I can see also SELinux message immediately when munin-node start is requested:

type=AVC msg=audit(05/10/2018 19:30:35.222:63751) : avc:  denied  { dac_override } for  pid=545556 comm=munin-node capability=dac_override  scontext=system_u:system_r:munin_t:s0 tcontext=system_u:system_r:munin_t:s0 tclass=capability permissive=0

Workaround is to move pid file one level up:

In /etc/munin/munin-node.conf set:
pid_file /var/run/munin-node.pid

And in [service] section of /usr/lib/systemd/system/munin-node.service set:
PIDFile=/var/run/munin-node.pid

Another workaround is:

# cat /etc/tmpfiles.d/munin.conf 
D /var/run/munin 0775 root munin -

The problem is the root user has no permission to write inside /var/run/munin in the provided configuration:

# getfacl /var/run/munin/
getfacl: Removing leading '/' from absolute path names
# file: var/run/munin/
# owner: munin
# group: munin
user::rwx
group::r-x
other::r-x


but user root normally has dac_override capability, which, as the name implies, simply bypass DAC (discretionary access control, aka file permissions). However the service removes such capability, triggering a permission denied error to create the PID file. Giving explicit permission to the root user to write inside the directory solve the issue as write permission is granted without the use of dac_override.

Another option is to drop that file:

# cat /etc/tmpfiles.d/fix_munin.conf 
a+ /var/run/munin/ - - - - user:root:rwx

This is similar to the fix on Enrico, but work also if munin is run as non root.

Ok so seems my fix do not work:

# LC_ALL=C getfacl /var/run/munin/
getfacl: Removing leading '/' from absolute path names
# file: var/run/munin/
# owner: munin
# group: munin
user::rwx
user:root:rwx			#effective:r-x
group::r-x
mask::r-x
other::r-x

Seems the right tmpfiles snippet should be:

a+ /var/run/munin/ - - - - user:root:rwx
a+ /var/run/munin/ - - - - mask:rwx

Making /var/run/munin with permissions munin:root 0775 fixes the issue for me.

munin-2.0.40-2.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-60e7ab00eb

munin-2.0.40-2.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e42294dd9f

munin-2.0.40-2.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d7fccd52d3

munin-2.0.40-2.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-60e7ab00eb

munin-2.0.40-2.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-d7fccd52d3

munin-2.0.40-2.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-e42294dd9f

munin-2.0.40-2.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.

munin-2.0.40-2.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.

munin-2.0.40-2.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.