extend selinux policy for nginx caching

Author: Tim Meusel

templates/unicorn_selinux_template

@@ -17,6 +17,9 @@ module nginx 1.2;
 
 #============= httpd_t ==============
 allow httpd_t puppet_var_run_t:sock_file write;
+allow httpd_t self:process setrlimit;
+allow httpd_t var_t:dir setattr;
+allow httpd_t var_t:file { read getattr unlink };
 allow httpd_t puppet_var_run_t:dir search;
 allow httpd_t init_t:unix_stream_socket connectto;
 <% if @backup_upstream %>