Apache without shell user needs to sudo -u gituser git fetch
Hello list,
I'm writing a small script that is invoked from an Apache web server
(CGI, or PHP).
The script needs to run several commands as another user, I opted for 'sudo'.
It is fairly easy for most commands, but I'm stuck on one:
sudo -u gituser git fetch
Under the covers this command connects to a remote SSH server, giving
me this error:
ssh_exchange_identification: Connection closed by remote host
fatal: The remote end hung up unexpectedly
The ssh connection is using passwordless ssh key login, so this can
run non-interactively.
Just changing the shell of the apache user to /bin/bash works, but I
don't like giving that user (apache) a real shell.
The gituser does have a valid shell of /bin/bash.
The 'requiretty' option for sudo is already disabled (otherwise other
commands don't work either).
Any ideas on how to solve this? Is giving the apache user a valid
shell the only way forward?
Best regards,
Steven
Reply to: