SWAT
This tool is part of the samba(7) suite.
swat allows a Samba administrator to configure the complex smb.conf(5) file via a Web browser. In addition, a swat configuration page has help links to all the configurable options in the smb.conf file allowing an administrator to easily look up the effects of any change.
OPTIONS
The default configuration file path is determined at compile time. The file specified contains the configuration details required by the smbd(8) server. This is the file that swat will modify. The information in this file includes server−specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide. See smb.conf for more information.
This option disables authentication and places swat in demo mode. In that mode anyone will be able to modify the smb.conf file.
WARNING: Do NOT enable this option on a production server.
This option restricts read−only users to the password management page. swat can then be used to change user passwords without users seeing the «View» and «Status» menu buttons.
level is an integer from 0 to 10. The default value if this parameter is not specified is 0.
The higher this value, the more detail will be logged to the log files about the activities of the server. At level 0, only critical errors and serious warnings will be logged. Level 1 is a reasonable level for day−to−day running − it generates a small amount of information about operations carried out.
Levels above 1 will generate considerable amounts of log data, and should only be used when investigating a problem. Levels above 3 are designed for use only by developers and generate HUGE amounts of log data, most of which is extremely cryptic.
Note that specifying this parameter here will override the smb.conf.5.html# parameter in the smb.conf file.
Prints the program version number.
The file specified contains the configuration details required by the server. The information in this file includes server−specific information such as what printcap file to use, as well as descriptions of all the services that the server is to provide. See smb.conf for more information. The default configuration file name is determined at compile time.
Base directory name for log/debug files. The extension «.progname» will be appended (e.g. log.smbclient, log.smbd, etc. ). The log file is never removed by the client.
Print a summary of command line options.
INSTALLATION
Swat is included as binary package with most distributions. The package manager in this case takes care of the installation and configuration. This section is only for those who have compiled swat from scratch.
After you compile SWAT you need to run make install to install the swat binary and the various help files and images. A default install would put these in:
Inetd Installation
You need to edit your /etc/inetd.conf and /etc/services to enable SWAT to be launched via inetd.
In /etc/services you need to add a line like this:
Note for NIS/YP and LDAP users − you may need to rebuild the NIS service maps rather than alter your local /etc/services file.
the choice of port number isn´t really important except that it should be less than 1024 and not currently used (using a number above 1024 presents an obscure security hole depending on the implementation details of your inetd daemon).
In /etc/inetd.conf you should add a line like this:
swat stream tcp nowait.400 root /usr/local/samba/sbin/swat swat
Once you have edited /etc/services and /etc/inetd.conf you need to send a HUP signal to inetd. To do this use kill −1 PID where PID is the process ID of the inetd daemon.
LAUNCHING
To launch SWAT just run your favorite web browser and point it at «http://localhost:901/».
Note that you can attach to SWAT from any IP connected machine but connecting from a remote machine leaves your connection open to password sniffing as passwords will be sent in the clear over the wire.
FILES
This file must contain suitable startup information for the meta−daemon.
This file must contain a mapping of service name (e.g., swat) to service port (e.g., 901) and protocol type (e.g., tcp).
This is the default location of the smb.conf(5) server configuration file that swat edits. Other common places that systems install this file are /usr/samba/lib/smb.conf and /etc/smb.conf. This file describes all the services the server is to make available to clients.
WARNINGS
swat will rewrite your smb.conf(5) file. It will rearrange the entries and delete all comments, include= and copy= options. If you have a carefully crafted smb.conf then back it up or don´t use swat!
VERSION
This man page is correct for version 3 of the Samba suite.
SEE ALSO
AUTHOR
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open Source project similar to the way the Linux kernel is developed.
The original Samba man pages were written by Karl Auer. The man page sources were converted to YODL format (another excellent piece of Open Source software, available at ftp://ftp.icce.rug.nl/pub/unix/) and updated for the Samba 2.0 release by Jeremy Allison. The conversion to DocBook for Samba 2.2 was done by Gerald Carter. The conversion to DocBook XML 4.2 for Samba 3.0 was done by Alexander Bokovoy.
More Linux Commands
manpages/vfs_time_audit.8.html
vfs_time_audit(8) — samba vfs module to log slow VFS operati
This VFS module is part of the samba(7) suite. The time_audit VFS module logs system calls that take longer than the number of milliseconds defined by the varia
manpages/sigfillset.3.html
sigfillset(3) — POSIX signal set operations. (Man Page).
These functions allow the manipulation of POSIX signal sets. sigemptyset() initializes the signal set given by set to empty, with all signals excluded from the
manpages/vfs_streams_depot.8.html
vfs_streams_depot(8) — EXPERIMENTAL module to store alternat
This EXPERIMENTAL VFS module is part of the samba(7) suite. The vfs_streams_depot enables storing of NTFS alternate data streams in the file system. As a normal
manpages/XShmGetImage.3.html
XShmGetImage(3) — X Shared Memory extension functions.
XShmQueryExtension checks to see if the shared memory extensions are available for the specified display. XShmQueryVersion returns the version numbers of the ex
manpages/pcre_table.5.html
pcre_table(5) — format of Postfix PCRE tables (Man Page).
pcre_table.5 — The Postfix mail system uses optional tables for address rewriting, mail routing, or access control. These tables are usually in dbm or db format
manpages/s_server.1ssl.html
s_server(1ssl) — SSL/TLS server program — Linux manual page
The s_server command implements a generic SSL/TLS server which listens for connections on a given port using SSL/TLS. OPTIONS -accept port the TCP port to liste
manpages/snmpd.internal.5.html
snmpd.internal(5) — internal configuration of the Net-SNMP a
The snmpd.conf(5) man page defines the syntax and behaviour of the main configuration directives that can be used to control the operation of the Net-SNMP agent
manpages/vcs.4.html
vcs(4) — virtual console memory (Special — Linux man page)
/dev/vcs0 is a character device with major number 7 and minor number 0, usually of mode 0644 and owner root.tty. It refers to the memory of the currently displa
manpages/systemd-notify.1.html
systemd-notify(1) — Notify init system about start-up comple
systemd-notify may be called by daemon scripts to notify the init system about status changes. It can be used to send arbitrary information, encoded in an envir
manpages/acl_create_entry.3.html
acl_create_entry(3) — create a new ACL entry (Man Page).
The acl_create_entry() function creates a new ACL entry in the ACL pointed to by the contents of the pointer argument acl_p. On success, the function returns a
manpages/gnutls_x509_crt_get_issuer.3.html
gnutls_x509_crt_get_issuer(3) — API function (Man Page).
Return the Certificates Issuer DN as an opaque data type. You may use gnutls_x509_dn_get_rdn_ava() to decode the DN. Note that dn should be treated as constant.
manpages/passwd.5.html
passwd(5) — password file (File formats — Linux man page).
The /etc/passwd file is a text file that describes user login accounts for the system. It should have read permission allowed for all users (many utilities, lik
«Free learning resources, like free software, is a matter of freedom, not price. It’s about bringing the principles of free software to general knowledge and educational materials. Knowledge should be usable and accessible to all without restrictions and should not be treated as property.» Free Learning Resources
«As our society grows more dependent on computers, the software we run is of critical importance to securing the future of a free society. Free software is about having control over the technology we use in our homes, schools and businesses, where computers work for our individual and communal benefit» Learn About Free Software
Swat
Q: The swat help links do not work. How do I tell swat where to find the man pages?
A: You don’t have to tell swat where they are you have to install them.
sudo apt-get install samba-doc
Q: When I open the web page I only see four boxes (Home, Status, View, Password) but none of these boxes give me the ability to configure Samba. What should I do?
A: You do not have the necessary permissions. You will need to ensure you are a user of the administration group (‘admin’) and that the adm group has sufficient access rights to the Samba configuration file (‘smb.conf’). Note the user created during the installation is automatically a member of the adm group.
To ensure the adm group has proper permissions over ‘smb.conf’ use ‘chmod’ and ‘chgrp’ tools to change the file access permissions and group permissions respectively:
sudo chmod g+w /etc/samba/smb.conf sudo chgrp adm /etc/samba/smb.conf
Another method is to grant all users—the whole world essentially—complete access to ‘smb.conf’. This is not recommended for obvious security reasons.
sudo chmod 777 /etc/samba/smb.conf
Now refresh your browser window and you should see additional boxes for Globals, Shares, Printers and Wizard.
Q: On my 6.06 LTS server clients don’t see the swat page. It is just a blank page. What now?
A: Edit the /etc/samba/smb.conf file so that the file contains a line for allowed hosts like:
or, if you are not that comfortable with vi:
sudo nano /etc/samba/smb.conf
Add or change the following line:
[global] . . hosts allow = 192.168.1.0/255.255.255.0 [printers]
Of course this has to match your own network settings. After this you have to restart the samba subsystem.
sudo /etc/init.d/samba restart
Q: On my 9.04 Server i can’t access swat. If I test with ss -lt there is a line with
A: Swat seems to be bound to IPv6 instead of IPv4 A2: IPv6 sockets include IPv4 connectivity by default (unless turned off by the process).
Edit the following line with sudo nano /etc/inetd.conf
swat stream tcp nowait.400 root /usr/sbin/tcpd /usr/sbin/swat
swat stream tcp4 nowait.400 root /usr/sbin/tcpd /usr/sbin/swat
then restart inetd with sudo /etc/init.d/inetutils-inetd restart
Swat (последним исправлял пользователь duncan-lithgow 2013-02-23 11:18:42)
The material on this wiki is available under a free license, see Copyright / License for details
You can contribute to this wiki, see Wiki Guide for details