At the heart of the problem is that the SELinux policies themselves are sort of magical. The policies have probably been provided by the maintainers of your Linux distribution, e.g., Fedora Linux. There’s nowhere on the system where you can view the policies and look up why something might or might not work. The policies also change over time, without any warning.
Red Hat has made it clear the best way to manage SELinux is for you to outsource it to someone, preferably them. I get it, security of this sort is complex, but having to trust random internet postings for instructions on how to do a small task is how we ended up with github readmes saying “just curl this into bash as root”.