GitHub picture of ramblehead
updated

Linux Samba Hints and References

Collection of Linux Samba configuration hints and resource references.

Ubuntu 22.04 Samba Server Home Directory Permission Issue

In previous versions of Ubuntu, the user’s home directory permission was set to 755, which allowed other users to view the directory as well as the containing files and sub-directories. To avoid such a security issue, the home directories permission has been changed to 750, which means only the owner of the home directory can view the contents.

This change of policy causes an issue with public (anonymous) Samba-shared folders within home directories. Even if public = yes parameter is used, only the owner of the home directory can see the share.

Reverting Home Directory Permission Solution

chmod o+rx /home/<user>

Enforcing Samba User Solution

Add shared folders with either private access or using force user = <user> parameter to /etc/samba/smb.conf as in the following example:

[io]
  path = /home/rh/io
  guest ok = no
  read only = no
  browseable = yes
  valid users = @rh

[homes]
  comment = Home Directories
  browseable = yes
  read only = no
  create mask = 0700
  directory mask = 0700
  valid users = %S

[Public]
  path = /home/rh/Public
  guest ok = yes
  guest only = yes
  browsable = yes
  read only = yes
  force create mode = 0666
  force directory mode = 0777
  force user = rh

mDNS Names Resolution Issue in Windows 10+

Since version 10, Windows OS supports mDNS out-of-the-box. However, SMB service access by mDNS name seems to only work partially. Thus, on the following screenshot the folder browsing works as expected (rhc-krancher is mDNS-resolved name):

Network Folder Showing mDNS Host Name

while attempts to open non-public shared folders fail with the following message:

Open Folder mDNS Error in Windows 10

NetBIOS Aliases Solution

The following parameter can be added to /etc/samba/smb.conf to enable NetBIOS aliases in Samba:

netbios aliases = hostname, secondname, thirdname

Some Useful Hints on Samba

Testing /etc/samba/smb.conf for correctness

testparm

Restarting Samba Server on Ubuntu

Presumably, it should work other systemd GNU/Linux variants:

sudo systemctl restart smbd nmbd

Adding User to sambashare Group

sudo usermod -aG sambashare <user>

Changing Samba User Password

sudo smbpasswd -a <user>

Enforcing SMB Protocol Version

Depending on the SMB client used, default Samba SMB protocol may or may not work. client protocol parameters family in /etc/samba/smb.conf could be used to enforce specific protocol version or versions range, for example:

client min protocol = SMB2_10
client max protocol = SMB3
client protocol = SMB3
# client max protocol = SMB2_10
# client protocol = SMB2_10
# client protocol = SMB3_11

Disconnecting Stalled Shared Folders in Windows Clients

net use \\rhc-krancher\io /delete
net use
Get-SmbServerConfiguration | Select EnableSMB3Protocol

References