The following seems to work as exec_type looks like the 'wildcard'. At least I got rid of the alerts, so hopefully there are no side-effects.
Thx Xavier
# cat keepalived-pidof.te module keepalived-pidof 1.0;
require { type keepalived_t; type exec_type; class file getattr; }
#============= keepalived_t ============== allow keepalived_t exec_type:file getattr;
# checkmodule -M -m -o keepalived-pidof.mod keepalived-pidof.te # semodule_package -o keepalived-pidof.pp -m keepalived-pidof.mod # semodule -i keepalived-pidof.pp