[[PageOutline]] = Samba Web Administration Tool = * [http://www.eml.ele.cst.nihon-u.ac.jp/~momma/wiki/wiki.cgi/Ubuntu/swat.html Momma's Wiki: Ubuntu/swat - sambaの管理用webインターフェイス swatだけでなくxinetdも...] = service start with xinetd = * /etc/xinetd.d/swat => source:/lab.git/TipAndDoc/swat/xinetd.d/swat * /etc/inetd.confと競合しているので、/etc/inetd.confを編集すること {{{ Nov 8 09:13:18 vpn-host xinetd[5176]: inetd.conf - Bad value for wait: nowait.400 [file=/etc/inetd.conf] [line=1] Nov 8 09:13:18 vpn-host xinetd[5176]: removing duplicate service swat [file=/etc/inetd.conf] [line=1] }}} * cat /etc/inetd.conf {{{ swat stream tcp nowait.400 root /usr/sbin/tcpd /usr/sbin/swat }}} * この行を消し、/etc/xinetd.d/swatで制御すると良い = swat must listen port 901 = * cat /etc/xinetd.d/swat {{{ service swat { port = 9901 }}} * /var/log/daemon.log {{{ Jul 12 06:22:15 ubuntu-napt xinetd[6593]: Service swat expects port 901, not 9901 }}} * 901:tcp以外のポートで待ち受けするのは無理な模様 = web access = * loginプロンプトにはローカルユーザのID:Passを入れる。(SambaのID:Passではない) * attachment:login.png * 直接アクセスするのはパスワードが平文のため大変危険 = swat with no root user = * [https://bugs.launchpad.net/ubuntu/+source/samba/+bug/5608 Bug #5608 in samba (Ubuntu): “SWAT expects to authenticate as root”] * [https://bugs.launchpad.net/ubuntu/+source/samba/+bug/5608/comments/8 Bug #5608 - Comment #8] {{{ The workaround is very simple. Just change the rights of the smb.conf file. The group should be adm and the rights for the group should be set to rw. In commands: sudo chgrp adm /etc/samba/smb.conf sudo chmod g+w /etc/samba/smb.conf }}} * [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=378454 #378454 - swat: not usable when root account is disabled (pure sudo system) - Debian Bug report logs] {{{ Actually, there is another solution: SWAT manages permissions using PAM, and using rights on /etc/samba/smb.conf. So the solution is just to allow you user(s) to write to /etc/samba/smb.conf. Example: adduser myuser adm chgrp adm /etc/samba/smb.conf chmod g+w /etc/samba/smb.conf }}} * 通常ユーザでログインしたときの画面 {{{ -rw-r--r-- 1 root root 11229 2009-07-12 05:42 /etc/samba/smb.conf }}} * attachment:noroot.png * 上記対応を取った後、admグループ所属のユーザでログインしたときの画面 {{{ -rw-rw-r-- 1 root adm 11229 2009-07-12 05:42 /etc/samba/smb.conf }}} * attachment:chgrp.png = help html url is wrong = * => #8 * [24/lab]