Haproxy 启动报错 (SELinux is preventing /usr/sbin/haproxy from name_bind access on the tcp_socket port 1080)

执行启动Haproxy的时候，报错提示：

Job for haproxy.service failed because the control process exited with error code.
See "systemctl status haproxy.service" and "journalctl -xe" for details.

根据上面提示语， 执行 

journalctl -xe

然后看到错误信息如下： 

12月 05 19:40:43 vm3 setroubleshoot[27240]: SELinux is preventing /usr/sbin/haproxy from name_bind access on the tcp_socket port 1080. For complete SELinux messages run: sealert -l 5978c05d-defb-4>
12月 05 19:40:43 vm3 platform-python[27240]: SELinux is preventing /usr/sbin/haproxy from name_bind access on the tcp_socket port 1080.

                                              *****  Plugin bind_ports (85.9 confidence) suggests   ************************

                                              If you want to allow /usr/sbin/haproxy to bind to network port 1080
                                              Then you need to modify the port type.
                                              Do
                                              # semanage port -a -t PORT_TYPE -p tcp 1080
                                                  where PORT_TYPE is one of the following: commplex_main_port_t, http_cache_port_t, http_port_t.

                                              *****  Plugin catchall_boolean (7.33 confidence) suggests   ******************

                                              If you want to allow nis to enabled
                                              Then you must tell SELinux about this by enabling the 'nis_enabled' boolean.

                                              Do
                                              setsebool -P nis_enabled 1

                                              *****  Plugin catchall_boolean (7.33 confidence) suggests   ******************

                                              If you want to allow haproxy to connect any
                                              Then you must tell SELinux about this by enabling the 'haproxy_connect_any' boolean.

                                              Do
                                              setsebool -P haproxy_connect_any 1

                                              *****  Plugin catchall (1.35 confidence) suggests   **************************

                                              If you believe that haproxy should be allowed name_bind access on the port 1080 tcp_socket by default.
                                              Then you should report this as a bug.
                                              You can generate a local policy module to allow this access.
                                              Do
                                              allow this access for now by executing:
                                              # ausearch -c 'haproxy' --raw | audit2allow -M my-haproxy
                                              # semodule -X 300 -i my-haproxy.pp

根据提示， 

If you want to allow /usr/sbin/haproxy to bind to network port 1080
                                              Then you need to modify the port type.
                                              Do
                                              # semanage port -a -t PORT_TYPE -p tcp 1080
如果你先允许绑定到网络端口1080， 需要修改端口类型， 如下

semanage port -a -t PORT_TYPE -p tcp 1080  # 其中 PORT_TYPE 可选值为：commplex_main_port_t, http_cache_port_t, http_port_t.

# 在这里， 我们使用 http_port_t 类型， 即执行下面命令即可
semanage port -a -t http_port_t -p tcp 1080

然后重启haproxy 即可