Explore delivery of SELinux manifests for communications between NUT programs and their environment

[jimklimov]

According to examples like #2808 (comment) there are constraints placed on NUT when SELinux is enabled (maybe even if permissive), of which we are likely to see more going forward.

Some concerns raised or presumed:

• access to state files, PID files, locations for them
• access between programs (signals, localhost networking, pipes)
• permission to listen on a port (upsd) or maybe Unix socket (drivers, upsd, upsmon, etc.)
• permission to initiate client connections (various clients, including dummy-ups, nut-scanner, nutconf...)
• access to nut user home directory (or attempts to, if it does not exist) - not sure where that originates from, maybe some scripts running as upsmon descendants: failed to retrieve rpm info for /home/nut / SELinux is preventing upsmon from search access on the directory /home/nut.
• access to third-party files from other packages, e.g. failed to retrieve rpm info for /var/lib/net-snmp/mib_indexes/0 / SELinux is preventing /usr/sbin/snmp-ups from getattr access on the file /var/lib/net-snmp/mib_indexes/0., or SELinux is preventing /usr/sbin/snmp-ups from open access on the directory /var/lib/net-snmp/cert_indexes, or SELinux is preventing /usr/sbin/snmp-ups from search access on the directory /var/lib/net-snmp.
• check if there are permissions needed for wall messaging now

Help/PRs from domain experts would be welcome.