I'm trying to execute audit2allow
using Symfony\Component\Process\Process
.
When I run exec("audit2allow -a -M a2a");
in PHP, it works just fine, a2a.pp
and a2a.te
is produced.
$process = new Process(['audit2allow', '-a', '-M', 'a2a']);
$process->run();
if (!$process->isSuccessful()) {
throw new ProcessFailedException($process);
}
echo $process->getOutput();
However, the above code produces the output below
Symfony\Component\Process\Exception\ProcessFailedException : The command "'audit2allow' '-a' '-M' 'a2a'" failed.
Exit Code: 1(General error)
Working directory: /var/www/html/example
Output:
================
compilation failed:
a2a.te:6:ERROR 'syntax error' at token '' on line 6:
/usr/bin/checkmodule: error(s) encountered while parsing configuration
/usr/bin/checkmodule: loading policy configuration from a2a.te
which is the typical output when there is a empty /var/log/audit/audit.log
.
What do I need to change to make it work properly? Symfony claims it is not a bug.
https://github.com/symfony/symfony/issues/35862
Update
Using Symfony\Component\Process\Process
(code above) actually produces the file a2a.te
, but it has only 1 line.
module a2a 1.0;
Whereas using exec()
produces the file a2a.te
with many lines:
module a2a 1.0;
require {
type kernel_t;
type vmblock_t;
type container_t;
...
Why does running the same command on Symfony\Component\Process\Process
and exec()
gives different outcomes?