=== modified file 'Makefile'
--- Makefile	2014-05-11 20:18:48 +0000
+++ Makefile	2014-06-15 01:01:14 +0000
@@ -264,15 +264,18 @@
 	@echo "# ignored.  The messages are caused by not running as root, but   #"
 	@echo "# you should NOT run \"make run-client\" as root unless you also    #"
 	@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"
-	@echo "# From plugin-runner: setuid: Operation not permitted             #"
+	@echo "# From plugin-runner: setgid: Operation not permitted             #"
+	@echo "#                     setuid: Operation not permitted             #"
 	@echo "# From askpass-fifo:  mkfifo: Permission denied                   #"
-	@echo "# From mandos-client: setuid: Operation not permitted             #"
-	@echo "#                     seteuid: Operation not permitted            #"
-	@echo "#                     klogctl: Operation not permitted            #"
+	@echo "# From mandos-client:                                             #"
+	@echo "#             Failed to raise privileges: Operation not permitted #"
+	@echo "#             Warning: network hook \"*\" exited with status *      #"
 	@echo "###################################################################"
+# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
 	./plugin-runner --plugin-dir=plugins.d \
 		--config-file=plugin-runner.conf \
 		--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
+		--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
 		$(CLIENTARGS)
 
 # Used by run-client

=== modified file 'plugins.d/mandos-client.c'
--- plugins.d/mandos-client.c	2014-06-14 23:29:00 +0000
+++ plugins.d/mandos-client.c	2014-06-15 01:01:14 +0000
@@ -1458,7 +1458,6 @@
   error_t ret_errno = 0;
   if(seteuid(0) == -1){
     ret_errno = errno;
-    perror_plus("seteuid");
   }
   errno = old_errno;
   return ret_errno;
@@ -1475,7 +1474,6 @@
   }
   if(setuid(0) == -1){
     ret_errno = errno;
-    perror_plus("seteuid");
   }
   errno = old_errno;
   return ret_errno;
@@ -1488,7 +1486,6 @@
   error_t ret_errno = 0;
   if(seteuid(uid) == -1){
     ret_errno = errno;
-    perror_plus("seteuid");
   }
   errno = old_errno;
   return ret_errno;
@@ -1501,7 +1498,6 @@
   error_t ret_errno = 0;
   if(setuid(uid) == -1){
     ret_errno = errno;
-    perror_plus("setuid");
   }
   errno = old_errno;
   return ret_errno;
@@ -1554,7 +1550,8 @@
     if(hook_pid == 0){
       /* Child */
       /* Raise privileges */
-      if(raise_privileges_permanently() != 0){
+      errno = raise_privileges_permanently();
+      if(errno != 0){
 	perror_plus("Failed to raise privileges");
 	_exit(EX_NOPERM);
       }
@@ -1733,6 +1730,7 @@
     /* Raise privileges */
     ret_errno = raise_privileges();
     if(ret_errno != 0){
+      errno = ret_errno;
       perror_plus("Failed to raise privileges");
     }
     
@@ -1842,6 +1840,7 @@
     /* Raise privileges */
     ret_errno = raise_privileges();
     if(ret_errno != 0){
+      errno = ret_errno;
       perror_plus("Failed to raise privileges");
     }
     
@@ -2556,6 +2555,7 @@
   {
     ret_errno = raise_privileges();
     if(ret_errno != 0){
+      errno = ret_errno;
       perror_plus("Failed to raise privileges");
     } else {
       
@@ -2584,6 +2584,7 @@
     
     ret_errno = lower_privileges_permanently();
     if(ret_errno != 0){
+      errno = ret_errno;
       perror_plus("Failed to lower privileges permanently");
     }
   }