Taking a SWAT at Samba
Speaking of the Houston RUG, and HP's got the problem

SWAT team arrives on 3000-L

Although the HP 3000 mailing list 3000-L only goes out to 581 e-mail subscribers today, many more use and contribute to this online resource through the Web or newsgroup readers. This ready resource for 3000 help acts as a virtual support team for the community, and it swung into action for users of Samba this week.

Our entry yesterday on Samba included references to use the Samba Web Administration Tool (SWAT). In the last 24 hours the 3000-L experts added even more detail. Frank Gribbin, whose company was one of the Java pioneers in the 3000 world, posted his experiences with SWAT. Then OpenMPE director Donna Hofmeister added some updated testing of SWAT on her 3000.

Gribbin put his useful info online, then Donna commented and updated:

Here's some useful info when getting SWAT going. In SERVICES.NET you'll want a line that reads:
swat   901/tcp   # Samba/iX Web Admin Tool

In INETDCNF.NET you'll want:
swat  stream tcp nowait.400 SAMBA.ORG /SYS/SAMBA/SWAT207L swat
-a
(adjust the path to your SWAT NMPRG)

The above comments for inetdcnf.net seem to be pretty old. If you're running 2.2.8, you'll want:

swat stream tcp nowait MANAGER.SYS /usr/local/samba/SWAT swat

Donna continues, "If you’re running an older version of Samba, you’ll need to modify ‘/usr/local....’ to point to where SWAT actually lives (and case is important).  I believe the user needs to match the user in your samba daemon jobs. (For me, it’s MANAGER.SYS, for you it may be MGR.SAMBA)  I also think you do not want to use the -a switch.  Here’s what the SWAT documentation has to say:

-a
This option disables authentication and puts swat in demo mode. In that mode anyone will be able to modify the smb.conf file.

Do not enable this option on a production server.

When I connected to my MPE/Samba server (Running SWAT without -a) through a browser to access SWAT, I was asked for a logon and password... which I figure is a good thing.

I reboot the 3000 at this point.

You shouldn’t need to do that. After changing your services and inetdcnf files, all that you should have to do is give inetd a swift kick (e,g,  :inetd.net -c  ) Check inetd’s $stdlist after doing that and you should see that it brought in the new configuration.

In your Web browser point to http://xxx.xxx.xxx.xxx:901/(where xxx.xxx.xxx.xxx is the IP of your 3000)

Or you can use the name of your 3000 too.

Donna tested the -a option, too. "The first time I connected to my MPE/Samba server through SWAT I logged on as MANAGER.SYS (and gave the appropriate passwords). I had full access to all of Samba’s smb.conf file. The second time I connected, I logged on as a different (non-sm, non-pm) user -- this time I only had a limited view. I could check Samba’s status, view the smb.conf file -- but not make any changes! I vote for no -a."

Gribbin noted that when updating Samba and Apache config files, some are picky about how their records are terminated. Robelle's Qedit and Programmer Studio from Whisper Technology make the needed adjustments. "Be sure to know what version of MPE/iX you have installed, including patches," noted Gary Jackson.

So in less than a day, a 3000 manager got two options for tools to modify Samba's tools, and a team of 20-year 3000 experts giving fundamental answers to a how-to tech question. It might be hard to get that level of 3000 experience on an support call to HP this year.

Comments