In our docs we currently advise disabling SELinux on Beaker installations because it is known not to work in enforcing mode. Nobody ever wrote an SELinux policy module for Beaker.
The first step would be to run the test suite in Permissive mode and collect the AVC denials. We can craft a policy module based on those (audit2allow could help with that). The goal would be to enable Enforcing mode in the dogfood tests. Then at some point in the future we may have enough confidence in the policy to update our docs not to recommend disabling SELinux.
(In reply to Dan Callaghan from comment #1) > The first step would be to run the test suite in Permissive mode I learnt at Devconf this year that that is actually not a good approach :-) https://www.youtube.com/watch?v=zQcYXJkwTns