diff --git a/Makefile b/Makefile
index 27a118732..d95101bda 100644
--- a/Makefile
+++ b/Makefile
@@ -24,7 +24,10 @@ VERSION := $(shell git describe --tags --dirty)
 # strip the first char of the tag if it's a `v`
 VERSION := $(VERSION:v%=%)
 TARBALL ?= cri-containerd-$(VERSION).tar.gz
-BUILD_TAGS:= -ldflags '-X $(PROJECT)/pkg/version.criContainerdVersion=$(VERSION)'
+ifdef BUILD_TAGS
+BUILD_TAGS := -tags $(BUILD_TAGS)
+endif
+GO_LDFLAGS := -ldflags '-X $(PROJECT)/pkg/version.criContainerdVersion=$(VERSION)'
 SOURCES := $(shell find . -name '*.go')
 
 all: binaries
@@ -68,8 +71,7 @@ boiler:
 
 $(BUILD_DIR)/cri-containerd: $(SOURCES)
 	$(GO) build -o $@ \
-	   $(BUILD_TAGS) \
-	   $(GO_LDFLAGS) $(GO_GCFLAGS) \
+	   $(BUILD_TAGS) $(GO_LDFLAGS) $(GO_GCFLAGS) \
 	   $(PROJECT)/cmd/cri-containerd
 
 test:
@@ -86,7 +88,7 @@ clean:
 
 binaries: $(BUILD_DIR)/cri-containerd
 
-static-binaries: GO_LDFLAGS=--ldflags '-extldflags "-fno-PIC -static"'
+static-binaries: GO_LDFLAGS += --ldflags '-extldflags "-fno-PIC -static"'
 static-binaries: $(BUILD_DIR)/cri-containerd
 
 install: binaries
diff --git a/pkg/server/helpers.go b/pkg/server/helpers.go
index bc4f94d91..fea59cce5 100644
--- a/pkg/server/helpers.go
+++ b/pkg/server/helpers.go
@@ -368,11 +368,19 @@ func initSelinuxOpts(selinuxOpt *runtime.SELinuxOption) (string, string, error)
 		return "", "", nil
 	}
 
+	// Should ignored selinuxOpts if they are incomplete.
+	if selinuxOpt.GetUser() == "" ||
+		selinuxOpt.GetRole() == "" ||
+		selinuxOpt.GetType() == "" ||
+		selinuxOpt.GetLevel() == "" {
+		return "", "", nil
+	}
+
 	labelOpts := fmt.Sprintf("%s:%s:%s:%s",
 		selinuxOpt.GetUser(),
 		selinuxOpt.GetRole(),
-		selinuxOpt.GetRole(),
-		selinuxOpt.GetType())
+		selinuxOpt.GetType(),
+		selinuxOpt.GetLevel())
 	return label.InitLabels(selinux.DupSecOpt(labelOpts))
 }
 
diff --git a/pkg/server/helpers_selinux_test.go b/pkg/server/helpers_selinux_test.go
index 30fb724e4..8ce9033ae 100644
--- a/pkg/server/helpers_selinux_test.go
+++ b/pkg/server/helpers_selinux_test.go
@@ -36,22 +36,22 @@ func TestInitSelinuxOpts(t *testing.T) {
 		processLabel string
 		mountLabels  []string
 	}{
-		"testNullValue": {
+		"Should return empty strings for processLabel and mountLabel when selinuxOpt is nil": {
 			selinuxOpt:   nil,
 			processLabel: "",
 			mountLabels:  []string{"", ""},
 		},
-		"testEmptyString": {
+		"Should return empty strings for processLabel and mountLabel when selinuxOpt has been initialized partially": {
 			selinuxOpt: &runtime.SELinuxOption{
 				User:  "",
-				Role:  "",
+				Role:  "user_r",
 				Type:  "",
-				Level: "",
+				Level: "s0:c1,c2",
 			},
-			processLabel: ":::",
-			mountLabels:  []string{":object_r:container_file_t:", ":object_r:svirt_sandbox_file_t:"},
+			processLabel: "",
+			mountLabels:  []string{"", ""},
 		},
-		"testUser": {
+		"Should be resolved correctly when selinuxOpt has been initialized completely": {
 			selinuxOpt: &runtime.SELinuxOption{
 				User:  "user_u",
 				Role:  "user_r",