With:

systemd-220-1.fc23.x86_64
selinux-policy-targeted-3.13.1-127.fc23.noarch

I cannot shut down my Fedora 23 virtual machine. Executing shutdown results in:

# shutdown -h now
Failed to start poweroff.target: Access denied

Broadcast message from root@fedora-23 on pts/2 (St 2015-05-27 15:10:43 CEST):

The system is going down for power-off NOW!

And the system keeps running without terminating anything. The message logs appends these messages:

May 27 15:10:43 fedora-23 audit: USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  denied  { start } for auid=0 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" cmdline="shutdown -h now" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service#012 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'
May 27 15:10:43 fedora-23 kernel: audit_printk_skb: 39 callbacks suppressed
May 27 15:10:43 fedora-23 kernel: audit: type=1107 audit(1432732243.601:95): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc:  denied  { start } for auid=0 uid=0 gid=0 path="/usr/lib/systemd/system/poweroff.target" cmdline="shutdown -h now" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:power_unit_file_t:s0 tclass=service#012 exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?'

Few days ago, it worked. Unfortunately dnf does not log installed packages, so I cannot guess which update broke the shutdown.

If I switch SELinux into permissive mode or I call "halt --force --power", then the system halts as expected.

I've also relabeled whole file system and regenerated initramfs without any success.

It happens either calling shutdown from an SSH session or from local TTY.