Fixed basedn in slapd include and added rott write access to all attributes.

Package-Manager: portage-2.0.52-r1

2 files changed, 21 insertions, 12 deletions

diff --git a/www-apps/open-xchange/Manifest b/www-apps/open-xchange/Manifest
index c9534fe0ca68..c85679ee498b 100644
--- a/www-apps/open-xchange/Manifest
+++ b/www-apps/open-xchange/Manifest
@@ -4,7 +4,7 @@ Hash: SHA1
 MD5 aa333946b92b009f73c374ceeb7c33f0 open-xchange-0.8.1.2.ebuild 21555
 MD5 59d559390ca6a6d365a5d6c3012c0343 metadata.xml 387
 MD5 3763a6f30682cee252c57a59b68f7585 ChangeLog 719
-MD5 06167595626d4b8be205d9ef05237961 files/slapd.ox.inc 1726
+MD5 2ad5cb7b97eca4314016247cde421449 files/slapd.ox.inc 2019
 MD5 ec8d72f6da3dbefde48787a53fa071bf files/digest-open-xchange-0.8.1.2 138
 MD5 5388f979621c5e4d333aef5cd37f0062 files/init.d.open-xchange 1877
 MD5 cfa72c4f5e62b779052acf1cd629234b files/88_mod_jk.ox.conf 1228
@@ -12,7 +12,7 @@ MD5 7d1504e4241974d3583575b3827b0f5a files/open-xchange-htaccess 174
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (GNU/Linux)
 
-iD8DBQFDNcqrArHZZzCEUG0RAqCfAKCJZSxNuafTFjXMzsAscMvXZ7qE6QCdH8NE
-XBeklKgeUGkR3PWMpEWnsPU=
-=Cyh2
+iD8DBQFDNdBxArHZZzCEUG0RAoV3AJ0XL/2Dipg7J7qJKZHEi5DUZOCTmQCcDCkl
+p0ykxJOHXrVrxu6BfS3GoqY=
+=115I
 -----END PGP SIGNATURE-----
diff --git a/www-apps/open-xchange/files/slapd.ox.inc b/www-apps/open-xchange/files/slapd.ox.inc
index e24f59d75709..b09c7d440150 100644
--- a/www-apps/open-xchange/files/slapd.ox.inc
+++ b/www-apps/open-xchange/files/slapd.ox.inc
@@ -1,22 +1,30 @@
-access to dn.base="" by * read
-access to dn.base="cn=Subschema" by * read
+access to dn.base=""
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
+  by * read
+
+access to dn.base="cn=Subschema"
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
+  by * read
 
 # protect the userPassword attribute
 access to attrs=userPassword,shadowLastChange 
-  by dn="uid=root,ou=Users,ou=OxObjects,dc=gen-ux,dc=com" write
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
   by anonymous auth
   by self write
   by * none
 
 # global address book
-access to dn.subtree="o=AddressBook,ou=OxObjects,dc=gen-ux,dc=com"
-  by group.exact="cn=AddressAdmins,o=AddressBook,ou=OxObjects,dc=gen-ux,dc=com" write
+access to dn.subtree="o=AddressBook,ou=OxObjects,@basedn@"
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
+  by group.exact="cn=AddressAdmins,o=AddressBook,ou=OxObjects,@basedn@" write
   by users read
 
 # personal address book
-access to dn.regex="^ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=gen-ux,dc=com)$" attrs=children
+access to dn.regex="^ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,@basedn@)$" attrs=children
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
   by dn.exact,expand="$1" write
-access to dn.regex="^uid=([^,]+),ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=gen-ux,dc=com)$" attrs=entry
+access to dn.regex="^uid=([^,]+),ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,@basedn@)$" attrs=entry
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
   by dn.exact,expand="$2" write
 
 # default rule allowing users full access to their own entries
@@ -28,11 +36,12 @@ access to dn.regex="^uid=([^,]+),ou=addr,(uid=([^,]+),ou=Users,ou=OxObjects,dc=g
 # This is not secure and thus hasn't been set here.  To enable it, add
 # uid to the following list
 access to attrs=birthDay,cn,description,facsimileTelephoneNumber,gecos,givenName,homePhone,initials,l,labeledURI,mobile,o,ou,OXAppointmentDays,OXDayViewInterval,OXDayViewEndTime,OXDayViewStartTime,OXTaskDays,OXTimeZone,pager,postalCode,preferredLanguage,sn,st,street,telephoneNumber,title,userCountry
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
   by self write
   by * read
 
 access to *
-  by dn="uid=root,ou=Users,ou=OxObjects,dc=gen-ux,dc=com" write
+  by dn="uid=root,ou=Users,ou=OxObjects,@basedn@" write
   by * read
 
 # This is supposed to give a performance boose, but it just breaks things for