Index: trunk/test/test.sh
===================================================================
--- trunk/test/test.sh	(revision 21)
+++ trunk/test/test.sh	(revision 22)
@@ -40,4 +40,5 @@
     echo "  ${S}test.sh  6${E}  -- Controlling the daemon"
     echo "  ${S}test.sh  7${E}  -- GnuPG signed files / prelude log"
+    echo "  ${S}test.sh  8${E}  -- Suidcheck"
 
     echo "  ${S}test.sh 10${E}  -- Test c/s init/check      (testrc_2.in)"
@@ -46,11 +47,13 @@
     echo "  ${S}test.sh 13${E}  -- Test full c/s w/mysql    (testrc_2.in)"
     echo "  ${S}test.sh 14${E}  -- Test full c/s w/postgres (testrc_2.in)"
-    echo "  ${S}test.sh all${E} -- All except 12+"
-    
+    echo "  ${S}test.sh all${E} -- All tests"
+}
+scripts () {
     echo 
-    echo "Scripts used by tests (located in ${SCRIPTDIR}):"
+    echo "Scripts used by tests:"
     echo "  (1) testcompile.sh (2) testhash.sh     (3) testrun_1.sh   (4) testrun_1a.sh"
-    echo "  (5) testext.sh     (6) testtimesrv.sh  (7) testrun_1b.sh (10) testrun_2.sh"
-    echo " (11) testrun_2a.sh (12) testrun_2b.sh  (13) testrun_2c.sh (14) testrun_2d.sh"
+    echo "  (5) testext.sh     (6) testtimesrv.sh  (7) testrun_1b.sh  (8) testrun_1c.sh" 
+    echo " (10) testrun_2.sh  (11) testrun_2a.sh  (12) testrun_2b.sh (13) testrun_2c.sh"
+    echo " (14) testrun_2d.sh"
 }
 
@@ -64,4 +67,5 @@
 cleanup=on
 doall=
+usevalgrind=
 
 while [ $# -gt 0 ]
@@ -69,4 +73,5 @@
     case "$1" in
         -h|--help)     usage; exit 0;;
+	--scripts)     usage; scripts; exit 0;;
         -v|--verbose)  verbose=on; quiet= ;;
         -q|--quiet)    quiet=on; verbose= ;;
@@ -74,4 +79,5 @@
 	--no-cleanup) cleanup= ;;
 	--really-all) doall=on;;
+	--valgrind) usevalgrind=on;;
 	--srcdir=*)    TOP_SRCDIR=`echo $1 | sed s,--srcdir=,,`; export TOP_SRCDIR;;
 	--color=*)     
@@ -285,8 +291,12 @@
     rm -f ./.samhain_log*
     rm -f ./.samhain_lock
-    test -d testrun_data && chmod -R 0700 testrun_data
-    rm -rf testrun_data
+    test -d testrun_testdata && chmod -R 0700 testrun_testdata
+    test -d .quarantine && rm -rf .quarantine
+    rm -rf testrun_testdata
     rm -f test_log_db
     rm -f test_log_prelude
+    rm -f test_log_valgrind
+    rm -f test_log_yulectl
+    rm -f yule.html
 }
 
@@ -342,4 +352,50 @@
 fi
 
+# Seems that 'valgrind' causes random hangs :-(
+#
+if [ -z "$usevalgrind" ]; then
+    VALGRIND=
+else
+    VALGRIND=`find_path valgrind`;
+fi
+[ -z "$VALGRIND" ] || { 
+    VALGRIND="$VALGRIND --quiet --tool=memcheck --suppressions=.test.supp"; 
+    export VALGRIND;
+    [ -z "$verbose" ] || log_msg_ok "using valgrind"
+cat > ".test.supp" <<End-of-data
+#
+# there are unitialized bytes in the struct...
+#
+{
+   pushdata_01
+   Memcheck:Param
+   write(buf)
+   obj:/lib/ld-*.so
+   fun:sh_hash_pushdata
+   fun:sh_files_filecheck
+   fun:sh_dirs_chk
+}
+{
+   pushdata_02
+   Memcheck:Param
+   write(buf)
+   obj:/lib/ld-*.so
+   fun:sh_hash_pushdata
+   fun:sh_files_filecheck
+   fun:sh_files_checkdir
+}
+{
+   pushdata_03
+   Memcheck:Param
+   write(buf)
+   obj:/lib/ld-*.so
+   fun:sh_hash_pushdata
+   fun:sh_hash_writeout
+   fun:main
+}
+
+End-of-data
+}
+
 if test x$1 = x1; then
     . ${SCRIPTDIR}/testcompile.sh
@@ -385,4 +441,11 @@
     exit $?
 fi
+if test x$1 = x8; then
+    . ${SCRIPTDIR}/testrun_1.sh
+    . ${SCRIPTDIR}/testrun_1c.sh
+    testrun1c
+    print_summary
+    exit $?
+fi
 if test x$1 = x10; then
     . ${SCRIPTDIR}/testrun_2.sh 
@@ -434,4 +497,6 @@
     . ${SCRIPTDIR}/testrun_1b.sh
     let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null
+    . ${SCRIPTDIR}/testrun_1c.sh
+    let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null
     . ${SCRIPTDIR}/testrun_2.sh
     let "TEST_MAX = TEST_MAX + MAXTEST" >/dev/null
@@ -471,4 +536,9 @@
     MAXTEST=${TEST_MAX}; export MAXTEST
     testrun1b
+    #
+    . ${SCRIPTDIR}/testrun_1.sh
+    . ${SCRIPTDIR}/testrun_1c.sh
+    MAXTEST=${TEST_MAX}; export MAXTEST
+    testrun1c
     #
     . ${SCRIPTDIR}/testrun_2.sh
Index: trunk/test/testcompile.sh
===================================================================
--- trunk/test/testcompile.sh	(revision 21)
+++ trunk/test/testcompile.sh	(revision 22)
@@ -1,5 +1,75 @@
 #! /bin/sh
 
-MAXTEST=28; export MAXTEST
+MAXTEST=56; export MAXTEST
+
+run_smatch () 
+{
+    export CDIR=`pwd`;
+
+    if [ -z "$doall" ]; then
+	[ -z "$quiet" ] && log_skip $2 ${MAXTEST} "$TEST (smatch)";
+	return 0
+    fi
+
+    if [ "x$3" = "xdebug" ]; then memcheck=debug; else memcheck=simple; fi
+    if [ -f ../sm_scripts/smatch.pm ]; then
+	( 
+	    cd ../sm_scripts;
+	    
+	    for i in ${CDIR}/*.c.sm ; do
+	        # echo $i;
+		cat $i | ./unreached_code.pl;
+		cat $i | ./ampersand_missing.sh;
+		cat $i | ./uninitialized.pl;
+		cat $i | ./eqeq.pl;
+		cat $i | ./for_bounds.pl;
+		cat $i | ./unchecked_returns.pl;
+		cat $i | ./unreached_code.pl;
+		cat $i | ./uninitialized.pl;
+		# from http://people.redhat.com/mstefani/wine/smatch/
+		if [ -f ./while_for_check.pl ]; then
+		    cat $i | ./while_for_check.pl;
+		fi 
+		# --> end wine <--
+		# samhain specific
+		if [ $memcheck = xsimple ]; then
+		    if [ -f ./samhain_unfree.pl ]; then
+			cat $i | ./samhain_unfree.pl | \
+			    egrep -v 'x_cutest_.*Test_' | \
+			    egrep -v 'x_sh_unix.c .... .... sh_unix_copyenv';
+		    fi 
+		fi
+		if [ $memcheck = xdebug ]; then
+		    if [ -f ./samhain_unfree_debug.pl ]; then
+			cat $i | ./samhain_unfree_debug.pl | \
+			    egrep -v 'x_cutest_.*Test_' | \
+			    egrep -v 'x_sh_unix.c .... .... sh_unix_copyenv';
+		    fi 
+		fi
+		# --> end samhain specific <--
+		#cat $i | ./unfree.pl | \
+		#    egrep -v 'x_cutest_.*Test_' | \
+		#    grep -v 'x_sh_unix.c .... .... sh_unix_copyenv';
+		touch list_null_funcs_uniq;
+		cat $i | ./deference_check.pl;
+		rm -f list_null_funcs_uniq;
+		rm -f $i
+	    done
+	) >test_log_smatch 2>&1
+	if [ -f test_log_smatch ]; then
+	    lines=`cat test_log_smatch | wc -l`
+	    if [ $lines -ne 0 ]; then
+		cat test_log_smatch
+		rm -f test_log_smatch
+		[ -z "$quiet" ] && log_fail $2 ${MAXTEST} "$TEST (smatch)";
+		return 1
+	    fi
+	fi
+	[ -z "$quiet" ] && log_ok $2 ${MAXTEST} "$TEST (smatch)";
+	return 0
+    fi
+    [ -z "$quiet" ] && log_skip $2 ${MAXTEST} "$TEST (smatch)";
+    return 0
+}
 
 testmake ()
@@ -8,5 +78,5 @@
 	if test x$1 = x0; then
 		[ -z "$verbose" ]     ||  log_msg_ok  "configure...  $TEST";
-		$MAKE  cutest > /dev/null 2>> test_log
+		$MAKE ${SMATCH} cutest > /dev/null 2>> test_log
 		if test x$? = x0; then
 		    [ -z "$verbose" ] || log_msg_ok   "make cutest... $TEST";
@@ -34,4 +104,10 @@
 	log_start "COMPILE"
 
+	if [ -f /usr/local/gcc-smatch/bin/gcc ]; then
+	    SAVE_CC="${CC}"
+	    SMATCH="DBGDEF=--smatch"; export SMATCH
+	    CC="/usr/local/gcc-smatch/bin/gcc"; export CC
+	fi
+
 	num=0
 	numfail=0
@@ -40,5 +116,5 @@
 	# test standalone compilation
 	#
-        TEST="${S}standalone agent w/suidcheck${E}"
+        TEST="${S}standalone w/suidcheck${E}"
 	#
 	if test -r "Makefile"; then
@@ -50,9 +126,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1"  >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation
 	#
-        TEST="${S}standalone agent w/mounts-check and w/userfiles${E}"
+        TEST="${S}standalone w/mounts-check w/userfiles${E}"
 	#
 	if test -r "Makefile"; then
@@ -64,4 +142,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 
@@ -69,5 +149,5 @@
 	# test standalone compilation
 	#
-        TEST="${S}standalone agent w/timeserver and w/message-queue${E}"
+        TEST="${S}standalone w/timeserver and w/msgqueue${E}"
 	#
 	if test -r "Makefile"; then
@@ -79,9 +159,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation with --with-nocl=PW
 	#
-	TEST="${S}standalone agent w/nocl${E}"
+	TEST="${S}standalone w/nocl${E}"
 	#
 	if test -r "Makefile"; then
@@ -93,9 +175,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation w/ debug
 	#
-	TEST="${S}standalone agent w/debug${E}"
+	TEST="${S}standalone w/debug${E}"
 	#
 	if test -r "Makefile"; then
@@ -107,9 +191,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num debug || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation w/ gpg
 	#
-	TEST="${S}standalone agent w/gpg${E}"
+	TEST="${S}standalone w/gpg${E}"
 	#
 	GPG=`find_path gpg`
@@ -126,4 +212,6 @@
 	    #
 	    testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	    let "num = num + 1" >/dev/null
+	    run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	fi
 
@@ -131,5 +219,5 @@
 	# test standalone compilation w/stealth
 	#
-	TEST="${S}standalone agent w/stealth${E}"
+	TEST="${S}standalone w/stealth${E}"
 	#
 	if test -r "Makefile"; then
@@ -141,9 +229,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation w/logwatch
 	#
-	TEST="${S}standalone agent w/login-watch${E}"
+	TEST="${S}standalone w/login-watch${E}"
 	#
 	if test -r "Makefile"; then
@@ -155,9 +245,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation w/mysql
 	#
-	TEST="${S}standalone agent w/mysql${E}"
+	TEST="${S}standalone w/mysql${E}"
 	#
 	if test -r "Makefile"; then
@@ -169,9 +261,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num "skip" || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation w/postgresql
 	#
-	TEST="${S}standalone agent w/postgresql${E}"
+	TEST="${S}standalone w/postgresql${E}"
 	#
 	if test -r "Makefile"; then
@@ -183,9 +277,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num "skip" || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation
 	#
-	TEST="${S}standalone agent w/o mail${E}"
+	TEST="${S}standalone w/o mail${E}"
 	#
 	if test -r "Makefile"; then
@@ -197,9 +293,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test standalone compilation
 	#
-	TEST="${S}standalone agent w/o external scripts${E}"
+	TEST="${S}standalone w/o external${E}"
 	#
 	if test -r "Makefile"; then
@@ -211,4 +309,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	# echo; echo "${S}__ TEST CLIENT/SERVER __${E}"; echo;
@@ -227,4 +327,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	
 	if test -r "Makefile"; then
@@ -236,4 +338,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
@@ -257,4 +361,6 @@
 	    #
 	    testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	    let "num = num + 1" >/dev/null
+	    run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	    #
 	    if test -r "Makefile"; then
@@ -266,4 +372,6 @@
 	    let "num = num + 1" >/dev/null
 	    testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	    let "num = num + 1" >/dev/null
+	    run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	fi
 
@@ -282,4 +390,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	#
 	if test -r "Makefile"; then
@@ -291,4 +401,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
@@ -305,4 +417,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num debug || let "numfail = numfail + 1"  >/dev/null
 	#
 	if test -r "Makefile"; then
@@ -314,4 +428,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num debug || let "numfail = numfail + 1"  >/dev/null
 
 	#
@@ -328,4 +444,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	#
 	if test -r "Makefile"; then
@@ -337,4 +455,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
@@ -351,4 +471,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	#
 	if test -r "Makefile"; then
@@ -360,4 +482,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 
 	#
@@ -374,4 +498,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num debug || let "numfail = numfail + 1"  >/dev/null
 	#
 	if test -r "Makefile"; then
@@ -383,9 +509,11 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num debug || let "numfail = numfail + 1"  >/dev/null
 
 	#
 	# test client/server compilation
 	#
-	TEST="${S}client/server application w/o external scripts${E}"
+	TEST="${S}client/server application w/o external${E}"
 	#
 	if test -r "Makefile"; then
@@ -397,4 +525,6 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
 	#
 	if test -r "Makefile"; then
@@ -406,4 +536,8 @@
 	let "num = num + 1" >/dev/null
 	testmake $? $num || let "numfail = numfail + 1" >/dev/null
+	let "num = num + 1" >/dev/null
+	run_smatch $? $num || let "numfail = numfail + 1"  >/dev/null
+
+	[ -z "${SMATCH}" ] || { CC="${SAVE_CC}"; export CC; }
 
 	log_end "COMPILE"
Index: trunk/test/testext.sh
===================================================================
--- trunk/test/testext.sh	(revision 21)
+++ trunk/test/testext.sh	(revision 22)
@@ -79,5 +79,5 @@
 	rm -f $PW_DIR/pdbg.child
 	rm -f $PW_DIR/pdbg.main
-	./samhain -p none 
+	./samhain -p none
     
 	# The shell is too fast ...
Index: trunk/test/testrc_2.in
===================================================================
--- trunk/test/testrc_2.in	(revision 21)
+++ trunk/test/testrc_2.in	(revision 22)
@@ -130,4 +130,6 @@
 
 SetUseSocket = yes
+SetSocketAllowUid=0
+SetSocketPassword=samhain
 
 SetClientFromAccept = yes
Index: trunk/test/testrun_1.sh
===================================================================
--- trunk/test/testrun_1.sh	(revision 21)
+++ trunk/test/testrun_1.sh	(revision 22)
@@ -749,5 +749,7 @@
 run_init ()
 {
-    ./samhain -t init -p none
+    rm -f test_log_valgrind
+
+    ${VALGRIND} ./samhain -t init -p none 2>>test_log_valgrind
 
     if test x$? = x0; then
@@ -761,5 +763,5 @@
 run_check ()
 {
-    ./samhain -t check -p none -l debug
+    ${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind
 
     if test x$? = x0; then
@@ -778,5 +780,5 @@
 run_update ()
 {
-    ./samhain -t update -p none -l debug
+    ${VALGRIND} ./samhain -t update -p none -l debug 2>>test_log_valgrind
 
     if test x$? = x0; then
@@ -792,5 +794,5 @@
     rm -rf $LOGFILE
 
-    ./samhain -t check -p none -l debug
+    ${VALGRIND} ./samhain -t check -p none -l debug 2>>test_log_valgrind
 
     if test x$? = x0; then
@@ -807,4 +809,13 @@
 	fi
 	#
+	[ -z "$VALGRIND" ] || {
+	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+	    if [ $tmp -ne 0 ]; then
+		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+		cat test_log_valgrind
+		return 1;
+	    fi;
+	}
+	#
 	[ -z "$verbose" ] || log_msg_ok    "check(2)...";
     else
@@ -816,8 +827,10 @@
 prep_testdata ()
 {
-    chmod -R 0700 "${BASE}" || {
-	[ -z "$quiet" ] &&   log_msg_fail "chmod -R 0700 ${BASE}"; 
-	return 1;
-    }
+    if [ -d "${BASE}" ]; then
+	chmod -R 0700 "${BASE}" || {
+	    [ -z "$quiet" ] &&   log_msg_fail "chmod -R 0700 ${BASE}"; 
+	    return 1;
+	}
+    fi
 
     rm -rf "${BASE}" || {
Index: trunk/test/testrun_1b.sh
===================================================================
--- trunk/test/testrun_1b.sh	(revision 21)
+++ trunk/test/testrun_1b.sh	(revision 22)
@@ -15,5 +15,5 @@
 	#
 	if test -r "Makefile"; then
-		$MAKE distclean >/dev/null
+		$MAKE distclean >/dev/null >&1
 	fi
 	#
@@ -24,5 +24,5 @@
 	if test x$? = x0; then
 		[ -z "$verbose" ] ||     log_msg_ok "configure..."; 
-		$MAKE  > /dev/null
+		$MAKE  > /dev/null 2>&1
 		if test x$? = x0; then
 		    [ -z "$verbose" ] || log_msg_ok "make..."; 
Index: trunk/test/testrun_2.sh
===================================================================
--- trunk/test/testrun_2.sh	(revision 21)
+++ trunk/test/testrun_2.sh	(revision 22)
@@ -3,4 +3,5 @@
 LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
 RCFILE="$PW_DIR/testrc_2";  export RCFILE
+HTML="$PW_DIR/yule.html";  export HTML
 
 
@@ -12,5 +13,8 @@
 	    echo; 
 	}
-	./yule -l info -p none >/dev/null 2>&1 &
+
+	rm -f test_log_valgrind
+
+	${VALGRIND} ./yule -l info -p none >/dev/null 2>>test_log_valgrind &
 	PROC_Y=$!
 	sleep 5
@@ -22,5 +26,5 @@
 	}
 
-	./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>&1
+	${VALGRIND} ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>>test_log_valgrind
 	if test x$? = x0; then
 	    [ -z "$verbose" ] || log_msg_ok    "samhain.new -t check";
@@ -59,5 +63,13 @@
 	    return 1
 	fi
-	
+
+	[ -z "$VALGRIND" ] || {
+	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+	    if [ $tmp -ne 0 ]; then
+		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+		cat test_log_valgrind
+		return 1;
+	    fi;
+	}
 
 	return 0
@@ -81,6 +93,7 @@
 
 	rm -f $LOGFILE
-
-	./yule -l info -p none >/dev/null 2>&1 &
+	rm -f test_log_valgrind
+
+	${VALGRIND} ./yule -l info -p none >/dev/null 2>>test_log_valgrind &
 	PROC_Y=$!
 	sleep 5
@@ -92,5 +105,5 @@
 	}
 
-	./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>&1
+	${VALGRIND} ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>>test_log_valgrind
 	if test x$? = x0; then
 	    [ -z "$verbose" ] || log_msg_ok    "samhain.new -t check";
@@ -112,5 +125,5 @@
 	    CLIENTLOG="${LOGFILE}.${remhost}"
 	else
-	    CLIENTLOG=`ls -1 ${LOGFILE}.* | tail -n 1`
+	    CLIENTLOG=`ls -1 ${LOGFILE}.* 2>/dev/null | tail -n 1`
 	fi
 
@@ -140,4 +153,13 @@
 	    return 1
 	fi
+
+	[ -z "$VALGRIND" ] || {
+	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+	    if [ $tmp -ne 0 ]; then
+		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+		cat test_log_valgrind
+		return 1;
+	    fi;
+	}
 	
 	rm -f ${LOGFILE}.${remhost}
@@ -171,6 +193,7 @@
 
 	rm -f $LOGFILE
-
-	./yule -p none >/dev/null 2>&1 &
+	rm -f test_log_valgrind
+
+	${VALGRIND} ./yule -p none >/dev/null 2>>test_log_valgrind &
 	PROC_Y=$!
 	sleep 5
@@ -182,5 +205,5 @@
 	}
 
-	./samhain.new -t check -p none -l none --forever --bind-address=127.0.0.1 >/dev/null 2>&1 &
+	${VALGRIND} ./samhain.new -t check -p none -l none --forever --bind-address=127.0.0.1 >/dev/null 2>>test_log_valgrind &
 	if test x$? = x0; then
 	    PROC_S=$!
@@ -231,8 +254,288 @@
 	    return 1
 	fi
+
+	[ -z "$VALGRIND" ] || {
+	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+	    if [ $tmp -ne 0 ]; then
+		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+		cat test_log_valgrind
+		return 1;
+	    fi;
+	}
 	
-	rm -f ${LOGFILE}.${remhost}
+	rm -f ${LOGFILE}
 	return 0
 }
+
+do_test_4 () {
+
+        # don't know what is supported on the test platform, so
+        # prepare for both (password and socket credential)
+
+        # 'id -u' is posix
+        me=`id -u`
+
+	ORIGINAL_1="SetSocketAllowUid=0"
+	REPLACEMENT_1="SetSocketAllowUid=$me"
+        ex $RCFILE <<EOF
+:%s/${ORIGINAL_1}/${REPLACEMENT_1}/g
+:wq
+EOF
+
+	[ -z "$verbose" ] || { 
+	    echo; 
+	    echo "${S}Start Server${E}: ./yule -l info -p none &"; 
+	    echo; 
+	}
+
+	rm -f $LOGFILE
+	rm -f test_log_valgrind
+
+	${VALGRIND} ./yule -l info -p none >/dev/null 2>>test_log_valgrind &
+	PROC_Y=$!
+	sleep 5
+
+	[ -z "$verbose" ] || { 
+	    echo; 
+	    echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; 
+	    echo; 
+	}
+
+	$MAKE yulectl >/dev/null 
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "make yulectl";
+	    kill $PROC_Y
+	    return 1
+	fi
+
+
+	./yulectl -v -c RELOAD foobar1 >test_log_yulectl 2>/dev/null
+
+	if [ $? -ne 0 ]; then 
+	    YULECTL_PASSWORD=samhain; export YULECTL_PASSWORD
+	    ./yulectl -v -c RELOAD foobar1 >test_log_yulectl
+	    if [ $? -ne 0 ]; then
+		kill ${PROC_Y}
+		[ -z "$verbose" ] || log_msg_fail "yulectl";
+		return 1
+	    fi
+	fi
+
+	./yulectl -v -c RELOAD foobar2 >test_yulectl_log
+
+	if [ $? -ne 0 ]; then
+	    kill ${PROC_Y}
+	    [ -z "$verbose" ] || log_msg_fail "yulectl";
+	    return 1
+	fi
+
+	./yulectl -v -c RELOAD foobar3 >test_log_yulectl
+
+	if [ $? -ne 0 ]; then
+	    kill ${PROC_Y}
+	    [ -z "$verbose" ] || log_msg_fail "yulectl";
+	    return 1
+	fi
+
+	./yulectl -v -c LISTALL dummy >test_log_yulectl
+
+	if [ $? -ne 0 ]; then
+	    kill ${PROC_Y}
+	    [ -z "$verbose" ] || log_msg_fail "yulectl";
+	    return 1
+	fi
+
+	tmp=`cat test_log_yulectl | grep RELOAD | wc -l`
+	if [ $tmp -ne 3 ]; then
+	    kill ${PROC_Y}
+	    [ -z "$verbose" ] || log_msg_fail "command confirmation";
+	    return 1
+	fi
+
+	./yulectl -v -c CANCEL foobar3 >test_log_yulectl
+
+	if [ $? -ne 0 ]; then
+	    kill ${PROC_Y}
+	    [ -z "$verbose" ] || log_msg_fail "yulectl";
+	    return 1
+	fi
+
+	./yulectl -v -c LISTALL dummy >test_log_yulectl
+
+	if [ $? -ne 0 ]; then
+	    kill ${PROC_Y}
+	    [ -z "$verbose" ] || log_msg_fail "yulectl";
+	    return 1
+	fi
+
+	tmp=`cat test_log_yulectl | grep RELOAD | wc -l`
+	if [ $tmp -ne 2 ]; then
+	    kill ${PROC_Y}
+	    [ -z "$verbose" ] || log_msg_fail "command confirmation";
+	    return 1
+	fi
+
+	kill ${PROC_Y}
+
+	[ -z "$VALGRIND" ] || {
+	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+	    if [ $tmp -ne 0 ]; then
+		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+		cat test_log_valgrind
+		return 1;
+	    fi;
+	}
+	
+	return 0
+}
+
+do_test_5 () {
+
+	[ -z "$verbose" ] || { 
+	    echo; 
+	    echo "${S}Start Server${E}: ./yule -l info -p none &"; 
+	    echo; 
+	}
+
+( cat <<EOF
+<!-- head -->
+<html><head><title>test</title></head>
+<body>
+Current time: %T <br>
+<table>
+<!-- ehead -->
+EOF
+) >head.html
+
+( cat <<EOF
+<!-- foot -->
+</table>
+</body>
+<!-- efoot -->
+EOF
+) >foot.html
+
+( cat <<EOF
+<!-- entry -->
+<tr>
+  <td>%H</td>
+  <td>%S</td>
+  <td>%T</td>
+</tr>
+<!-- eentry -->
+EOF
+) >entry.html
+
+	${VALGRIND} ./yule -l info -p none >/dev/null 2>>test_log_valgrind &
+	PROC_Y=$!
+	sleep 5
+
+	egrep '<!-- head -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    rm -f head.html; rm -f foot.html; rm -f entry.html;
+	    kill $PROC_Y
+	    [ -z "$verbose" ] || log_msg_fail "head.html";
+	    return 1
+	fi
+
+	egrep '<!-- foot -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    rm -f head.html; rm -f foot.html; rm -f entry.html;
+	    kill $PROC_Y
+	    [ -z "$verbose" ] || log_msg_fail "foot.html";
+	    return 1
+	fi
+
+	[ -z "$verbose" ] || { 
+	    echo; 
+	    echo "${S}Start Client${E}: ./samhain.new -l none -p none -e info -t check"; 
+	    echo; 
+	}
+
+	${VALGRIND} ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>>test_log_valgrind
+	if test x$? = x0; then
+	    [ -z "$verbose" ] || log_msg_ok    "samhain.new -t check";
+	else
+	    kill $PROC_Y
+	    [ -z "$quiet" ]   && log_msg_fail  "samhain.new -t check";
+	    return 1
+	fi
+
+	kill $PROC_Y
+	sleep 5
+
+	# rm -f head.html; rm -f foot.html; rm -f entry.html;
+
+	egrep "START(>|\").*Yule(>|\")" $LOGFILE >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "Server start";
+	    return 1
+	fi
+	egrep "NEW CLIENT" $LOGFILE >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "Client connect";
+	    return 1
+	fi
+	egrep "remote_host.*Checking.*/bin" $LOGFILE >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "Client file check";
+	    return 1
+	fi
+	egrep "remote_host.*EXIT.*Samhain" $LOGFILE >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "Client exit";
+	    return 1
+	fi
+	egrep "EXIT.*Yule.*SIGTERM" $LOGFILE >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "Server exit";
+	    return 1
+	fi
+
+	egrep '<!-- head -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "head.html";
+	    return 1
+	fi
+	egrep '<!-- ehead -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "head.html";
+	    return 1
+	fi
+
+	egrep '<!-- entry -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "entry.html";
+	    return 1
+	fi
+	egrep '<!-- eentry -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "entry.html";
+	    return 1
+	fi
+
+	egrep '<!-- foot -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "foot.html";
+	    return 1
+	fi
+	egrep '<!-- efoot -->' $HTML >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+	    [ -z "$verbose" ] || log_msg_fail "foot.html";
+	    return 1
+	fi
+
+	[ -z "$VALGRIND" ] || {
+	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+	    if [ $tmp -ne 0 ]; then
+		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+		cat test_log_valgrind
+		return 1;
+	    fi;
+	}
+
+	return 0
+}
+
 
 testrun2_internal ()
@@ -273,5 +576,5 @@
 	make clean >/dev/null || return 1
 
-	${TOP_SRCDIR}/configure --quiet  $TRUST --enable-debug --enable-network=server  --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE  --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --enable-identity=rainer --enable-encrypt=2
+	${TOP_SRCDIR}/configure --quiet  $TRUST --enable-debug --enable-network=server  --enable-xml-log --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE  --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file --with-html-file=$HTML --enable-encrypt=2
 	#
 	if test x$? = x0; then
@@ -353,7 +656,7 @@
 	do_test_2
 	if [ $? -eq 0 ]; then
-	    [ -z "$quiet" ] && log_ok   2 ${MAXTEST} "Client logging, seperate logfiles";
-	else
-	    [ -z "$quiet" ] && log_fail 2 ${MAXTEST} "Client logging, seperate logfiles";
+	    [ -z "$quiet" ] && log_ok   2 ${MAXTEST} "Client logging, separate logfiles";
+	else
+	    [ -z "$quiet" ] && log_fail 2 ${MAXTEST} "Client logging, separate logfiles";
 	fi
 
@@ -365,8 +668,22 @@
 	fi
 
+	do_test_4
+	if [ $? -eq 0 ]; then
+	    [ -z "$quiet" ] && log_ok   4 ${MAXTEST} "Server command socket";
+	else
+	    [ -z "$quiet" ] && log_fail 4 ${MAXTEST} "Server command socket";
+	fi
+
+	do_test_5
+	if [ $? -eq 0 ]; then
+	    [ -z "$quiet" ] && log_ok   5 ${MAXTEST} "Server status file";
+	else
+	    [ -z "$quiet" ] && log_fail 5 ${MAXTEST} "Server status file";
+	fi
+
 	return $?
 }
 
-MAXTEST=3; export MAXTEST
+MAXTEST=5; export MAXTEST
 
 testrun2 ()
Index: trunk/test/testrun_2a.sh
===================================================================
--- trunk/test/testrun_2a.sh	(revision 21)
+++ trunk/test/testrun_2a.sh	(revision 22)
@@ -15,5 +15,7 @@
 	    echo; 
 	}
-	./yule -l info -p none >/dev/null 2>&1 &
+	rm -f test_log_valgrind
+
+	${VALGRIND} ./yule -l info -p none >/dev/null 2>>test_log_valgrind &
 	PROC_Y=$!
 	sleep 5
@@ -25,5 +27,5 @@
 	}
 
-	./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>&1
+	${VALGRIND} ./samhain.new -t check -p none -l none -e info --bind-address=127.0.0.1 >/dev/null 2>>test_log_valgrind
 	if test x$? = x0; then
 	    [ -z "$verbose" ] || log_msg_ok    "samhain.new -t check";
@@ -63,4 +65,12 @@
 	fi
 	
+	[ -z "$VALGRIND" ] || {
+	    tmp=`cat test_log_valgrind 2>/dev/null | wc -l`;
+	    if [ $tmp -ne 0 ]; then
+		[ -z "$verbose" ] || log_msg_fail "valgrind reports errors";
+		cat test_log_valgrind
+		return 1;
+	    fi;
+	}
 
 	return 0
Index: trunk/test/testrun_2b.sh
===================================================================
--- trunk/test/testrun_2b.sh	(revision 21)
+++ trunk/test/testrun_2b.sh	(revision 22)
@@ -140,5 +140,5 @@
 
     ALTHOST=`find_hostname`
-    cp    ./testrc_2       "./rc.${ALTHOST}"
+    cp    "${RCFILE_C}"          "./rc.${ALTHOST}"
     cp    ./file.${SH_LOCALHOST} "./file.${ALTHOST}" 2>/dev/null
 }
@@ -166,6 +166,8 @@
     
 	    testrun2b_internal "$GPG"
-    
+
+	    SAVE_VALGRIND="${VALGRIND}"; VALGRIND=''; export VALGRIND
 	    do_test_1_a
+	    VALGRIND="${SAVE_VALGRIND}"; export VALGRIND 
 	    if [ $? -eq 0 ]; then
 		[ -z "$quiet" ] && log_ok   1 ${MAXTEST} "Client download+logging w/gpg";
Index: trunk/test/testrun_2d.sh
===================================================================
--- trunk/test/testrun_2d.sh	(revision 21)
+++ trunk/test/testrun_2d.sh	(revision 22)
@@ -80,4 +80,5 @@
     #
     do_test_1_a
+    #
     if [ $? -ne 0 ]; then
 	[ -z "$quiet" ] && log_fail 1 ${MAXTEST} "Client/server w/postgresql";