1.4.0 was unfetchable and the website advises everyone to

"upgrade real soon now." So, update the port to 1.4.2.

Also, STAGE support, options helpers, @sample, etc.

security/rkhunter/Makefile

@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	rkhunter
-PORTVERSION=	1.4.0
-PORTREVISION=	1
+PORTVERSION=	1.4.2
 CATEGORIES=	security
 MASTER_SITES=	SF
 
@@ -22,50 +21,29 @@ USES=		perl5
 NO_BUILD=	yes
 SUB_FILES=	415.${PORTNAME}
 
-MAN8=		${PORTNAME}.8
-MANCOMPRESSED=	no
-
 PORTDOCS=	ACKNOWLEDGMENTS CHANGELOG FAQ LICENSE README
 
-NO_STAGE=	yes
-.include <bsd.port.pre.mk>
-
-.if ${PORT_OPTIONS:MLSOF}
-RUN_DEPENDS+=	lsof:${PORTSDIR}/sysutils/lsof
-.endif
-
-.if ${PORT_OPTIONS:MNMAP}
-RUN_DEPENDS+=	nmap:${PORTSDIR}/security/nmap
-.endif
+LSOF_RUN_DEPENDS=	lsof:${PORTSDIR}/sysutils/lsof
+NMAP_RUN_DEPENDS=	nmap:${PORTSDIR}/security/nmap
 
 post-patch:
 	@${REINPLACE_CMD} -e 's|{SHAREDIR}/man/man8|{PREFIX}/man/man8|g' \
 		${WRKSRC}/installer.sh
 
 do-install:
-	cd ${WRKSRC} && ./installer.sh --layout custom ${PREFIX} --install
+	cd ${WRKSRC} && ./installer.sh --layout custom ${STAGEDIR}${PREFIX} --install
 	${INSTALL_MAN} ${WRKSRC}/files/${PORTNAME}.8 \
-		${MAN8PREFIX}/man/man8
-	@${MKDIR} ${PREFIX}/etc/periodic/security
-	${INSTALL_SCRIPT} ${WRKDIR}/415.${PORTNAME} ${PREFIX}/etc/periodic/security
-.if ${PORT_OPTIONS:MDOCS}
-	@${MKDIR} ${DOCSDIR}
-	${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/files/|} ${DOCSDIR}
-.endif
+		${STAGEDIR}${MAN8PREFIX}/man/man8
+	@${MKDIR} ${STAGEDIR}${PREFIX}/etc/periodic/security
+	${INSTALL_SCRIPT} ${WRKDIR}/415.${PORTNAME} ${STAGEDIR}${PREFIX}/etc/periodic/security
+	@${MKDIR} ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/files/|} ${STAGEDIR}${DOCSDIR}
 
 post-install:
-	${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${PREFIX}/etc/${PORTNAME}.conf.sample
-	@if [ ! -f ${PREFIX}/etc/${PORTNAME}.conf ]; then \
-		${INSTALL_DATA} ${WRKSRC}/${PORTNAME}.conf ${PREFIX}/etc; \
-	fi
-	${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample
-	${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat.sample
-	@if [ ! -f ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat ]; then \
-		${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat; \
-	fi
-	@if [ ! -f ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat ]; then \
-		${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat; \
-	fi
-	@${CAT} ${PKGMESSAGE}
+	${REINPLACE_CMD} -i '' -e 's,${STAGEDIR},,' \
+		${STAGEDIR}${PREFIX}/bin/${PORTNAME} ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf
+	${INSTALL_DATA} ${WRKSRC}/files/${PORTNAME}.conf ${STAGEDIR}${PREFIX}/etc/${PORTNAME}.conf.sample
+	${INSTALL_DATA} -m 640 ${WRKSRC}/files/programs_bad.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/programs_bad.dat.sample
+	${INSTALL_DATA} -m 640 ${WRKSRC}/files/mirrors.dat ${STAGEDIR}${PREFIX}/var/lib/${PORTNAME}/db/mirrors.dat.sample
 
-.include <bsd.port.post.mk>
+.include <bsd.port.mk>

security/rkhunter/distinfo

@@ -1,2 +1,2 @@
-SHA256 (rkhunter-1.4.0.tar.gz) = a891c0b900417f2980f0e9afcdb10d1fd5581703be2587a92c90c7631b8814dc
-SIZE (rkhunter-1.4.0.tar.gz) = 244552
+SHA256 (rkhunter-1.4.2.tar.gz) = 789cc84a21faf669da81e648eead2e62654cfbe0b2d927119d8b1e55b22b65c3
+SIZE (rkhunter-1.4.2.tar.gz) = 277707

security/rkhunter/files/patch-files__rkhunter.conf

@@ -1,33 +1,32 @@
---- ./files/rkhunter.conf.orig	2011-12-17 22:36:02.000000000 +0100
-+++ ./files/rkhunter.conf	2012-07-03 23:57:15.000000000 +0200
-@@ -468,6 +468,10 @@
+--- files/rkhunter.conf.orig	2014-06-06 09:59:35.000000000 -0400
++++ files/rkhunter.conf	2014-06-06 10:01:32.000000000 -0400
+@@ -575,6 +575,10 @@
+ # The default value is the null string.
  #
- #SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
- #SCRIPTWHITELIST="/usr/bin/groups"
+ #SCRIPTWHITELIST=/usr/bin/groups
 +SCRIPTWHITELIST=/usr/bin/whatis
 +SCRIPTWHITELIST=/usr/sbin/adduser
 +SCRIPTWHITELIST=/usr/local/bin/GET
 +SCRIPTWHITELIST=/usr/local/sbin/pkgdb
  
  #
- # Allow the specified commands to have the immutable attribute set.
-@@ -477,6 +481,10 @@
- # characters.
+ # Allow the specified file to have the immutable attribute set.
+@@ -584,6 +588,10 @@
+ # The default value is the null string.
  #
- #IMMUTWHITELIST="/sbin/ifup /sbin/ifdown"
+ #IMMUTWHITELIST=/sbin/ifdown
 +IMMUTWHITELIST=/usr/bin/login
 +IMMUTWHITELIST=/usr/bin/passwd
 +IMMUTWHITELIST=/usr/bin/su
 +IMMUTWHITELIST=/sbin/init
  
  #
- # If this option is set to 1, then the immutable-bit test is
-@@ -668,7 +676,7 @@
- # NOTE: For *BSD systems you will probably need to use this option
- # for the 'toor' account.
+ # If this option is set to '1', then the immutable-bit test is reversed. That
+@@ -787,6 +795,7 @@
+ # The default value is the null string.
  #
--#UID0_ACCOUNTS="toor rooty"
-+UID0_ACCOUNTS="toor"
+ #UID0_ACCOUNTS=toor rooty
++UID0_ACCOUNTS=toor
  
  #
- # Allow the following accounts to have no password. NIS/YP entries do
+ # This option allows the specified accounts to have no password. NIS/YP entries

security/rkhunter/pkg-plist

@@ -1,34 +1,47 @@
 bin/rkhunter
 etc/periodic/security/415.rkhunter
-etc/rkhunter.conf
+@sample etc/rkhunter.conf.sample
 lib/rkhunter/scripts/check_modules.pl
 lib/rkhunter/scripts/filehashsha.pl
 lib/rkhunter/scripts/readlink.sh
 lib/rkhunter/scripts/stat.pl
+man/man8/rkhunter.8.gz
 var/lib/rkhunter/db/backdoorports.dat
 var/lib/rkhunter/db/i18n/cn
 var/lib/rkhunter/db/i18n/de
 var/lib/rkhunter/db/i18n/en
+var/lib/rkhunter/db/i18n/tr
+var/lib/rkhunter/db/i18n/tr.utf8
 var/lib/rkhunter/db/i18n/zh
 var/lib/rkhunter/db/i18n/zh.utf8
-var/lib/rkhunter/db/mirrors.dat
-var/lib/rkhunter/db/programs_bad.dat
+@sample var/lib/rkhunter/db/mirrors.dat.sample
+@sample var/lib/rkhunter/db/programs_bad.dat.sample
+var/lib/rkhunter/db/signatures/RKH_Glubteba.ldb
+var/lib/rkhunter/db/signatures/RKH_dso.ldb
+var/lib/rkhunter/db/signatures/RKH_jynx.ldb
+var/lib/rkhunter/db/signatures/RKH_kbeast.ldb
+var/lib/rkhunter/db/signatures/RKH_libkeyutils.ldb
+var/lib/rkhunter/db/signatures/RKH_libkeyutils1.ldb
+var/lib/rkhunter/db/signatures/RKH_libncom.ldb
+var/lib/rkhunter/db/signatures/RKH_pamunixtrojan.ldb
+var/lib/rkhunter/db/signatures/RKH_shv.ldb
+var/lib/rkhunter/db/signatures/RKH_sniffer.ldb
+var/lib/rkhunter/db/signatures/RKH_sshd.ldb
+var/lib/rkhunter/db/signatures/RKH_turtle.ldb
+var/lib/rkhunter/db/signatures/RKH_xsyslog.ldb
 var/lib/rkhunter/db/suspscan.dat
 @unexec rm -f %D/var/lib/rkhunter/db/rkhunter_prop_list.dat 2> /dev/null || true
 @unexec rm -f %D/var/lib/rkhunter/db/rkhunter.dat* 2> /dev/null || true
-@unexec if cmp -s %D/etc/rkhunter.conf.sample %D/etc/rkhunter.conf; then rm -f %D/etc/rkhunter.conf; fi
-etc/rkhunter.conf.sample
-@exec if [ ! -f %D/etc/rkhunter.conf ] ; then cp -p %D/%F %B/rkhunter.conf; fi
 var/lib/rkhunter/tmp/group
 var/lib/rkhunter/tmp/passwd
 @dirrmtry etc/periodic/security
 @dirrmtry etc/periodic
-@dirrmtry share/doc/rkhunter
 @dirrm var/lib/rkhunter/tmp
+@dirrm var/lib/rkhunter/db/signatures
 @dirrm var/lib/rkhunter/db/i18n
 @dirrm var/lib/rkhunter/db
 @dirrm var/lib/rkhunter
-@dirrm var/lib
-@dirrm var
+@dirrmtry var/lib
+@dirrmtry var
 @dirrm lib/rkhunter/scripts
 @dirrm lib/rkhunter