To cut the long story short - I need to find out what part of the source code in a given application/process triggers the need for a particular SELinux permission - process:setsched, capability:setpcap or capability:net_admin for example.
I am guessing this is all done via appropriate SELInux hooks, but I need to find a way to trace that back (stack trace?) to the originating code/process, which triggers this. Is there a way I could do that?