diff -up logrotate-3.7.6/logrotate.c.selinux logrotate-3.7.6/logrotate.c
--- logrotate-3.7.6/logrotate.c.selinux	2007-08-07 09:14:35.000000000 +0200
+++ logrotate-3.7.6/logrotate.c	2008-01-21 09:32:56.000000000 +0100
@@ -409,15 +409,17 @@ static int copyTruncate(char *currLog, c
 	}
 #ifdef WITH_SELINUX
 	if (selinux_enabled) {
-	    security_context_t oldContext;
+	    security_context_t oldContext = NULL;
 	    if (fgetfilecon_raw(fdcurr, &oldContext) >= 0) {
 		if (getfscreatecon_raw(&prev_context) < 0) {
 		    message(MESS_ERROR,
 			    "getting default context: %s\n",
 			    strerror(errno));
 		    if (selinux_enforce) {
-			freecon(oldContext);
-			return 1;
+				if (oldContext != NULL) {
+					freecon(oldContext);
+				}
+				return 1;
 		    }
 		}
 		if (setfscreatecon_raw(oldContext) < 0) {
@@ -425,11 +427,15 @@ static int copyTruncate(char *currLog, c
 			    "setting file context %s to %s: %s\n",
 			    saveLog, oldContext, strerror(errno));
 		    if (selinux_enforce) {
-			freecon(oldContext);
-			return 1;
+				if (oldContext != NULL) {
+					freecon(oldContext);
+				}
+				return 1;
 		    }
 		}
-		freecon(oldContext);
+		if (oldContext != NULL) {
+			freecon(oldContext);
+		}
 	    } else {
 		    if (errno != ENOTSUP) {
 			    message(MESS_ERROR, "getting file context %s: %s\n",
@@ -899,6 +905,9 @@ int rotateSingleLog(logInfo * log, int l
     int hasErrors = 0;
     struct stat sb;
     int fd;
+#ifdef WITH_SELINUX
+	security_context_t savedContext = NULL;
+#endif
 
     if (!state->doRotate)
 	return 0;
@@ -906,7 +915,57 @@ int rotateSingleLog(logInfo * log, int l
     if (!hasErrors) {
 
 	if (!(log->flags & (LOG_FLAG_COPYTRUNCATE | LOG_FLAG_COPY))) {
-	    message(MESS_DEBUG, "renaming %s to %s\n", log->files[logNum],
+#ifdef WITH_SELINUX
+		if (selinux_enabled) {
+			security_context_t oldContext = NULL;
+			int fdcurr = -1;
+
+			if ((fdcurr = open(log->files[logNum], O_RDWR)) < 0) {
+				message(MESS_ERROR, "error opening %s: %s\n",
+						log->files[logNum],
+					strerror(errno));
+				return 1;
+			}
+			if (fgetfilecon_raw(fdcurr, &oldContext) >= 0) {
+				if (getfscreatecon_raw(&savedContext) < 0) {
+					message(MESS_ERROR,
+						"getting default context: %s\n",
+						strerror(errno));
+					if (selinux_enforce) {
+						if (oldContext != NULL) {
+							freecon(oldContext);
+						}
+						return 1;
+					}
+				}
+				if (setfscreatecon_raw(oldContext) < 0) {
+					message(MESS_ERROR,
+						"setting file context %s to %s: %s\n",
+						log->files[logNum], oldContext, strerror(errno));
+					if (selinux_enforce) {
+						if (oldContext != NULL) {
+							freecon(oldContext);
+						}
+						return 1;
+					}
+				}
+				message(MESS_DEBUG, "fscreate context set to %s\n",
+						oldContext);
+				if (oldContext != NULL) {
+					freecon(oldContext);
+				}
+			} else {
+				if (errno != ENOTSUP) {
+					message(MESS_ERROR, "getting file context %s: %s\n",
+						log->files[logNum], strerror(errno));
+					if (selinux_enforce) {
+						return 1;
+					}
+				}
+			}
+		}
+#endif
+		message(MESS_DEBUG, "renaming %s to %s\n", log->files[logNum],
 		    rotNames->finalName);
 
 	    if (!debug && !hasErrors &&
@@ -961,6 +1020,15 @@ int rotateSingleLog(logInfo * log, int l
                     close(fd);
 	    }
 	}
+#ifdef WITH_SELINUX
+	if (selinux_enabled) {
+	    setfscreatecon_raw(savedContext);
+	    if (savedContext != NULL) {
+			freecon(savedContext);
+			savedContext = NULL;
+	    }
+	}
+#endif
 
 	if (!hasErrors
 	    && log->flags & (LOG_FLAG_COPYTRUNCATE | LOG_FLAG_COPY))