swat: Configures a Samba Server

Previous page
Table of content
Next page

swat: Configures a Samba Server

Tip: Make a copy of smb.conf

As installed, the /etc/samba/smb.conf file contains extensive comments (page 705). The swat utility overwrites this file. Make a copy of smb.conf for safekeeping before you run this utility for the first time.


The swat (Samba Web Administration Tool) utility is a browser-based graphical editor for the smb.conf file. It is part of the samba-swat package. For each of the configurable parameters, it provides help links, default values, and a text box to change the value. The swat utility is a well-designed tool in that it remains true to the lines in the smb.conf file you edit: You can use and learn from swat, so that making the transition to using a text editor to modify smb.conf will be straightforward.

The swat utility is run from xinetd (page 425). Before you can run swat, you need to edit /etc/xinetd.d/swat (as discussed next):

$ cat /etc/xinetd.d/swat # Default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ #              to configure your Samba server. To use SWAT, \ #              connect to port 901 with your favorite web browser. service swat {         port            = 901         socket_type     = stream         wait            = no         only_from       = 127.0.0.1         user            = root         server          = /usr/sbin/swat         log_on_failure  += USERID         disable         = yes }


First you must turn swat on by changing the yes that follows disable = to no. If you want to access swat from other than the local system, add the names or IP addresses of the other systems you want to access swat from on the line that starts with only_from. Separate the system names or IP addresses with SPACEs. If you want to access swat only from the local system, giving the command chkconfig swat on is an easier way of making this change. Then restart xinetd so that it rereads its configuration files:

# /sbin/service xinetd restart Stopping xinetd:                                           [  OK  ] Starting xinetd:                                           [  OK  ]


After making these changes and restarting xinetd, you should be able to run swat. From the local system, open a browser, enter either http://127.0.0.1:901 or http://localhost:901 in the location bar, and enter the username root and the root password in response to swat's request for a username and password. From a remote system, replace 127.0.0.1 with the IP address of the server (but see the adjacent security tip). If a firewall is running on the local system and you want to access swat from a remote system, open TCP port 901 (page 768).

Security: Do not allow remote access to swat

Do not allow access to swat from a remote system on an insecure network. When you do so and log in, your password is sent in cleartext over whatever connection you are using and can easily be sniffed.


The browser displays the local Samba/swat home page (Figure 23-5). This page includes links to local Samba documentation and the following buttons:

Figure 23-5. The local swat home page


HOME


Links to local Samba documentation. When you click the word Samba (not the logo, but the one just before the word Documentation in the HOME window), swat displays the Samba man page, which defines each Samba program.

GLOBALS


Edits global variables (parameters) in smb.conf.

SHARES


Edits share information in smb.conf.

PRINTERS


Edits printer information in smb.conf.

WIZARD


Rewrites the smb.conf file, removing all comment lines and lines that specify default values.

STATUS


Shows the active connections, active shares, and open files. Stops and restarts smbd and nmbd.

VIEW


Displays a subset or all of the configuration parameters as determined by default values and settings in smb.conf.

PASSWORD


Manages passwords.

It is quite easy to establish a basic Samba setup so that you can see a Linux directory from a Windows system (Windows 3.1 or later). More work is required to set up a secure connection or one with special features. The following example creates a basic setup based on the sample smb.conf file that is included with Red Hat Linux.

swat Help and defaults


Each of the variables/parameters in swat has a link named Help next to it. If you click Help, a new browser window containing an explanation of the parameter appears. Each variable/parameter also has a Set Default button that you can click to reset the variable/parameter to its default value.

For this example, do not click any of the Set Default buttons. Make sure to click Commit Changes at the top of each page after you finish making changes on a page but before you click a menu button at the top of the window. Otherwise, swat will not keep your changes.

First click GLOBALS at the top of the Samba/swat home page. Leave everything at its current setting with three exceptions: workgroup, hosts allow, and hosts deny. Set workgroup to the workgroup used on the Windows systems. (If you followed the preceding JumpStart, the workgroup is already set.) Scroll to the bottom of the Security Options and set hosts allow to the names or IP addresses of machines that you want to be able to access the local system's shares and printers (including localhost [127.0.0.1]). Separate the entries with SPACEs or commas. See page 707 for more information on various ways you can set hosts allow. Set hosts deny to ALL. Click Commit Changes (near the top of the page) when you are done with the GLOBALS page.

Tip: If you can no longer use swat

If you can no longer use swat, you probably changed the hosts allow setting incorrectly. In this case, you need to edit /etc/samba/smb.conf and fix the line with the words hosts allow in it:

# grep hosts smb.conf         hosts allow = 127.0.0.1, 192.168.0.8         hosts deny = ALL


The preceding entries allow access from the local system and from 192.168.0.8 only.


SHARES page


Next click SHARES at the top of the page. Three buttons and two text boxes appear in addition to the two Change View To buttons (Figure 23-6). In the box adjacent to the Create Share button, enter the name you want to assign to the share you are setting up. This name can be anything you want; it is the name that Windows displays and a user selects when working with the share. Click Create Share. When you want to modify an existing share, bring up the name of the share in the combo box adjacent to Choose Share, and click Choose Share. Either of these actions expands the Share Parameters window so that it displays information about the selected share.

Figure 23-6. Share Parameters page


Leave everything at its default setting except path, which specifies the absolute pathname on the local Linux system of the share, and optionally comment, which you can use to specify the Linux system and directory that this share points to. The values for hosts allow and hosts deny are taken from the global variables that you set previously. Click Commit Changes when you are done with the SHARES page. If you want to see how many parameters there really are, click Advanced near the top of the page.

Now, from a Windows machine, you should be able to access the share you just created (page 711).

Tip: You do not need to restart Samba when you change smb.conf

Samba rereads its configuration files each time a client connects. Unless you change the security parameter (page 708), you do not need to restart Samba when you change smb.conf.




Previous page
Table of content
Next page
A Practical Guide to Red Hat Linux
A Practical Guide to Red HatВ® LinuxВ®: Fedoraв„ў Core and Red Hat Enterprise Linux (3rd Edition)
ISBN: 0132280272
EAN: 2147483647
Year: 2006
Pages: 383
Authors: Mark G. Sobell
BUY ON AMAZON
Systematic Software Testing (Artech House Computer Library)
SQL Hacks
Cisco Voice Gateways and Gatekeepers
Programming Microsoft ASP.NET 3.5
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy