH_HEAD
    [2] => Already up-to-date.
)
</pre>

---

When I run it from a browser, it fails

http://103.7.164.33/gitsync.php?111

return status: 1

Array
(
    [0] => ssh: connect to host git.assembla.com port 22: Permission denied
    [1] => fatal: The remote end hung up unexpectedly
)

Thanks

Answer 1

A lot of variables here... but I faced pretty much exact same behavior with a remote cgi script I was working on.

In my case the issue was related to SELinux on CentOS.

user@remoteserver:~$ getsebool -a | grep httpd

Showed:

...
httpd_can_network_connect --> off
...

Test Possible Fix(sudo or run as root):

user@remoteserver:~$ setsebool httpd_can_network_connect=1
//...then initiate your serverside script remotely

Permanent Fix(if above has proven effective):

user@remoteserver:~$ setsebool -P httpd_can_network_connect=1

-P option ensures subject SELinux boolean value is set to specified value as default on future reboots. See: man getsebool and man setsebool