Note to self: SELinux is a horrid kludge (not the idea, but the implementation) for the cold-war paranoid and it is time already for Torvalds to accept AppArmor into the main branch and for a major distribution’s developers to get their act together and at the very least provide TOMOYO, SMACK and AppArmor as first class alternatives with a working policy set and and not some sort of red-haired stepchildren a new user cannot use because they need to be integrated semi-automatically at best. Even if Debian provides ways of dealing with the kernel patching, it isn’t trivial. (I know this may not be possible because the original security subsystem design isn’t stackable; or it wasn’t the last time I checked).
In the meantime, and considering I use Fedora these days, I’ve run into a problem using SELinux. When trying to use Firefox Sync, previously known as the artist called Mozilla Weave, SELinux blocks the cryptographic library bundled with the extension. The solution is to edit
/etc/selinux/targeted/contexts/files/file_contexts.local and add the following line to the file (be careful, only do it if you know what you are doing):