I'm trying to execute audit2allow using Symfony\Component\Process\Process.
When I run exec("audit2allow -a -M a2a"); in PHP, it works just fine, a2a.pp and a2a.te is produced.
$process = new Process(['audit2allow', '-a', '-M', 'a2a']);
$process->run();
if (!$process->isSuccessful()) {
throw new ProcessFailedException($process);
}
echo $process->getOutput();
However, the above code produces the output below
Symfony\Component\Process\Exception\ProcessFailedException : The command "'audit2allow' '-a' '-M' 'a2a'" failed.
Exit Code: 1(General error)
Working directory: /var/www/html/example
Output:
================
compilation failed:
a2a.te:6:ERROR 'syntax error' at token '' on line 6:
/usr/bin/checkmodule: error(s) encountered while parsing configuration
/usr/bin/checkmodule: loading policy configuration from a2a.te
which is the typical output when there is a empty /var/log/audit/audit.log.
What do I need to change to make it work properly? Symfony claims it is not a bug.
https://github.com/symfony/symfony/issues/35862
Update
Using Symfony\Component\Process\Process (code above) actually produces the file a2a.te, but it has only 1 line.
module a2a 1.0;
Whereas using exec() produces the file a2a.te with many lines:
module a2a 1.0;
require {
type kernel_t;
type vmblock_t;
type container_t;
...
Why does running the same command on Symfony\Component\Process\Process and exec() gives different outcomes?