Description of problem:
grafana-server service runs as unconfined_service_t, which violates STIG, as STIG CIS server level 1 profile requires no service to run as "unconfined_service_t" SELinux type.

Version-Release number of selected component (if applicable):
grafana-9.0.9-2.el9

How reproducible:
Always

Steps to Reproduce:
1. Install grafana and start grafana-server service
# yum install -y grafana
# systemctl start grafana-server
2. Check if the grafana process runs as unconfined service type
# ps -efZ | grep grafana-server

Actual results:
Grafana runs as unconfined service type:

# ps -efZ | grep grafana-server
system_u:system_r:unconfined_service_t:s0 grafana 40052 1  4 08:59 ?       00:00:00 /usr/sbin/grafana-server --config=/etc/grafana/grafana.ini --pidfile=/var/run/grafana/grafana-server.pid --packaging=rpm cfg:default.paths.logs=/var/log/grafana cfg:default.paths.data=/var/lib/grafana cfg:default.paths.plugins=/var/lib/grafana/plugins cfg:default.paths.provisioning=/etc/grafana/provisioning


Expected results:
Grafana does not run as unconfined service type

Additional info:
https://access.redhat.com/articles/2918071