What's the deal with SWAT authentication? I have a Freebsd 4-Stable box running SWAT from the Samba 2.0.7 port and I can log into SWAT as a regular user (ie, not root but has a smbpasswd entry) and make any changes I want to the smb.conf file -- which is 0644 root.wheel. I'm presuming this is because my inetd.conf entry for SWAT has it running as root as per the example. Is this how SWAT's _really_ supposed to work? Its a useful tool, but I'm terrified of any user with an account being able to mangle the conf file at will, create shares, etc. A [swat] section in the smb.cfg file would be excellent, or even a seperate swat.users file. Is there any way to control which users can and can't make changes to the server other than packet filtering the SWAT port? This is kind of awkward and inconvenient. If I'm missing something here, please let me know. -- swb@grasslake.net Hard work often pays off after time, but laziness always pays off now.
Shawn Barnhart wrote:> > What's the deal with SWAT authentication? I have a > Freebsd 4-Stable box running SWAT from the Samba 2.0.7 port > and I can log into SWAT as a regular user (ie, not root but > has a smbpasswd entry) and make any changes I want to > the smb.conf file -- which is 0644 root.wheel. I'm > presuming this is because my inetd.conf entry for SWAT > has it running as root as per the example.Ummm...IIRC SWAT validated against /etc/passwd and not smbpasswd.> Is there any way to control which users can and can't > make changes to the server other than packet filtering > the SWAT port? This is kind of awkward and inconvenient.modification to smb.conf is controlled by the file permission bits on smb.conf. My guess is that you've got something configured weird. No offense. :-) Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 )