The problem only came after upgrading to Fedora 38. In Fedora 37, it worked fine with the exact same wireguard config.
First, wg-quick could not access the config file in /etc/wireguard. I solved that problem by running "sudo touch /.autorelabel" and rebooting.

But the actual problem is, that now, despite it being able to access the config file in /etc/wireguard, wg-quick still crashes due to selinux. I verified this by trying again after running "sudo setenforce 0", then, the connection could be established.

The wireguard config was created by ProtonVPN.

I do have the exact same problem on CentOS Stream 9.

I will add the journalctl output from Fedora 38 and Centos Stream 9 and the redacted wireguard config as an attachment.

My selinux-policy version is: 38.12

Reproducible: Always

Steps to Reproduce:
1. Get a wireguard config from ProtonVPN
2. (I commented out the "DNS" option in the config file)
3. Copy it to /etc/wireguard
4. Try to establish a connection by running "systemctl start wg-quick@config_name"
Actual Results:  
The wireguard connection cannot be established

Expected Results:  
The wireguard connection can be established

[root@tx1 ~]# ls -lZ /etc/wireguard/swiss.conf
-rw-r--r--. 1 root root unconfined_u:object_r:etc_t:s0 376  1. Apr 12:25 /etc/wireguard/swiss.conf