How to match selinux rules/transitions/labels/etc to modules
Solution 1:
Apparently, there's not a way to do that. It might be related to the fact that the policy a machine is using is compiled from the modules, which only exist in the source code:
# file /etc/selinux/default/policy/policy.26
/etc/selinux/default/policy/policy.26: SE Linux policy v26 MLS 8 symbols 7 ocons
# file -i /etc/selinux/default/policy/policy.26
/etc/selinux/default/policy/policy.26: application/octet-stream; charset=binary
The very detail of what module included what rule is lost after the compilation step.
However, and given that you want to study some SELinux policy modules (as in some specific modules), you can do the other way round, and either:
Install the
refpolicy
package for your distribution. It contains the source code (yes, not what you asked for, but probably the easiest way)Extract all the information from a compiled policy package file. You can find these files in
/etc/selinux/$policy/modules/active/modules/*pp
. A very detailed explanation on how to decompile a module has already been posted here.