diff --git a/.gitignore b/.gitignore
index 6903535..1ec9ec6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,5 @@ quota-3.17.tar.gz
 /quota-4.00.tar.gz
 /quota-4.01.tar.gz
 /quota-4.02.tar.gz
+/quota-4.03.tar.gz
+/ldap-scripts.tar.gz
diff --git a/quota-3.13-wrong-ports.patch b/quota-3.13-wrong-ports.patch
deleted file mode 100644
index 8c59a28..0000000
--- a/quota-3.13-wrong-ports.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- quota-tools/rquota_svc.c.orig	2005-06-01 03:21:30.000000000 -0400
-+++ quota-tools/rquota_svc.c	2006-11-01 15:11:29.161101000 -0500
-@@ -140,7 +140,7 @@ static void parse_options(int argc, char
- 				break;
- 			case 'p': 
- 				port = strtol(optarg, &endptr, 0);
--				if (*endptr || port <= 0) {
-+				if (*endptr || port <= 0 || port > 0xffff) {
- 					errstr(_("Illegal port number: %s\n"), optarg);
- 					show_help();
- 					exit(1);
diff --git a/quota-4.00_pre1-get_qf_name-does-not-check-quota-file-presence.patch b/quota-4.00_pre1-get_qf_name-does-not-check-quota-file-presence.patch
deleted file mode 100644
index 80c9283..0000000
--- a/quota-4.00_pre1-get_qf_name-does-not-check-quota-file-presence.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 1c3bc6d34439f353ea00239dc1ca31239823bb4f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Fri, 1 Jul 2011 10:22:10 +0200
-Subject: [PATCH 2/2] get_qf_name() does not check quota file presence
-
-Old error messsage stated a quota file does not exist despite fact
-get_qf_name() does not check the file existence. It constructs the
-file name only.
-
-This lead to misleading message when running initial `quotacheck -c'
-on extended file system mounted with usrquota option only.
-
-Signed-off-by: Jan Kara <jack@suse.cz>
----
- quotacheck.c |    4 ++--
- 1 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/quotacheck.c b/quotacheck.c
-index 112596b..d8515af 100644
---- a/quotacheck.c
-+++ b/quotacheck.c
-@@ -873,12 +873,12 @@ static int sub_quota_file(struct mntent *mnt, int qtype, int ftype)
- 
- 	debug(FL_DEBUG, _("Substracting space used by old %s quota file.\n"), type2name(ftype));
- 	if (get_qf_name(mnt, ftype, cfmt, 0, &filename) < 0) {
--		debug(FL_VERBOSE, _("Old %s file not found. Usage will not be substracted.\n"), type2name(ftype));
-+		debug(FL_VERBOSE, _("Old %s file name could not been determined. Usage will not be substracted.\n"), type2name(ftype));
- 		return 0;
- 	}
- 
- 	if (stat(filename, &st) < 0) {
--		debug(FL_VERBOSE, _("Cannot stat old %s quota file: %s\n"), type2name(ftype), strerror(errno));
-+		debug(FL_VERBOSE, _("Cannot stat old %s quota file %s: %s. Usage will not be substracted.\n"), type2name(ftype), filename, strerror(errno));
- 		free(filename);
- 		return 0;
- 	}
--- 
-1.7.6
-
diff --git a/quota-4.02-Build-rpc.rquotad-as-PIE.patch b/quota-4.02-Build-rpc.rquotad-as-PIE.patch
deleted file mode 100644
index c612f34..0000000
--- a/quota-4.02-Build-rpc.rquotad-as-PIE.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From f9e56db59fde6e6eccd4c51c5c158ce4eed3b922 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Wed, 26 Nov 2014 13:00:18 +0100
-Subject: [PATCH] Build rpc.rquotad as PIE
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Signed-off-by: Petr Písař <ppisar@redhat.com>
----
- Makefile.in | 8 ++++++--
- 1 file changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/Makefile.in b/Makefile.in
-index 7d25930..25f1203 100644
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -48,6 +48,9 @@ LIBOBJS += @LIBMALLOC@
-  
- all: $(PROGS)
- 
-+svc_socket.o rquota_server.o rquota_svc.o $(filter-out rquota_xdr.o,$(LIBOBJS)): %.o: %.c
-+	$(CC) $(CFLAGS) -fpie -c $<
-+
- clean:
- 	-rm -f core *.o .*.d
- 
-@@ -141,7 +144,8 @@ convertquota: convertquota.o $(LIBOBJS)
- 	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
- 
- rpc.rquotad: rquota_server.o rquota_svc.o svc_socket.o $(LIBOBJS)
--	$(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS)
-+	$(CC) $(CFLAGS) -pie $(LDFLAGS) -o $@ $^ $(LIBS)
-+	@if readelf -d $@|fgrep -q TEXTREL; then echo "*** Text relocation"; false; else true; fi
- 
- ifneq ($(NETLINKLIBS),)
- quota_nld: quota_nld.o $(LIBOBJS)
-@@ -157,7 +161,7 @@ rquota_xdr.c: rquota.x
- 	$(RPCGEN) -c -o $@ $<
- 
- rquota_xdr.o: rquota_xdr.c rquota.h
--	$(CC) $(CFLAGS) -Wno-unused -c $<
-+	$(CC) $(CFLAGS) -Wno-unused -fpie -c $<
- 
- rquota_clnt.c: rquota.x
- 	$(RPCGEN) -l -o $@ $<
--- 
-1.9.3
-
diff --git a/quota-4.03-Build-rpc.rquotad-as-PIE.patch b/quota-4.03-Build-rpc.rquotad-as-PIE.patch
new file mode 100644
index 0000000..6c6381c
--- /dev/null
+++ b/quota-4.03-Build-rpc.rquotad-as-PIE.patch
@@ -0,0 +1,53 @@
+From cc25319e5e179da1c1d9455ab4760dcbcb66b591 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Wed, 6 Jan 2016 17:14:08 +0100
+Subject: [PATCH] Build rpc.rquotad as PIE
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Harden executables due to rpc.rquotad and quota_nld daemons.
+
+Recent distribution enabled hardening globally. This patch preserves the
+test to catch a regression.
+
+<https://bugzilla.redhat.com/show_bug.cgi?id=983179>
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ Makefile.am   | 2 ++
+ test-hardened | 9 +++++++++
+ 2 files changed, 11 insertions(+)
+ create mode 100644 test-hardened
+
+diff --git a/Makefile.am b/Makefile.am
+index eb62617..1414f8d 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -232,6 +232,8 @@ quota_nld_LDADD = \
+ 	$(DBUS_LIBS) \
+ 	$(LIBNL3_LIBS)
+ 
++TEST=test-hardended
++
+ # ------------------
+ # Rpcgen conversions
+ # ------------------
+diff --git a/test-hardened b/test-hardened
+new file mode 100644
+index 0000000..b8f63bf
+--- /dev/null
++++ b/test-hardened
+@@ -0,0 +1,9 @@
++#!/bin/sh
++# Check rpc.rquotad and quota_nld daemons are hardened (bug #983179)
++
++for D in rpc.rquotad quota_nld; do
++    if readelf -d "$D" | fgrep -q TEXTREL; then
++         echo "*** Text relocation found in ${D}"
++         exit 1;
++    fi
++done
+-- 
+2.5.0
+
diff --git a/quota-4.03-Respect-enviroment-CFLAGS.patch b/quota-4.03-Respect-enviroment-CFLAGS.patch
new file mode 100644
index 0000000..49ca2b9
--- /dev/null
+++ b/quota-4.03-Respect-enviroment-CFLAGS.patch
@@ -0,0 +1,32 @@
+From 27a7f0020b0965a83559de04673551cf92eb4cbc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Thu, 7 Jan 2016 08:54:35 +0100
+Subject: [PATCH] Respect enviroment CFLAGS
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Configure fails if LDFLAGS carries -pie and CFLAGS -fPIC. That's
+because confifgure.ac resets CFLAGS.
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 960a618..bb33774 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -53,7 +53,7 @@ AS_IF([test "x${prefix}" = "xNONE"], [
+ # ================
+ # Check for cflags
+ # ================
+-CFLAGS="-D_GNU_SOURCE -Wall -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
++CFLAGS="${CFLAGS} -D_GNU_SOURCE -Wall -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64"
+ AC_ARG_ENABLE([werror],
+     [AS_HELP_STRING([--enable-werror], [Treat all warnings as errors, useful for development])],
+     [enable_werror="$enableval"],
+-- 
+2.5.0
+
diff --git a/quota-4.03-Validate-upper-bound-of-RPC-port.patch b/quota-4.03-Validate-upper-bound-of-RPC-port.patch
new file mode 100644
index 0000000..aa0d12b
--- /dev/null
+++ b/quota-4.03-Validate-upper-bound-of-RPC-port.patch
@@ -0,0 +1,29 @@
+From c9a2a6fea0668579f5fb8d77cb219f51d104581f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Wed, 6 Jan 2016 17:58:22 +0100
+Subject: [PATCH] Validate upper bound of RPC port
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Petr Písař <ppisar@redhat.com>
+---
+ rquota_svc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/rquota_svc.c b/rquota_svc.c
+index 338b70f..93472e0 100644
+--- a/rquota_svc.c
++++ b/rquota_svc.c
+@@ -142,7 +142,7 @@ static void parse_options(int argc, char **argv)
+ 				break;
+ 			case 'p': 
+ 				port = strtol(optarg, &endptr, 0);
+-				if (*endptr || port <= 0) {
++				if (*endptr || port <= 0 || port > 0xffff) {
+ 					errstr(_("Illegal port number: %s\n"), optarg);
+ 					show_help();
+ 					exit(1);
+-- 
+2.5.0
+
diff --git a/quota-4.02-warnquota.patch b/quota-4.03-warnquota-configuration-tunes.patch
similarity index 91%
rename from quota-4.02-warnquota.patch
rename to quota-4.03-warnquota-configuration-tunes.patch
index f61db3f..2c189b6 100644
--- a/quota-4.02-warnquota.patch
+++ b/quota-4.03-warnquota-configuration-tunes.patch
@@ -1,4 +1,4 @@
-From b3df689acc31c91dbfbfdc0b03a357e6b0eda2ac Mon Sep 17 00:00:00 2001
+From 7b44aa5bd3a10f2073c96ffc1eb0d2dce45585ab Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
 Date: Tue, 23 Aug 2011 13:45:15 +0200
 Subject: [PATCH] warnquota configuration tunes
@@ -17,20 +17,20 @@ Signed-off-by: Petr Písař <ppisar@redhat.com>
  2 files changed, 9 insertions(+), 10 deletions(-)
 
 diff --git a/warnquota.c b/warnquota.c
-index 009d9e9..93ed1ff 100644
+index 3734f0e..ff626b5 100644
 --- a/warnquota.c
 +++ b/warnquota.c
-@@ -825,7 +825,7 @@ static int readconfigfile(const char *filename, struct configparams *config)
+@@ -821,7 +821,7 @@ static int readconfigfile(const char *filename, struct configparams *config)
  				verify_format(config->group_signature, "GROUP_SIGNATURE");
  			}
  			else if (!strcmp(var, "LDAP_MAIL")) {
 -				if(strcasecmp(value, "true") == 0) 
-+				if(strncasecmp(value, "true", 4) == 0)
++				if(strncasecmp(value, "true", 4) == 0) 
  					config->use_ldap_mail = 1;
  				else
  					config->use_ldap_mail = 0;
 diff --git a/warnquota.conf b/warnquota.conf
-index 59d4f5f..aee2fca 100644
+index b06f81f..7e00947 100644
 --- a/warnquota.conf
 +++ b/warnquota.conf
 @@ -4,17 +4,16 @@
@@ -72,5 +72,5 @@ index 59d4f5f..aee2fca 100644
  GROUP_MESSAGE	= Hello,|\
  your group %i is using too much disk space at %h.|\
 -- 
-1.9.3
+2.5.0
 
diff --git a/quota.spec b/quota.spec
index 8851be5..88e1fb7 100644
--- a/quota.spec
+++ b/quota.spec
@@ -1,16 +1,27 @@
-#allow remote set quota by defined rpcsetquota to 1(set to 0 to disabled it)
-%{!?rpcsetquota:%define rpcsetquota 1}
+# Allow setting quota remotely by default
+%bcond_without rpcsetquota
 
 Name: quota
 Epoch: 1
-Version: 4.02
-Release: 4%{?dist}
+Version: 4.03
+Release: 1%{?dist}
 Summary: System administration tools for monitoring users' disk usage
 # quota_nld.c, quotaio_xfs.h:       GPLv2
 # bylabel.c copied from util-linux: GPLv2+
 # svc_socket.c copied from glibc:   LGPLv2+
 # doc/quotas.ms, quotaops.c, quot.c, quotaon.c, edquota.c, quot.h, quota.c,
 # quotaio_v1.c:                     BSD
+# COPYING:                          GPLv2 text and license declaration
+## Not involved in the binary package
+# m4/iconv.m4:                      GPL+ with exception
+# ar-lib:                           GPLv2 with exception
+# missing:                          GPLv2+ with exception
+# config.guess:                     GPLv3+ with exception
+# config.rpath:                     LGPLv2+
+# install-sh:                       MIT
+# configure:                        FSFUL
+# aclocal.m4:                       FSFULLR and (GPLv2+ with exception)
+# mkinstalldirs:                    Public Domain
 License: BSD and LGPLv2+ and GPLv2 and GPLv2+
 Group: System Environment/Base
 URL: http://sourceforge.net/projects/linuxquota/
@@ -19,15 +30,28 @@ Source1: quota_nld.service
 Source2: quota_nld.sysconfig
 Source3: rpc-rquotad.service
 Source4: rpc-rquotad.sysconfig
+# LDAP scripts forgotten in 4.03, taken from upstream git
+# 861154efb90ed049e0473cc36935b8d03c78a869, fixed in upstream after 4.03
+Source5: ldap-scripts.tar.gz
 # Not accepted changes (378a64006bb1e818e84a1c77808563b802b028fa)
-# Some of the lines have been superseded by other commits probably.
-Patch0: quota-4.02-warnquota.patch
-Patch1: quota-4.02-Build-rpc.rquotad-as-PIE.patch
-Patch2: quota-3.13-wrong-ports.patch
-BuildRequires: dbus-devel
+Patch0: quota-4.03-warnquota-configuration-tunes.patch
+Patch1: quota-4.03-Build-rpc.rquotad-as-PIE.patch
+Patch2: quota-4.03-Validate-upper-bound-of-RPC-port.patch
+# Fix build script to work with hardended flags, submitted to upstream
+# <https://sourceforge.net/p/linuxquota/bugs/121/>
+Patch3: quota-4.03-Respect-enviroment-CFLAGS.patch
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: bash
+BuildRequires: coreutils
 BuildRequires: e2fsprogs-devel
-BuildRequires: gettext
+BuildRequires: gcc
+BuildRequires: gettext-devel
+# glibc-common for rpcgen tool
+BuildRequires: glibc-common
+BuildRequires: make
 BuildRequires: openldap-devel
+BuildRequires: pkgconfig(dbus-1)
 BuildRequires: pkgconfig(libnl-3.0) >= 3.1
 BuildRequires: pkgconfig(libnl-genl-3.0)
 BuildRequires: systemd
@@ -68,7 +92,7 @@ Conflicts: quota < 1:4.02-3
 
 %description rpc
 The RPC daemon allows to query and set disk quotas over network. If you run
-the deamon on NFS server, you could use quota tools to manage the quotas from
+the daemon on NFS server, you could use quota tools to manage the quotas from
 NFS client.
 
 
@@ -118,37 +142,41 @@ Linux/UNIX environment.
 
 
 %prep
-%setup -q -n quota-tools
+%setup -q
 %patch0 -p1
 %ifnarch ppc ppc64
 %patch1 -p1
 %endif
 %patch2 -p1
-
+%patch3 -p1
+# Unpack forgotten LDAP scripts
+tar -xzkf %{SOURCE5}
+# Regenerate build scripts, also because of Respect-enviroment-CFLAGS.patch
+autoreconf -f -i
 
 %build
 %global _hardened_build 1
 %configure \
+    --enable-bsd-behaviour \
     --enable-ext2direct=yes \
     --enable-ldapmail=yes \
+    --enable-libwrap=yes \
     --enable-netlink=yes \
-    --enable-rootsbin=no \
-%if %{rpcsetquota}
+    --enable-nls \
+    --disable-rpath \
+%if %{with rpcsetquota}
     --enable-rpcsetquota=yes \
+%else
+    --disable-rpcsetquota \
 %endif
-    --enable-strip-binaries=no
+    --disable-silent-rules \
+    --disable-xfs-roothack
 make
 
 
 %install
-mkdir -p %{buildroot}%{_sysconfdir}
-mkdir -p %{buildroot}%{_sbindir}
-mkdir -p %{buildroot}%{_bindir}
-mkdir -p %{buildroot}%{_mandir}/{man1,man3,man5,man8}
-make install INSTALL='install -p' ROOTDIR=%{buildroot}
-install -m 644 warnquota.conf %{buildroot}%{_sysconfdir}
-ln -s  quotaon.8.gz \
-  %{buildroot}%{_mandir}/man8/quotaoff.8
+make install DESTDIR=%{buildroot}
+rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}
 
 install -p -m644 -D %{SOURCE1} $RPM_BUILD_ROOT%{_unitdir}/quota_nld.service
 install -p -m644 -D %{SOURCE2} \
@@ -160,6 +188,10 @@ install -p -m644 -D %{SOURCE4} \
 %find_lang %{name}
 
 
+%check
+make check
+
+
 %post nld
 %systemd_post quota_nld.service
 
@@ -181,39 +213,39 @@ install -p -m644 -D %{SOURCE4} \
 
 
 %files
-%attr(0755,root,root) %{_bindir}/*
-%attr(0755,root,root) %{_sbindir}/*
+%{_bindir}/*
+%{_sbindir}/*
 %exclude %{_sbindir}/quota_nld
 %exclude %{_sbindir}/rpc.rquotad
 %exclude %{_sbindir}/warnquota
-%attr(0644,root,root) %{_mandir}/man1/*
-%attr(0644,root,root) %{_mandir}/man8/*
+%{_mandir}/man1/*
+%{_mandir}/man8/*
 %exclude %{_mandir}/man8/quota_nld.8*
 %exclude %{_mandir}/man8/rpc.rquotad.8*
 %exclude %{_mandir}/man8/warnquota.8*
 %doc Changelog
 
 %files nld
-%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/quota_nld
+%config(noreplace) %{_sysconfdir}/sysconfig/quota_nld
 %{_unitdir}/quota_nld.service
-%attr(0755,root,root) %{_sbindir}/quota_nld
-%attr(0644,root,root) %{_mandir}/man8/quota_nld.8*
+%{_sbindir}/quota_nld
+%{_mandir}/man8/quota_nld.8*
 %doc Changelog
 
 %files rpc
-%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/rpc-rquotad
+%config(noreplace) %{_sysconfdir}/sysconfig/rpc-rquotad
 %{_unitdir}/rpc-rquotad.service
 %{_sbindir}/rpc.rquotad
 %{_mandir}/man8/rpc.rquotad.8*
 %doc Changelog
 
 %files warnquota
-%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/quotagrpadmins
-%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/quotatab
-%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/warnquota.conf
-%attr(0755,root,root) %{_sbindir}/warnquota
-%attr(0644,root,root) %{_mandir}/man5/*
-%attr(0644,root,root) %{_mandir}/man8/warnquota.8*
+%config(noreplace) %{_sysconfdir}/quotagrpadmins
+%config(noreplace) %{_sysconfdir}/quotatab
+%config(noreplace) %{_sysconfdir}/warnquota.conf
+%{_sbindir}/warnquota
+%{_mandir}/man5/*
+%{_mandir}/man8/warnquota.8*
 %doc Changelog README.ldap-support README.mailserver
 
 %files nls -f %{name}.lang
@@ -222,13 +254,16 @@ install -p -m644 -D %{SOURCE4} \
 %files devel
 %dir %{_includedir}/rpcsvc
 %{_includedir}/rpcsvc/*
-%attr(0644,root,root) %{_mandir}/man3/*
+%{_mandir}/man3/*
 
 %files doc
 %doc doc/* ldap-scripts
 
 
 %changelog
+* Wed Jan 06 2016 Petr Pisar <ppisar@redhat.com> - 1:4.03-1
+- 4.03 bump
+
 * Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:4.02-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
 
@@ -395,7 +430,7 @@ install -p -m644 -D %{SOURCE4} \
 - Package additional documentation into `doc' sub-package
 
 * Thu Nov 11 2010 Petr Pisar <ppisar@redhat.com> - 1:3.17-15
-- Add quota_nld deamon init script (bug #634169)
+- Add quota_nld daemon init script (bug #634169)
 - Sub-package quota_nld files to weak dependecies
 - Sub-package warnquota files to weak dependecies
 
diff --git a/sources b/sources
index f8d0b4e..744bf20 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
-a8a5df262261e659716ccad2a5d6df0d  quota-4.02.tar.gz
+95b900db79931806bc6dc9f89c615a1b  ldap-scripts.tar.gz
+6b09f9c93515c25a528be5754cdfb6f5  quota-4.03.tar.gz