diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index 44f0393..a06c700 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -1,7 +1,15 @@
 diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h libselinux-1.27.1/include/selinux/selinux.h
 --- nsalibselinux/include/selinux/selinux.h	2005-09-01 11:17:40.000000000 -0400
-+++ libselinux-1.27.1/include/selinux/selinux.h	2005-09-28 14:37:04.000000000 -0400
-@@ -354,6 +354,25 @@
++++ libselinux-1.27.1/include/selinux/selinux.h	2005-09-29 14:46:48.000000000 -0400
+@@ -323,6 +323,7 @@
+ extern const char *selinux_booleans_path(void);
+ extern const char *selinux_customizable_types_path(void);
+ extern const char *selinux_users_path(void);
++extern const char *selinux_usersconf_path(void);
+ 
+ /* Check a permission in the passwd class.
+    Return 0 if granted or -1 otherwise. */
+@@ -354,6 +355,12 @@
  extern int selinux_raw_to_trans_context(security_context_t raw, 
  					security_context_t *transp);
  
@@ -9,60 +17,11 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/selinux.h lib
 +/* the following functions are used to retrieve the SELinux user and their 
 +   security level via the  Linux usernames selinux */
 +
-+#define SEUSERFILE "/etc/selinux/seusers.conf"
-+
-+/* Define data structures */
-+typedef struct seuser {
-+	char* username;
-+	char* seusername;
-+	char* level;
-+} seuser_t;
-+
-+/* read /etc/selinux/seusers.conf file an return selinux user info */
-+
-+extern void freeseuser(seuser_t *seuser);
-+
-+extern int getseuserbyname(const char *name, seuser_t **r_seuser);
++extern int getseuserbyname(const char *name, char **seuser, char **level);
 +
  #ifdef __cplusplus
  }
  #endif
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/seuser.h libselinux-1.27.1/include/selinux/seuser.h
---- nsalibselinux/include/selinux/seuser.h	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.27.1/include/selinux/seuser.h	2005-09-28 14:32:11.000000000 -0400
-@@ -0,0 +1,32 @@
-+#ifndef _SEUSER_H_
-+#define _SEUSER_H_
-+
-+#include <sys/types.h>
-+#include <stdarg.h>
-+
-+#ifdef __cplusplus
-+extern "C"
-+{
-+#endif
-+
-+#define SEUSERFILE "/etc/selinux/seusers.conf"
-+
-+/* Define data structures */
-+typedef struct seuser {
-+	char* username;
-+	char* seusername;
-+	char* sensitivity;
-+	char* categories;
-+} seuser_t;
-+
-+/* read /etc/selinux/seusers.conf file an return selinux user info */
-+
-+extern void free_seuser(seuser_t *seuser);
-+
-+extern int getseuserbyname(const char *name, seuser_t **r_seuser);
-+
-+#ifdef __cplusplus
-+}
-+#endif
-+
-+#endif
 diff --exclude-from=exclude -N -u -r nsalibselinux/man/Makefile libselinux-1.27.1/man/Makefile
 --- nsalibselinux/man/Makefile	2004-10-20 16:31:36.000000000 -0400
 +++ libselinux-1.27.1/man/Makefile	2005-09-28 14:32:16.000000000 -0400
@@ -73,10 +32,67 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/Makefile libselinux-1.27.
 +clean:
 +	-rm -f *~ \#*
 +	-rm -f man8/*~ man8/\#*
+diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/getseuserbyname.3 libselinux-1.27.1/man/man3/getseuserbyname.3
+--- nsalibselinux/man/man3/getseuserbyname.3	1969-12-31 19:00:00.000000000 -0500
++++ libselinux-1.27.1/man/man3/getseuserbyname.3	2005-09-29 15:09:57.000000000 -0400
+@@ -0,0 +1,21 @@
++.TH "getseuserbyname" "3" "29 September 2005" "dwalsh@redhat.com" "SE Linux API documentation"
++.SH "NAME"
++getseuserbyname \- get SELinux user and level via Linux username
++.SH "SYNOPSIS"
++.B #include <selinux/selinux.h>
++.sp
++.BI "int getseuserbyname(const char *" username ", char **" selinuxuser ", char **" level ");
++.SH "DESCRIPTION"
++.B getseuserbyname
++retrieves the SELinux Username and security level associated with username.
++
++.br
++
++The returned SELinux username and level should be free with free if non-NULL.  
++.SH "RETURN VALUE"
++On success, 0 is returned indicating.
++On failure, \-1 is returned and errno is set appropriately.
++
++The errors documented for the stat(2) system call are also applicable
++here.
++
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.27.1/src/selinux_config.c
+--- nsalibselinux/src/selinux_config.c	2005-03-17 14:56:21.000000000 -0500
++++ libselinux-1.27.1/src/selinux_config.c	2005-09-29 11:28:55.000000000 -0400
+@@ -11,6 +11,7 @@
+ 
+ #define SELINUXDIR "/etc/selinux/"
+ #define SELINUXCONFIG SELINUXDIR "config"
++#define SELINUXUSERS SELINUXDIR "seusers.conf"
+ #define SELINUXDEFAULT "targeted"
+ #define SELINUXTYPETAG "SELINUXTYPE="
+ #define SELINUXTAG "SELINUX="
+@@ -252,5 +253,9 @@
+ const char *selinux_users_path() {
+   return get_path(USERS_DIR);
+ }
++const char *selinux_usersconf_path() {
++  return SELINUXUSERS;
++}
++
+ hidden_def(selinux_users_path)
+ 
+diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.27.1/src/selinux_internal.h
+--- nsalibselinux/src/selinux_internal.h	2005-08-25 16:18:01.000000000 -0400
++++ libselinux-1.27.1/src/selinux_internal.h	2005-09-29 14:49:43.000000000 -0400
+@@ -49,6 +49,7 @@
+ hidden_proto(selinux_check_passwd_access)
+ hidden_proto(matchpathcon_init)
+ hidden_proto(selinux_users_path)
++hidden_proto(selinux_usersconf_path);
+ 
+ extern int context_translations hidden;
+ extern int hidden trans_to_raw_context(char *trans, char **rawp);
 diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27.1/src/seusers.c
 --- nsalibselinux/src/seusers.c	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.27.1/src/seusers.c	2005-09-28 14:48:28.000000000 -0400
-@@ -0,0 +1,132 @@
++++ libselinux-1.27.1/src/seusers.c	2005-09-29 14:51:47.000000000 -0400
+@@ -0,0 +1,138 @@
 +#include <unistd.h>
 +#include <fcntl.h>
 +#include <stdlib.h>
@@ -87,38 +103,24 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +#include <selinux/context.h>
 +#include "selinux_internal.h"
 +
-+void freeseuser(seuser_t *seuser) {
-+	if (!seuser) return;
-+	if (seuser->username)
-+		free(seuser->username);
-+	if (seuser->seusername)
-+		free(seuser->seusername);
-+	if (seuser->level)
-+		free(seuser->level);
-+	free(seuser);
-+	return;
-+}
-+
-+/* Process line from SEUSERSFILE. 
++/* Process line from seusers.conf. 
 +   Remove white space and set name do data before the "=" and sename to data
 +   after it */
-+static int process_seusers(const char *buffer, seuser_t **r_user) {
-+	seuser_t *user=NULL;
++static int process_seusers(const char *buffer, char **r_username, char **r_seuser, char **r_level) {
++	char *username=NULL;
++	char *seuser=NULL;
++	char *level=NULL;
 +	char *ptr;
 +	int rc=-1;
 +	char *tok;
 +	char *newbuf=strdup(buffer);
 +	if (!newbuf) return -1;
 +
-+	user=calloc(1, sizeof(seuser_t));
-+	if (!user) return -1;
-+
 +	tok=strtok_r(newbuf,":",&ptr);
 +	if (!tok) goto err;
 +	if ( tok[0]=='#' ) goto err;
-+	user->username=strdup(tok);
-+	if (!user->username) {
-+		freeseuser(user);
++	username=strdup(tok);
++	if (!username) {
 +		rc=-1; 
 +		goto err;
 +	}
@@ -127,9 +129,9 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +	if (!tok) goto err;
 +	while (isspace(*tok)) tok++;
 +	if(strlen(tok))
-+	   user->seusername=strdup(tok);
-+	if (!user->seusername) {
-+		freeseuser(user);
++	   seuser=strdup(tok);
++	if (!seuser) {
++		free(username);
 +		rc=-1; 
 +		goto err;
 +	}
@@ -138,9 +140,10 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +	if (!tok) goto err;
 +	while (isspace(*tok)) tok++;
 +	if(strlen(tok))
-+	   user->level=strdup(tok);
-+	if (!user->level) {
-+		freeseuser(user);
++		level=strdup(tok);
++	if (!level) {
++		free(username);
++		free(seuser);
 +		rc=-1; 
 +		goto err;
 +	}
@@ -151,59 +154,78 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +		while (isspace(*tok)) tok++;
 +		len=strlen(tok);
 +		if(len) {
-+			char *ptr=realloc(user->level, strlen(user->level) + len + 2);
++			char *ptr=realloc(level, strlen(level) + len + 2);
 +			if (ptr==NULL) {
-+				freeseuser(user);
++				free(username);
++				free(seuser);
++				free(level);
 +				rc=-1; 
 +				goto err;
 +			}
-+			user->level=ptr;
-+			strcat(user->level,":");
-+			strcat(user->level,tok);
++			level=ptr;
++			strcat(level,":");
++			strcat(level,tok);
 +		}
 +	}
 +
-+	*r_user=user;
++	*r_username=username;
++	*r_seuser=seuser;
++	*r_level=level;
 +	rc=0;
 +err:		
 +	free(newbuf);
 +	return rc;
 +}
 +
-+int getseuserbyname(const char *name, seuser_t **r_seuser) {
++int getseuserbyname(const char *name, char **r_seuser, char **r_level) {
 +	FILE *cfg=NULL;
 +	size_t size=0;
 +	char *buffer=NULL;
 +
-+        static seuser_t *seuser=NULL;
-+        static seuser_t *defaultseuser=NULL;
++	char *username=NULL;
++        char *seuser=NULL;
++        char *level=NULL;
++        char *defaultseuser=NULL;
++        char *defaultlevel=NULL;
 +
-+	cfg = fopen(SEUSERFILE,"r");
++	cfg = fopen(selinux_usersconf_path(),"r");
 +	if (!cfg) return -1;
 +
 +	while (getline(&buffer, &size, cfg) > 0) {
-+		if(process_seusers(buffer, &seuser) == 0) {
-+			if (strcasecmp(seuser->username, name)==0) 
++		if(process_seusers(buffer, &username, &seuser, &level) == 0) {
++			if (strcmp(username, name)==0) 
 +			    break;
 +
-+			if (strcasecmp(seuser->username,"default")==0) {
-+				if (defaultseuser) 	freeseuser(defaultseuser);
++			if (strcmp(username,"default")==0) {
++				free(username);
++				if (defaultseuser) 
++					free(defaultseuser);
++				if (defaultlevel) 
++					free(defaultlevel);
 +				defaultseuser=seuser;
++				defaultlevel=level;
 +			} 
-+			else 
-+				freeseuser(seuser);
++			else {
++				free(username);
++				free(seuser);
++				free(level);
++			}
 +			seuser=NULL;
 +		}
 +	}
 +	if (buffer) free(buffer);
 +	fclose(cfg);
 +	if (seuser) {
-+		freeseuser(defaultseuser);
++		free(username);
++		free(defaultseuser);
++		free(defaultlevel);
 +		*r_seuser=seuser;
++		*r_level=level;
 +		return 0;
 +	}
 +	if (defaultseuser) {
 +		*r_seuser=defaultseuser;
++		*r_level=defaultlevel;
 +		return 0;
 +	}
 +		
@@ -211,7 +233,7 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/src/seusers.c libselinux-1.27
 +}
 diff --exclude-from=exclude -N -u -r nsalibselinux/utils/getseuser.c libselinux-1.27.1/utils/getseuser.c
 --- nsalibselinux/utils/getseuser.c	1969-12-31 19:00:00.000000000 -0500
-+++ libselinux-1.27.1/utils/getseuser.c	2005-09-28 14:49:21.000000000 -0400
++++ libselinux-1.27.1/utils/getseuser.c	2005-09-29 14:46:06.000000000 -0400
 @@ -0,0 +1,27 @@
 +#include <unistd.h>
 +#include <stdlib.h>
@@ -227,13 +249,13 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/utils/getseuser.c libselinux-
 +	exit(1);
 +}
 +int main(int argc, char **argv) {
-+	seuser_t *seuser;
++	char *seuser;
++	char *level;
 +	if ( argc != 2 ) usage(argv[0]);
-+	if (getseuserbyname(argv[1], &seuser) == 0 ) {
-+		printf("%s\n", seuser->username);
-+		printf("%s\n", seuser->seusername);
-+		printf("%s", seuser->level);
-+		freeseuser(seuser);
++	if (getseuserbyname(argv[1], &seuser, &level) == 0 ) {
++		printf("%s\n", argv[1]);
++		printf("%s\n", seuser);
++		printf("%s", level);
 +		return 0;
 +	} else {
 +		printf("%s not found\n", argv[1]);
diff --git a/libselinux.spec b/libselinux.spec
index 5937527..70a3751 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -1,7 +1,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 1.27.1
-Release: 2
+Release: 3
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/%{name}-%{version}.tgz
@@ -86,6 +86,9 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man8/*
 
 %changelog
+* Thu Sep 29 2005 Dan Walsh <dwalsh@redhat.com> 1.27.1-3
+- Fix patch to satisfy upstream
+
 * Wed Sep 28 2005 Dan Walsh <dwalsh@redhat.com> 1.27.1-2
 - Update to latest from NSA
 - Add getseuserbyname