diff --git a/plugins/selinux.c b/plugins/selinux.c
index accd474..f1caf25 100644
--- a/plugins/selinux.c
+++ b/plugins/selinux.c
@@ -12,6 +12,11 @@
 
 static struct selabel_handle * sehandle = NULL;
 
+static inline rpmlogLvl loglvl(int iserror)
+{
+    return iserror ? RPMLOG_ERR : RPMLOG_DEBUG;
+}
+
 static void sehandle_fini(int close_status)
 {
     if (sehandle) {
@@ -47,7 +52,7 @@ static rpmRC sehandle_init(int open_status)
 
     sehandle = selabel_open(SELABEL_CTX_FILE, opts, 1);
 
-    rpmlog(RPMLOG_DEBUG, "selabel_open: (%s) %s\n",
+    rpmlog(loglvl(sehandle == NULL), "selabel_open: (%s) %s\n",
 	   path, (sehandle == NULL ? strerror(errno) : ""));
 
     return (sehandle != NULL) ? RPMRC_OK : RPMRC_FAIL;
@@ -125,10 +130,8 @@ static rpmRC selinux_scriptlet_fork_post(rpmPlugin plugin,
     if ((xx = setexeccon(newcon)) == 0)
 	rc = RPMRC_OK;
 
-    if (rpmIsDebug()) {
-	rpmlog(RPMLOG_DEBUG, "setexeccon: (%s, %s) %s\n",
+    rpmlog(loglvl(xx < 0), "setexeccon: (%s, %s) %s\n",
 	       path, newcon, (xx < 0 ? strerror(errno) : ""));
-    }
 
 exit:
     context_free(con);
@@ -143,10 +146,8 @@ exit:
     if ((xx = setexecfilecon(path, "rpm_script_t") == 0))
 	rc = RPMRC_OK;
 
-    if (rpmIsDebug()) {
-	rpmlog(RPMLOG_DEBUG, "setexecfilecon: (%s) %s\n",
+    rpmlog(loglvl(xx < 0), "setexecfilecon: (%s) %s\n",
 	       path, (xx < 0 ? strerror(errno) : ""));
-    }
 #endif
     /* If selinux is not enforcing, we don't care either */
     if (rc && security_getenforce() < 1)
@@ -167,10 +168,8 @@ static rpmRC selinux_fsm_file_prepare(rpmPlugin plugin, rpmfi fi,
 	if (selabel_lookup_raw(sehandle, &scon, dest, file_mode) == 0) {
 	    int conrc = lsetfilecon(path, scon);
 
-	    if (rpmIsDebug()) {
-		rpmlog(RPMLOG_DEBUG, "lsetfilecon: (%s, %s) %s\n",
+	    rpmlog(loglvl(conrc < 0), "lsetfilecon: (%s, %s) %s\n",
 		       path, scon, (conrc < 0 ? strerror(errno) : ""));
-	    }
 
 	    if (conrc == 0 || (conrc < 0 && errno == EOPNOTSUPP))
 		rc = RPMRC_OK;