Currently, dracut requires to run privileged if 'fips' module is to be used:

/lib/dracut/modules.d/01fips/module-setup.sh:

...

    [ -c "${initdir}"/dev/random ] || mknod "${initdir}"/dev/random c 1 8 \
        || {
            dfatal "Cannot create /dev/random"
            dfatal "To create an initramfs with fips support, dracut has to run as root"
            return 1
        }
    [ -c "${initdir}"/dev/urandom ] || mknod "${initdir}"/dev/urandom c 1 9 \
        || {
            dfatal "Cannot create /dev/urandom"
            dfatal "To create an initramfs with fips support, dracut has to run as root"
            return 1
        }

...

This doesn't work well with dracut's usage in kernel specfile: rpms are not build by a privileged user and thus the module can't be used in the UKI.

The requirement is in fact unneeded and can be dropped. The following PR was recently merged to dracut-ng:
https://github.com/dracut-ng/dracut-ng/pull/311

Please backport this to RHEL9+ to make it possible to include FIPS module into RHEL UKI.

P.S. I'm not exactly sure about the relationship between 'dracut' and 'dracut-ng' projects but I can certainly submit the same PR to dracut repo upstream if it makes sense, the code is exactly the same.