Index: trunk/Makefile.in
===================================================================
--- trunk/Makefile.in	(revision 143)
+++ trunk/Makefile.in	(revision 144)
@@ -1680,5 +1680,5 @@
 exepack_mkdata.o: $(srcsrc)/exepack_mkdata.c Makefile config.h $(srcinc)/minilzo.h 
 minilzo.o: $(srcsrc)/minilzo.c Makefile $(srcinc)/minilzo.h 
-slib.o: $(srcsrc)/slib.c Makefile config_xor.h $(srcinc)/slib.h $(srcinc)/sh_calls.h $(srcinc)/sh_static.h $(srcinc)/sh_mem.h 
+slib.o: $(srcsrc)/slib.c Makefile config_xor.h $(srcinc)/slib.h $(srcinc)/sh_calls.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_mem.h 
 rijndael-alg-fst.o: $(srcsrc)/rijndael-alg-fst.c Makefile config_xor.h $(srcinc)/rijndael-alg-fst.h $(srcinc)/rijndael-boxes-fst.h 
 rijndael-api-fst.o: $(srcsrc)/rijndael-api-fst.c Makefile config_xor.h $(srcinc)/rijndael-alg-fst.h $(srcinc)/rijndael-api-fst.h 
Index: trunk/aclocal.m4
===================================================================
--- trunk/aclocal.m4	(revision 143)
+++ trunk/aclocal.m4	(revision 144)
@@ -1783,9 +1783,12 @@
         fi
 
+	# Solaris lossage: default is obsolete semantics for getpwnam_r,
+	# getpwuid_r, getgrgid_r, unless _POSIX_PTHREAD_SEMANTICS is defined
         AC_MSG_CHECKING([if more special flags are required for pthreads])
         flag=no
         case "${host_cpu}-${host_os}" in
             *-aix* | *-freebsd* | *-darwin*) flag="-D_THREAD_SAFE";;
-            *solaris* | *-osf* | *-hpux*) flag="-D_REENTRANT";;
+            *-osf* | *-hpux*) flag="-D_REENTRANT";;
+	    *solaris*) flag="-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT";;
         esac
         AC_MSG_RESULT(${flag})
Index: trunk/depend.dep
===================================================================
--- trunk/depend.dep	(revision 143)
+++ trunk/depend.dep	(revision 144)
@@ -46,5 +46,5 @@
 exepack_mkdata.o: $(srcsrc)/exepack_mkdata.c Makefile config.h $(srcinc)/minilzo.h 
 minilzo.o: $(srcsrc)/minilzo.c Makefile $(srcinc)/minilzo.h 
-slib.o: $(srcsrc)/slib.c Makefile config_xor.h $(srcinc)/slib.h $(srcinc)/sh_calls.h $(srcinc)/sh_static.h $(srcinc)/sh_mem.h 
+slib.o: $(srcsrc)/slib.c Makefile config_xor.h $(srcinc)/slib.h $(srcinc)/sh_calls.h $(srcinc)/sh_static.h $(srcinc)/sh_pthread.h $(srcinc)/sh_mem.h 
 rijndael-alg-fst.o: $(srcsrc)/rijndael-alg-fst.c Makefile config_xor.h $(srcinc)/rijndael-alg-fst.h $(srcinc)/rijndael-boxes-fst.h 
 rijndael-api-fst.o: $(srcsrc)/rijndael-api-fst.c Makefile config_xor.h $(srcinc)/rijndael-alg-fst.h $(srcinc)/rijndael-api-fst.h 
Index: trunk/depend.sum
===================================================================
--- trunk/depend.sum	(revision 143)
+++ trunk/depend.sum	(revision 144)
@@ -1,1 +1,1 @@
-2519500817
+786796559
Index: trunk/docs/Changelog
===================================================================
--- trunk/docs/Changelog	(revision 143)
+++ trunk/docs/Changelog	(revision 144)
@@ -8,6 +8,8 @@
 	* use thread-specific conversion buffer for globber()
 	* fixed compile problems and problems with test suite
-
-2.3.8:
+	* modify login watch to run as thread
+	* modify process check to run as thread
+
+2.3.8 (03-10-2007):
 	* new option PortCheckIgnore = interface:portlist
 
Index: trunk/src/samhain.c
===================================================================
--- trunk/src/samhain.c	(revision 143)
+++ trunk/src/samhain.c	(revision 144)
@@ -799,5 +799,6 @@
 static pid_t * procdirSamhain ()
 {
-  pid_t        * pidlist = malloc(sizeof(pid_t) * 65535);
+  volatile pid_t        * pidlist = malloc(sizeof(pid_t) * 65535);
+  pid_t        * dummy;
   struct dirent * d;
   DIR *        dp;
@@ -817,5 +818,6 @@
   if (0 != stat(SH_INSTALL_PATH, &buf))
     {
-      free(pidlist);
+      dummy = pidlist;
+      free(dummy);
       return NULL;
     }
@@ -825,5 +827,6 @@
   if (NULL == (dp = opendir("/proc")))
     {
-      free(pidlist);
+      dummy = pidlist;
+      free(dummy);
       return NULL;
     }
@@ -1193,13 +1196,13 @@
   float         st_1, st_2;
   int           status;
-  long          cct = 0; /* main loop iterations */
-
-  int           flag_check_1 = 0;
-  int           flag_check_2 = 0;
+  volatile long          cct = 0; /* main loop iterations */
+
+  volatile int           flag_check_1 = 0;
+  volatile int           flag_check_2 = 0;
 
   int           check_done   = 0;
 #endif
 
-  time_t        told;
+  volatile time_t        told;
   time_t        tcurrent;
   size_t        tzlen;
Index: trunk/src/sh_cat.c
===================================================================
--- trunk/src/sh_cat.c	(revision 143)
+++ trunk/src/sh_cat.c	(revision 144)
@@ -125,5 +125,5 @@
 
 #ifdef SH_USE_PROCESSCHECK
-  { MSG_PCK_CHECK,   SH_ERR_NOTICE,  RUN,   N_("msg=\"Checking processes in pid interval [%ld,%ld]\"")},
+  { MSG_PCK_CHECK,   SH_ERR_INFO,    RUN,   N_("msg=\"Checking processes in pid interval [%ld,%ld]\"")},
   { MSG_PCK_OK,      SH_ERR_ALL,     RUN,   N_("msg=\"PID %ld found with tests %s\"")},
   { MSG_PCK_P_HIDDEN,SH_ERR_SEVERE,  EVENT, N_("msg=\"POLICY [Process] Hidden pid: %ld tests: %s\" path=\"%s\" userid=\"%s\"")},
@@ -138,5 +138,5 @@
 
 #ifdef SH_USE_MOUNTS
-  { MSG_MNT_CHECK,   SH_ERR_NOTICE,  RUN,   N_("msg=\"Checking mounts\"")},
+  { MSG_MNT_CHECK,   SH_ERR_INFO,    RUN,   N_("msg=\"Checking mounts\"")},
   { MSG_MNT_MEMLIST, SH_ERR_ERR,     RUN,   N_("msg=\"Cannot read mount list from memory\"")},
   { MSG_MNT_MNTMISS, SH_ERR_WARN,    EVENT, N_("msg=\"Mount missing\" path=\"%s\"")},
@@ -440,5 +440,5 @@
 
 #ifdef SH_USE_PROCESSCHECK
-  { MSG_PCK_CHECK,   SH_ERR_NOTICE,  RUN,   N_("msg=<Checking processes in pid interval [%ld,%ld]>")},
+  { MSG_PCK_CHECK,   SH_ERR_INFO,    RUN,   N_("msg=<Checking processes in pid interval [%ld,%ld]>")},
   { MSG_PCK_OK,      SH_ERR_ALL,     RUN,   N_("msg=<PID %ld found with tests %s>")},
   { MSG_PCK_P_HIDDEN,SH_ERR_SEVERE,  EVENT, N_("msg=<POLICY [Process] Hidden pid: %ld tests: %s> path=<%s> userid=<%s>")},
Index: trunk/src/sh_error.c
===================================================================
--- trunk/src/sh_error.c	(revision 143)
+++ trunk/src/sh_error.c	(revision 144)
@@ -20,8 +20,12 @@
 #include "config_xor.h"
 
-/* Required on linux to get the correct strerror_r function. Also
- * for recursive mutexes (_XOPEN_SOURCE >= 500).
- */
+/* Required on Linux to get the correct strerror_r function. Also
+ * for recursive mutexes (_XOPEN_SOURCE >= 500). Gives funny error
+ * on Solaris 10/gcc ('c99' compiler required - huh? Isn't gcc 
+ * good enough?).
+ */
+#if !defined(__sun__) && !defined(__sun)
 #define _XOPEN_SOURCE 600
+#endif
 #include <string.h>
 #include <stdio.h>     
@@ -1318,5 +1322,5 @@
 
  exit_here:
-
+  ; /* label at end of compound statement */
   SH_MUTEX_RECURSIVE_UNLOCK(mutex_err_handle);
 
Index: trunk/src/sh_mem.c
===================================================================
--- trunk/src/sh_mem.c	(revision 143)
+++ trunk/src/sh_mem.c	(revision 144)
@@ -185,4 +185,5 @@
     }
  out:
+  ; /* label at end of compound statement */
   SH_MUTEX_RECURSIVE_UNLOCK(mutex_mem);
   SL_RET0(_("sh_mem_stat"));
@@ -444,4 +445,5 @@
   Mem_Current -= size;
  out:
+  ; /* label at end of compound statement */
   SH_MUTEX_RECURSIVE_UNLOCK(mutex_mem);
   SL_RET0(_("sh_mem_free"));
Index: trunk/src/sh_processcheck.c
===================================================================
--- trunk/src/sh_processcheck.c	(revision 143)
+++ trunk/src/sh_processcheck.c	(revision 144)
@@ -689,6 +689,6 @@
   struct stat buf;
   DIR * dir;
+  int  retval;
 #ifdef HAVE_STATVFS
-  int  retval;
   struct statvfs vfsbuf;
 #endif
@@ -753,5 +753,9 @@
   sl_snprintf (path, sizeof(path), "/proc/%ld", (unsigned long) pid);
 
-  if (0 == retry_lstat (FIL__, __LINE__, path, &buf))
+  do {
+    retval = lstat (path, &buf);
+  } while (retval < 0 && errno == EINTR);
+
+  if (0 == retval)
     { 
       res |= SH_PR_LSTAT;   res |= SH_PR_ANY; ++have_checks;
@@ -782,5 +786,7 @@
     {
       res |= SH_PR_CHDIR;   res |= SH_PR_ANY; ++have_checks;
-      retry_aud_chdir(FIL__, __LINE__, "/");
+      do {
+	retval = chdir ("/");
+      } while (retval < 0 && errno == EINTR);
     }
   ++need_checks;
@@ -1215,5 +1221,6 @@
     return SH_MOD_FAILED;
 #ifdef HAVE_PTHREAD
-  if (arg != NULL && arg->initval < 0 && sh.flag.isdaemon == S_TRUE)
+  if (arg != NULL && arg->initval < 0 &&
+      (sh.flag.isdaemon == S_TRUE || sh.flag.loop == S_TRUE))
     {
       if (0 == sh_pthread_create(sh_threaded_module_run, (void *)arg))
@@ -1307,5 +1314,5 @@
   userdef_maxpid     = 0;
   sh_prochk_maxpid   = 0x8000;
-  sh_prochk_minpid   = 0x0000;
+  sh_prochk_minpid   = 0x0001;
   sh_prochk_interval = SH_PROCHK_INTERVAL;
 
Index: trunk/src/sh_utmp.c
===================================================================
--- trunk/src/sh_utmp.c	(revision 143)
+++ trunk/src/sh_utmp.c	(revision 144)
@@ -495,5 +495,6 @@
     return SH_MOD_FAILED;
 #ifdef HAVE_PTHREAD
-  if (arg != NULL && arg->initval < 0 && sh.flag.isdaemon == S_TRUE)
+  if (arg != NULL && arg->initval < 0 && 
+      (sh.flag.isdaemon == S_TRUE || sh.flag.loop == S_TRUE))
     {
       if (0 == sh_pthread_create(sh_threaded_module_run, (void *)arg))
Index: trunk/src/slib.c
===================================================================
--- trunk/src/slib.c	(revision 143)
+++ trunk/src/slib.c	(revision 144)
@@ -55,4 +55,5 @@
 #define SH_NEED_PWD_GRP 1
 #include "sh_static.h"
+#include "sh_pthread.h"
 
 #undef  FIL__
@@ -1514,4 +1515,5 @@
 static SL_OFILE * ofiles[MAXFD]; 
 
+SH_MUTEX_STATIC(mutex_ticket, PTHREAD_MUTEX_INITIALIZER);
 
 static unsigned int nonce_counter = TOFFSET;
@@ -1522,9 +1524,10 @@
   unsigned int high; /* index */ 
   unsigned int low;  /* nonce */
+  SL_TICKET    retval = SL_EINTERNAL;
 
   SL_ENTER(_("sl_create_ticket"));
 
-  if (myindex >= MAXFD) 
-    SL_IRETURN (SL_EINTERNAL, _("sl_create_ticket")); 
+  if (myindex >= MAXFD)
+    goto out_ticket;
 
   /* mask out the high bit and check that it is not used
@@ -1534,5 +1537,7 @@
 
   if (high != myindex + TOFFSET) 
-    SL_IRETURN (SL_EINTERNAL, _("sl_create_ticket")); 
+    goto out_ticket;
+
+  SH_MUTEX_LOCK_UNSAFE(mutex_ticket);
 
   low = nonce_counter & 0xffff;
@@ -1541,5 +1546,5 @@
    */
   if ((low != nonce_counter++) || low == 0)
-    SL_IRETURN (SL_EINTERNAL, _("sl_create_ticket"));
+    goto out_ticket;
  
   /* Wrap around the nonce counter.
@@ -1549,5 +1554,11 @@
     nonce_counter = TOFFSET;
 
-  SL_RETURN ((SL_TICKET) ((high << 16) | low), _("sl_create_ticket")); 
+  retval = (SL_TICKET) ((high << 16) | low);
+
+ out_ticket:
+  ;
+
+  SH_MUTEX_UNLOCK_UNSAFE(mutex_ticket);
+  SL_RETURN (retval, _("sl_create_ticket")); 
 }