Change your PHP to run git via sudo
<?php `sudo git pull [email protected]:my-user/myrepo.git`; ?>
Then change your suoders to allow git to be run by the apache user:
nano /etc/sudoers
Add this to the EOF:
apache ALL = NOPASSWD: /usr/bin/git
To test it, run:
sudo su apache
git pull
If you get a “This account is currently not available” message, run this cmd:
sudo chsh -s /bin/bash apache
Apache on sudoers list... with root privileges... with no password setting... ran by PHP script... using shell command line... executed from strings... with backticks execution operators...
Nope, nothing could possibly go wrong, it's absolutely safe, there is nothing to worry about, let's push it to production.