X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/blobdiff_plain/563e77927eb5faaae4571bd2b0811de590368581..0d3fb301bcae781d585bdecf534ed18769d91bce:/scripts/domtool-publish

diff --git a/scripts/domtool-publish b/scripts/domtool-publish
index f11bc4c..811c464 100755
--- a/scripts/domtool-publish
+++ b/scripts/domtool-publish
@@ -58,7 +58,7 @@ case $1 in
 	;;
 	courier)
 	        /usr/sbin/makeuserdb
-		/bin/chown -R domtool.domtool /etc/courier/userdb
+		/bin/chown -R domtool.nogroup /etc/courier/userdb
 		/bin/cat /etc/courier/userdb/* >/etc/courier/exim
 		/bin/chmod o-r /etc/courier/exim
 		/usr/sbin/exim_dbmbuild /etc/courier/exim /etc/courier/exim.dat
@@ -69,16 +69,24 @@ case $1 in
 		/bin/grep $2 /var/log/exim4/mainlog
 	;;
         apache-fixperms)
-                /bin/chown -R domtool.domtool /var/log/apache2/user
+                /bin/chown -R domtool.nogroup /var/log/apache2/user
         ;;
         apache1.3-fixperms)
-                /bin/chown -R domtool.domtool /var/log/apache/user
+                /bin/chown -R domtool.nogroup /var/log/apache/user
         ;;
         users)
                 /bin/cp /var/domtool/waklog.conf /etc/apache2/
 		/etc/init.d/apache2 reload
         ;;
+        firewall)
+	       # Ideally this would check if the config worked first
+	       # (ferm failing just uses the previous config at
+	       # least). Does it need to chown/chmod the generated
+	       # rules?
+	       /bin/cp /var/domtool/firewall/{user_chains.conf,users_tcp_in.conf,users_tcp_out.conf} /etc/ferm/
+	       /etc/init.d/ferm reload
+	;;
 	*)
-		echo "Usage: domtool-publish [apache|bind|courier|exim|mailman|smtplog STRING|users]"
+		echo "Usage: domtool-publish [apache|bind|courier|exim|mailman|smtplog STRING|users|firewall]"
 	;;
 esac