Nginx/SELinux problems

I had problems when I enabled SELinux after installing Nginx.

I am using latest CentoOS 7 and Virtualmin.

Here is how I made it work:

# semanage fcontext -a -t httpd_log_t "/var/log/virtualmin(/.*)?" # setsebool -P httpd_read_user_content on

echo "module nginxfix 1.0;

require {
type httpd_t;
type var_t;
type initrc_t;
class sock_file write;
class unix_stream_socket connectto;
}

#============= httpd_t ==============

allow httpd_t initrc_t:unix_stream_socket connectto;
allow httpd_t var_t:sock_file write;" > /tmp/nginxfix.te

checkmodule -M -m -o /tmp/nginxfix.mod /tmp/nginxfix.te

semodule_package -o /tmp/nginxfix.pp -m /tmp/nginxfix.mod

semodule -i /tmp/nginxfix.pp

However, I am not sure about enabling writing/connecting to all socket files. Is there a better way to solve it?

I made bug reports here: https://www.virtualmin.com/node/45742
and here: https://sourceforge.net/p/webadmin/bugs/4881/