What were you trying to do that didn't work?

Working with numad on RHEL 9.3 VM 

Please provide the package NVR for which bug is seen:

selinux-policy-38.1.23-1.el9_3.2.noarch                     Mon Mar 11 11:34:35 2024
selinux-policy-devel-38.1.23-1.el9_3.2.noarch               Mon Mar 11 11:34:52 2024
selinux-policy-targeted-38.1.23-1.el9_3.2.noarch            Mon Mar 11 11:34:40 2024
How reproducible:

100%

Steps to reproduce

1. Install numad
2. Once its active it will start flooding AVC with denials

Expected results

SELinux shouldn't deny access

Actual results

SELinux denies access with following audit log:

~~~

type=PROCTITLE msg=audit(04/23/2024 18:03:36.617:3479) : proctitle=/usr/bin/numad -i 15 
type=SYSCALL msg=audit(04/23/2024 18:03:36.617:3479) : arch=x86_64 syscall=read success=yes exit=169 a0=0x1 a1=0x55cf0c6d4240 a2=0x400 a3=0x0 items=0 ppid=1 pid=3200 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=numad exe=/usr/bin/numad subj=system_u:system_r:numad_t:s0 key=(null) 
type=AVC msg=audit(04/23/2024 18:03:36.617:3479) : avc:  denied  { sys_ptrace } for  pid=3200 comm=numad capability=sys_ptrace  scontext=system_u:system_r:numad_t:s0 tcontext=system_u:system_r:numad_t:s0 tclass=cap_userns permissive=0
~~~

In short SELinux denies when:
/usr/bin/numad(numad_t) trying to have access (sys_ptrace)   on  cap_userns (numad_t)

Policy on my RHEL 8 test vm shows this should be allowed:
~~~

1. sesearch -A -s numad_t -t numad_t -p sys_ptrace
   allow numad_t numad_t:capability sys_ptrace;
   ~~~