diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/setrans.h libselinux-1.24.2/include/selinux/setrans.h
--- nsalibselinux/include/selinux/setrans.h	1969-12-31 19:00:00.000000000 -0500
+++ libselinux-1.24.2/include/selinux/setrans.h	2005-08-05 09:56:54.000000000 -0400
@@ -0,0 +1,27 @@
+#ifndef _SETRANS_H_
+#define _SETRANS_H_
+
+#include <selinux/selinux.h>
+
+/* Define data structures */
+typedef struct selevel {
+	char* name;
+	char* sename;
+} selevel_t;
+
+/* Category data structure */
+/* Data returned from the getselevel functions must be freed using freelevel */
+
+/* Get Security Level translation struct via internal Name */
+extern struct selevel *getselevelbyname(const char *name);
+
+/* Get Security Level translation struct via external Name */
+extern struct selevel *getselevelbysename( const char* sename);
+
+/* Function used to free data returned via getselevel functions */
+extern void freeselevel( selevel_t *level);
+
+/* Translate security context, into exernal representation */
+extern char *setransconlevel(const security_context_t con);
+
+#endif
diff --exclude-from=exclude -N -u -r nsalibselinux/man/man8/selinuxenabled.8 libselinux-1.24.2/man/man8/selinuxenabled.8
--- nsalibselinux/man/man8/selinuxenabled.8	2004-11-02 14:26:19.000000000 -0500
+++ libselinux-1.24.2/man/man8/selinuxenabled.8	2005-08-05 09:47:55.000000000 -0400
@@ -7,7 +7,7 @@
 .SH "DESCRIPTION"
 .B selinuxenabled
 Indicates whether SELinux is enabled or disabled. It exits with status 0 
-if SELinux is enabled and -256 if it is not enabled.
+if SELinux is enabled and 1 if it is not enabled.
 
 .SH AUTHOR	
 Dan Walsh, <dwalsh@redhat.com>
diff --exclude-from=exclude -N -u -r nsalibselinux/src/context.c libselinux-1.24.2/src/context.c
--- nsalibselinux/src/context.c	2005-01-28 12:15:29.000000000 -0500
+++ libselinux-1.24.2/src/context.c	2005-08-05 09:47:55.000000000 -0400
@@ -134,20 +134,27 @@
 
 static int set_comp(context_private_t* n,int index, const char *str)
 {
-        char *t = (char*) malloc(strlen(str)+1);
-        const char *p;
-        if ( !t ) { return 1; }
-        for ( p = str; *p; p++ ) {
-                if ( *p == '\t' || *p == ' ' || *p == '\n' || *p == '\r' ||
-                     (*p == ':' && index != COMP_RANGE) ) {
-                        free(t);
-                        return 1;
-                }
-        }
-        conditional_free(&n->component[index]);
-        n->component[index] = t;
-        strcpy(t,str);
-        return 0;
+	char *t;
+	
+	if (str) {
+		t = (char*) malloc(strlen(str)+1);
+		const char *p;
+		if ( !t ) { return 1; }
+		for ( p = str; *p; p++ ) {
+			if ( *p == '\t' || *p == '\n' || *p == '\r' ||
+			     (*p == ':' && index != COMP_RANGE) ) {
+				free(t);
+				return 1;
+			}
+		}
+		conditional_free(&n->component[index]);
+		n->component[index] = t;
+		strcpy(t,str);
+	} else {
+		conditional_free(&n->component[index]);
+		n->component[index] = NULL;
+	}
+	return 0;
 }
 
 #define def_get(name,tag) \
diff --exclude-from=exclude -N -u -r nsalibselinux/src/fgetfilecon.c libselinux-1.24.2/src/fgetfilecon.c
--- nsalibselinux/src/fgetfilecon.c	2004-10-20 16:31:36.000000000 -0400
+++ libselinux-1.24.2/src/fgetfilecon.c	2005-08-05 09:47:55.000000000 -0400
@@ -6,6 +6,7 @@
 #include <errno.h>
 #include <sys/xattr.h>
 #include "policy.h"
+#include <selinux/setrans.h>
 
 int fgetfilecon(int fd, security_context_t *context)
 {
@@ -37,9 +38,8 @@
 		ret = fgetxattr(fd, XATTR_NAME_SELINUX, buf, size-1); 
 	}
 out:			
-	if (ret < 0)
-		free(buf);
-	else
-		*context = buf;
+	if (ret >= 0)
+		*context = setransconlevel(buf);
+       free(buf);
 	return ret;
 }
diff --exclude-from=exclude -N -u -r nsalibselinux/src/getcon.c libselinux-1.24.2/src/getcon.c
--- nsalibselinux/src/getcon.c	2004-10-20 16:31:36.000000000 -0400
+++ libselinux-1.24.2/src/getcon.c	2005-08-05 09:47:55.000000000 -0400
@@ -30,7 +30,7 @@
 	if (ret < 0)
 		goto out2;
 
-	*context = strdup(buf);
+	*context = setransconlevel(buf);
 	if (!(*context)) {
 		ret = -1;
 		goto out2;
diff --exclude-from=exclude -N -u -r nsalibselinux/src/getfilecon.c libselinux-1.24.2/src/getfilecon.c
--- nsalibselinux/src/getfilecon.c	2005-01-28 12:15:29.000000000 -0500
+++ libselinux-1.24.2/src/getfilecon.c	2005-08-05 09:47:55.000000000 -0400
@@ -6,6 +6,7 @@
 #include <errno.h>
 #include <sys/xattr.h>
 #include "policy.h"
+#include <selinux/setrans.h>
 
 int getfilecon(const char *path, security_context_t *context)
 {
@@ -37,10 +38,9 @@
 		ret = getxattr(path, XATTR_NAME_SELINUX, buf, size-1); 
 	}
 out:			
-	if (ret < 0)
-		free(buf);
-	else
-		*context = buf;
+	if (ret >= 0)
+		*context = setransconlevel(buf);
+	free(buf);
 	return ret;
 }
 hidden_def(getfilecon)
diff --exclude-from=exclude -N -u -r nsalibselinux/src/getpidcon.c libselinux-1.24.2/src/getpidcon.c
--- nsalibselinux/src/getpidcon.c	2004-10-20 16:31:36.000000000 -0400
+++ libselinux-1.24.2/src/getpidcon.c	2005-08-05 09:47:55.000000000 -0400
@@ -34,7 +34,7 @@
 	if (ret < 0)
 		goto out2;
 
-	*context = strdup(buf);
+	*context = setransconlevel(buf);
 	if (!(*context)) {
 		ret = -1;
 		goto out2;
diff --exclude-from=exclude -N -u -r nsalibselinux/src/lgetfilecon.c libselinux-1.24.2/src/lgetfilecon.c
--- nsalibselinux/src/lgetfilecon.c	2004-10-20 16:31:36.000000000 -0400
+++ libselinux-1.24.2/src/lgetfilecon.c	2005-08-05 09:47:55.000000000 -0400
@@ -37,9 +37,8 @@
 		ret = lgetxattr(path, XATTR_NAME_SELINUX, buf, size-1); 
 	}
 out:			
-	if (ret < 0)
-		free(buf);
-	else
-		*context = buf;
+	if (ret >= 0)
+		*context = setransconlevel(buf);
+	free(buf);
 	return ret;
 }
diff --exclude-from=exclude -N -u -r nsalibselinux/src/setrans.c libselinux-1.24.2/src/setrans.c
--- nsalibselinux/src/setrans.c	1969-12-31 19:00:00.000000000 -0500
+++ libselinux-1.24.2/src/setrans.c	2005-08-05 09:51:03.000000000 -0400
@@ -0,0 +1,71 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <string.h>
+#include <selinux/setrans.h>
+#include <selinux/context.h>
+#include <dlfcn.h>
+
+static selevel_t *(*setrans_selevelbyname)( const char* name);
+static selevel_t *(*setrans_selevelbysename)( const char* sename);
+
+void freeselevel( selevel_t *level) {
+	if (level->name) 
+		free(level->name);
+	if (level->sename) 
+		free(level->sename);
+	free(level);
+}
+
+/* Find and load the Security Level translation library */
+static int getlibsetrans(void) {
+	static void *handle = NULL;
+	char *error;
+	if (handle) {
+		return 0;
+	}
+	handle = dlopen ("libsetrans.so", RTLD_LAZY);
+	if (!handle)
+		return 1;
+	dlerror();
+	*(selevel_t **) (&setrans_selevelbyname) = dlsym(handle, "setrans_getselevelbyname");
+	if ((error = dlerror()) != NULL)  {
+		return 1;
+	}
+	*(selevel_t **) (&setrans_selevelbysename) = dlsym(handle, "setrans_getselevelbysename");
+	if ((error = dlerror()) != NULL)  {
+		return 1;
+	}
+	return 0;
+}
+
+/* Get Security Level via internal Name */
+selevel_t *getselevelbyname( const char* name) {
+	if (getlibsetrans()) return NULL;
+	return (*setrans_selevelbyname)(name);
+}
+
+/* Get Security Level via external Name */
+selevel_t *getselevelbysename( const char* sename) {
+	if (getlibsetrans()) return NULL;
+	return (*setrans_selevelbysename)(sename);
+}
+
+/* Function used to translate a security context into external representation */
+extern char *setransconlevel(const security_context_t scon) {
+	char *rcon;
+	context_t con=context_new(scon);
+	selevel_t *level;
+	if (!con) 
+		return NULL;
+	level=getselevelbyname(context_range_get(con));
+	if (level) {
+		context_range_set(con, level->sename);
+		rcon=strdup(context_str(con));
+		freeselevel(level);
+	} else {
+		rcon=strdup(scon);
+	}
+	context_free(con);
+	return rcon;
+}