diff --git a/configure.ac b/configure.ac
index bcdea9ce84..08dc63db97 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1440,14 +1440,14 @@ if test "$with_selinux" != "no"; then
   old_libs="$LIBS"
   if test "$with_selinux" = "check"; then
     AC_CHECK_HEADER([selinux/selinux.h],[],[with_selinux=no])
-    AC_CHECK_LIB([selinux], [fgetfilecon],[],[with_selinux=no])
+    AC_CHECK_LIB([selinux], [fgetfilecon_raw],[],[with_selinux=no])
     if test "$with_selinux" != "no"; then
       with_selinux="yes"
     fi
   else
     fail=0
     AC_CHECK_HEADER([selinux/selinux.h],[],[fail=1])
-    AC_CHECK_LIB([selinux], [fgetfilecon],[],[fail=1])
+    AC_CHECK_LIB([selinux], [fgetfilecon_raw],[],[fail=1])
     test $fail = 1 &&
       AC_MSG_ERROR([You must install the libselinux development package in order to compile libvirt with basic SELinux support])
   fi
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index d55c60dd04..10135ed5e7 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -111,7 +111,7 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr)
     char *sens, *cat, *tmp;
     int catMin, catMax, catRange;
 
-    if (getcon(&ourSecContext) < 0) {
+    if (getcon_raw(&ourSecContext) < 0) {
         virReportSystemError(errno, "%s",
                              _("Unable to get current process SELinux context"));
         goto cleanup;
@@ -252,7 +252,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
     VIR_DEBUG("basecontext=%s mcs=%s isObjectContext=%d",
               basecontext, mcs, isObjectContext);
 
-    if (getcon(&ourSecContext) < 0) {
+    if (getcon_raw(&ourSecContext) < 0) {
         virReportSystemError(errno, "%s",
                              _("Unable to get current process SELinux context"));
         goto cleanup;
@@ -612,7 +612,7 @@ virSecuritySELinuxReserveSecurityLabel(virSecurityManagerPtr mgr,
     if (seclabel->type == VIR_DOMAIN_SECLABEL_STATIC)
         return 0;
 
-    if (getpidcon(pid, &pctx) == -1) {
+    if (getpidcon_raw(pid, &pctx) == -1) {
         virReportSystemError(errno,
                              _("unable to get PID %d security context"), pid);
         return -1;
@@ -713,7 +713,7 @@ virSecuritySELinuxGetSecurityProcessLabel(virSecurityManagerPtr mgr ATTRIBUTE_UN
 {
     security_context_t ctx;
 
-    if (getpidcon(pid, &ctx) == -1) {
+    if (getpidcon_raw(pid, &ctx) == -1) {
         virReportSystemError(errno,
                              _("unable to get PID %d security context"),
                              pid);
@@ -753,10 +753,10 @@ virSecuritySELinuxSetFileconHelper(const char *path, char *tcon, bool optional)
 
     VIR_INFO("Setting SELinux context on '%s' to '%s'", path, tcon);
 
-    if (setfilecon(path, tcon) < 0) {
+    if (setfilecon_raw(path, tcon) < 0) {
         int setfilecon_errno = errno;
 
-        if (getfilecon(path, &econ) >= 0) {
+        if (getfilecon_raw(path, &econ) >= 0) {
             if (STREQ(tcon, econ)) {
                 freecon(econ);
                 /* It's alright, there's nothing to change anyway. */
@@ -818,10 +818,10 @@ virSecuritySELinuxFSetFilecon(int fd, char *tcon)
 
     VIR_INFO("Setting SELinux context on fd %d to '%s'", fd, tcon);
 
-    if (fsetfilecon(fd, tcon) < 0) {
+    if (fsetfilecon_raw(fd, tcon) < 0) {
         int fsetfilecon_errno = errno;
 
-        if (fgetfilecon(fd, &econ) >= 0) {
+        if (fgetfilecon_raw(fd, &econ) >= 0) {
             if (STREQ(tcon, econ)) {
                 freecon(econ);
                 /* It's alright, there's nothing to change anyway. */
@@ -1577,7 +1577,7 @@ virSecuritySELinuxSetSecurityProcessLabel(virSecurityManagerPtr mgr,
             return -1;
     }
 
-    if (setexeccon(secdef->label) == -1) {
+    if (setexeccon_raw(secdef->label) == -1) {
         virReportSystemError(errno,
                              _("unable to set security context '%s'"),
                              secdef->label);
@@ -1622,7 +1622,7 @@ virSecuritySELinuxSetSecurityDaemonSocketLabel(virSecurityManagerPtr mgr,
         goto done;
     }
 
-    if (getcon(&scon) == -1) {
+    if (getcon_raw(&scon) == -1) {
         virReportSystemError(errno,
                              _("unable to get current process context '%s'"),
                              secdef->label);
@@ -1645,7 +1645,7 @@ virSecuritySELinuxSetSecurityDaemonSocketLabel(virSecurityManagerPtr mgr,
 
     VIR_DEBUG("Setting VM %s socket context %s",
               def->name, context_str(proccon));
-    if (setsockcreatecon(context_str(proccon)) == -1) {
+    if (setsockcreatecon_raw(context_str(proccon)) == -1) {
         virReportSystemError(errno,
                              _("unable to set socket security context '%s'"),
                              context_str(proccon));
@@ -1688,7 +1688,7 @@ virSecuritySELinuxSetSecuritySocketLabel(virSecurityManagerPtr mgr,
 
     VIR_DEBUG("Setting VM %s socket context %s",
               vm->name, secdef->label);
-    if (setsockcreatecon(secdef->label) == -1) {
+    if (setsockcreatecon_raw(secdef->label) == -1) {
         virReportSystemError(errno,
                              _("unable to set socket security context '%s'"),
                              secdef->label);
@@ -1728,7 +1728,7 @@ virSecuritySELinuxClearSecuritySocketLabel(virSecurityManagerPtr mgr,
             return -1;
     }
 
-    if (setsockcreatecon(NULL) == -1) {
+    if (setsockcreatecon_raw(NULL) == -1) {
         virReportSystemError(errno,
                              _("unable to clear socket security context '%s'"),
                              secdef->label);
diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
index e159bd22ab..aea70e2561 100644
--- a/src/storage/storage_backend.c
+++ b/src/storage/storage_backend.c
@@ -1227,7 +1227,7 @@ virStorageBackendUpdateVolTargetInfoFD(virStorageVolTargetPtr target,
 
 #if HAVE_SELINUX
     /* XXX: make this a security driver call */
-    if (fgetfilecon(fd, &filecon) == -1) {
+    if (fgetfilecon_raw(fd, &filecon) == -1) {
         if (errno != ENODATA && errno != ENOTSUP) {
             virReportSystemError(errno,
                                  _("cannot get file context of '%s'"),
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
index 43676defe4..dc63ff3d3a 100644
--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -31,7 +31,7 @@
  * the process context, where as in fact we're faking it all
  */
 
-int getcon(security_context_t *context)
+int getcon_raw(security_context_t *context)
 {
     if (getenv("FAKE_CONTEXT") == NULL) {
         *context = NULL;
@@ -43,7 +43,7 @@ int getcon(security_context_t *context)
     return 0;
 }
 
-int getpidcon(pid_t pid, security_context_t *context)
+int getpidcon_raw(pid_t pid, security_context_t *context)
 {
     if (pid != getpid()) {
         *context = NULL;
@@ -60,7 +60,7 @@ int getpidcon(pid_t pid, security_context_t *context)
     return 0;
 }
 
-int setcon(security_context_t context)
+int setcon_raw(security_context_t context)
 {
     return setenv("FAKE_CONTEXT", context, 1);
 }
diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c
index 848a39044c..8bcf3a1ce8 100644
--- a/tests/securityselinuxtest.c
+++ b/tests/securityselinuxtest.c
@@ -217,7 +217,7 @@ testSELinuxGenLabel(const void *opaque)
     context_t con = NULL;
     context_t imgcon = NULL;
 
-    if (setcon((security_context_t)data->pidcon) < 0) {
+    if (setcon_raw((security_context_t)data->pidcon) < 0) {
         perror("Cannot set process security context");
         return -1;
     }