diff --git a/.cvsignore b/.cvsignore
index e69de29..a0a1ede 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -0,0 +1 @@
+libselinux-1.4.tgz
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
new file mode 100644
index 0000000..da6f24e
--- /dev/null
+++ b/libselinux-rhat.patch
@@ -0,0 +1,118 @@
+--- libselinux-1.4/utils/getcon.c.rhat	2003-10-24 16:39:11.000000000 -0400
++++ libselinux-1.4/utils/getcon.c	2003-12-18 14:50:39.000000000 -0500
+@@ -2,19 +2,103 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <selinux/selinux.h>
++#include <selinux/context.h>
++#include <getopt.h> 
++
++/* The name the program was run with. */
++static char *program_name;
++static struct option const long_options[] =
++{
++  {"user", no_argument, 0, 'u'},
++  {"role", no_argument, 0, 'r'},      
++  {"type", no_argument, 0, 't'},
++  {"help", no_argument, 0, 'h'},
++  {0, 0, 0, 0}
++};
++
++static void
++usage (int status)
++{
++  if (status != 0)
++    fprintf (stderr, "Try `%s --help' for more information.\n",
++	     program_name);
++  else
++    {
++      printf ("\
++Usage: %s [ [-u USER] | [-r ROLE] | [-t TYPE] ] \n\
++",
++	program_name);
++      printf ("\
++Get the current security context for this process.\n\
++\n\
++  -u, --user=USER        set user USER in the target security context\n\
++  -r, --role=ROLE        set role ROLE in the target security context\n\
++  -t, --type=TYPE        set type TYPE in the target security context\n\
++      --help             display this help and exit\n\
++      --version          output version information and exit\n\
++");
++    }
++  exit (status);
++}
+ 
+ int main(int argc __attribute__ ((unused)), char **argv) 
+ {
+ 	char *buf;
+ 	int rc;
++	int user=0,type=0,role=0,show_help=0;
++	char optc;
++	program_name = argv[0];
++	while ((optc = getopt_long (argc, argv, "hurt", long_options, NULL)) != -1)
++	  {
++	    switch (optc)
++	      {
++	      case 0:
++		break;
++	      case 'u':
++		if (type || role) 
++		  usage(1);
++		user = 1;
++		break;
++	      case 'r':
++		if (user || type) 
++		  usage(1);
++		role = 1;
++		break;
++	      case 't':
++		if (user || role) 
++		  usage(1);
++		type=1;
++		break;
++	      case 'h':
++		show_help=1;
++		break;
++	  default:
++		  usage (1);
++	      }
++	  }
+ 
+ 	rc = getcon(&buf);
+ 	if (rc < 0) {
+ 		fprintf(stderr, "%s:  getcon() failed\n", argv[0]);
+ 		exit(2);
+ 	}
+-
+-	printf("%s\n", buf);
++	if (show_help)
++	  usage (0);
++	if (role || user || type) {
++	  context_t context=context_new(buf);
++	  if (user) {
++	    printf("%s",context_user_get(context));
++	  }
++	  if (role) {
++	    printf("%s",context_role_get(context));
++	  }
++	  if (type) {
++	    printf("%s",context_type_get(context));
++	  }
++	    context_free(context);
++	} else {
++	  printf("%s\n", buf);
++	}
+ 	freecon(buf);
+ 	exit(0);
+ }
+--- libselinux-1.4/utils/Makefile.rhat	2003-12-19 15:37:51.815619330 -0500
++++ libselinux-1.4/utils/Makefile	2003-12-19 15:37:32.014789494 -0500
+@@ -1,6 +1,5 @@
+ # Installation directories.
+-PREFIX ?= $(DESTDIR)/usr
+-BINDIR ?= $(PREFIX)/bin
++BINDIR ?= $(DESTDIR)/bin
+ 
+ CFLAGS = -Wall
+ override CFLAGS += -I../include
diff --git a/libselinux.spec b/libselinux.spec
new file mode 100644
index 0000000..421831e
--- /dev/null
+++ b/libselinux.spec
@@ -0,0 +1,142 @@
+Summary: SELinux library and simple utilities
+Name: libselinux
+Version: 1.4
+Release: 9
+License: Public domain (uncopyrighted)
+Group: System Environment/Libraries
+Source: http://www.nsa.gov/selinux/archives/libselinux-1.4.tgz
+Prefix: %{_prefix}
+BuildRoot: %{_tmppath}/%{name}-buildroot
+Provides: libselinux.so
+Patch: libselinux-rhat.patch
+Patch1: libselinux-mntpoint.patch
+Patch2: libselinux-getpeercon.patch
+Patch3: libselinux-getpwnam.patch
+Patch4: libselinux-rootok.patch
+
+%description
+Security-enhanced Linux is a patch of the Linux® kernel and a number
+of utilities with enhanced security functionality designed to add
+mandatory access controls to Linux.  The Security-enhanced Linux
+kernel contains new architectural components originally developed to
+improve the security of the Flask operating system. These
+architectural components provide general support for the enforcement
+of many kinds of mandatory access control policies, including those
+based on the concepts of Type Enforcement®, Role-based Access
+Control, and Multi-level Security.
+
+libselinux provides an API for SELinux applications to get and set
+process and file security contexts and to obtain security policy
+decisions.  Required for any applications that use the SELinux API.
+
+%package devel
+Summary: Header files and libraries used to build SELinux
+Group: Development/Libraries
+Requires: libselinux = %{version}
+
+%description devel
+The selinux-devel package contains the static libraries and header files
+needed for developing SELinux applications. 
+
+%prep
+%setup -q
+%patch -p1 -b .rhat
+%patch1 -p1 -b .mntpoint
+%patch2 -p1 -b .getpeercon
+%patch3 -p1 -b .getpeernam
+%patch4 -p1 -b .rootok
+
+%build
+make 
+
+%install
+rm -rf ${RPM_BUILD_ROOT}
+mkdir -p ${RPM_BUILD_ROOT}/%{_lib} 
+mkdir -p ${RPM_BUILD_ROOT}/%{_libdir} 
+mkdir -p ${RPM_BUILD_ROOT}%{_includedir} 
+mkdir -p ${RPM_BUILD_ROOT}/bin
+make DESTDIR="${RPM_BUILD_ROOT}" LIBDIR="${RPM_BUILD_ROOT}%{_libdir}" SHLIBDIR="${RPM_BUILD_ROOT}/%{_lib}" install
+
+%clean
+rm -rf ${RPM_BUILD_ROOT}
+
+%post
+# add libselinux to the cache
+/sbin/ldconfig
+
+%files devel
+%defattr(-,root,root)
+%{_libdir}/libselinux.a
+%{_libdir}/libselinux.so
+%{_includedir}/selinux/*.h
+
+%files
+%defattr(-,root,root)
+/%{_lib}/libselinux.so.1
+/bin/*
+
+%changelog
+
+* Fri Jan 23 2004 Dan Walsh <dwalsh@redhat.com> 1.4-9
+- Add rootok patch
+
+* Wed Jan 14 2004 Dan Walsh <dwalsh@redhat.com> 1.4-8
+- Updated getpeernam patch
+
+* Tue Jan 13 2004 Dan Walsh <dwalsh@redhat.com> 1.4-7
+- Add getpeernam patch
+
+* Thu Dec 18 2003 Dan Walsh <dwalsh@redhat.com> 1.4-6
+- Add getpeercon patch
+
+* Thu Dec 18 2003 Dan Walsh <dwalsh@redhat.com> 1.4-5
+- Put mntpoint patch, because found fix for SysVinit
+
+* Wed Dec 17 2003 Dan Walsh <dwalsh@redhat.com> 1.4-4
+- Add remove mntpoint patch, because it breaks SysVinit
+
+* Wed Dec 17 2003 Dan Walsh <dwalsh@redhat.com> 1.4-3
+- Add mntpoint patch for SysVinit
+
+* Fri Dec 12 2003 Dan Walsh <dwalsh@redhat.com> 1.4-2
+- Add -r -u -t to getcon 
+
+* Sat Dec 6 2003 Dan Walsh <dwalsh@redhat.com> 1.4-1
+- Upgrade to latest from NSA
+
+* Mon Oct 27 2003 Dan Walsh <dwalsh@redhat.com> 1.3-2
+- Fix x86_64 build
+
+* Wed Oct 21 2003 Dan Walsh <dwalsh@redhat.com> 1.3-1
+- Latest tarball from NSA.
+
+* Tue Oct 21 2003 Dan Walsh <dwalsh@redhat.com> 1.2-9
+- Update with latest changes from NSA
+
+* Mon Oct 20 2003 Dan Walsh <dwalsh@redhat.com> 1.2-8
+- Change location of .so file
+
+* Wed Oct 8 2003 Dan Walsh <dwalsh@redhat.com> 1.2-7
+- Break out into development library
+
+* Wed Oct  8 2003 Dan Walsh <dwalsh@redhat.com> 1.2-6
+- Move location of libselinux.so to /lib
+
+* Fri Oct  3 2003 Dan Walsh <dwalsh@redhat.com> 1.2-5
+- Add selinuxenabled patch
+
+* Wed Oct  1 2003 Dan Walsh <dwalsh@redhat.com> 1.2-4
+- Update with final NSA 1.2 sources.
+
+* Fri Sep  12 2003 Dan Walsh <dwalsh@redhat.com> 1.2-3
+- Update with latest from NSA.
+
+* Fri Aug  28 2003 Dan Walsh <dwalsh@redhat.com> 1.2-2
+- Fix to build on x86_64
+
+* Thu Aug  21 2003 Dan Walsh <dwalsh@redhat.com> 1.2-1
+- update for version 1.2
+
+* Wed May 27 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
+- Initial version
+
diff --git a/sources b/sources
index e69de29..7d43b99 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+2bc6be58ffc698e997c15a33777ebfe8  libselinux-1.4.tgz