For fast SSH key lookups to work (https://docs.gitlab.com/ee/administration/operations/fast_ssh_key_lookup.html),
SELinux spawns `/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell-authorized-keys-check`
and needs the following access:
* Read: /var/opt/gitlab/gitlab-shell/config.yml
* Read: /var/opt/gitlab/gitlab-rails/etc/gitlab_shell_secret
* Write: /var/log/gitlab/gitlab-shell/gitlab-shell.log
* Connect: unicorn (port 8080)
Because the SELinux policy is a static policy, right now we don't support the
ability to change internal unicorn ports. Admins would have to create a
special .te file for the environment, or we'd have to dynamically generate it
for them, which is it a bit tricky if they have changed their port contexts.
Granting `http_cache_port_t` permissions also includes access to these ports:
```
http_cache_port_t tcp 8080, 8118, 8123, 10001-10010
http_cache_port_t udp 3130
```
Closes#2855
Stan Hu
Yoginth
Jacob Vosmaer