I am trying to use NGINX as a security gateway for TLS traffic (
ProtoBuf over TLS, not HTTP over TLS), where TLS is terminated by NGINX with the unencrypted stream is proxied to the application.
I have a working configuration, but SELinux is complaining that NGINX is not permitted to bind to my ingress port (in my
testing I was using port 12345):
It
seems like I may need to register a new
port type, associate the port number with the new
port type, and then associate the new
port type with the nginx application Have I got this correct? Any pointers on where I can a practical example? I'm new to SELinux.
OS is CentOS Linux release 7.8.2003.