swat(8)
NAME
swat - Samba Web Administration Tool
SYNOPSIS
swat [-s <smb config file>] [-a] [-P]
DESCRIPTION
This tool is part of the samba(7) suite.
swat allows a Samba administrator to configure the complex smb.conf(5)
file via a Web browser. In addition, a swat configuration page has help
links to all the configurable options in the smb.conf file allowing an
administrator to easily look up the effects of any change.
swat is run from inetd
OPTIONS
-s smb configuration file
The default configuration file path is determined at compile time.
The file specified contains the configuration details required by
the smbd(8) server. This is the file that swat will modify. The
information in this file includes server-specific information such
as what printcap file to use, as well as descriptions of all the
services that the server is to provide. See smb.conf for more
information.
-a
This option disables authentication and places swat in demo mode.
In that mode anyone will be able to modify the smb.conf file.
WARNING: Do NOT enable this option on a production server.
-P
This option restricts read-only users to the password management
page. swat can then be used to change user passwords without users
seeing the "View" and "Status" menu buttons.
-d|--debuglevel=level
level is an integer from 0 to 10. The default value if this
parameter is not specified is 0.
The higher this value, the more detail will be logged to the log
files about the activities of the server. At level 0, only critical
errors and serious warnings will be logged. Level 1 is a reasonable
level for day-to-day running - it generates a small amount of
information about operations carried out.
Levels above 1 will generate considerable amounts of log data, and
should only be used when investigating a problem. Levels above 3
are designed for use only by developers and generate HUGE amounts
of log data, most of which is extremely cryptic.
Note that specifying this parameter here will override the log
level parameter in the smb.conf file.
-V
Prints the program version number.
-s <configuration file>
The file specified contains the configuration details required by
the server. The information in this file includes server-specific
information such as what printcap file to use, as well as
descriptions of all the services that the server is to provide. See
smb.conf for more information. The default configuration file name
is determined at compile time.
-l|--log-basename=logdirectory
Base directory name for log/debug files. The extension ".progname"
will be appended (e.g. log.smbclient, log.smbd, etc...). The log
file is never removed by the client.
-h|--help
Print a summary of command line options.
INSTALLATION
Swat is included as binary package with most distributions. The package
manager in this case takes care of the installation and configuration.
This section is only for those who have compiled swat from scratch.
After you compile SWAT you need to run make install to install the swat
binary and the various help files and images. A default install would
put these in:
o /usr/local/samba/sbin/swat
o /usr/local/samba/swat/images/*
o /usr/local/samba/swat/help/*
Inetd Installation
You need to edit your /etc/inetd.conf and /etc/services to enable SWAT
to be launched via inetd.
In /etc/services you need to add a line like this:
swat 901/tcp
Note for NIS/YP and LDAP users - you may need to rebuild the NIS
service maps rather than alter your local
/etc/services file.
the choice of port number isn't really important except that it should
be less than 1024 and not currently used (using a number above 1024
presents an obscure security hole depending on the implementation
details of your inetd daemon).
In /etc/inetd.conf you should add a line like this:
swat stream tcp nowait.400 root /usr/local/samba/sbin/swat swat
Once you have edited /etc/services and /etc/inetd.conf you need to send
a HUP signal to inetd. To do this use kill -1 PID where PID is the
process ID of the inetd daemon.
LAUNCHING
To launch SWAT just run your favorite web browser and point it at
"http://localhost:901/".
Note that you can attach to SWAT from any IP connected machine but
connecting from a remote machine leaves your connection open to
password sniffing as passwords will be sent in the clear over the wire.
FILES
/etc/inetd.conf
This file must contain suitable startup information for the
meta-daemon.
/etc/services
This file must contain a mapping of service name (e.g., swat) to
service port (e.g., 901) and protocol type (e.g., tcp).
/usr/local/samba/lib/smb.conf
This is the default location of the smb.conf(5) server
configuration file that swat edits. Other common places that
systems install this file are
/usr/samba/lib/smb.conf and /etc/smb.conf . This file describes
all the services the server is to make available to clients.
WARNINGS
swat will rewrite your smb.conf(5) file. It will rearrange the entries
and delete all comments, include= and copy= options. If you have a
carefully crafted
smb.conf then back it up or don't use swat!
VERSION
This man page is correct for version 3.0 of the Samba suite.
SEE ALSO
inetd(5), smbd(8), smb.conf(5)
AUTHOR
The original Samba software and related utilities were created by
Andrew Tridgell. Samba is now developed by the Samba Team as an Open
Source project similar to the way the Linux kernel is developed.
The original Samba man pages were written by Karl Auer. The man page
sources were converted to YODL format (another excellent piece of Open
Source software, available at ftp://ftp.icce.rug.nl/pub/unix/) and
updated for the Samba 2.0 release by Jeremy Allison. The conversion to
DocBook for Samba 2.2 was done by Gerald Carter. The conversion to
DocBook XML 4.2 for Samba 3.0 was done by Alexander Bokovoy.
Samba 3.0 05/28/2008 SWAT(8)
Man(1) output converted with
man2html