diff --git a/Makefile.am b/Makefile.am
index 0d566f55..fdeebb53 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,197 +1,215 @@
 # Copyright (c) 2009 Red Hat, Inc.
 #
 # Authors: Andrew Beekhof
 #	   Steven Dake (sdake@redhat.com)
 #
 # This software licensed under BSD license, the text of which follows:
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions are met:
 #
 # - Redistributions of source code must retain the above copyright notice,
 #   this list of conditions and the following disclaimer.
 # - Redistributions in binary form must reproduce the above copyright notice,
 #   this list of conditions and the following disclaimer in the documentation
 #   and/or other materials provided with the distribution.
 # - Neither the name of the MontaVista Software, Inc. nor the names of its
 #   contributors may be used to endorse or promote products derived from this
 #   software without specific prior written permission.
 #
 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
 # THE POSSIBILITY OF SUCH DAMAGE.
 
 SPEC			= $(PACKAGE_NAME).spec
 
 TARFILE			= $(PACKAGE_NAME)-$(VERSION).tar.gz
 
 EXTRA_DIST		= autogen.sh $(SPEC).in \
 			  build-aux/git-version-gen \
 			  build-aux/gitlog-to-changelog \
 			  build-aux/release.mk \
 			  .version
 
 ACLOCAL_AMFLAGS		= -I m4
 
 MAINTAINERCLEANFILES	= Makefile.in aclocal.m4 configure depcomp \
 			  config.guess config.sub missing install-sh \
 			  autoheader automake autoconf test_lense.sh \
 			  autoscan.log configure.scan ltmain.sh test-driver
 
 dist_doc_DATA		= LICENSE INSTALL README.recovery SECURITY AUTHORS
 
 SUBDIRS			= include common_lib lib exec tools test cts pkgconfig \
 			  man init conf qdevices
 
 coverity:
 	rm -rf cov
 	make clean
 	cov-build --dir=cov make
 	cov-analyze --dir cov \
 		    --concurrency \
 		    -co BAD_FREE:allow_first_field:true \
 		    --security \
 		    --wait-for-license
 	cov-format-errors --dir cov
 
 coverity-aggressive:
 	rm -rf cov
 	make clean
 	cov-build --dir=cov make
 	cov-analyze --dir cov \
 		    --concurrency \
 		    --all \
 		    --aggressiveness-level high \
 		    --security \
 		    --wait-for-license
 	cov-format-errors --dir cov
 
 install-exec-local:
 	$(INSTALL) -d $(DESTDIR)/${COROSYSCONFDIR}/service.d
 	$(INSTALL) -d $(DESTDIR)/${COROSYSCONFDIR}/uidgid.d
 	$(INSTALL) -d $(DESTDIR)/${localstatedir}/lib/corosync
 	$(INSTALL) -d $(DESTDIR)/${localstatedir}/log/cluster
+if BUILD_QNETD
+	$(INSTALL) -m 750 -d $(DESTDIR)/${localstatedir}/run/corosync-qnetd
+	$(INSTALL) -m 750 -d $(DESTDIR)/${COROSYSCONFDIR}/qnetd
+endif
+if BUILD_QDEVICES
+	$(INSTALL) -m 750 -d $(DESTDIR)/${localstatedir}/run/corosync-qdevice
+	$(INSTALL) -d $(DESTDIR)/${COROSYSCONFDIR}/qdevice/
+	$(INSTALL) -m 750 -d $(DESTDIR)/${COROSYSCONFDIR}/qdevice/net
+endif
 
 uninstall-local:
 	rmdir $(DESTDIR)/${COROSYSCONFDIR}/service.d || :;
 	rmdir $(DESTDIR)/${COROSYSCONFDIR}/uidgid.d || :;
 	rmdir $(DESTDIR)/${localstatedir}/lib/corosync || :;
 	rmdir $(DESTDIR)/${localstatedir}/log/cluster || :;
+if BUILD_QNETD
+	rmdir $(DESTDIR)/${localstatedir}/run/corosync-qnetd || :;
+	rmdir $(DESTDIR)/${COROSYSCONFDIR}/qnetd || :;
+endif
+if BUILD_QDEVICES
+	rmdir $(DESTDIR)/${localstatedir}/run/corosync-qdevice || :;
+	rmdir $(DESTDIR)/${COROSYSCONFDIR}/qdevice/net || :;
+	rmdir $(DESTDIR)/${COROSYSCONFDIR}/qdevice/ || :;
+endif
 
 if AUGTOOL
 check_SCRIPTS = test_lense.sh
 TESTS = $(check_SCRIPTS)
 
 test_lense.sh:
 	echo "augparse -I $(srcdir)/conf/lenses/ $(srcdir)/conf/lenses/tests/test_corosync.aug" > $@
 	chmod +x $@
 
 endif
 
 lint:
 	for dir in lib exec tools test; do make -C $$dir lint; done
 
 .PHONY: doxygen
 doxygen:
 	@if [ "$(DOXYGEN)" = "" ] || [ "$(DOT)" = "" ] ; then \
 		echo "*********************************************" ; \
 		echo "***                                       ***" ; \
 		echo "*** You must install doxygen and graphviz ***" ; \
 		echo "*** to generate the API documentation.    ***" ; \
 		echo "***                                       ***" ; \
 		echo "*********************************************" ; \
 		exit 1 ; \
 	else \
 		mkdir -p doc/api && $(DOXYGEN) ; \
 	fi
 
 dist-clean-local:
 	rm -f autoconf automake autoheader test_lense.sh
 
 clean-generic:
 	rm -rf doc/api $(SPEC) $(TARFILE) test_lense.sh
 
 ## make rpm/srpm section.
 
 $(SPEC): $(SPEC).in
 	rm -f $@-t $@
 	date="$(shell LC_ALL=C date "+%a %b %d %Y")" && \
 	if [ -f .tarball-version ]; then \
 		gitver="$(shell cat .tarball-version)" && \
 		rpmver=$$gitver && \
 		alphatag="" && \
 		dirty="" && \
 		numcomm=""; \
 	else \
 		gitver="$(shell git describe --abbrev=4 --match='v*' HEAD 2>/dev/null)" && \
 		rpmver=`echo $$gitver | sed -e "s/^v//" -e "s/-.*//g"` && \
 		alphatag=`echo $$gitver | sed -e "s/.*-//" -e "s/^g//"` && \
 		vtag=`echo $$gitver | sed -e "s/-.*//g"` && \
 		numcomm=`git rev-list $$vtag..HEAD | wc -l` && \
 		git update-index --refresh > /dev/null 2>&1 || true && \
 		dirty=`git diff-index --name-only HEAD 2>/dev/null`; \
 	fi && \
 	if [ "$$numcomm" = "0" ]; then numcomm=""; fi && \
 	if [ -n "$$numcomm" ]; then numcomm="%global numcomm $$numcomm"; fi && \
 	if [ "$$alphatag" = "$$gitver" ]; then alphatag=""; fi && \
 	if [ -n "$$alphatag" ]; then alphatag="%global alphatag $$alphatag"; fi && \
 	if [ -n "$$dirty" ]; then dirty="%global dirty dirty"; fi && \
 	sed \
 		-e "s#@version@#$$rpmver#g" \
 		-e "s#@ALPHATAG@#$$alphatag#g" \
 		-e "s#@NUMCOMM@#$$numcomm#g" \
 		-e "s#@DIRTY@#$$dirty#g" \
 		-e "s#@date@#$$date#g" \
 	$< > $@-t; \
 	chmod a-w $@-t
 	mv $@-t $@
 
 $(TARFILE):
 	$(MAKE) dist
 
 RPMBUILDOPTS	= --define "_sourcedir $(abs_builddir)" \
 		  --define "_specdir $(abs_builddir)" \
 		  --define "_builddir $(abs_builddir)" \
 		  --define "_srcrpmdir $(abs_builddir)" \
 		  --define "_rpmdir $(abs_builddir)"
 
 srpm: clean
 	$(MAKE) $(SPEC) $(TARFILE)
 	rpmbuild $(WITH_LIST) $(RPMBUILDOPTS) --nodeps -bs $(SPEC)
 
 rpm: clean _version
 	$(MAKE) $(SPEC) $(TARFILE)
 	rpmbuild $(WITH_LIST) $(RPMBUILDOPTS) -ba $(SPEC)
 
 # release/versioning
 BUILT_SOURCES	= .version
 .version:
 	echo $(VERSION) > $@-t && mv $@-t $@
 
 dist-hook: gen-ChangeLog
 	echo $(VERSION) > $(distdir)/.tarball-version
 
 gen_start_date = 2000-01-01
 .PHONY: gen-ChangeLog _version
 gen-ChangeLog:
 	if test -d .git; then						\
 		LC_ALL=C $(top_srcdir)/build-aux/gitlog-to-changelog		\
 			--since=$(gen_start_date) > $(distdir)/cl-t;	\
 		rm -f $(distdir)/ChangeLog;				\
 		mv $(distdir)/cl-t $(distdir)/ChangeLog;		\
 	fi
 
 _version:
 	cd $(srcdir) && rm -rf autom4te.cache .version && autoreconf -i
 	$(MAKE) $(AM_MAKEFLAGS) Makefile
 
 maintainer-clean-local:
 	rm -rf m4
diff --git a/qdevices/corosync-qdevice-net-certutil.sh b/qdevices/corosync-qdevice-net-certutil.sh
index 53c7b6c8..341e61c3 100644
--- a/qdevices/corosync-qdevice-net-certutil.sh
+++ b/qdevices/corosync-qdevice-net-certutil.sh
@@ -1,400 +1,400 @@
 #!@BASHPATH@
 
 #
 # Copyright (c) 2015-2016 Red Hat, Inc.
 #
 # All rights reserved.
 #
 # Author: Jan Friesse (jfriesse@redhat.com)
 #
 # This software licensed under BSD license, the text of which follows:
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions are met:
 #
 # - Redistributions of source code must retain the above copyright notice,
 #   this list of conditions and the following disclaimer.
 # - Redistributions in binary form must reproduce the above copyright notice,
 #   this list of conditions and the following disclaimer in the documentation
 #   and/or other materials provided with the distribution.
 # - Neither the name of the Red Hat, Inc. nor the names of its
 #   contributors may be used to endorse or promote products derived from this
 #   software without specific prior written permission.
 #
 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
 # THE POSSIBILITY OF SUCH DAMAGE.
 #
 
 BASE_DIR="@COROSYSCONFDIR@/qdevice/net"
-DB_DIR_QNETD="$BASE_DIR/qnetd/nssdb"
-DB_DIR_NODE="$BASE_DIR/node/nssdb"
+DB_DIR_QNETD="@COROSYSCONFDIR@/qnetd/nssdb"
+DB_DIR_NODE="$BASE_DIR/nssdb"
 # Validity of certificate (months)
 CRT_VALIDITY=1200
 CA_NICKNAME="QNet CA"
 SERVER_NICKNAME="QNetd Cert"
 CLUSTER_NICKNAME="Cluster Cert"
 CA_SUBJECT="CN=QNet CA"
 SERVER_SUBJECT="CN=Qnetd Server"
 PWD_FILE_BASE="pwdfile.txt"
 NOISE_FILE_BASE="noise.txt"
 SERIAL_NO_FILE_BASE="serial.txt"
 CA_EXPORT_FILE="$DB_DIR_QNETD/qnetd-cacert.crt"
 CRQ_FILE_BASE="qdevice-net-node.crq"
 CRT_FILE_BASE="" # Generated from cluster name
 P12_FILE_BASE="qdevice-net-node.p12"
 QNETD_CERTUTIL_CMD="corosync-qnetd-certutil"
 
 usage() {
     echo "$0: [-i|-m|-M|-r|-s|-Q] [-c certificate] [-n cluster_name]"
     echo
     echo " -i      Initialize node CA. Needs CA certificate from server"
     echo " -m      Import cluster certificate on node (needs pk12 certificate)"
     echo " -r      Generate cluster certificate request"
     echo " -M      Import signed cluster certificate and export certificate with key to pk12 file"
     echo " -Q      Quick start. Uses ssh/scp to initialze both qnetd and nodes."
     echo ""
     echo " -c certificate      Ether CA, CRQ, CRT or pk12 certificate (operation dependant)"
     echo " -n cluster_name     Name of cluster (for -r and -s operations)"
     echo ""
     echo "Typical usage:"
     echo "- Initialize database on QNetd server by running $QNETD_CERTUTIL_CMD -i"
     echo "- Copy exported QNetd CA certificate ($CA_EXPORT_FILE) to every node"
     echo "- On one of cluster node initialize database by running $0 -i -c `basename $CA_EXPORT_FILE`"
     echo "- Generate certificate request: $0 -r -n Cluster (Cluster name must match cluster_name key in the corosync.conf)"
     echo "- Copy exported CRQ to QNetd server"
     echo "- On QNetd server sign and export cluster certificate by running $QNETD_CERTUTIL_CMD -s -c `basename $CRQ_FILE_BASE` -n Cluster"
     echo "- Copy exported CRT to node where certificate request was created"
     echo "- Import certificate on node where certificate request was created by running $0 -M -c cluster-Cluster.crt"
     echo "- Copy output $P12_FILE_BASE to all other cluster nodes"
     echo "- On all other nodes in cluster:"
     echo "  - Init database by running $0 -i -c `basename $CA_EXPORT_FILE`"
     echo "  - Import cluster certificate and key: $0 -m -c `basename $P12_FILE_BASE`"
     echo ""
     echo "It is also possible to use Quick start (-Q). This needs properly configured ssh."
     echo "  $0 -Q -n Cluster qnetd_server node1 node2 ... nodeN"
 
     exit 0
 }
 
 create_new_noise_file() {
     local noise_file="$1"
 
     if [ ! -e "$noise_file" ];then
         echo "Creating new noise file $noise_file"
 
         (ps -elf; date; w) | sha1sum | (read sha_sum rest; echo $sha_sum) > "$noise_file"
 
         chown root:root "$noise_file"
-        chmod 400 "$noise_file"
+        chmod 600 "$noise_file"
     else
         echo "Using existing noise file $noise_file"
     fi
 }
 
 get_serial_no() {
     local serial_no
 
     if ! [ -f "$SERIAL_NO_FILE" ];then
         echo "100" > $SERIAL_NO_FILE
     fi
     serial_no=`cat $SERIAL_NO_FILE`
     serial_no=$((serial_no+1))
     echo "$serial_no" > $SERIAL_NO_FILE
     echo "$serial_no"
 }
 
 init_node_ca() {
     if [ -f "$DB_DIR/cert8.db" ];then
         echo "Certificate database already exists. Delete it to continue" >&2
 
         exit 1
     fi
 
     if ! [ -d "$DB_DIR" ];then
         echo "Creating $DB_DIR"
         mkdir -p "$DB_DIR"
         chown root:root "$DB_DIR"
         chmod 700 "$DB_DIR"
     fi
 
     echo "Creating new key and cert db"
     echo -n "" > "$PWD_FILE"
     certutil -N -d "$DB_DIR" -f "$PWD_FILE"
     chown root:root "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
     chmod 600 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
 
     create_new_noise_file "$NOISE_FILE"
 
     echo "Importing CA"
 
     certutil -d "$DB_DIR" -A -t "CT,c,c" -n "$CA_NICKNAME" -f "$PWD_FILE" \
         -i "$CERTIFICATE_FILE"
 }
 
 gen_cluster_cert_req() {
     if ! [ -f "$DB_DIR/cert8.db" ];then
         echo "Certificate database doesn't exists. Use $0 -i to create it" >&2
 
         exit 1
     fi
 
     echo "Creating new certificate request"
 
     certutil -R -s "CN=$CLUSTER_NAME" -o "$CRQ_FILE" -d "$DB_DIR" -f "$PWD_FILE" -z "$NOISE_FILE"
 
     echo "Certificate request stored in $CRQ_FILE"
 }
 
 import_signed_cert() {
     if ! [ -f "$DB_DIR/cert8.db" ];then
         echo "Certificate database doesn't exists. Use $0 -i to create it" >&2
 
         exit 1
     fi
 
     echo "Importing signed cluster certificate"
     certutil -d "$DB_DIR" -A -t "u,u,u" -n "$CLUSTER_NICKNAME" -i "$CERTIFICATE_FILE"
 
     pk12util -d "$DB_DIR" -o "$P12_FILE" -W "" -n "$CLUSTER_NICKNAME"
 
     echo "Certificate stored in $P12_FILE"
 }
 
 import_pk12() {
     if ! [ -f "$DB_DIR/cert8.db" ];then
         echo "Certificate database doesn't exists. Use $0 -i to create it" >&2
 
         exit 1
     fi
 
     echo "Importing cluster certificate and key"
     pk12util -i "$CERTIFICATE_FILE" -d "$DB_DIR" -W ""
 }
 
 quick_start() {
     qnetd_addr="$1"
     master_node="$2"
     other_nodes="$3"
 
     # Sanity check
     for i in "$master_node" $other_nodes;do
         if ssh root@$i "[ -d \"$DB_DIR_QNETD\" ] || [ -d \"$DB_DIR_NODE\" ]";then
             echo "Node $i seems to be already initialized. Please delete $DB_DIR_QNETD and $DB_DIR_NODE" >&2
 
             exit 1
         fi
 
         if ! ssh "root@$i" "$0" > /dev/null;then
             echo "Node $i doesn't have $0 installed" >&2
 
             exit 1
         fi
     done
 
     # Initialize qnetd server (it's no problem if server is already initialized)
     ssh "root@$qnetd_addr" "$QNETD_CERTUTIL_CMD -i"
 
     # Copy CA cert to all nodes and initialize them
     for node in "$master_node" $other_nodes;do
         scp "root@$qnetd_addr:$CA_EXPORT_FILE" "$node:/tmp"
         ssh "root@$node" "$0 -i -c \"/tmp/`basename $CA_EXPORT_FILE`\" && rm /tmp/`basename $CA_EXPORT_FILE`"
     done
 
     # Generate cert request
     ssh "root@$master_node" "$0 -r -n \"$CLUSTER_NAME\""
 
     # Copy exported cert request to qnetd server
     scp "root@$master_node:$DB_DIR_NODE/$CRQ_FILE_BASE" "root@$qnetd_addr:/tmp"
 
     # Sign and export cluster certificate
     ssh "root@$qnetd_addr" "$QNETD_CERTUTIL_CMD -s -c \"/tmp/$CRQ_FILE_BASE\" -n \"$CLUSTER_NAME\""
 
     # Copy exported CRT to master node
     scp "root@$qnetd_addr:$DB_DIR_QNETD/cluster-$CLUSTER_NAME.crt" "root@$master_node:$DB_DIR_NODE"
 
     # Import certificate
     ssh "root@$master_node" "$0 -M -c \"$DB_DIR_NODE/cluster-$CLUSTER_NAME.crt\""
 
     # Copy pk12 cert to all nodes and import it
     for node in $other_nodes;do
         scp "root@$master_node:$DB_DIR_NODE/$P12_FILE" "$node:$DB_DIR_NODE/$P12_FILE"
         ssh "root@$node" "$0 -m -c \"$DB_DIR_NODE/$P12_FILE\""
     done
 }
 
 OPERATION=""
 CERTIFICATE_FILE=""
 CLUSTER_NAME=""
 
 while getopts ":hiMmQrc:n:" opt; do
     case $opt in
         r)
             OPERATION=gen_cluster_cert_req
             ;;
         i)
             OPERATION=init_node_ca
             ;;
         m)
             OPERATION=import_pk12
             ;;
         M)
             OPERATION=import_signed_cert
             ;;
         Q)
             OPERATION=quick_start
             ;;
         n)
             CLUSTER_NAME="$OPTARG"
             ;;
         h)
             usage
             ;;
         c)
             CERTIFICATE_FILE="$OPTARG"
             ;;
         \?)
             echo "Invalid option: -$OPTARG" >&2
 
             exit 1
             ;;
         :)
             echo "Option -$OPTARG requires an argument." >&2
 
             exit 1
             ;;
    esac
 done
 
 case "$OPERATION" in
     "init_qnetd_ca")
         DB_DIR="$DB_DIR_QNETD"
     ;;
     "init_node_ca")
         DB_DIR="$DB_DIR_NODE"
     ;;
     "gen_cluster_cert_req")
         DB_DIR="$DB_DIR_NODE"
     ;;
     "sign_cluster_cert")
         DB_DIR="$DB_DIR_QNETD"
     ;;
     "import_signed_cert")
         DB_DIR="$DB_DIR_NODE"
     ;;
     "import_pk12")
         DB_DIR="$DB_DIR_NODE"
     ;;
     "quick_start")
         DB_DIR=""
     ;;
     *)
         usage
     ;;
 esac
 
 PWD_FILE="$DB_DIR/$PWD_FILE_BASE"
 NOISE_FILE="$DB_DIR/$NOISE_FILE_BASE"
 SERIAL_NO_FILE="$DB_DIR/$SERIAL_NO_FILE_BASE"
 CRQ_FILE="$DB_DIR/$CRQ_FILE_BASE"
 CRT_FILE="$DB_DIR/cluster-$CLUSTER_NAME.crt"
 P12_FILE="$DB_DIR/$P12_FILE_BASE"
 
 case "$OPERATION" in
     "init_qnetd_ca")
         init_qnetd_ca
     ;;
     "init_node_ca")
         if ! [ -e "$CERTIFICATE_FILE" ];then
             echo "Can't open certificate file $CERTIFICATE_FILE" >&2
 
             exit 2
         fi
 
         init_node_ca
     ;;
     "gen_cluster_cert_req")
         if [ "$CLUSTER_NAME" == "" ];then
             echo "You have to specify cluster name" >&2
 
             exit 2
         fi
 
         gen_cluster_cert_req
     ;;
     "sign_cluster_cert")
         if ! [ -e "$CERTIFICATE_FILE" ];then
             echo "Can't open certificate file $CERTIFICATE_FILE" >&2
 
             exit 2
         fi
 
         if [ "$CLUSTER_NAME" == "" ];then
             echo "You have to specify cluster name" >&2
 
             exit 2
         fi
 
         sign_cluster_cert
     ;;
     "import_signed_cert")
         if ! [ -e "$CERTIFICATE_FILE" ];then
             echo "Can't open certificate file $CERTIFICATE_FILE" >&2
 
             exit 2
         fi
 
         import_signed_cert
     ;;
     "import_pk12")
         if ! [ -e "$CERTIFICATE_FILE" ];then
             echo "Can't open certificate file $CERTIFICATE_FILE" >&2
 
             exit 2
         fi
 
         import_pk12
     ;;
     "quick_start")
         shift $((OPTIND-1))
 
         qnetd_addr="$1"
 
         shift 1
 
         master_node="$1"
         shift 1
         other_nodes="$@"
 
         if [ "$CLUSTER_NAME" == "" ];then
             echo "You have to specify cluster name" >&2
 
             exit 2
         fi
 
         if [ "$qnetd_addr" == "" ];then
             echo "No QNetd server address provided." >&2
 
             exit 2
         fi
 
         if [ "$master_node" == "" ];then
             echo "No nodes provided." >&2
 
             exit 2
         fi
 
         quick_start "$qnetd_addr" "$master_node" "$other_nodes"
     ;;
     *)
         usage
     ;;
 esac
diff --git a/qdevices/corosync-qnetd-certutil.sh b/qdevices/corosync-qnetd-certutil.sh
index 47c434ec..60040220 100644
--- a/qdevices/corosync-qnetd-certutil.sh
+++ b/qdevices/corosync-qnetd-certutil.sh
@@ -1,201 +1,215 @@
 #!@BASHPATH@
 
 #
 # Copyright (c) 2015-2016 Red Hat, Inc.
 #
 # All rights reserved.
 #
 # Author: Jan Friesse (jfriesse@redhat.com)
 #
 # This software licensed under BSD license, the text of which follows:
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions are met:
 #
 # - Redistributions of source code must retain the above copyright notice,
 #   this list of conditions and the following disclaimer.
 # - Redistributions in binary form must reproduce the above copyright notice,
 #   this list of conditions and the following disclaimer in the documentation
 #   and/or other materials provided with the distribution.
 # - Neither the name of the Red Hat, Inc. nor the names of its
 #   contributors may be used to endorse or promote products derived from this
 #   software without specific prior written permission.
 #
 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 # ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
 # THE POSSIBILITY OF SUCH DAMAGE.
 #
 
-DB_DIR="@COROSYSCONFDIR@/qdevice/net/qnetd/nssdb"
+CONFIG_DIR="@COROSYSCONFDIR@/qnetd"
+DB_DIR="$CONFIG_DIR/nssdb"
 # Validity of certificate (months)
 CRT_VALIDITY=1200
 CA_NICKNAME="QNet CA"
 SERVER_NICKNAME="QNetd Cert"
 CLUSTER_NICKNAME="Cluster Cert"
 CA_SUBJECT="CN=QNet CA"
 SERVER_SUBJECT="CN=Qnetd Server"
 PWD_FILE="$DB_DIR/pwdfile.txt"
 NOISE_FILE="$DB_DIR/noise.txt"
 SERIAL_NO_FILE="$DB_DIR/serial.txt"
 CA_EXPORT_FILE="$DB_DIR/qnetd-cacert.crt"
 CRT_FILE_BASE="" # Generated from cluster name
 
 usage() {
     echo "$0: [-i|-s] [-c certificate]"
     echo
     echo " -i                  Initialize QNetd CA and generate server certificate"
     echo " -s                  Sign cluster certificate (needs cluster certificate)"
     echo " -c certificate      CRQ certificate file name"
     echo " -n cluster_name     Name of cluster (for -s operation)"
 
     exit 0
 }
 
+chown_ref_cfgdir() {
+    if [ "$UID" == "0" ];then
+        chown --reference="$CONFIG_DIR" "$@" 2>/dev/null || chown `stat -f "%u:%g" "$CONFIG_DIR"` "$@" 2>/dev/null || return $?
+    fi
+}
+
 create_new_noise_file() {
     local noise_file="$1"
 
     if [ ! -e "$noise_file" ];then
         echo "Creating new noise file $noise_file"
 
         (ps -elf; date; w) | sha1sum | (read sha_sum rest; echo $sha_sum) > "$noise_file"
 
-        chown root:root "$noise_file"
-        chmod 400 "$noise_file"
+        chown_ref_cfgdir "$noise_file"
+        chmod 600 "$noise_file"
     else
         echo "Using existing noise file $noise_file"
     fi
 }
 
 get_serial_no() {
     local serial_no
 
     if ! [ -f "$SERIAL_NO_FILE" ];then
         echo "100" > $SERIAL_NO_FILE
+        chown_ref_cfgdir "$SERIAL_NO_FILE"
+        chmod 600 "$SERIAL_NO_FILE"
     fi
     serial_no=`cat $SERIAL_NO_FILE`
     serial_no=$((serial_no+1))
     echo "$serial_no" > $SERIAL_NO_FILE
     echo "$serial_no"
 }
 
 init_qnetd_ca() {
     if [ -f "$DB_DIR/cert8.db" ];then
         echo "Certificate database ($DB_DIR) already exists. Delete it to initialize new db" >&2
 
         exit 1
     fi
 
     if ! [ -d "$DB_DIR" ];then
         echo "Creating $DB_DIR"
         mkdir -p "$DB_DIR"
-        chown root:root "$DB_DIR"
+        chown_ref_cfgdir "$DB_DIR"
         chmod 700 "$DB_DIR"
     fi
 
     echo "Creating new key and cert db"
     echo -n "" > "$PWD_FILE"
+    chown_ref_cfgdir "$PWD_FILE"
+    chmod 600 "$PWD_FILE"
+
     certutil -N -d "$DB_DIR" -f "$PWD_FILE"
-    chown root:root "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
+    chown_ref_cfgdir "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
     chmod 600 "$DB_DIR/key3.db" "$DB_DIR/cert8.db" "$DB_DIR/secmod.db"
 
     create_new_noise_file "$NOISE_FILE"
 
     echo "Creating new CA"
     # Create self-signed certificate (CA). Asks 3 questions (is this CA, lifetime and critical extension
     echo -e "y\n0\ny\n" | certutil -S -n "$CA_NICKNAME" -s "$CA_SUBJECT" -x \
         -t "CT,," -m `get_serial_no` -v $CRT_VALIDITY -d "$DB_DIR" \
         -z "$NOISE_FILE" -f "$PWD_FILE" -2
     # Export CA certificate in ascii
     certutil -L -d "$DB_DIR" -n "$CA_NICKNAME" > "$CA_EXPORT_FILE"
     certutil -L -d "$DB_DIR" -n "$CA_NICKNAME" -a >> "$CA_EXPORT_FILE"
+    chown_ref_cfgdir "$CA_EXPORT_FILE"
 
     certutil -S -n "$SERVER_NICKNAME" -s "$SERVER_SUBJECT" -c "$CA_NICKNAME" -t "u,u,u" -m `get_serial_no` \
         -v $CRT_VALIDITY -d "$DB_DIR" -z "$NOISE_FILE" -f "$PWD_FILE"
 
     echo "QNetd CA certificate is exported as $CA_EXPORT_FILE"
 }
 
 
 sign_cluster_cert() {
     if ! [ -f "$DB_DIR/cert8.db" ];then
         echo "Certificate database doesn't exists. Use $0 -I to create it" >&2
 
         exit 1
     fi
 
     echo "Signing cluster certificate"
     certutil -C -v "$CRT_VALIDITY" -m `get_serial_no` -i "$CERTIFICATE_FILE" -o "$CRT_FILE" -c "$CA_NICKNAME" -d "$DB_DIR"
+    chown_ref_cfgdir "$CRT_FILE"
 
     echo "Certificate stored in $CRT_FILE"
 }
 
 
 OPERATION=""
 CERTIFICATE_FILE=""
 CLUSTER_NAME=""
 
 while getopts ":hisc:n:" opt; do
     case $opt in
         i)
             OPERATION=init_qnetd_ca
             ;;
         s)
             OPERATION=sign_cluster_cert
             ;;
         h)
             usage
             ;;
         c)
             CERTIFICATE_FILE="$OPTARG"
             ;;
         n)
             CLUSTER_NAME="$OPTARG"
             ;;
         \?)
             echo "Invalid option: -$OPTARG" >&2
 
             exit 1
             ;;
         :)
             echo "Option -$OPTARG requires an argument." >&2
 
             exit 1
             ;;
    esac
 done
 
 [ "$OPERATION" == "" ] && usage
 
 CRT_FILE="$DB_DIR/cluster-$CLUSTER_NAME.crt"
 
 case "$OPERATION" in
     "init_qnetd_ca")
         init_qnetd_ca
     ;;
     "sign_cluster_cert")
         if ! [ -e "$CERTIFICATE_FILE" ];then
             echo "Can't open certificate file $CERTIFICATE_FILE" >&2
 
             exit 2
         fi
 
         if [ "$CLUSTER_NAME" == "" ];then
             echo "You have to specify cluster name" >&2
 
             exit 2
         fi
 
         sign_cluster_cert
     ;;
     *)
         usage
     ;;
 esac
diff --git a/qdevices/qdevice-config.h b/qdevices/qdevice-config.h
index aab5f80f..249b7c94 100644
--- a/qdevices/qdevice-config.h
+++ b/qdevices/qdevice-config.h
@@ -1,86 +1,86 @@
 /*
  * Copyright (c) 2015-2016 Red Hat, Inc.
  *
  * All rights reserved.
  *
  * Author: Jan Friesse (jfriesse@redhat.com)
  *
  * This software licensed under BSD license, the text of which follows:
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
  *
  * - Redistributions of source code must retain the above copyright notice,
  *   this list of conditions and the following disclaimer.
  * - Redistributions in binary form must reproduce the above copyright notice,
  *   this list of conditions and the following disclaimer in the documentation
  *   and/or other materials provided with the distribution.
  * - Neither the name of the Red Hat, Inc. nor the names of its
  *   contributors may be used to endorse or promote products derived from this
  *   software without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
  * THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #ifndef _QDEVICE_CONFIG_H_
 #define _QDEVICE_CONFIG_H_
 
 #include <config.h>
 
 #include <qb/qbdefs.h>
 #include <qb/qblog.h>
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
 /*
  * There are "hardcoded" defines for qdevice. It's not so good
  * idea to change them as long as you are not 100% sure what you are doing. Also
  * most of them can be changed in CLI via advanced_settings (-S).
  */
-#define QDEVICE_DEFAULT_LOCK_FILE		LOCALSTATEDIR"/run/corosync-qdevice.pid"
-#define QDEVICE_DEFAULT_LOCAL_SOCKET_FILE	LOCALSTATEDIR"/run/corosync-qdevice.sock"
+#define QDEVICE_DEFAULT_LOCK_FILE		LOCALSTATEDIR"/run/corosync-qdevice/corosync-qdevice.pid"
+#define QDEVICE_DEFAULT_LOCAL_SOCKET_FILE	LOCALSTATEDIR"/run/corosync-qdevice/corosync-qdevice.sock"
 #define QDEVICE_DEFAULT_LOCAL_SOCKET_BACKLOG	10
 #define QDEVICE_MIN_LOCAL_SOCKET_BACKLOG	1
 
 #define QDEVICE_DEFAULT_MAX_CS_TRY_AGAIN	10
 #define QDEVICE_MIN_MAX_CS_TRY_AGAIN		1
 
 #define QDEVICE_PROGRAM_NAME			"corosync-qdevice"
 #define QDEVICE_LOG_SUBSYS			"QDEVICE"
 #define QDEVICE_LOG_DEFAULT_TO_STDERR		1
 #define QDEVICE_LOG_DEFAULT_TO_SYSLOG		1
 #define QDEVICE_LOG_DEFAULT_TO_LOGFILE		0
 #define QDEVICE_LOG_DEFAULT_SYSLOG_FACILITY	LOG_DAEMON
 #define QDEVICE_LOG_DEFAULT_SYSLOG_PRIORITY	LOG_INFO
 #define QDEVICE_LOG_DEFAULT_DEBUG		0
 #define QDEVICE_LOG_DEFAULT_FILELINE		0
 #define QDEVICE_LOG_DEFAULT_TIMESTAMP		0
 #define QDEVICE_LOG_DEFAULT_FUNCTION_NAME	0
 
 #define QDEVICE_DEFAULT_VOTEQUORUM_DEVICE_NAME	"Qdevice"
 
 #define QDEVICE_DEFAULT_IPC_MAX_CLIENTS		10
 #define QDEVICE_MIN_IPC_MAX_CLIENTS		0
 #define QDEVICE_DEFAULT_IPC_MAX_RECEIVE_SIZE	(4*1024)
 #define QDEVICE_DEFAULT_IPC_MAX_SEND_SIZE	(64*1024)
 #define QDEVICE_MIN_IPC_RECEIVE_SEND_SIZE	1024
 
 #define QDEVICE_TOOL_PROGRAM_NAME		"corosync-qdevice-tool"
 
 #ifdef __cplusplus
 }
 #endif
 
 #endif /* _QDEVICE_CONFIG_H_ */
diff --git a/qdevices/qnet-config.h b/qdevices/qnet-config.h
index cb92b02c..8753d2b0 100644
--- a/qdevices/qnet-config.h
+++ b/qdevices/qnet-config.h
@@ -1,142 +1,142 @@
 /*
  * Copyright (c) 2015-2016 Red Hat, Inc.
  *
  * All rights reserved.
  *
  * Author: Jan Friesse (jfriesse@redhat.com)
  *
  * This software licensed under BSD license, the text of which follows:
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
  *
  * - Redistributions of source code must retain the above copyright notice,
  *   this list of conditions and the following disclaimer.
  * - Redistributions in binary form must reproduce the above copyright notice,
  *   this list of conditions and the following disclaimer in the documentation
  *   and/or other materials provided with the distribution.
  * - Neither the name of the Red Hat, Inc. nor the names of its
  *   contributors may be used to endorse or promote products derived from this
  *   software without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
  * THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #ifndef _QNET_CONFIG_H_
 #define _QNET_CONFIG_H_
 
 #include <config.h>
 
 #include "tlv.h"
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
 /*
  * There are "hardcoded" defaults for both qnetd and qdevice-net. It's not so good
  * idea to change them as long as you are not 100% sure what you are doing. Also
  * most of them can be changed in CLI via advanced_settings (-S).
  */
 
 #define QNETD_PROGRAM_NAME				"corosync-qnetd"
 #define QNETD_DEFAULT_HOST_PORT				5403
 #define QNETD_DEFAULT_LISTEN_BACKLOG			10
 #define QNETD_MIN_LISTEN_BACKLOG			1
 #define QNETD_DEFAULT_MAX_CLIENT_SEND_BUFFERS		32
 #define QNETD_MIN_CLIENT_SEND_BUFFERS			2
 #define QNETD_DEFAULT_MAX_CLIENT_SEND_SIZE		(1 << 15)
 #define QNETD_DEFAULT_MAX_CLIENT_RECEIVE_SIZE		(1 << 15)
 #define QNETD_MIN_CLIENT_RECEIVE_SEND_SIZE		16
 #define QNETD_DEFAULT_MAX_CLIENTS			0
 
-#define QNETD_DEFAULT_NSS_DB_DIR			COROSYSCONFDIR "/qdevice/net/qnetd/nssdb"
+#define QNETD_DEFAULT_NSS_DB_DIR			COROSYSCONFDIR "/qnetd/nssdb"
 #define QNETD_DEFAULT_CERT_NICKNAME			"QNetd Cert"
 
 #define QNETD_DEFAULT_TLS_SUPPORTED			TLV_TLS_SUPPORTED
 #define QNETD_DEFAULT_TLS_CLIENT_CERT_REQUIRED		1
 
 #define QNETD_DEFAULT_HEARTBEAT_INTERVAL_MIN		(1*1000)
 #define QNETD_DEFAULT_HEARTBEAT_INTERVAL_MAX		(2*60*1000)
 #define QNETD_MIN_HEARTBEAT_INTERVAL			1
 
 #define QNETD_DEFAULT_DPD_ENABLED			1
 #define QNETD_DEFAULT_DPD_INTERVAL			(10*1000)
 #define QNETD_MIN_DPD_INTERVAL				1
 
-#define QNETD_DEFAULT_LOCK_FILE				LOCALSTATEDIR"/run/corosync-qnetd.pid"
-#define QNETD_DEFAULT_LOCAL_SOCKET_FILE			LOCALSTATEDIR"/run/corosync-qnetd.sock"
+#define QNETD_DEFAULT_LOCK_FILE				LOCALSTATEDIR"/run/corosync-qnetd/corosync-qnetd.pid"
+#define QNETD_DEFAULT_LOCAL_SOCKET_FILE			LOCALSTATEDIR"/run/corosync-qnetd/corosync-qnetd.sock"
 #define QNETD_DEFAULT_LOCAL_SOCKET_BACKLOG		10
 #define QNETD_MIN_LOCAL_SOCKET_BACKLOG			1
 
 #define QNETD_DEFAULT_IPC_MAX_CLIENTS			10
 #define QNETD_MIN_IPC_MAX_CLIENTS			0
 #define QNETD_DEFAULT_IPC_MAX_RECEIVE_SIZE		(4*1024)
 #define QNETD_DEFAULT_IPC_MAX_SEND_SIZE			(10*1024*1024)
 #define QNETD_MIN_IPC_RECEIVE_SEND_SIZE			1024
 
 #define QNETD_TOOL_PROGRAM_NAME				"corosync-qnetd-tool"
 
-#define QDEVICE_NET_DEFAULT_NSS_DB_DIR			COROSYSCONFDIR "/qdevice/net/node/nssdb"
+#define QDEVICE_NET_DEFAULT_NSS_DB_DIR			COROSYSCONFDIR "/qdevice/net/nssdb"
 
 #define QDEVICE_NET_DEFAULT_INITIAL_MSG_RECEIVE_SIZE	(1 << 15)
 #define QDEVICE_NET_DEFAULT_INITIAL_MSG_SEND_SIZE	(1 << 15)
 #define QDEVICE_NET_DEFAULT_MIN_MSG_SEND_SIZE		QDEVICE_NET_DEFAULT_INITIAL_MSG_SEND_SIZE
 #define QDEVICE_NET_DEFAULT_MAX_MSG_RECEIVE_SIZE	(1 << 24)
 #define QDEVICE_NET_DEFAULT_MAX_SEND_BUFFERS		10
 #define QDEVICE_NET_MIN_MAX_SEND_BUFFERS		2
 #define QDEVICE_NET_MIN_MSG_RECEIVE_SEND_SIZE		16
 
 #define QDEVICE_NET_DEFAULT_NSS_QNETD_CN		"Qnetd Server"
 
 #define QDEVICE_NET_DEFAULT_NSS_CLIENT_CERT_NICKNAME	"Cluster Cert"
 
 
 #define QDEVICE_NET_DEFAULT_ALGORITHM			TLV_DECISION_ALGORITHM_TYPE_TEST
 
 #define QDEVICE_NET_DEFAULT_TLS_SUPPORTED		TLV_TLS_SUPPORTED
 
 #define QDEVICE_NET_DEFAULT_TIE_BREAKER_MODE		TLV_TIE_BREAKER_MODE_LOWEST
 
 #define QDEVICE_NET_DEFAULT_HEARTBEAT_INTERVAL_MIN	QNETD_DEFAULT_HEARTBEAT_INTERVAL_MIN
 #define QDEVICE_NET_DEFAULT_HEARTBEAT_INTERVAL_MAX	QNETD_DEFAULT_HEARTBEAT_INTERVAL_MAX
 #define QDEVICE_NET_MIN_HEARTBEAT_INTERVAL		1
 
 #define QDEVICE_NET_DEFAULT_MIN_CONNECT_TIMEOUT		(1*1000)
 #define QDEVICE_NET_DEFAULT_MAX_CONNECT_TIMEOUT		(2*60*1000)
 #define QDEVICE_NET_MIN_CONNECT_TIMEOUT			1
 
 #ifdef DEBUG
 #define QDEVICE_NET_DEFAULT_TEST_ALGORITHM_ENABLED	1
 #else
 #define QDEVICE_NET_DEFAULT_TEST_ALGORITHM_ENABLED	0
 #endif
 
 #define QDEVICE_NET_DEFAULT_DELAY_BEFORE_RECONNECT	(1000)
 #define QDEVICE_NET_MIN_DELAY_BEFORE_RECONNECT		1
 
 /*
  * Decision algorithms supported by qnetd
  */
 #define QNETD_STATIC_SUPPORTED_DECISION_ALGORITHMS_SIZE	4
 
 extern enum tlv_decision_algorithm_type
     qnetd_static_supported_decision_algorithms[QNETD_STATIC_SUPPORTED_DECISION_ALGORITHMS_SIZE];
 
 #define QDEVICE_NET_STATIC_SUPPORTED_DECISION_ALGORITHMS_SIZE	QNETD_STATIC_SUPPORTED_DECISION_ALGORITHMS_SIZE
 
 #ifdef __cplusplus
 }
 #endif
 
 #endif /* _QNET_CONFIG_H_ */