"Nieminen, Jooel" wrote: > > Surely would want that. > actually, swat documentation on web does not say anything about this. > I would allow domain admins or separately created swat admins group to > use it.
There are good reasons not to - see below... > jooel > > -----Alkuper�inen viesti----- > L�hett�j�: Geoff Holden [mailto:[EMAIL PROTECTED]] > L�hetetty: 7. kes�kuuta 2002 0201 > Vastaanottaja: [EMAIL PROTECTED] > Aihe: Multiple SWAT admins > > I'm wondering if anyone else out there would like users other than root to > be able to configure samba through swat... > > I have some boxes with several admins, none of who get the root password > (sudo is configured on the systems). Things like CUPS can take a a group to > be given full access, I'd like to do the same for SWAT. > > Are there any reasons against doing this? (I've already patched my own to > take a "swat admin group" or something in the smb.conf file, so I can post > my patch here if requested.) Any swat user is one 'root preexec' away from being root, so there is no security benifit from doing this. Other than that, I think the permissions are based on who can modify the smb.conf file. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
