I usually try these when I hit SELinux issues, thought I'd quickly share here. # Enable SELinux $ setenforce 1 # Clear the audit log (so only relevant messages can be analysed later) $ > /var/log/audit/audit.log [Perform your offending test] # Show a reference policy $ cat /var/log/audit/audit.log | audit2allow -R And, if you're feeling more adventurous, you can even generate an SELinux reference policy and re-test it: e.g. If you see Neutron issues from the previous command, you can try # Generate an SELinux loadable module package $ audit2allow -a -M neutron # Install the Policy Package $ semodule -i neutron.pp # Restart neutron-dhcp-agent again $ systemctl restart neutron-dhcp-agent See if it alleviates your problem. Ref: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Lin... -- /kashyap