To run BLX in RHEL 8 and above with SELinux enabled, we need to follow below steps as an workaround:- 1) Apply attached policy file "BLX_Policy.pp" using 'semodule -i BLX_Policy.pp' This will add all the exceptions for BLX process in the SELinux. 2) Install BLX 3) Do all the required configurations in blx.conf and start BLX using 'systemctl start blx'. BLX should work with SELinux enabled. Below are the steps to generate the SELinux policy exceptions for BLX:- 1) On a fresh RHEL 8 or above VM or machine, run 'setenforce 0' to set SELinux as 'Permissive' mode. 2) Install the BLX and start BLX. SELinux will allow BLX to run in 'Permissive' mode but it will capture all exceptions in audit.log 3) Run below command to capture all policy exceptions from audit.log and to create a policy file. grep -E 'blx*|ns*' /var/log/audit/audit.log |audit2allow -a -M <policy_file_name> 4) If you just want to check the policy changes required or what are the policy changes done then run below command:- grep -E 'blx*|ns*' /var/log/audit/audit.log |audit2allow -a 5) To implement the policy changes, run:- semodule -i <policy_file_name>.pp
