There are two main directories for SELinux policy in /etc/selinux/:
/etc/selinux/<policyname>/policy/ — the binary policy and runtime configuration files.
/etc/selinux/<policyname>/src/policy/ — policy sources.
It is possible to have more than one policy existing on the system, although only one may be loaded at a time. The policy binary files, and possibly source files, are located in /etc/selinux/<policyname>/, where <policyname> is the name of your policy, such as targeted, strict, webhost, test, and so forth. The configuration file /etc/selinux/config defines which policy is used, for example SELINUXTYPE=targeted.
In this document, the convention of $DIRECTORY_TYPE is used instead of the full path to assist in readability:
The variable directory $SELINUX_SRC/ is a substitute for the generic directory of /etc/selinux/<policyname>/src/policy/ and the targeted policy source directory at /etc/selinux/targeted/src/policy/.
The variable directory $SELINUX_POLICY/ is a substitute for the generic directory of /etc/selinux/<policyname>/policy/ and the binary targeted policy directory at /etc/selinux/targeted/policy/.
An important file is the audit log file. In Red Hat Enterprise Linux, $AUDIT_LOG by default is /var/log/messages. However, this is configurable via /etc/syslog.conf, and future work on an audit daemon will handle kernel audit events and log them into a separate file. Because of the variable nature of where the audit logs are, the variable file $AUDIT_LOG is used as a substitute.
Other important files and directories include $SELINUX_POLICY/booleans and $SELINUX_POLICY/contexts/, which are both discussed in Section 3.2 Files and Directories of the Targeted Policy.
The most important file for SELinux is the binary policy file. This file is located at /etc/selinux/targeted/policy/policy.<XY>. The <XY> represents the two digits of the policy version. In the case of Red Hat Enterprise Linux 4, this file is policy.18.