diff --git a/cntlm.changes b/cntlm.changes
index 817c669..68a780b 100644
--- a/cntlm.changes
+++ b/cntlm.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Aug 17 17:00:28 UTC 2011 - chris@computersalat.de
+
+- fix bnc#710275
+  * /var/run/cntlm -> tmpfs (created by init script)
+- spec cleanup
+- set defaults in sysconfig
+
 -------------------------------------------------------------------
 Thu Aug  4 15:10:10 UTC 2011 - coolo@novell.com
 
diff --git a/cntlm.init b/cntlm.init
index 24548c9..f46a905 100644
--- a/cntlm.init
+++ b/cntlm.init
@@ -55,7 +55,6 @@ test -r $cntlm_sysconfig || { echo "$cntlm_sysconfig not existing";
 # some defaults
 cntlm_desc="CNTLM Authentication Proxy"
 cntlm_pid="/var/run/cntlm/cntlmd.pid"
-cntlm_lock="/var/lock/subsys/cntlm"
 cntlm_user="-U ${CNTLM_USER:=cntlm}"
 cntlm_opts=${CNTLM_OPTS:=""}
 
@@ -66,6 +65,11 @@ else
 	cntlm_listen="-l ${CNTLM_LISTEN:=127.0.0.1:3128}"
 fi
 
+# check for pid_dir
+[ ! -d /var/run/cntlm ] && {
+	install -d -m0755 -o ${CNTLM_USER:=cntlm} -g root /var/run/cntlm;
+}
+
 # Source LSB init functions
 # providing start_daemon, killproc, pidofproc, 
 # log_success_msg, log_failure_msg and log_warning_msg.
diff --git a/cntlm.spec b/cntlm.spec
index b274b06..945b178 100644
--- a/cntlm.spec
+++ b/cntlm.spec
@@ -1,7 +1,7 @@
 #
-# spec file for package cntlm (Version 0.35.1)
+# spec file for package cntlm
 #
-# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # Copyright (c) 2007 Scorpio IT, Deidesheim, Germany
 #
 # All modifications and additions to the file contributed by third parties
@@ -16,14 +16,12 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
-# norootforbuild
-
 
 Name:           cntlm
 Summary:        Fast NTLM authentication proxy with tunneling
 Version:        0.35.1
 Release:        1
-License:        GNU GPL V2
+License:        GPLv2
 Group:          Productivity/Networking/Web/Proxy
 Url:            http://cntlm.sourceforge.net/
 Source0:        %{name}-%{version}.tar.bz2
@@ -52,26 +50,26 @@ contains detailed information.
 %build			
 ./configure
 %{__make} SYSCONFDIR=%{_sysconfdir} \
-	BINDIR=%{_sbindir} \
-	MANDIR=%{_mandir}
+  BINDIR=%{_sbindir} \
+  MANDIR=%{_mandir}
 
 %install
-%makeinstall SYSCONFDIR=$RPM_BUILD_ROOT/%{_sysconfdir} \
-	BINDIR=$RPM_BUILD_ROOT/%{_sbindir} \
-	MANDIR=$RPM_BUILD_ROOT/%{_mandir}
-%{__install} -d $RPM_BUILD_ROOT/var/run/%{name}
-%{__install} -D -m 755 %{S:1} $RPM_BUILD_ROOT/%{_initrddir}/%{name}
-%{__ln_s} -f ../..%{_sysconfdir}/init.d/%{name} ${RPM_BUILD_ROOT}/usr/sbin/rc%{name}
-%{__install} -D -m 644 %{S:2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.%{name}
+%makeinstall SYSCONFDIR=%{buildroot}/%{_sysconfdir} \
+  BINDIR=%{buildroot}/%{_sbindir} \
+  MANDIR=%{buildroot}/%{_mandir}
+%{__install} -d %{buildroot}/var/run/%{name}
+%{__install} -D -m 755 %{S:1} %{buildroot}/%{_initrddir}/%{name}
+%{__ln_s} -f ../..%{_sysconfdir}/init.d/%{name} %{buildroot}/usr/sbin/rc%{name}
+%{__install} -D -m 644 %{S:2} %{buildroot}/var/adm/fillup-templates/sysconfig.%{name}
 
 %pre
 # on `rpm -ivh` PARAM is 1
 # on `rpm -Uvh` PARAM is 2
-  # user cntlm
-  if [ -z  "`%{_bindir}/getent passwd "%{name}"`" ]; then
-    %{_sbindir}/useradd -c "CNTLM Proxy Auth" -d /var/run/%{name} -g nogroup \
+# user cntlm
+if [ -z  "`%{_bindir}/getent passwd "%{name}"`" ]; then
+  %{_sbindir}/useradd -c "CNTLM Proxy Auth" -d /var/run/%{name} -g nogroup \
 	-r -s /bin/false %{name} 2>/dev/null;
-  fi
+fi
 
 %preun
 # on `rpm -e` PARAM is 0
@@ -91,7 +89,7 @@ contains detailed information.
 %{insserv_cleanup}
 
 %clean
-[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] && %{__rm} -rf $RPM_BUILD_ROOT
+%{__rm} -rf %{buildroot}
 
 %files
 %defattr(-,root,root,-)
@@ -100,7 +98,7 @@ contains detailed information.
 %config(noreplace) %{_initrddir}/%{name}
 %{_sbindir}/*
 %{_mandir}/man1/%{name}.1*
-%dir %attr(755,%{name},root) /var/run/%{name}
+%ghost %dir %attr(755,%{name},root) /var/run/%{name}
 /var/adm/fillup-templates/sysconfig.%{name}
 
 %changelog
diff --git a/cntlm.sysconfig b/cntlm.sysconfig
index 3fc6d2d..5841491 100644
--- a/cntlm.sysconfig
+++ b/cntlm.sysconfig
@@ -4,7 +4,10 @@
 ## Type:        string
 ## Default:     "cntlm"
 #
-CNTLM_USER=""
+#        -U  <uid>
+#            Run as uid. It is an important security measure not to run as root.
+#
+CNTLM_USER="cntlm"
 
 ## Type:	string
 ## Default:	""
@@ -42,8 +45,6 @@ CNTLM_USER=""
 #        -S  <size_in_kb>
 #            Enable transparent handler of ISA AV scanner plugin for files up to size_in_kb KiB.
 #        -s  Do not use threads, serialize all requests - for debugging only.
-#        -U  <uid>
-#            Run as uid. It is an important security measure not to run as root.
 #        -u  <user>[@<domain]
 #            Domain/workgroup can be set separately.
 #        -v  Print debugging information.
@@ -58,5 +59,5 @@ CNTLM_OPTS=""
 #        -l  [<saddr>:]<lport>
 #            Main listening port for the NTLM proxy.
 #
-CNTLM_LISTEN=""
+CNTLM_LISTEN="127.0.0.1:3128"