diff -urN openswan.old/programs/loggerfix openswan.dev/programs/loggerfix
--- openswan.old/programs/loggerfix	1970-01-01 01:00:00.000000000 +0100
+++ openswan.dev/programs/loggerfix	2006-10-08 20:41:08.000000000 +0200
@@ -0,0 +1,5 @@
+#!/bin/sh
+# use filename instead of /dev/null to log, but dont log to flash or ram
+# pref. log to nfs mount
+echo "$*" >> /dev/null
+exit 0
diff -urN openswan.old/programs/look/look.in openswan.dev/programs/look/look.in
--- openswan.old/programs/look/look.in	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/look/look.in	2006-10-08 20:41:08.000000000 +0200
@@ -84,7 +84,7 @@
 then
 	pat="$pat|$defaultroutephys\$|$defaultroutevirt\$"
 else
-	for i in `echo "$IPSECinterfaces" | sed 's/=/ /'`
+	for i in `echo "$IPSECinterfaces" | tr '=' ' '`
 	do
 		pat="$pat|$i\$"
 	done
diff -urN openswan.old/programs/_plutorun/_plutorun.in openswan.dev/programs/_plutorun/_plutorun.in
--- openswan.old/programs/_plutorun/_plutorun.in	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/_plutorun/_plutorun.in	2006-10-08 20:41:08.000000000 +0200
@@ -147,7 +147,7 @@
 			exit 1
 		fi
 	else
-		if test ! -w "`dirname $stderrlog`"
+		if test ! -w "`echo $stderrlog | sed -r 's/(^.*\/)(.*$)/\1/'`"
 		then
 			echo Cannot write to directory to create \"$stderrlog\".
 			exit 1
diff -urN openswan.old/programs/_realsetup/_realsetup.in openswan.dev/programs/_realsetup/_realsetup.in
--- openswan.old/programs/_realsetup/_realsetup.in	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/_realsetup/_realsetup.in	2006-10-08 20:41:08.000000000 +0200
@@ -232,7 +232,7 @@
 
 	# misc pre-Pluto setup
 
-	perform test -d `dirname $subsyslock` "&&" touch $subsyslock
+	perform test -d `echo $subsyslock | sed -r 's/(^.*\/)(.*$)/\1/'` "&&" touch $subsyslock "&&" rm -f $subsyslock
 
 	if test " $IPSECforwardcontrol" = " yes"
 	then
diff -urN openswan.old/programs/send-pr/send-pr.in openswan.dev/programs/send-pr/send-pr.in
--- openswan.old/programs/send-pr/send-pr.in	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/send-pr/send-pr.in	2006-10-08 20:41:08.000000000 +0200
@@ -402,7 +402,7 @@
 		    else
 			if [ "$fieldname" != "Category" ]
 			then
-			    values=`${BINDIR}/query-pr --valid-values $fieldname | sed ':a;N;$!ba;s/\n/ /g' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
+			    values=`${BINDIR}/query-pr --valid-values $fieldname | tr '\n' ' ' | sed 's/ *$//g;s/ / | /g;s/^/[ /;s/$/ ]/;'`
 			    valslen=`echo "$values" | wc -c`
 			else
 			    values="choose from a category listed above"
@@ -414,7 +414,7 @@
 			else
 				desc="<${values} (one line)>";
 			fi
-			dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
+			dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
 			echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
 		    fi
 		    echo "${fmtname}${desc}" >> $file
@@ -425,7 +425,7 @@
 			desc="	$default_val";
 		    else
 		        desc="	<`${BINDIR}/query-pr --field-description $fieldname` (multiple lines)>";
-			dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
+			dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
 			echo "s/^${dpat}//" >> $FIXFIL
 		    fi
 		    echo "${fmtname}" >> $file;
@@ -437,7 +437,7 @@
 			desc="${default_val}"
 		    else
 			desc="<`${BINDIR}/query-pr --field-description $fieldname` (one line)>"
-			dpat=`echo "$desc" | sed 's/[][*+^$|\()&/]/./g'`
+			dpat=`echo "$desc" | tr '\]\[*+^$|\()&/' '............'`
 			echo "/^>${fieldname}:/ s/${dpat}//" >> $FIXFIL
 		    fi
 		    echo "${fmtname}${desc}" >> $file
diff -urN openswan.old/programs/setup/setup.in openswan.dev/programs/setup/setup.in
--- openswan.old/programs/setup/setup.in	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/setup/setup.in	2006-10-08 20:41:08.000000000 +0200
@@ -117,12 +117,21 @@
 # do it
 case "$1" in
   start|--start|stop|--stop|_autostop|_autostart)
-	if test " `id -u`" != " 0"
+	if [ "x${USER}" != "xroot" ]
 	then
 		echo "permission denied (must be superuser)" |
 			logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
 		exit 1
 	fi
+	# make sure all required directories exist
+	if [ ! -d /var/run/pluto ]
+	then
+		mkdir -p /var/run/pluto
+	fi
+	if [ ! -d /var/lock/subsys ]
+	then
+		mkdir -p /var/lock/subsys
+	fi
 	tmp=/var/run/pluto/ipsec_setup.st
 	outtmp=/var/run/pluto/ipsec_setup.out
 	(
diff -urN openswan.old/programs/showhostkey/showhostkey.in openswan.dev/programs/showhostkey/showhostkey.in
--- openswan.old/programs/showhostkey/showhostkey.in	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/showhostkey/showhostkey.in	2006-10-08 20:41:08.000000000 +0200
@@ -63,7 +63,7 @@
 	exit 1
 fi
 
-host="`hostname --fqdn`"
+host="`cat /proc/sys/kernel/hostname`"
 
 awk '	BEGIN {
 		inkey = 0
@@ -81,7 +81,7 @@
 		os = "[ \t]*"
 		x = "[^ \t]+"
 		oc = "(#.*)?"
-		suffix = ":" os "[rR][sS][aA]" os "{" os oc "$"
+		suffix = ":" os "[rR][sS][aA]" os "[{]" os oc "$"
 		if (id == "") {
 			pat = "^" suffix
 			printid = "default"
diff -urN openswan.old/programs/starter/klips.c openswan.dev/programs/starter/klips.c
--- openswan.old/programs/starter/klips.c	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/starter/klips.c	2006-10-08 20:41:08.000000000 +0200
@@ -83,7 +83,7 @@
 		if (stat(PROC_MODULES,&stb)==0) {
 			unsetenv("MODPATH");
 			unsetenv("MODULECONF");
-			system("depmod -a >/dev/null 2>&1 && modprobe ipsec");
+			system("depmod -a >/dev/null 2>&1 && insmod ipsec");
 		}
 		if (stat(PROC_IPSECVERSION,&stb)==0) {
 			_klips_module_loaded = 1;
diff -urN openswan.old/programs/starter/netkey.c openswan.dev/programs/starter/netkey.c
--- openswan.old/programs/starter/netkey.c	2006-10-08 20:43:21.000000000 +0200
+++ openswan.dev/programs/starter/netkey.c	2006-10-08 20:41:08.000000000 +0200
@@ -75,7 +75,7 @@
 		if (stat(PROC_MODULES,&stb)==0) {
 			unsetenv("MODPATH");
 			unsetenv("MODULECONF");
-			system("depmod -a >/dev/null 2>&1 && modprobe xfrm4_tunnel esp4 ah4 af_key");
+			system("depmod -a >/dev/null 2>&1 && insmod xfrm4_tunnel esp4 ah4 af_key");
 		}
 		if (stat(PROC_NETKEY,&stb)==0) {
 			_netkey_module_loaded = 1;
diff -ruN openswan-2.4.7-old/programs/_startklips/_startklips.in openswan-2.4.7-new/programs/_startklips/_startklips.in
--- openswan-2.4.7-old/programs/_startklips/_startklips.in	2006-12-15 16:29:48.000000000 +0100
+++ openswan-2.4.7-new/programs/_startklips/_startklips.in	2006-12-15 17:18:52.000000000 +0100
@@ -269,16 +269,16 @@
     echo "FATAL ERROR: Both KLIPS and NETKEY IPsec code is present in kernel"
     exit
 fi
-if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn ipsec
+if test ! -f $ipsecversion && test ! -f $netkey
 then
 	# statically compiled KLIPS/NETKEY not found; but there seems to be an ipsec module
-	modprobe ipsec 2> /dev/null
+	insmod -q ipsec 2> /dev/null
 fi
 
-if test ! -f $ipsecversion && test ! -f $netkey && modprobe -qn af_key
+if test ! -f $ipsecversion && test ! -f $netkey
 then
 	# netkey should work then
-	modprobe af_key 2> /dev/null
+	insmod -q af_key 2> /dev/null
 fi
 if test ! -f $ipsecversion && test ! -f $netkey 
 then
@@ -291,27 +291,27 @@
 # modules shared between klips and netkey
 if test -f $modules
 then
-	# we modprobe hw_random so ipsec verify can complain about not using it
-	modprobe -q hw_random 2> /dev/null
+	# we insmod hw_random so ipsec verify can complain about not using it
+	insmod -q hw_random 2> /dev/null
 	# padlock must load before aes module
-	modprobe -q padlock 2> /dev/null
+	insmod -q padlock 2> /dev/null
 	# load the most common ciphers/algo's
-	modprobe -q sha256 2> /dev/null
-	modprobe -q sha1 2> /dev/null
-	modprobe -q md5 2> /dev/null
-	modprobe -q des 2> /dev/null
-	modprobe -q aes 2> /dev/null
+	insmod -q sha256 2> /dev/null
+	insmod -q sha1 2> /dev/null
+	insmod -q md5 2> /dev/null
+	insmod -q des 2> /dev/null
+	insmod -q aes 2> /dev/null
 
 	if test -f $netkey
 	then
 		klips=false
-		modprobe -q ah4 2> /dev/null
-		modprobe -q esp4 2> /dev/null
-		modprobe -q ipcomp 2> /dev/null
+		insmod -q ah4 2> /dev/null
+		insmod -q esp4 2> /dev/null
+		insmod -q ipcomp 2> /dev/null
 		#  xfrm4_tunnel is needed by ipip and ipcomp
-		modprobe -q xfrm4_tunnel 2> /dev/null
+		insmod -q xfrm4_tunnel 2> /dev/null
 		# xfrm_user contains netlink support for IPsec 
-		modprobe -q xfrm_user 2> /dev/null
+		insmod -q xfrm_user 2> /dev/null
 	fi
 
 	if test ! -f $ipsecversion && $klips
@@ -324,7 +324,7 @@
 		fi
                	unset MODPATH MODULECONF        # no user overrides!
                	depmod -a >/dev/null 2>&1
-               	modprobe -v ipsec
+               	insmod -v ipsec
         	if test ! -f $ipsecversion
         	then
                 	echo "kernel appears to lack IPsec support (neither CONFIG_KLIPS or CONFIG_NET_KEY are set)"