diff -up Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c.build Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c
--- Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c.build	2013-09-13 13:22:12.715064174 +0200
+++ Linux-PAM-1.1.7/modules/pam_unix/pam_unix_acct.c	2013-09-13 13:22:12.754065021 +0200
@@ -49,6 +49,8 @@
 #include <time.h>		/* for time() */
 #include <errno.h>
 #include <sys/wait.h>
+#include <sys/time.h>
+#include <sys/resource.h>
 
 #include <security/_pam_macros.h>
 
diff -up Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c.build Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c
--- Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c.build	2013-09-13 13:22:12.716064196 +0200
+++ Linux-PAM-1.1.7/modules/pam_unix/pam_unix_passwd.c	2013-09-13 14:06:01.581056247 +0200
@@ -53,6 +53,7 @@
 #include <fcntl.h>
 #include <ctype.h>
 #include <sys/time.h>
+#include <sys/resource.h>
 #include <sys/stat.h>
 
 #include <signal.h>
@@ -262,7 +263,7 @@ static int _unix_run_update_binary(pam_h
 	close(fds[0]);       /* close here to avoid possible SIGPIPE above */
 	close(fds[1]);
 	/* wait for helper to complete: */
-	while ((rc=waitpid(child, &retval, 0) < 0 && errno == EINTR);
+	while ((rc=waitpid(child, &retval, 0)) < 0 && errno == EINTR);
 	if (rc<0) {
 	  pam_syslog(pamh, LOG_ERR, "unix_update waitpid failed: %m");
 	  retval = PAM_AUTHTOK_ERR;
diff -up Linux-PAM-1.1.7/modules/pam_unix/support.c.build Linux-PAM-1.1.7/modules/pam_unix/support.c
--- Linux-PAM-1.1.7/modules/pam_unix/support.c.build	2013-09-13 13:22:12.716064196 +0200
+++ Linux-PAM-1.1.7/modules/pam_unix/support.c	2013-09-13 14:44:02.452924470 +0200
@@ -19,6 +19,7 @@
 #include <signal.h>
 #include <ctype.h>
 #include <syslog.h>
+#include <sys/time.h>
 #include <sys/resource.h>
 #ifdef HAVE_RPCSVC_YPCLNT_H
 #include <rpcsvc/ypclnt.h>
@@ -177,7 +178,7 @@ int _set_ctrl(pam_handle_t *pamh, int fl
 	  free (val);
 
 	  /* read number of rounds for crypt algo */
-	  if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) {
+	  if (rounds && (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl))) {
 	    val=search_key ("SHA_CRYPT_MAX_ROUNDS", LOGIN_DEFS);
 
 	    if (val) {