I found that octavia-api doesn't repond when selinux is enforced.

This issue is not reproduced when selinux is permissive and I suspect the following denial, which is recorded in audit.log, is causing the problem.

type=AVC msg=audit(1711009582.771:8426): avc:  denied  { getattr } for  pid=72482 comm="httpd" path="/run/octavia/status.sock" dev="tmpfs" ino=4820 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=sock_file permissive=0 

Example log can be found in https://zuul.opendev.org/t/openstack/build/d857ddcfdfff436f89ac53ba3d104283 .

Version-Release number of selected component (if applicable):

openstack-selinux-0.8.39-0.20240219140649.f618d90.el9.noarch

How reproducible:
Always

Steps to Reproduce:
1. Make selinux enforcing
2. Run octavia-api by httpd + mod_wsgi
2. Attempt to create a load balancer

Actual results:
API is stuck and does not respond

Expected results:
API responds to the request

Additional info: