diff -u cron-3.0pl1/user.c cron-3.0pl1/user.c
--- cron-3.0pl1/user.c
+++ cron-3.0pl1/user.c
@@ -31,8 +31,6 @@
 #ifdef WITH_SELINUX
 #include <selinux/context.h>
 #include <selinux/selinux.h>
-#include <selinux/flask.h>
-#include <selinux/av_permissions.h>
 #include <selinux/get_context_list.h>
 
 static int get_security_context(char *name, int crontab_fd, security_context_t
@@ -108,13 +106,35 @@
 	* permission check for this purpose.
 	*/
 
+	security_class_t tclass = string_to_security_class("file");
+	if (!tclass) {
+		log_it(name, getpid(), "Failed to translate security class file", tabname);
+		freeconary(context_list);
+		if (security_deny_unknown() == 0) {
+			return 0;
+		} else {
+			return -1;
+		}
+	}
+
+	access_vector_t bit = string_to_av_perm(tclass, "entrypoint");
+	if (!bit) {
+		log_it(name, getpid(), "Failed to translate av perm entrypoint", tabname);
+		freeconary(context_list);
+		if (security_deny_unknown() == 0) {
+			return 0;
+		} else {
+			return -1;
+		}
+	}
+
 	for (i = 0; i < list_count; i++) {
 		retval = security_compute_av(context_list[i],
 						 file_context,
-						 SECCLASS_FILE,
-						 FILE__ENTRYPOINT,
+						 tclass,
+						 bit,
 						 &avd);
-		if (!retval && ((FILE__ENTRYPOINT & avd.allowed) == FILE__ENTRYPOINT)) {
+		if(!retval && ((bit & avd.allowed) == bit)) {
 			*rcontext = strdup(context_list[i]);
 			freecon(file_context);
 			freeconary(context_list);