diff --git a/local/patches/relibc/P3-exec-root-bypass.patch b/local/patches/relibc/P3-exec-root-bypass.patch
index 7d488d8c..b3669f51 100644
--- a/local/patches/relibc/P3-exec-root-bypass.patch
+++ b/local/patches/relibc/P3-exec-root-bypass.patch
@@ -1,11 +1,13 @@
 diff --git a/src/platform/redox/exec.rs b/src/platform/redox/exec.rs
-index 3590413c..1dc131dd 100644
+index 3590413c..1b4b96bb 100644
 --- a/src/platform/redox/exec.rs
 +++ b/src/platform/redox/exec.rs
-@@ -129,16 +129,19 @@ pub fn execve(
- 
-     let Resugid { ruid, rgid, .. } = redox_rt::sys::posix_getresugid();
+@@ -127,18 +127,22 @@ pub fn execve(
+     // TODO: At some point we might have capabilities limiting the ability to allocate
+     // executable memory.
  
+-    let Resugid { ruid, rgid, .. } = redox_rt::sys::posix_getresugid();
+-
 -    let mode = if ruid == stat.st_uid {
 -        (stat.st_mode >> 3 * 2) & 0o7
 -    } else if rgid == stat.st_gid {
@@ -13,8 +15,11 @@ index 3590413c..1dc131dd 100644
 -    } else {
 -        stat.st_mode & 0o7
 -    };
++    let Resugid { ruid, euid, rgid, .. } = redox_rt::sys::posix_getresugid();
++
 +    // Root (uid 0) bypasses execute permission checks, matching Linux behavior.
-+    if ruid != 0 {
++    // Check both ruid and euid since Linux checks the effective UID.
++    if ruid != 0 && euid != 0 {
 +        let mode = if ruid == stat.st_uid {
 +            (stat.st_mode >> 3 * 2) & 0o7
 +        } else if rgid == stat.st_gid {
diff --git a/local/patches/relibc/P3-netdb-lookup-retry-fix.patch b/local/patches/relibc/P3-netdb-lookup-retry-fix.patch
index 46d8045e..6216d103 100644
--- a/local/patches/relibc/P3-netdb-lookup-retry-fix.patch
+++ b/local/patches/relibc/P3-netdb-lookup-retry-fix.patch
@@ -1,12 +1,9 @@
 diff --git a/src/header/netdb/lookup.rs b/src/header/netdb/lookup.rs
-index 0734eec6..1789bc2e 100644
+index 0734eec6..ccb00b65 100644
 --- a/src/header/netdb/lookup.rs
 +++ b/src/header/netdb/lookup.rs
-@@ -15,9 +15,10 @@ use crate::header::{
-     bits_timespec::timespec,
-     errno::*,
+@@ -17,10 +17,11 @@ use crate::header::{
      netinet_in::{IPPROTO_UDP, in_addr, sockaddr_in},
-+    sys_select::timeval,
      sys_socket::{
          self,
 -        constants::{AF_INET, SOCK_DGRAM},
@@ -14,79 +11,81 @@ index 0734eec6..1789bc2e 100644
          sockaddr,
      },
      time,
-@@ -89,11 +90,37 @@ pub fn lookup_host(host: &str) -> Result<LookupHost, c_int> {
++    sys_select::timeval,
+ };
+ 
+ use super::{
+@@ -89,11 +90,34 @@ pub fn lookup_host(host: &str) -> Result<LookupHost, c_int> {
              drop(Box::from_raw(packet_data_ptr));
          }
  
 -        let i = 0 as socklen_t;
-+        // Prevent indefinite blocking when DNS server is unreachable (5s timeout).
-+        unsafe {
-+            let tv = timeval {
-+                tv_sec: 5,
-+                tv_usec: 0,
-+            };
-+            let _ = sys_socket::setsockopt(
-+                sock,
-+                SOL_SOCKET,
-+                SO_RCVTIMEO,
-+                ptr::from_ref(&tv) as *const c_void,
-+                mem::size_of::<timeval>() as socklen_t,
-+            );
-+        }
-+
          let mut buf = vec![0u8; 65536];
          let buf_ptr = buf.as_mut_ptr().cast::<c_void>();
  
 -        let count = unsafe { sys_socket::recv(sock, buf_ptr, 65536, 0) };
-+        let mut count: isize = -1;
-+        for attempt in 0..2 {
-+            if attempt > 0 {
-+                if unsafe { sys_socket::send(sock, packet_data_ptr as *const c_void, packet_data_len, 0) } < 0 {
-+                    break;
-+                }
-+            }
-+            count = unsafe { sys_socket::recv(sock, buf_ptr, 65536, 0) };
-+            if count >= 0 {
-+                break;
-+            }
-+        }
-+        let _ = crate::header::unistd::close(sock);
-         if count < 0 {
-             return Err(EIO);
-         }
-@@ -197,7 +224,34 @@ pub fn lookup_addr(addr: in_addr) -> Result<Vec<Vec<u8>>, c_int> {
-         let mut buf = [0u8; 65536];
-         let buf_ptr = buf.as_mut_ptr().cast::<c_void>();
- 
--        let count = unsafe { sys_socket::recv(sock, buf_ptr, 65536, 0) };
-+        // Prevent indefinite blocking when DNS server is unreachable (5s timeout).
++        // Set 5s recv timeout (best-effort; if this fails, recv may block longer).
++        let tv = timeval {
++            tv_sec: 5,
++            tv_usec: 0,
++        };
 +        unsafe {
-+            let tv = timeval {
-+                tv_sec: 5,
-+                tv_usec: 0,
-+            };
-+            let _ = sys_socket::setsockopt(
++            sys_socket::setsockopt(
 +                sock,
 +                SOL_SOCKET,
 +                SO_RCVTIMEO,
-+                ptr::from_ref(&tv) as *const c_void,
-+                mem::size_of::<timeval>() as socklen_t,
++                &tv as *const timeval as *const c_void,
++                core::mem::size_of::<timeval>() as socklen_t,
 +            );
 +        }
 +
 +        let mut count: isize = -1;
-+        for attempt in 0..2 {
-+            if attempt > 0 {
-+                if unsafe { sys_socket::send(sock, packet_data_ptr as *const c_void, packet_data_len, 0) } < 0 {
-+                    break;
-+                }
-+            }
++        for _attempt in 0..2 {
 +            count = unsafe { sys_socket::recv(sock, buf_ptr, 65536, 0) };
 +            if count >= 0 {
 +                break;
 +            }
++            if unsafe { sys_socket::send(sock, packet_data_ptr, packet_data_len, 0) } < 0 {
++                break;
++            }
++        }
+         if count < 0 {
+             return Err(EIO);
+         }
+@@ -193,11 +217,34 @@ pub fn lookup_addr(addr: in_addr) -> Result<Vec<Vec<u8>>, c_int> {
+             drop(Box::from_raw(packet_data_ptr));
+         }
+ 
+-        let i = mem::size_of::<sockaddr_in>() as socklen_t;
+         let mut buf = [0u8; 65536];
+         let buf_ptr = buf.as_mut_ptr().cast::<c_void>();
+ 
+-        let count = unsafe { sys_socket::recv(sock, buf_ptr, 65536, 0) };
++        // Set 5s recv timeout (best-effort; if this fails, recv may block longer).
++        let tv = timeval {
++            tv_sec: 5,
++            tv_usec: 0,
++        };
++        unsafe {
++            sys_socket::setsockopt(
++                sock,
++                SOL_SOCKET,
++                SO_RCVTIMEO,
++                &tv as *const timeval as *const c_void,
++                core::mem::size_of::<timeval>() as socklen_t,
++            );
++        }
++
++        let mut count: isize = -1;
++        for _attempt in 0..2 {
++            count = unsafe { sys_socket::recv(sock, buf_ptr, 65536, 0) };
++            if count >= 0 {
++                break;
++            }
++            if unsafe { sys_socket::send(sock, packet_data_ptr, packet_data_len, 0) } < 0 {
++                break;
++            }
 +        }
-+        let _ = crate::header::unistd::close(sock);
          if count < 0 {
              return Err(EIO);
          }
diff --git a/local/patches/userutils/redox.patch b/local/patches/userutils/redox.patch
index dbc9a197..4f84548c 100644
--- a/local/patches/userutils/redox.patch
+++ b/local/patches/userutils/redox.patch
@@ -13,7 +13,7 @@ index 6a963d8..59ffbd4 100644
 +# `user`                       #
 +# `root`:`password`            #
 +################################
-  
+ 
 diff --git a/res/motd b/res/motd
 index 5cd097a..dc28b04 100644
 --- a/res/motd
@@ -22,3 +22,16 @@ index 5cd097a..dc28b04 100644
 -Welcome to Redox OS!
 +Welcome to Red Bear OS!
   
+diff --git a/src/bin/login.rs b/src/bin/login.rs
+index 08e178c..f7f337a 100644
+--- a/src/bin/login.rs
++++ b/src/bin/login.rs
+@@ -135,7 +135,7 @@ pub fn main() {
+     loop {
+         let user = liner::Context::new()
+             .read_line(
+-                liner::Prompt::from("\x1B[1mredox login:\x1B[0m "),
++                liner::Prompt::from("\x1B[1mRed Bear login:\x1B[0m "),
+                 None,
+                 &mut liner::BasicCompleter::new(Vec::<String>::new()),
+             )