Samba SWAT issues...

Jay Fenlason fenlason at redhat.com
Fri Feb 13 22:44:30 UTC 2004 

On Fri, Feb 13, 2004 at 04:53:03PM -0500, kaze wrote:
> Having a devil of a time getting SWAT up.
> 
> I thought I selected it during install.
> 
> /etc/services has the swat 901/tcp line - it is not commented out
> 
> There is no /etc/inetd.d directory.
> 
> There is a /etc/xinetd.d directory, but no swat file in it.
> 
> I was unable to download the samba-swat rpm from the redhat site either via
> rpm ftp or via http from a web browser, but found it on CD #3 and:
> 
> [root at ImediaArchive root]# rpm -ivh samba-swat-3.0.0-15.i386.rpm
> warning: samba-swat-3.0.0-15.i386.rpm: V3 DSA signature: NOKEY, key ID
> 4f2a6fd2
> Preparing...                ###########################################
> [100%]
>         package samba-swat-3.0.0-15 is already installed
> [root at ImediaArchive root]# rpm -qi samba-swat-3.0.0-15.i386.rpm
> package samba-swat-3.0.0-15.i386.rpm is not installed
> [root at ImediaArchive root]# rpm -q samba-swat-3.0.0-15.i386.rpm
> package samba-swat-3.0.0-15.i386.rpm is not installed
> [root at ImediaArchive root]# rpm -e samba-swat-3.0.0-15.i386.rpm
> error: package samba-swat-3.0.0-15.i386.rpm is not installed
> [root at ImediaArchive root]# rpm -ivh samba-swat-3.0.0-15.i386.rpm
> warning: samba-swat-3.0.0-15.i386.rpm: V3 DSA signature: NOKEY, key ID
> 4f2a6fd2
> Preparing...                ###########################################
> [100%]
>         package samba-swat-3.0.0-15 is already installed
> [root at ImediaArchive root]#
> 
> So, I can't install it cause it's already there, and I can't remove it cause
> it's not there...

try "rpm -q -a | egrep samba.  Note that none of names it prints end
in ".rpm".  That's the main problem you're seeing there.  This
confuses me at least once a year or so.  The trick is that when
you're installing packages, you're referring to the files that
contain the bits, whose names happen to end in .rpm.  Once they're
installed, you're referring to the packages, whose names are just
"package_name"-"version"-"release", which doesn't.

I don't know why your initial attempt gave the "samba-swat is already
installed" error, but I'm definitely not a rpm expert.

> Anyway there now is a /etc/xinetd.d/swat, so I went in there and changed the
> disabled to "no"
> 
> Question: is inetd.d the same as xinetd.d?

That depends on what version of inetd/xinetd a system is using.
xinetd on fedora uses /etc/xinetd.conf and /etc/xinetd.d/* for
configuration.  The original Berkeley inetd used /etc/inetd.conf
(only).  I'm sure different distributions configure their inetd/xinetd
programs to look in different places for their config files.
Personally, I've never used one that had an /etc/inetd.d directory,
but that's just me.

> I did a "kill -1 1178" where xinitd.d's PID was 1178, nothing at
> http://ImediaArchive:901 (no firewall btwn them)

Why did you reload xinetd the hard way instead of using the convenient
"/sbin/service xinetd reload" command?  It's much easier than
remembering the proper signal to send to kill, etc.

Did you remove the "only_from = 127.0.0.1" line from
/etc/xinetd.d/swat ?  That line means that swat is only avaliable on
the local machine.  It's a security feature, since there is no
encryption on the swat network connection, and any blackhat with a
sniffer could see your password if you used swat over a network.  

Don't enable swat on a network interface unless you absolutely trust
every user on that network.  Well, unless you're a security researcher
investigating how long it'll take your machine to get 0wned.  When I
use swat I always ssh into the machine I'm administrating and use lynx
or links to access it.

Did you run netstat -n -a and look for a listener on port 901?  I
suspect you'll see one, but it's only listening on the loopback
interface.

> In /etc/xinetd.conf I added: "swat stream tcp nowait.400 root
> /usr/local/samba/bin/swat swat" but vi highlights the three words swat in
> yellow..

Don't do that!  You've already added a swat entry.  This will just
confuse xinetd.  And that's the wrong syntax for xinetd.  You should
read "man xinetd.conf" for the correct syntax.

> kill -1 1178 again, but still nothing.
> 
> What to do? I got SWAT up a few months ago really quickly on a Debian box
> (not that it solved all my SAMBA issues yet either) but this is overly
> frustrating on Fedora - what to do?

Remove that second swat entry you added to /etc/xinetd.conf.  Run
"/sbin/service xinetd reload".  Run "links 127.0.0.1:901".
WorksForMe.

		-- JF

More information about the fedora-list mailing list