Index: head/security/samhain/Makefile
===================================================================
--- head/security/samhain/Makefile	(revision 558165)
+++ head/security/samhain/Makefile	(revision 558166)
@@ -1,202 +1,201 @@
 # Created by: Nikola Kolev <koue@chaosophia.net>
 # $FreeBSD$
 
 PORTNAME=	samhain
-PORTVERSION=	4.4.2
-PORTREVISION=	1
+PORTVERSION=	4.4.3
 CATEGORIES=	security
 MASTER_SITES=	http://la-samhna.de/archive/
 DISTNAME=	samhain_signed-${PORTVERSION}
 
 MAINTAINER=	freebsd@gregv.net
 COMMENT=	Samhain Intrusion Detection System
 
 LICENSE=	GPLv2
 
 BROKEN_aarch64=		fails to build: undefined reference to sbrk
 BROKEN_mips=		fails to configure: error: Could not find the libwrap library
 BROKEN_mips64=		fails to configure: error: Could not find the libwrap library
 
 USES=			shebangfix
 SHEBANG_FILES=		scripts/samhainadmin-gpg.pl.in \
 			scripts/samhainadmin-sig.pl.in
 
+GNU_CONFIGURE=	yes
+CONFIGURE_ARGS=	--localstatedir=/var \
+		--with-logserver=true \
+		--with-altlogserver=true \
+		--with-timeserver=true \
+		--with-alttimeserver=true
+
+WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}
+
 OPTIONS_DEFINE=		ASM DB_RELOAD DEBUG DNMALLOC DOCS ENCRYPT GNUPG IPV6 \
 			LIBWRAP LOGFILE_MONITOR LOGIN_WATCH MAIL \
 			MOUNTS_CHECK PORT_CHECK POSIX_ACL PRELUDE PROCESS_CHECK \
 			PTRACE SRP STATIC SUIDCHECK UDP USERFILES XML_LOGS
 OPTIONS_DEFAULT=	ASM DNMALLOC ENCRYPT LIBWRAP MAIL SRP
 OPTIONS_RADIO=		DB
 OPTIONS_RADIO_DB=	MYSQL ODBC PGSQL
 OPTIONS_SUB=		yes
 
 DB_DESC=	Database support
 DB_RELOAD_DESC=	Enable database reload on SIGHUP
 DNMALLOC_DESC=	Enable dnmalloc
 ENCRYPT_DESC=	Enable client/server encryption
 LOGFILE_MONITOR_DESC=	Enable monitor logfiles
 LOGIN_WATCH_DESC=	Enable watch for login/logout
 MAIL_DESC=	Enable internal SMTP mailer
 MOUNTS_CHECK_DESC=	Enable check mount options on filesystems
 PORT_CHECK_DESC=	Enable check ports
-PROCESS_CHECK_DESC=	Enable check processes
 POSIX_ACL_DESC=	Enable check posix acls
 PRELUDE_DESC=	Enable Prelude Framework support
+PROCESS_CHECK_DESC=	Enable check processes
 PTRACE_DESC=	Enable use anti-debugger options
 SRP_DESC=	Enable SRP for authentication
 SUIDCHECK_DESC=	Enable check for suid/sgid files
 UDP_DESC=	Enable UDP server
 USERFILES_DESC=	Enable check for users config files
 XML_LOGS_DESC=	Enable XML-formatted logs
 
-WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}
-
-GNU_CONFIGURE=	yes
-CONFIGURE_ARGS=	--localstatedir=/var \
-		--with-logserver=true \
-		--with-altlogserver=true \
-		--with-timeserver=true \
-		--with-alttimeserver=true
-
 ASM_CONFIGURE_ENABLE=		asm
 
 DB_RELOAD_CONFIGURE_ENABLE=	db-reload
 
 DEBUG_CONFIGURE_ENABLE=		debug
 
 DNMALLOC_CONFIGURE_ENABLE=	dnmalloc
 
 ENCRYPT_CONFIGURE_ENABLE=	encrypt
 
-GNUPG_CONFIGURE_WITH=		gpg=${PREFIX}/bin/gpg
 GNUPG_BUILD_DEPENDS=		gpg:security/gnupg
+GNUPG_CONFIGURE_WITH=		gpg=${PREFIX}/bin/gpg
 
 IPV6_CONFIGURE_ENABLE=		ipv6
 
 LIBWRAP_CONFIGURE_WITH=		libwrap
 
 LOGFILE_MONITOR_CONFIGURE_ENABLE=	logfile-monitor
 
 LOGIN_WATCH_CONFIGURE_ENABLE=	login-watch
 
 MAIL_CONFIGURE_ENABLE=		mail
 
 MOUNTS_CHECK_CONFIGURE_ENABLE=	mounts-check
 
 MYSQL_IMPLIES=			XML_LOGS
 MYSQL_USES=			mysql
 MYSQL_CONFIGURE_ON=		--with-database=mysql
 
 ODBC_IMPLIES=			XML_LOGS
 ODBC_LIB_DEPENDS=		libodbc.so:databases/unixODBC
 ODBC_CONFIGURE_ON=		--with-database=odbc
 
 PGSQL_IMPLIES=			XML_LOGS
 PGSQL_USES=			pgsql
 PGSQL_CONFIGURE_ON=		--with-database=postgresql
 
 PORT_CHECK_CONFIGURE_ENABLE=	port-check
 
-PROCESS_CHECK_CONFIGURE_ENABLE=	process-check
-
 POSIX_ACL_CONFIGURE_ENABLE=	posix-acl
 
 PRELUDE_LIB_DEPENDS=		libprelude.so:security/libprelude
 PRELUDE_CONFIGURE_WITH=		prelude
+
+PROCESS_CHECK_CONFIGURE_ENABLE=	process-check
 
 PTRACE_CONFIGURE_ENABLE=	ptrace
 
 SRP_CONFIGURE_ENABLE=		srp
 
 STATIC_CONFIGURE_ENABLE=	static
 
 SUIDCHECK_CONFIGURE_ENABLE=	suidcheck
 
 UDP_CONFIGURE_ENABLE=		udp
 
 USERFILES_CONFIGURE_ENABLE=	userfiles
 
 XML_LOGS_CONFIGURE_ENABLE=	xml-log
 
 .include <bsd.port.pre.mk>
 
 .if ${ARCH} == "amd64"
 CFLAGS+=	-fPIC
 .endif
 
 .if defined(WITH_RUNAS_USER)
 CONFIGURE_ARGS+=	--enable-identity=${WITH_RUNAS_USER}
 .else
 CONFIGURE_ARGS+=	--enable-identity=yule
 .endif
 
 .if defined(WITH_CLIENT)
 CONFIGURE_ARGS+=	--enable-network=client \
 			--with-data-file=REQ_FROM_SERVER/var/lib/samhain/data.samhain \
 			--with-config-file=REQ_FROM_SERVER
 PLIST_SUB+=		SAMHAIN="" SETPWD="" YULE="@comment "
 EXTRA_PATCHES+=		${FILESDIR}/fixsamhainrc.patch
 .elif defined(WITH_SERVER)
 USERS=			yule
 GROUPS=			yule
 CONFIGURE_ARGS+=	--enable-network=server
 SUB_LIST+=		WITH_YULE="yes"
 PLIST_SUB+=		YULE="" SAMHAIN="@comment " SETPWD="@comment "
 EXTRA_PATCHES+=		${FILESDIR}/fixyulerc.patch
 .else
 SUB_LIST+=		WITH_YULE=""
 PLIST_SUB+=		SAMHAIN="" YULE="@comment " SETPWD="@comment "
 EXTRA_PATCHES+=		${FILESDIR}/fixsamhainrc.patch
 .endif
 
 pre-everything::
 
 .if !defined(WITH_CLIENT) && !defined(WITH_SERVER)
 	@${ECHO_MSG}
 	@${ECHO_MSG} "Building Samhain in standalone mode."
 	@${ECHO_MSG} "If you wish to enable networked mode, please hit CTRL-C"
 	@${ECHO_MSG} "now, and build samhain from the samhain-client and"
 	@${ECHO_MSG} "samhain-server ports."
 	@${ECHO_MSG}
 .endif
 
 .if defined(WITH_CLIENT) && defined(WITH_SERVER)
 IGNORE=		can't build client and server at once
 .endif
 
 post-extract:
 	@${TAR} -C ${WRKDIR} -xzf ${WRKSRC}.tar.gz
 	@${RM} ${WRKSRC}.tar.gz ${WRKSRC}.tar.gz.asc
 
 post-install:
 .if !defined(WITH_SERVER)
 	${INSTALL_SCRIPT} ${WRKSRC}/init/samhain.startFreeBSD ${STAGEDIR}${PREFIX}/etc/rc.d/samhain
 	@${CP} ${WRKSRC}/samhainrc ${STAGEDIR}${PREFIX}/etc/samhainrc.sample
 	@${CHGRP} wheel ${STAGEDIR}${PREFIX}/etc/samhainrc.sample
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/samhain
 .else
 	${INSTALL_SCRIPT} ${WRKSRC}/init/samhain.startFreeBSD ${STAGEDIR}${PREFIX}/etc/rc.d/yule
 	@${CP} ${WRKSRC}/yulerc ${STAGEDIR}${PREFIX}/etc/yulerc.sample
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yule
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yulectl
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/yule_setpwd
 .endif
 .if defined(WITH_CLIENT)
 	${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/samhain_setpwd
 .endif
 
 post-install-DOCS-on:
 	${MKDIR} ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/MANUAL-2_4.pdf ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-client+server.html ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-client+server-troubleshooting.html ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-samhain+GnuPG.html ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/HOWTO-write-modules.html ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/FAQ.html ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/README.UPGRADE ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/README ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/BUGS ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/sh_mounts.txt ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/docs/sh_userfiles.txt ${STAGEDIR}${DOCSDIR}
 
 .include <bsd.port.post.mk>
Index: head/security/samhain/distinfo
===================================================================
--- head/security/samhain/distinfo	(revision 558165)
+++ head/security/samhain/distinfo	(revision 558166)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1599228563
-SHA256 (samhain_signed-4.4.2.tar.gz) = 2bb2750b32646be32517d0b2259402559c72b96979800f6c33774fcdea327fff
-SIZE (samhain_signed-4.4.2.tar.gz) = 2160169
+TIMESTAMP = 1607614629
+SHA256 (samhain_signed-4.4.3.tar.gz) = 3e57574036d5055e9557ec5095818b419ea6c4365370fc2ccce1e9f87f9fad08
+SIZE (samhain_signed-4.4.3.tar.gz) = 2160977
Index: head/security/samhain/pkg-descr
===================================================================
--- head/security/samhain/pkg-descr	(revision 558165)
+++ head/security/samhain/pkg-descr	(revision 558166)
@@ -1,12 +1,12 @@
 Samhain is an open source file integrity and host-based intrusion
 detection system for Linux and Unix. It can run as a daemon process,
-and and thus can remember file changes - contrary to a tool that runs
+and thus can remember file changes - contrary to a tool that runs
 from cron, if a file is modified you will get only one report, while
 subsequent checks of that file will ignore the modification as it is
 already reported (unless the file is modified again).
 
 Samhain can optionally be used as client/server system to provide
 centralized monitoring for multiple host. Logging to a (MySQL or
 PostgreSQL) database is supported.
 
 WWW: http://la-samhna.de/samhain/
Index: head/security/samhain/pkg-plist
===================================================================
--- head/security/samhain/pkg-plist	(revision 558165)
+++ head/security/samhain/pkg-plist	(revision 558166)
@@ -1,33 +1,32 @@
 @dir /var/lib
 %%PORTDOCS%%%%DOCSDIR%%/BUGS
 %%PORTDOCS%%%%DOCSDIR%%/FAQ.html
 %%PORTDOCS%%%%DOCSDIR%%/HOWTO-client+server-troubleshooting.html
 %%PORTDOCS%%%%DOCSDIR%%/HOWTO-client+server.html
 %%PORTDOCS%%%%DOCSDIR%%/HOWTO-samhain+GnuPG.html
 %%PORTDOCS%%%%DOCSDIR%%/HOWTO-write-modules.html
 %%PORTDOCS%%%%DOCSDIR%%/MANUAL-2_4.pdf
 %%PORTDOCS%%%%DOCSDIR%%/README
 %%PORTDOCS%%%%DOCSDIR%%/README.UPGRADE
 %%PORTDOCS%%%%DOCSDIR%%/sh_mounts.txt
 %%PORTDOCS%%%%DOCSDIR%%/sh_userfiles.txt
 %%PORTDOCS%%@dir %%DOCSDIR%%
 %%SAMHAIN%%@dir /var/lib/samhain
 %%SAMHAIN%%@sample etc/samhainrc.sample
 %%SAMHAIN%%etc/rc.d/samhain
 %%SAMHAIN%%man/man5/samhainrc.5.gz
 %%SAMHAIN%%man/man8/samhain.8.gz
 %%SAMHAIN%%sbin/samhain
 %%SETPWD%%sbin/samhain_setpwd
-%%YULE%%@dir /var/lib
 %%YULE%%@dir /var/lib/yule
 %%YULE%%@dir /var/log/yule
 %%YULE%%@sample etc/yulerc.sample
 %%YULE%%@postunexec echo "To delete the yule user permanently, use 'pw userdel yule'"
 %%YULE%%etc/rc.d/yule
 %%YULE%%man/man5/yulerc.5.gz
 %%YULE%%man/man8/yule.8.gz
 %%YULE%%sbin/yule
 %%YULE%%sbin/yule_setpwd
 %%YULE%%sbin/yuleadmin-gpg.pl
 %%YULE%%sbin/yuleadmin-sig.pl
 %%YULE%%sbin/yulectl