Configuring Samba for macOS
- Install Samba into Ubuntu.
- Create ‘patine’ user on Samba.
- Mount filesystem with extended attribute.
- Configure Samba with Basic Parameters.
- [global] Section.
- [homes] Section.
- [public] Section.
- Configure Samba for macOS.
- ‘Path Finder’ instead of ‘Finder’.
- Configure for Time Machine on macOS.
Configuring Samba was done with Ubuntu Linux OS and Raspberry Pi OS.
- The word “Ubuntu” means Ubuntu Linux OS and Raspberry Pi OS in this article.
- We prepare the user ‘patine’ on Ubuntu before installing Samba.
Install Samba into Ubuntu Linux OS
Install Samba with the apt package manager into Ubuntu.
sudo apt install samba
Create the user ‘patine’ on Samba
Create the user ‘patine’ on the account database of Samba.
pdbedit -a patine
Samba asks for a passphrase when creating a new user.
Mount filesystem with extended attribute
Mount a filesystem on the public directory with an extended attribute option.
IMPORTANT: These mount options are enabled in default.
Linux and ext4 filesystem are now supporting POSIX ACL and extended attributes, as known as
user_xattr. Mount a ext4 file system with the
user_xattrmount option by editing the /etc/fstab file.
Edit the /etc/fstab file as the following:
# <file system> <mount point> <type> <options> <dump> <pass> /dev/ubuntu-vg/public /var/public ext4 defaults,acl,user_xattr 0 2
Describe the fstab file like the
Note: The extra
acloption means to use draft POSIX ACL on the filesystem.
Select POSIX ACL and store extended attributes into inode of ZFS filesystem.
On ‘zfs-pool’ is the name of the zpool, ‘public’ is the name of the dataset. Set
xattrproperty in the dataset of the zpool like:
sudo zfs set acltype=posixacl zfs-pool/public sudo zfs set xattr=sa zfs-pool/public
Configure Samba with Basic Parameters
Configure Samba by modifying the config file involved in itself.
The official documentation by samba.org for the config file(
smb.conf) is on “smb.conf — The configuration file for the Samba suite.”
The config file format of Samba
Introduce the method of configuring Samba.
Modify the config file, /etc/samba/smb.conf, involved in Samba.
The config file has “Section” with brackets and some “Parameter” couples consisting of a name and a value.
# Begin a section [Section] # Describe a parameter of name and value Name = Value
The ‘global’ section is the special section. The parameters on the ‘global’ effect other sections as a whole.
Modify the following parameters in the ‘global’ section.
|map to guest||Never||Treatment of the guest account if user login failed. ‘Never’ is not map to the guest.|
|guest ok||no||Enable the guest account login without a passphrase. ’no’ means require a passphrase on the guest account.|
The modifications mean that the guest account is void.
Also, the ‘homes’ section is the special section. Samba links the ‘homes’ section with the user’s home directory on Ubuntu.
Modify the following parameters in the ‘homes’ section.
|read only||no||Only permit the directory to read. ‘yes’ means the users can only read, ’no’ means the users can write and read.|
|create mask||Do to comment out||Commented out for using the default value on Samba. A new file with Value permission. The default value is ‘0744’ that an owner can fully access and others can only read.|
|directory mask||Do to comment out||Commented out for using the default value on Samba. A new directory with Value permission. The default value is ‘0755’ that an owner can fully access and others can read and move on.|
The modifications mean that a user creates a file and directory with permission similar to it on the bash shell.
Samba serves a network directory with the name of the section.
Add the new [public] section linked with the ‘public’ directory on which you mount the filesystem for sharing some files.
|path||/zfs-pool/public||Set an absolute local path to link the network directory. In this case, Samba links the public network directory to the /zfs-pool/public local directory.|
|valid users||patine||Declare valid users. In this value, ‘patine’ is the only valid user.|
|access based share enum||yes||Permit only ‘valid users’ access to the directory or not. ‘yes’ means permit only ‘valid users’, ’no’ means do all users.|
|browseable||yes||The network directory can be browsable with an SMB client if the value is ‘yes,’ otherwise ’no’.|
|writable||yes||‘yes’ means the network directory can be writable. Otherwise, ’no.’|
Configure Samba for macOS
Patineboot proposes the configuration of Samba for macOS:
- IMPORTANT: Choice ‘file’ for the ext4 filesystem or ‘stream’ for the ZFS filesystem on ‘fruit:resource.’
- Disable ‘print service’ and RPC for Spotlight.
- Show AppleDouble files.
# No print service. printcap name = /dev/null load printers = no printing = bsd # No RPC for Spotlight rpc_server:mdssvc = disabled rpc_daemon:spoolssd = disabled # vfs_fruit vfs objects = catia fruit streams_xattr # vfs_fruit GLOBAL OPTIONS fruit:model = MacSamba # fruit:copyfile = yes # vfs_fruit OPTIONS # fruit:resource = file fruit:metadata = netatalk fruit:locking = netatalk fruit:encoding = native # fruit:wipe_intentionally_left_blank_rfork = yes # fruit:delete_empty_adfiles = yes fruit:veto_appledouble = no
For your preferences:
- Enable ‘fruit:copyfile’ if you need OS X specific copychunk ioctl.
- Enable ‘fruit:wipe_intentionally_left_blank_rfork’ and ‘fruit:delete_empty_adfiles’ mean that Samba removes unused resource fork.
Details of fruit Parameters are vfs_fruit — Enhanced OS X and Netatalk interoperability.
‘Path Finder’ instead of the ‘Finder’
Patineboot recommends that you can use the ‘Path Finder’ app instead of Apple’s the ‘Finder’ on macOS. The Finder at file transfer client does not work with Samba or other network protocols.
The Finder has a slow transfer and corruption with the SMB protocol.
The Finder’s terrible behavior with the SMB client:
- The Finder trans files very slowly.
The Finder needs 4 hours or more on the 6160 files, but ‘Path Finder’ consumes only 2 minutes.
- The Finder has a critical bug. The Finder fails in a file transfer that a UTF-8 encoded name length of 127 bytes or more at the absolute path.
- See more the Finder’s terrible behaviors.
See more details on Patineboot’s weblog: Finderで、SambaとNFSv4サーバーに接続！
In addition, Patineboot investigates the Finder.
Patineboot found the Finder transfers files very slowly with the standard protocols, confirmed on Netatalk, NFSv4, sshfs, ftps, and sftp. Patineboot thinks that Apple confirms that the Finder connects only to Apple’s products.
Other solutions of file transfer on macOS.
- Path Finder transfers files fast and succeeds.
- Cyberduck does on sftp most fast.
Commands on Ubuntu
Add a user to Ubuntu
Restart Samba service
sudo systemctl restart smbd.service
Hide the /lost+found/ directory
Configure the below Parameter if you hide the /lost+found/ directory at the root directory on the ext4 filesystem.
|veto files||/lost+found/||Hide directories and files. In this case, hide the /lost+found/ directory.|
Interesting Samba options
|min receivefile size (G)||Kernel writes received data to file buffer directly.|
|use sendfile (S)||Use more efficient
|root preexec (S)||Run a command when connected from someone.|
Configure for Time Machine on macOS
Add the ‘vfs objects’ and ‘fruit:time machine’ parameters into the ’timemachine’ section.
The details about ‘fruit:time machine’ are vfs_fruit — Enhanced OS X and Netatalk interoperability.
[timemachine] vfs objects = catia fruit streams_xattr path = /var/timemachine valid users = patine access based share enum = yes browseable = yes writable = yes fruit:time machine = yes fruit:time machine max size = 500G
IBM PC compatible
- Ubuntu Linux 21.4 Server
- Samba Version 4.13.3-Ubuntu
Raspberry Pi 4 Memory 2GB model
- 64 bit
- Raspberry Pi OS 64 bit Bullseye
- Samba Version 4.13
- 32 bit
- Raspberry Pi OS 32 bit Buster
- Samba Version 4.11
- 64 bit
- Sambaの環境構築手順 - Qiita