📖 ~1 min read
Table of contents
Symptom & Impact
NGINX returns 502 because SELinux denies outbound proxy connection.
Environment & Reproduction
audit logs show AVC denial for httpd_t name_connect.
Root Cause Analysis
Run ausearch -m AVC -ts recent and getenforce.
Quick Triage
Boolean for network connects by httpd is disabled.
Step-by-Step Diagnosis
Enable setsebool -P httpd_can_network_connect 1 and verify contexts.
Solution – Primary Fix
Confirm NGINX upstream responds and no new AVC events appear.
Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.
Solution – Alternative Approaches
Include SELinux boolean checks in deployment checklist.
Verification & Acceptance Criteria
Disable boolean only if business requirement changes.
Rollback Plan
Apply booleans via Ansible seboolean module.
Prevention & Hardening
getenforce; setsebool -P httpd_can_network_connect 1; journalctl -t setroubleshoot
Related Errors & Cross-Refs
Share AVC records and policy package versions.
Related tutorial: View the step-by-step tutorial for oracle-linux-10.
View all oracle-linux-10 tutorials on the Tutorials Hub →
Browse all common problems & solutions on the Tutorials Hub.
References & Further Reading
Avoid switching SELinux to permissive as a permanent workaround.
Need Expert Help?
If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.
