I had problems when I enabled SELinux after installing Nginx.
I am using latest CentoOS 7 and Virtualmin.
Here is how I made it work:
# semanage fcontext -a -t httpd_log_t "/var/log/virtualmin(/.*)?"
# setsebool -P httpd_read_user_content on
# echo "module nginxfix 1.0;
require {
type httpd_t;
type var_t;
type initrc_t;
class sock_file write;
class unix_stream_socket connectto;
}
#============= httpd_t ==============
allow httpd_t initrc_t:unix_stream_socket connectto;
allow httpd_t var_t:sock_file write;" > /tmp/nginxfix.te
# checkmodule -M -m -o /tmp/nginxfix.mod /tmp/nginxfix.te
# semodule_package -o /tmp/nginxfix.pp -m /tmp/nginxfix.mod
# semodule -i /tmp/nginxfix.pp
However, I am not sure about enabling writing/connecting to all socket files. Is there a better way to solve it?
I made bug reports here: https://www.virtualmin.com/node/45742 and here: https://sourceforge.net/p/webadmin/bugs/4881/