diff --exclude-from=exclude -N -u -r nsalibselinux/src/avc_internal.c libselinux-2.0.34/src/avc_internal.c
--- nsalibselinux/src/avc_internal.c	2007-07-16 14:20:46.000000000 -0400
+++ libselinux-2.0.34/src/avc_internal.c	2007-09-24 11:37:47.000000000 -0400
@@ -61,7 +61,8 @@
 		rc = fd;
 		goto out;
 	}
-
+	
+	fcntl(fd, F_SETFD, FD_CLOEXEC);
 	if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) {
 		close(fd);
 		rc = -1;
diff --exclude-from=exclude -N -u -r nsalibselinux/src/Makefile libselinux-2.0.34/src/Makefile
--- nsalibselinux/src/Makefile	2007-08-03 16:02:56.000000000 -0400
+++ libselinux-2.0.34/src/Makefile	2007-09-24 11:51:42.000000000 -0400
@@ -57,10 +57,10 @@
 	$(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
 
 $(SWIGSO): $(SWIGLOBJ)
-	$(CC) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
+	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
 
 $(LIBSO): $(LOBJS)
-	$(CC) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+	$(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
 	ln -sf $@ $(TARGET) 
 
 %.o:  %.c policy.h
diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-2.0.34/src/matchpathcon.c
--- nsalibselinux/src/matchpathcon.c	2007-09-18 16:27:25.000000000 -0400
+++ libselinux-2.0.34/src/matchpathcon.c	2007-09-18 16:32:31.000000000 -0400
@@ -2,6 +2,7 @@
 #include <string.h>
 #include <errno.h>
 #include <stdio.h>
+#include <syslog.h>
 #include "selinux_internal.h"
 #include "label_internal.h"
 #include "callbacks.h"
@@ -57,7 +58,7 @@
 {
 	va_list ap;
 	va_start(ap, fmt);
-	vfprintf(stderr, fmt, ap);
+	vsyslog(LOG_ERR, fmt, ap);
 	va_end(ap);
 }
 
diff --exclude-from=exclude -N -u -r nsalibselinux/utils/matchpathcon.c libselinux-2.0.34/utils/matchpathcon.c
--- nsalibselinux/utils/matchpathcon.c	2007-07-16 14:20:45.000000000 -0400
+++ libselinux-2.0.34/utils/matchpathcon.c	2007-09-18 16:32:31.000000000 -0400
@@ -17,10 +17,24 @@
 	exit(1);
 }
 
+static void
+#ifdef __GNUC__
+    __attribute__ ((format(printf, 1, 2)))
+#endif
+    myprintf(const char *fmt, ...)
+{
+	va_list ap;
+	va_start(ap, fmt);
+	vfprintf(stderr, fmt, ap);
+	va_end(ap);
+}
+
 int printmatchpathcon(char *path, int header, int mode)
 {
 	char *buf;
-	int rc = matchpathcon(path, mode, &buf);
+	int rc;
+	set_matchpathcon_printf(myprintf);
+	rc = matchpathcon(path, mode, &buf);
 	if (rc < 0) {
 		fprintf(stderr, "matchpathcon(%s) failed: %s\n", path,
 			strerror(errno));