What were you trying to do that didn't work?

Running the Cockpit test suite generates a systemd-networkd selinux violation. This is a new access error which happens after:

selinux-policy (38.1.39-1.el9 -> 38.1.40-1.el9)
selinux-policy-targeted (38.1.39-1.el9 -> 38.1.40-1.el9)
systemd (252-35.el9 -> 252-37.el9)
systemd-container (252-35.el9 -> 252-37.el9)
systemd-libs (252-35.el9 -> 252-37.el9)
systemd-pam (252-35.el9 -> 252-37.el9)
systemd-resolved (252-35.el9 -> 252-37.el9)
systemd-rpm-macros (252-35.el9 -> 252-37.el9)
systemd-udev (252-35.el9 -> 252-37.el9)

Please provide the package NVR for which bug is seen:

selinux-policy 38.1.40-1.el9

How reproducible:

Steps to reproduce

Expected results

No SELinux issue

Actual results

Jun 24 06:09:21 rhel-9-5-127-0-0-2-2201 kernel: audit: type=1404 audit(1719223760.939:2): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
Jun 24 06:09:21 rhel-9-5-127-0-0-2-2201 kernel: audit: type=1403 audit(1719223760.990:3): auid=4294967295 ses=4294967295 lsm=selinux res=1
Jun 24 06:09:21 rhel-9-5-127-0-0-2-2201 kernel: audit: type=1400 audit(1719223761.459:4): avc: denied

for pid=929 comm="systemd-network" name=".#networkayixSB" scontext=system_u:system_r:systemd_network_generator_t:s0 tcontext=system_u:object_r:init_var_run_t:s0 tclass=file permissive=0

[root@rhel-9-5-127-0-0-2-2201 ~]# systemctl --failed
UNIT LOAD ACTIVE SUB DESCRIPTION
● kdump.service loaded failed failed Crash recovery kernel arming
● systemd-network-generator.service loaded failed failed Generate network units from Kernel command line

https://cockpit-logs.us-east-1.linodeobjects.com/pull-6541-9e3b054a-20240623-225412-rhel-9-5-storage-cockpit-project-cockpit/log.html#36