I want to allow a list of users to authenticate as themselves
 and get write access to SWAT.
I know this gives them root, they already have it through sudo.
So I tried creating a group "swat"
 and sticking myself into it in /etc/group.
Then `chgrp swat smb.conf` and `chmod 664 smb.conf`
Telnet back in as myself and I can vi the file and save changes.
SWAT gives me bare read access,
 only when I chgrp smb.conf to my native group
 do I get the "Commit" button.
This much surfaced back in July
 but it's messy to demand that the sudoers all be native to the same group.
(It might be a good idea, but it's messy to get there from here.)
The piece of code within source/web/swat.c that controls this is:
static BOOL have_write_access = False;
static BOOL have_read_access = False;
and then after a lot of    if (has_write_access) { ...
        if (!file_exist(servicesf, NULL)) {
                have_read_access = True;
                have_write_access = True;
        } else {
                /* check if the authenticated user has write access - if not
then
                   don't show write options */
                have_write_access = (access(servicesf,W_OK) == 0);
                /* if the user doesn't have read access to smb.conf then
                   don't let them view it */
                have_read_access = (access(servicesf,R_OK) == 0);
        }
So "have_write_acess" is the token we need.
Where is "access(servicesf,W_OK)" defined
 why doesn't it look at the groups list as well as gid
 and can it be easily changed to?
Thanks for any help with this,
michaelj
-- 
Michael James       _/      _/      _/ _/     _/  v +61 2 6279 8318
Network Programmer _/_/     _/_/    _/ _/     _/
Coombs Computing  _/  _/    _/ _/   _/ _/     _/  f +61 2 6257 1893
 Australian      _/    _/   _/   _/ _/ _/     _/
  National      _/_/_/_/_/  _/    _/_/ _/     _/      michaelj@
   University  _/        _/ _/      _/  _/_/_/_/  coombs.anu.edu.au