Problem
If you use libvirt-based virtual machines (via GNOME Boxes, Cockpit, virt-manager, or command-line libvirt tools) and you upgrade to Fedora 40, you may find that attempting to start a virtual machine (especially a system session one) triggers multiple SELinux alerts and may fail to work with an error like this one:
libvirt.libvirtError: can’t connect to virtlogd: Unable to open system token /run/libvirt/common/system.token: Permission denied
(You can check whether you see this error or some different one through journalctl -b command or the Logs application in GNOME).
Even setting SELinux to permissive mode does not resolve this.
You can discuss this topic here.
Cause
The full details of this are still being investigated, and there may be multiple causes of the different denials, but it seems to be caused by errors or omissions in the Fedora SELinux policy.
Related Issues
Bugzilla report: #2272971