Index: head/security/logcheck/Makefile
===================================================================
--- head/security/logcheck/Makefile	(revision 449671)
+++ head/security/logcheck/Makefile	(revision 449672)
@@ -1,104 +1,105 @@
 # Created by: Dan Langille <dan@freebsddiary.org>
 # $FreeBSD$
 
 PORTNAME=	logcheck
 PORTVERSION=	1.3.18
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	DEBIAN_POOL
 DISTNAME=	${PORTNAME}_${PORTVERSION}
 
 MAINTAINER=	yasu@utahime.org
 COMMENT=	Auditing tool for system logs on Unix boxes
 
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
 BUILD_DEPENDS=	docbook-to-man>0:textproc/docbook-to-man
 RUN_DEPENDS=	mime-construct:mail/mime-construct \
 		lockfile:mail/procmail \
 		bash:shells/bash
 
 LOGCHECK_USER=	logcheck
 LOGCHECK_GROUP=	${LOGCHECK_USER}
 USERS=		${LOGCHECK_USER}
 GROUPS=		${LOGCHECK_GROUP}
 
 BASEDIR?=	# None. portlint compliance
 DBDIR=		${BASEDIR}/var/db/${PORTNAME}
 RUNDIR=		${BASEDIR}/var/run/${PORTNAME}
 
 OPTIONS_DEFINE=	CRON
 CRON_DESC=	Install cron script automatically
 .if !defined(BATCH)
 OPTIONS_DEFAULT=CRON
 .endif
 
 # Enable Perl dependency for logtail script
 USES=		perl5 shebangfix tar:xz
 
 WRKSRC=		${WRKDIR}/${DISTNAME:S!_!-!}
 BINMODE=	755
 SUB_LIST+=	LOGCHECK_USER=${LOGCHECK_USER} \
 		LOGCHECK_GROUP=${LOGCHECK_GROUP} \
 		DBDIR=${DBDIR} CRON=${PORT_OPTIONS:MCRON}
 SUB_FILES=	pkg-install pkg-deinstall pkg-message
 PLIST_SUB+=	LOGCHECK_USER=${LOGCHECK_USER} \
 		LOGCHECK_GROUP=${LOGCHECK_GROUP} \
 		DBDIR=${DBDIR} RUNDIR=${RUNDIR}
 SHEBANG_FILES=	src/logcheck src/logtail src/logtail2 src/detectrotate/*.dtr
 CONFIG_DIRS=	cracking.d ignore.d.paranoid ignore.d.server \
 		ignore.d.workstation violations.d violations.ignore.d
 DOCS=		AUTHORS CHANGES CREDITS TODO docs/README*
 PORTDOCS=	${DOCS:T}
 MAN1_FILES=	logcheck-test.1
 MAN8_FILES=	logcheck.8 logtail.8 logtail2.8
 REINPLACE_FILES=	debian/logcheck.cron.d docs/logcheck.sgml \
 			docs/logtail2.8 docs/README.logcheck \
 			docs/README.logcheck-database docs/README.logtail \
 			etc/logcheck.conf src/logcheck src/logtail2
 
 .include <bsd.port.pre.mk>
 
 do-build:
 .for file in ${REINPLACE_FILES}
 	${REINPLACE_CMD} ${_SUB_LIST_TEMP} ${WRKSRC}/${file}
 .endfor
 	docbook-to-man ${WRKSRC}/docs/logcheck.sgml > ${WRKSRC}/docs/logcheck.8
 	${FIND} ${WRKSRC} -type f \( -name \*.orig -o -name \*.bak \) -delete
 
 do-install:
 	@${MKDIR} ${STAGEDIR}${DATADIR}/detectrotate \
 		  ${STAGEDIR}${DBDIR} \
 		  ${STAGEDIR}${DOCSDIR} \
 		  ${STAGEDIR}${ETCDIR} \
 		  ${STAGEDIR}${EXAMPLESDIR} \
 		  ${STAGEDIR}${RUNDIR}
 	${INSTALL_SCRIPT} ${WRKSRC}/src/logcheck-test ${STAGEDIR}${PREFIX}/bin
 	${INSTALL_SCRIPT} ${WRKSRC}/src/logcheck ${STAGEDIR}${PREFIX}/sbin
 	${INSTALL_SCRIPT} ${WRKSRC}/src/logtail ${STAGEDIR}${PREFIX}/sbin
 	${INSTALL_SCRIPT} ${WRKSRC}/src/logtail2 ${STAGEDIR}${PREFIX}/sbin
 	${INSTALL_DATA} ${WRKSRC}/etc/logcheck.conf \
 		${STAGEDIR}${ETCDIR}/logcheck.conf.sample
 	${INSTALL_DATA} ${WRKSRC}/etc/logcheck.logfiles \
 		${STAGEDIR}${ETCDIR}/logcheck.logfiles.sample
 .for i in ${CONFIG_DIRS}
 	@${MKDIR} ${STAGEDIR}${ETCDIR}/${i}
 	${INSTALL_DATA} ${WRKSRC}/rulefiles/linux/${i}/* \
 		${STAGEDIR}${ETCDIR}/${i}
 .endfor
 	${INSTALL_DATA} ${WRKSRC}/src/detectrotate/*.dtr \
 		${STAGEDIR}${DATADIR}/detectrotate
 	${INSTALL_DATA} ${WRKSRC}/debian/logcheck.cron.d \
 		${STAGEDIR}${EXAMPLESDIR}/crontab.in
 	@${ECHO_CMD} '@exec ${CHGRP} -R ${LOGCHECK_GROUP} \
 		${ETCDIR:S|^${PREFIX}/|%D/|} \
 		${DATADIR:S|^${PREFIX}/|%D/|}' >> ${TMPPLIST}
 .for i in ${MAN1_FILES}
 	${INSTALL_MAN} ${WRKSRC}/docs/$i ${STAGEDIR}${MAN1PREFIX}/man/man1
 .endfor
 .for i in ${MAN8_FILES}
 	${INSTALL_MAN} ${WRKSRC}/docs/$i ${STAGEDIR}${MAN8PREFIX}/man/man8
 .endfor
 	cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${STAGEDIR}${DOCSDIR}
 
 .include <bsd.port.post.mk>
Index: head/security/logcheck/files/patch-docs_logcheck-test.1
===================================================================
--- head/security/logcheck/files/patch-docs_logcheck-test.1	(revision 449671)
+++ head/security/logcheck/files/patch-docs_logcheck-test.1	(revision 449672)
@@ -1,26 +1,44 @@
 --- docs/logcheck-test.1.orig	2017-01-25 21:08:04 UTC
 +++ docs/logcheck-test.1
+@@ -4,7 +4,7 @@ logcheck-test \- test new logcheck rules
+ .SH SYNOPSIS
+ .B logcheck\-test
+ .RB [ \-q | \-i ]
+-.RB [ \-a | \-s | \-l
++.RB [ \-a | \-m | \-l
+ .IR FILE ]
+ .RB [ \-e ]
+ .RB [ \-P
+@@ -15,7 +15,7 @@ logcheck-test \- test new logcheck rules
+ .br
+ .B logcheck\-test
+ .RB [ \-q | \-i ]
+-.RB [ \-a | \-s | \-l
++.RB [ \-a | \-m | \-l
+ .IR FILE ]
+ .B \-r
+ .I RULEFILE
 @@ -38,8 +38,8 @@ Show usage information
  .B \-a, \-\-auth.log
  Parse /var/log/auth.log for matching lines
  .TP
 -.B \-s, \-\-syslog
 -Parse /var/log/syslog for matching lines
 +.B \-m, \-\-messages
 +Parse /var/log/messages for matching lines
  .TP
  .B \-l, \-\-log\-file FILE
  Parse FILE for matching lines
 @@ -69,10 +69,10 @@ With
  .B logcheck-test
  you can easily write and test new rules.
  .PP
 -Test a single rule against /var/log/syslog:
 +Test a single rule against /var/log/messages:
  .RS
  .fam C
 -logcheck-test \-s "RULE"
 +logcheck-test \-m "RULE"
  .fam T
  .RE
  
Index: head/security/logcheck/files/patch-src_logcheck-test
===================================================================
--- head/security/logcheck/files/patch-src_logcheck-test	(revision 449671)
+++ head/security/logcheck/files/patch-src_logcheck-test	(revision 449672)
@@ -1,23 +1,35 @@
 --- src/logcheck-test.orig	2017-01-25 21:08:04 UTC
 +++ src/logcheck-test
 @@ -38,7 +38,7 @@ usage() {
  usage: logcheck-test
  -h|--help                   : Show usage information
  -a|--auth.log               : Parse /var/log/auth.log
 --s|--syslog                 : Parse /var/log/syslog
 +-m|--messages               : Parse /var/log/messages
  -l|--log-file LOGFILE       : Parse LOGFILE
  -i|--invert-match           : Show lines that don't match the RULE or RULEFILE
  -q|--quiet                  : Suppress rule summary
-@@ -103,9 +103,9 @@ while [ -n "${1:-}" ]; do
+@@ -103,11 +103,11 @@ while [ -n "${1:-}" ]; do
                  warn "option -a ignored"
              fi
          ;;
 -        -s|--syslog)
 +        -m|--messages)
              if [ -z "$FILE" ] ; then
 -                FILE="/var/log/syslog"
 +                FILE="/var/log/messages"
              else
-                 warn "option -s ignored"
+-                warn "option -s ignored"
++                warn "option -m ignored"
              fi
+         ;;
+         -q|--quiet)
+@@ -169,7 +169,7 @@ while [ -n "${1:-}" ]; do
+ done
+ 
+ if [ -z "$FILE" ] ; then
+-    err "no log file specified, please choose -a or -s or -l LOGFILE"
++    err "no log file specified, please choose -a or -m or -l LOGFILE"
+     exit 2
+ elif ! [ -r "$FILE" ] ; then
+     err "'$FILE' permission denied"
Index: head/security/logcheck/files/pkg-deinstall.in
===================================================================
--- head/security/logcheck/files/pkg-deinstall.in	(revision 449671)
+++ head/security/logcheck/files/pkg-deinstall.in	(revision 449672)
@@ -1,25 +1,12 @@
 #!/bin/sh
 
 user="%%LOGCHECK_USER%%"
-group="%%LOGCHECK_GROUP%%"
-configfiles="logcheck.conf logcheck.logfiles"
 
 case $2 in
-DEINSTALL)
-	for f in ${configfiles}; do
-		if diff %%PREFIX%%/etc/logcheck/${f} %%PREFIX%%/etc/logcheck/${f}.sample > /dev/null; then
-			echo "---> ${f} configuration file is the same as ${f}.sample"
-			rm -f %%PREFIX%%/etc/logcheck/${f}
-			echo "---> Deleted %%PREFIX%%/etc/logcheck/${f}"
-		else
-			echo "---> %%PREFIX%%/etc/logcheck/${f} differs from sample file; not deleted"
-		fi
-	done
-;;
 POST-DEINSTALL)
 	if /usr/bin/crontab -u "${user}" -l > /dev/null 2>&1; then
-		rm -f /var/cron/tabs/${user}
-		echo "---> Removed crontab for \"${user}\"."
+		echo y | /usr/bin/crontab -u "${user}" -r
+		echo "==> Removed crontab for \"${user}\"."
 	fi
 ;;
 esac
Index: head/security/logcheck/files/pkg-install.in
===================================================================
--- head/security/logcheck/files/pkg-install.in	(revision 449671)
+++ head/security/logcheck/files/pkg-install.in	(revision 449672)
@@ -1,49 +1,39 @@
 #!/bin/sh
 
 user="%%LOGCHECK_USER%%"
-group="%%LOGCHECK_GROUP%%"
-configfiles="logcheck.conf logcheck.logfiles"
 
 case $2 in
 POST-INSTALL)
     if [ "%%CRON%%" = "CRON" ]; then
 	if [ -f %%EXAMPLESDIR%%/crontab.in ] ; then
 		if /usr/bin/crontab -u "${user}" -l >/tmp/logchecktab$$ 2>&1 ; then
 			if test -s /tmp/logchecktab$$; then
-				echo "---> \"${user}\" already has a crontab.  Not overwriting it"
-				echo "---> Please merge any changes from the standard crontab file"
-				echo "--->     %%EXAMPLESDIR%%/crontab.in"
+				echo "==> \"${user}\" already has a crontab.  Not overwriting it"
+				echo "==> Please merge any changes from the standard crontab file"
+				echo "==>     %%EXAMPLESDIR%%/crontab.in"
 			else
 				/usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1
-				echo "---> Installed crontab(5) file for user \"${user}\""
+				echo "==> Installed crontab(5) file for user \"${user}\""
 			fi
 		else
 			if grep -q "are not allowed to use this program" /tmp/logchecktab$$ ; then
-				echo "---> The logcheck user is not allowed to run crontab."
-				echo "---> Please check the contents of /var/cron/allow and /var/cron/deny"
-				echo "---> and grant access, if necessary."
+				echo "==> The logcheck user is not allowed to run crontab."
+				echo "==> Please check the contents of /var/cron/allow and /var/cron/deny"
+				echo "==> and grant access, if necessary."
 				exit 1
 			else
 				/usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1
-				echo "---> Created crontab(5) file for user \"${user}\""
+				echo "==> Created crontab(5) file for user \"${user}\""
 			fi
 		fi
 		rm -f /tmp/logchecktab$$
         fi
     else
         echo "---> Crontab file was not installed for user \"${user}\""
         if [ -f %%EXAMPLESDIR%%/crontab.in ]; then
-            echo "---> A sample crontab file can be found in %%EXAMPLESDIR%%/crontab.in"
-            echo "---> for manual installation."
+            echo "==> A sample crontab file can be found in %%EXAMPLESDIR%%/crontab.in"
+            echo "==> for manual installation."
         fi
     fi
-
-	for f in ${configfiles}; do
-		if [ ! -e %%PREFIX%%/etc/logcheck/${f} ]; then
-			echo "---> It seems you have no previous version of %%PREFIX%%/etc/logcheck/${f}"
-			cp %%PREFIX%%/etc/logcheck/${f}.sample %%PREFIX%%/etc/logcheck/${f}
-			echo "---> Created one from ${f}.sample"
-		fi
-	done
 ;;
 esac
Index: head/security/logcheck/pkg-plist
===================================================================
--- head/security/logcheck/pkg-plist	(revision 449671)
+++ head/security/logcheck/pkg-plist	(revision 449672)
@@ -1,207 +1,207 @@
 @mode 640
 %%DATADIR%%/detectrotate/10-savelog.dtr
 %%DATADIR%%/detectrotate/20-logrotate.dtr
 %%DATADIR%%/detectrotate/30-logrotate-dateext.dtr
 %%ETCDIR%%/cracking.d/kernel
 %%ETCDIR%%/cracking.d/rlogind
 %%ETCDIR%%/cracking.d/rsh
 %%ETCDIR%%/cracking.d/smartd
 %%ETCDIR%%/cracking.d/tftpd
 %%ETCDIR%%/cracking.d/uucico
 %%ETCDIR%%/ignore.d.paranoid/bind
 %%ETCDIR%%/ignore.d.paranoid/cron
 %%ETCDIR%%/ignore.d.paranoid/incron
 %%ETCDIR%%/ignore.d.paranoid/logcheck
 %%ETCDIR%%/ignore.d.paranoid/postfix
 %%ETCDIR%%/ignore.d.paranoid/ppp
 %%ETCDIR%%/ignore.d.paranoid/pureftp
 %%ETCDIR%%/ignore.d.paranoid/qpopper
 %%ETCDIR%%/ignore.d.paranoid/squid
 %%ETCDIR%%/ignore.d.paranoid/ssh
 %%ETCDIR%%/ignore.d.paranoid/stunnel
 %%ETCDIR%%/ignore.d.paranoid/sysklogd
 %%ETCDIR%%/ignore.d.paranoid/telnetd
 %%ETCDIR%%/ignore.d.paranoid/tripwire
 %%ETCDIR%%/ignore.d.paranoid/usb
 %%ETCDIR%%/ignore.d.server/acpid
 %%ETCDIR%%/ignore.d.server/amandad
 %%ETCDIR%%/ignore.d.server/amavisd-new
 %%ETCDIR%%/ignore.d.server/anacron
 %%ETCDIR%%/ignore.d.server/anon-proxy
 %%ETCDIR%%/ignore.d.server/apache
 %%ETCDIR%%/ignore.d.server/apcupsd
 %%ETCDIR%%/ignore.d.server/arpwatch
 %%ETCDIR%%/ignore.d.server/asterisk
 %%ETCDIR%%/ignore.d.server/automount
 %%ETCDIR%%/ignore.d.server/bind
 %%ETCDIR%%/ignore.d.server/bluez-utils
 %%ETCDIR%%/ignore.d.server/courier
 %%ETCDIR%%/ignore.d.server/cpqarrayd
 %%ETCDIR%%/ignore.d.server/cpufreqd
 %%ETCDIR%%/ignore.d.server/cron
 %%ETCDIR%%/ignore.d.server/cron-apt
 %%ETCDIR%%/ignore.d.server/cups-lpd
 %%ETCDIR%%/ignore.d.server/cvs-pserver
 %%ETCDIR%%/ignore.d.server/cvsd
 %%ETCDIR%%/ignore.d.server/cyrus
 %%ETCDIR%%/ignore.d.server/dcc
 %%ETCDIR%%/ignore.d.server/ddclient
 %%ETCDIR%%/ignore.d.server/dhclient
 %%ETCDIR%%/ignore.d.server/dhcp
 %%ETCDIR%%/ignore.d.server/dictd
 %%ETCDIR%%/ignore.d.server/dkfilter
 %%ETCDIR%%/ignore.d.server/dnsmasq
 %%ETCDIR%%/ignore.d.server/dovecot
 %%ETCDIR%%/ignore.d.server/dropbear
 %%ETCDIR%%/ignore.d.server/dspam
 %%ETCDIR%%/ignore.d.server/epmd
 %%ETCDIR%%/ignore.d.server/exim4
 %%ETCDIR%%/ignore.d.server/fcron
 %%ETCDIR%%/ignore.d.server/ftpd
 %%ETCDIR%%/ignore.d.server/git-daemon
 %%ETCDIR%%/ignore.d.server/gnu-imap4d
 %%ETCDIR%%/ignore.d.server/gps
 %%ETCDIR%%/ignore.d.server/grinch
 %%ETCDIR%%/ignore.d.server/horde3
 %%ETCDIR%%/ignore.d.server/hplip
 %%ETCDIR%%/ignore.d.server/hylafax
 %%ETCDIR%%/ignore.d.server/ikiwiki
 %%ETCDIR%%/ignore.d.server/imap
 %%ETCDIR%%/ignore.d.server/imapproxy
 %%ETCDIR%%/ignore.d.server/imp
 %%ETCDIR%%/ignore.d.server/imp4
 %%ETCDIR%%/ignore.d.server/innd
 %%ETCDIR%%/ignore.d.server/ipppd
 %%ETCDIR%%/ignore.d.server/isdnlog
 %%ETCDIR%%/ignore.d.server/isdnutils
 %%ETCDIR%%/ignore.d.server/jabberd
 %%ETCDIR%%/ignore.d.server/kernel
 %%ETCDIR%%/ignore.d.server/klogind
 %%ETCDIR%%/ignore.d.server/krb5-kdc
 %%ETCDIR%%/ignore.d.server/libpam-krb5
 %%ETCDIR%%/ignore.d.server/libpam-mount
 %%ETCDIR%%/ignore.d.server/logcheck
 %%ETCDIR%%/ignore.d.server/login
 %%ETCDIR%%/ignore.d.server/maradns
 %%ETCDIR%%/ignore.d.server/mldonkey-server
 %%ETCDIR%%/ignore.d.server/mon
 %%ETCDIR%%/ignore.d.server/mountd
 %%ETCDIR%%/ignore.d.server/nagios
 %%ETCDIR%%/ignore.d.server/netconsole
 %%ETCDIR%%/ignore.d.server/nfs
 %%ETCDIR%%/ignore.d.server/nntpcache
 %%ETCDIR%%/ignore.d.server/nscd
 %%ETCDIR%%/ignore.d.server/nslcd
 %%ETCDIR%%/ignore.d.server/openvpn
 %%ETCDIR%%/ignore.d.server/otrs
 %%ETCDIR%%/ignore.d.server/passwd
 %%ETCDIR%%/ignore.d.server/pdns
 %%ETCDIR%%/ignore.d.server/perdition
 %%ETCDIR%%/ignore.d.server/policyd
 %%ETCDIR%%/ignore.d.server/popa3d
 %%ETCDIR%%/ignore.d.server/postfix
 %%ETCDIR%%/ignore.d.server/postfix-policyd
 %%ETCDIR%%/ignore.d.server/ppp
 %%ETCDIR%%/ignore.d.server/pptpd
 %%ETCDIR%%/ignore.d.server/procmail
 %%ETCDIR%%/ignore.d.server/proftpd
 %%ETCDIR%%/ignore.d.server/pure-ftpd
 %%ETCDIR%%/ignore.d.server/pureftp
 %%ETCDIR%%/ignore.d.server/qpopper
 %%ETCDIR%%/ignore.d.server/rbldnsd
 %%ETCDIR%%/ignore.d.server/rpc_statd
 %%ETCDIR%%/ignore.d.server/rsnapshot
 %%ETCDIR%%/ignore.d.server/rsync
 %%ETCDIR%%/ignore.d.server/sa-exim
 %%ETCDIR%%/ignore.d.server/samba
 %%ETCDIR%%/ignore.d.server/saned
 %%ETCDIR%%/ignore.d.server/sasl2-bin
 %%ETCDIR%%/ignore.d.server/saslauthd
 %%ETCDIR%%/ignore.d.server/schroot
 %%ETCDIR%%/ignore.d.server/scponly
 %%ETCDIR%%/ignore.d.server/slapd
 %%ETCDIR%%/ignore.d.server/smartd
 %%ETCDIR%%/ignore.d.server/smbd_audit
 %%ETCDIR%%/ignore.d.server/smokeping
 %%ETCDIR%%/ignore.d.server/snmpd
 %%ETCDIR%%/ignore.d.server/snort
 %%ETCDIR%%/ignore.d.server/spamc
 %%ETCDIR%%/ignore.d.server/spamd
 %%ETCDIR%%/ignore.d.server/squid
 %%ETCDIR%%/ignore.d.server/ssh
 %%ETCDIR%%/ignore.d.server/stunnel
 %%ETCDIR%%/ignore.d.server/su
 %%ETCDIR%%/ignore.d.server/sudo
 %%ETCDIR%%/ignore.d.server/sympa
 %%ETCDIR%%/ignore.d.server/syslogd
 %%ETCDIR%%/ignore.d.server/systemd
 %%ETCDIR%%/ignore.d.server/systemd-timesyncd
 %%ETCDIR%%/ignore.d.server/teapop
 %%ETCDIR%%/ignore.d.server/telnetd
 %%ETCDIR%%/ignore.d.server/tftpd
 %%ETCDIR%%/ignore.d.server/thy
 %%ETCDIR%%/ignore.d.server/ucd-snmp
 %%ETCDIR%%/ignore.d.server/upsd
 %%ETCDIR%%/ignore.d.server/uptimed
 %%ETCDIR%%/ignore.d.server/userv
 %%ETCDIR%%/ignore.d.server/vsftpd
 %%ETCDIR%%/ignore.d.server/watchdog
 %%ETCDIR%%/ignore.d.server/wu-ftpd
 %%ETCDIR%%/ignore.d.server/xinetd
 %%ETCDIR%%/ignore.d.workstation/automount
 %%ETCDIR%%/ignore.d.workstation/bind
 %%ETCDIR%%/ignore.d.workstation/bluetooth-alsa
 %%ETCDIR%%/ignore.d.workstation/bluez-utils
 %%ETCDIR%%/ignore.d.workstation/bonobo
 %%ETCDIR%%/ignore.d.workstation/dhcpcd
 %%ETCDIR%%/ignore.d.workstation/francine
 %%ETCDIR%%/ignore.d.workstation/gconf
 %%ETCDIR%%/ignore.d.workstation/gdm
 %%ETCDIR%%/ignore.d.workstation/hald
 %%ETCDIR%%/ignore.d.workstation/hcid
 %%ETCDIR%%/ignore.d.workstation/ifplugd
 %%ETCDIR%%/ignore.d.workstation/ippl
 %%ETCDIR%%/ignore.d.workstation/kdm
 %%ETCDIR%%/ignore.d.workstation/kernel
 %%ETCDIR%%/ignore.d.workstation/laptop-mode-tools
 %%ETCDIR%%/ignore.d.workstation/libmtp-runtime
 %%ETCDIR%%/ignore.d.workstation/libpam-gnome-keyring
 %%ETCDIR%%/ignore.d.workstation/logcheck
 %%ETCDIR%%/ignore.d.workstation/login
 %%ETCDIR%%/ignore.d.workstation/net-acct
 %%ETCDIR%%/ignore.d.workstation/nntpcache
 %%ETCDIR%%/ignore.d.workstation/polypaudio
 %%ETCDIR%%/ignore.d.workstation/postfix
 %%ETCDIR%%/ignore.d.workstation/ppp
 %%ETCDIR%%/ignore.d.workstation/proftpd
 %%ETCDIR%%/ignore.d.workstation/pump
 %%ETCDIR%%/ignore.d.workstation/sendfile
 %%ETCDIR%%/ignore.d.workstation/slim
 %%ETCDIR%%/ignore.d.workstation/squid
 %%ETCDIR%%/ignore.d.workstation/udev
 %%ETCDIR%%/ignore.d.workstation/wdm
 %%ETCDIR%%/ignore.d.workstation/winbind
 %%ETCDIR%%/ignore.d.workstation/wpasupplicant
 %%ETCDIR%%/ignore.d.workstation/xdm
 %%ETCDIR%%/ignore.d.workstation/xlockmore
-%%ETCDIR%%/logcheck.conf.sample
-%%ETCDIR%%/logcheck.logfiles.sample
 %%ETCDIR%%/violations.d/kernel
 %%ETCDIR%%/violations.d/logcheck
 %%ETCDIR%%/violations.d/smartd
 %%ETCDIR%%/violations.d/su
 %%ETCDIR%%/violations.d/sudo
 %%ETCDIR%%/violations.ignore.d/logcheck-su
 %%ETCDIR%%/violations.ignore.d/logcheck-sudo
+@sample %%ETCDIR%%/logcheck.conf.sample
+@sample %%ETCDIR%%/logcheck.logfiles.sample
 @mode
 bin/logcheck-test
 man/man1/logcheck-test.1.gz
 man/man8/logcheck.8.gz
 man/man8/logtail.8.gz
 man/man8/logtail2.8.gz
 sbin/logcheck
 sbin/logtail
 sbin/logtail2
 %%PORTEXAMPLES%%%%EXAMPLESDIR%%/crontab.in
 @dir(%%LOGCHECK_USER%%,%%LOGCHECK_GROUP%%,) %%DBDIR%%
 @dir(%%LOGCHECK_USER%%,%%LOGCHECK_GROUP%%,) %%RUNDIR%%