Latest update . . . indeed the shared mounts are causing the issue here, as /sys mounted for each device created in mininet, and since they are all shared, ugliness ensues. Two options, both of which seem to work. Make the mount of /sys a private mount (MS_PRIVATE) or make it a slave mount (MS_SLAVE).
MS_SLAVE: Like a shared mount, but mount/unmount operations only propagate towards it (that is, the mount will not push up local mounts to the system) MS_PRIVATE: Will neither receive, nor propagate mounts (what happens in the mount, stays in the mount)
I'm honestly not sure the full impact of either of these. MS_SLAVE is the less restrictive of the two, in that it at least inherits mounts which occur in its master. Packages built with both pass basic mininet sanity testing, and are confirmed not to monkey around with the Sys filesystem . . . I call that an improvement!
when you run the mn cmd selinux will be set from enforcing. to disabled