SOLVED, just as knowledge base. seLinux denies access to modify seLinux policy because I use run0 as privileged elevation
# ausearch -c '(semodule)' --raw | audit2allow -M my-semodule
# semodule -X 300 -i my-semodule.pp
When i run run0 semodule… - I get a popup saying access is denied. Same command with sudo works fine though, so sudo run0... is fine.
I usually prefer run0 to sudo, as it seems more secure - I don’t type my password in the terminal for example.