Troubleshooting — HAPrxoy cannot bind socket/ports — SElinux — RHEL centOS

As per best practices, we need to enable/follow/apply many security policies in our servers to protect from attackers. One of the most important policies is SELinux (Security-Enhanced Linux).

When you enable i.e., to enforce mode, that policy restricts all processes permissions even if started them with root user. So when we enforced the SELinux we faced a big problem with the HAProxy service as it required bind on some ports to proxy requests from frontend to backend i.e., we are unable to start the service using SYSTEMD with the below error.

systemd[1]: Started HAProxy Load Balancer.
haproxy-systemd-wrapper[2358]: haproxy-systemd-wrapper: executing /usr/sbin/haproxy -f /etc/haproxy/haproxy.cf...id -Ds
haproxy-systemd-wrapper[2358]: [ALERT] 012/095413 (2359) : Starting proxy stats: cannot bind socket [0.0.0.0:8888]
haproxy-systemd-wrapper[2358]: haproxy-systemd-wrapper: exit,

After troubleshooting found that we need to give SELinux permission to the HAProxy process to get access on TCP socket bindings without disabling the SELinux.

To resolve the issue, we have used the below command :

setsebool -P haproxy_connect_any=1