Skip to content

Instantly share code, notes, and snippets.

@fschiettecatte

fschiettecatte/Samba_MacOS.md

Last active February 9, 2026 09:59
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save fschiettecatte/02d61e3d36c5f8d36bd45586fc5d0dc7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save fschiettecatte/02d61e3d36c5f8d36bd45586fc5d0dc7 to your computer and use it in GitHub Desktop.
Download ZIP
Setting up SAMBA for Linux / MacOS
Raw
Samba_MacOS.md

Setting up Samba for Linux / MacOS

I recently (re)switched from using Netatalk to Samba for file access from macOS (15.x) to linux (AlmaLinux 9.x).

Obviously the Samba is a great resource, on the Samba Wiki the Configure Samba to Work Better with Mac OS X was invaluable for setting up the /etc/samba/smb.conf file, and the vfs fruit man page contains documentation for all the options.

Here is the /etc/samba/smb.conf file I use:

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

#
# https://www.samba.org
# https://www.samba.org/samba/docs/current/man-html/
# https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html
#
# https://www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html
# https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X
#
#
# /etc/samba/smb.conf
#

[global]

    # Server identification
    workgroup = LINUX
    server string = linux.internal (Samba)
    security = user

    # Network interface
    bind interfaces only = yes
    interfaces = 10.0.1.150/24

    # Password backend
    passdb backend = tdbsam

    # Always sync to disk (optional)
#    sync always = yes

    # Use extended POSIX ACLs
    inherit acls = yes

    # Set default file & directory permissions
    create mask = 0664
    directory mask = 0775

    # Linux supports kernel oplocks
    # Apple changed something with their SMB client in macOS 13 (Ventura) causing
    # it to place opportunitics locks on files being edited resulting in a
    # 'text file busy' error on the Linux side when attempting to execute the script.
    # Setting 'kernel oplocks = yes' works around this issue.
    # Reported to Apple as FB11738061, reported as fixed? on Oct 16, 2025
    # Present in macOS 14 (Sonoma) (Accessing Linux Samba 4.20.x)
    # Present in macOS 15 (Sequoia) (Accessing Linux Samba 4.21.x)
    # Fixed? in macOS 26.2 (Tahoe) (Accessing Linux Samba 4.22.x)
#    kernel oplocks = yes

    # Added for Mac Client support
    # https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X
    # https://www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html
    min protocol = SMB3
    ea support = yes
    vfs objects = fruit streams_xattr
    fruit:metadata = stream
    fruit:model = MacSamba
    fruit:veto_appledouble = no
    fruit:nfs_aces = no
    fruit:wipe_intentionally_left_blank_rfork = yes
    fruit:delete_empty_adfiles = yes
    fruit:posix_rename = yes
    fruit:zero_file_id = yes

#    printing = cups
#    printcap name = cups
#    load printers = yes
#    cups options = raw

[homes]
    comment = Home Directories
    valid users = %S, %D%w%S
    browseable = no
    writeable = yes

#[printers]
#    comment = All Printers
#    path = /var/tmp
#    printable = yes
#    create mask = 0600
#    browseable = yes

#[print$]
#    comment = Printer Drivers
#    path = /var/lib/samba/drivers
#    write list = @printadmin root
#    force group = @printadmin
#    create mask = 0664
#    directory mask = 0775

There is an option worth noting, Apple changed something with their SMB client in Ventura and I needed to add the 'kernel oplocks = yes' options because MacOS would place opportunitics locks on the files I was editing and I would get a 'text file busy' error on the linux side when I tried to run scripts. Setting 'kernel oplocks = yes' helped to work around this. Setting this option is only useful if you edit code on a Mac and execute this code on the Linux machine.

I also made some changes to '/etc/nsmb.conf' on the Mac, here is the version I use:

# SMB Client Parameters:
# ----------------------
#
# /etc/nsmb.conf
#
# Manual Page
# man nsmb.conf
#
# Adjust SMB browsing behavior in macOS
# https://support.apple.com/en-us/HT208209
#
# How to disable SMB 1 or NetBIOS in macOS
# https://support.apple.com/en-us/HT211927
#
# Configure SMB Multichannel behavior
# https://support.apple.com/en-us/HT212277
#
# Disable local SMB directory enumeration caching
# https://support.apple.com/en-us/101918
#
# Lots of useful information
# https://gist.github.com/jbfriedrich/49b186473486ac72c4fe194af01288be
# https://gist.github.com/Zahorone/6915be6f5088edb2f64018ce9e4dfe97
#

[default]

# Require SMB3
# 7 == 0111  SMB 1/2/3 should be enabled (default).
# 6 == 0110  SMB 2/3 should be enabled.
# 4 == 0100  SMB 3 should be enabled.
protocol_vers_map=4

# SMB TCP/UDP ports:
# both: Attempt to connect via port 445. If that is unsuccessful, try to connect via NetBIOS (default).
# netbios_only: Do not attempt to connect via port 445.
# no_netbios: Attempt to connect via port 445. If that is unsuccessful, do not try NetBIOS.
port445=no_netbios

# Turn on SMB client signing
signing_required=yes

# Set hard or soft mount of shares
# no: Hard mount - a request is issued repeatedly until the request is satisfied (default).
# yes: Soft mount - tried until completed, the retry limit is met or the timeout limit is met.
#soft=yes

# Disable multichannel support if you have both Wi-Fi and wired networks
mc_on=no

# Some Wi-Fi networks advertise faster speeds than the connected wired network
mc_prefer_wired=yes


# Apple SMB extensions:

# File IDs are legacy compatibility elements for AFP and are not supported by SMB.
#file_ids_off=yes

# Disable Directory caching. macOS will re-download the full contents of the
# folder(s) and metadata every time you browse an SMB share.
dir_cache_off=yes

# Disable local SMB directory enumeration caching
dir_cache_max_cnt=0

# ReadDirAttr: This feature changes how macOS handles reads of file metadata stored in
# alternate data stream when listing the contents of large directories. Finder info,
# access rights, and resource fork size are returned more efficiently for the files
# in the directory.
# ???

# OsxCopyFile: With the SMB2 protocol, Microsoft implemented server-side optimizations
# when copying files between directories on the file share. The extension introduced by
# Apple ensures that all Apple-specific file metadata is properly copied along with the file
# itself. The copy process is also simplified as it is executed in just one request as
# opposed to splitting the requests into logical chunks which was the case in
# the original feature.
#aapl_off=false
@hackaro
Copy link

hackaro commented Nov 9, 2025

Thanks 🙏

@hackaro
Copy link

hackaro commented Nov 15, 2025

Another couple of questions:

  1. is there a way to a recycle bin working on SMB shares too?
  2. How to get the network shares properly indexed by Spotlight?

@fschiettecatte
Copy link
Author

fschiettecatte commented Nov 17, 2025

I did a few web searches around this. The answer to (1) is no, sorry. The only suggestions I saw for Spotlight indexing was to create the index manually or use the Spotlight privacy settings (though I think this relies on an Apple bug so may not work).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment