Standard configuration for zabbix_agentd.conf with changes only to endpoint hostname and server hostname/IP address.

Additional configuration calling /etc/zabbix/zabbix_agentd.d/userparameter_selinux.conf containing the following

UserParameter=selinux.status,getenforce

Return value  = getenforce:  getenforce() failed
Expected correct return value = Enforcing

Setting zabbix_agent_t to permissive (as a workaround) in SELinux resolves the issue. No messages related to rejected getenforce issued commands or permission issues for zabbix_agent_t exist in /var/log/audit/audit.log, therefore no policy to create and issue through audit2allow.

Issuing the getenforce command as the zabbix user returns the expected correct value (Enforcing).

It appears that SELinux rejects attempts by zabbix_agent_t to access bin_t type files, but seeking confirmation and any suggestions for resolution.