I recently (re)switched from using Netatalk to Samba for file access from macOS (15.x) to linux (AlmaLinux 9.x).
Obviously the Samba is a great resource, on the Samba Wiki the Configure Samba to Work Better with Mac OS X was invaluable for setting up the /etc/samba/smb.conf file, and the vfs fruit man page contains documentation for all the options.
Here is the /etc/samba/smb.conf file I use:
[global]
workgroup = LINUX
server string = linux.internal (Samba)
security = user
# Network interface
bind interfaces only = yes
interfaces = 10.0.1.150/24
# Password backend
passdb backend = tdbsam
# Always sync to disk (optional)
# sync always = yes
# Use extended POSIX ACLs
inherit acls = yes
# Set default file & directory permissions
create mask = 0664
directory mask = 0775
# Linux supports kernel oplocks
# Apple changed something with their SMB client in macOS 13 (Ventura) causing
# it to place opportunitics locks on files being edited resulting in a
# 'text file busy' error on the Linux side when attempting to execute the script.
# Setting 'kernel oplocks = yes' works around this issue.
# Present in macOS 14 (Sonoma) (Accessing Linux Samba 4.20.x)
# Present in macOS 15 (Sequoia) (Accessing Linux Samba 4.21.x)
# kernel oplocks = yes
# Added for Mac Client support
# https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X
# https://www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html
min protocol = SMB3
ea support = yes
vfs objects = fruit streams_xattr
fruit:metadata = stream
fruit:model = MacSamba
fruit:veto_appledouble = no
fruit:nfs_aces = no
fruit:wipe_intentionally_left_blank_rfork = yes
fruit:delete_empty_adfiles = yes
fruit:posix_rename = yes
fruit:zero_file_id = yes
# printing = cups
# printcap name = cups
# load printers = yes
# cups options = raw
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = no
writeable = yes
There is an option worth noting, Apple changed something with their SMB client in Ventura and I needed to add the 'kernel oplocks = yes' options because MacOS would place opportunitics locks on the files I was editing and I would get a 'text file busy' error on the linux side when I tried to run scripts. Setting 'kernel oplocks = yes' helped to work around this. Setting this option is only useful if you edit code on a Mac and execute this code on the Linux machine.
I also made some changes to '/etc/nsmb.conf' on the Mac, here is the version I use:
[default]
# Require SMB3
# 7 == 0111 SMB 1/2/3 should be enabled
# 6 == 0110 SMB 2/3 should be enabled
# 4 == 0100 SMB 3 should be enabled
protocol_vers_map=4
# SMB TCP/UDP ports:
# both: Attempt to connect via port 445. If that is unsuccessful, try to connect via NetBIOS.
# netbios_only: Do not attempt to connect via port 445.
# no_netbios: Attempt to connect via port 445. If that is unsuccessful, do not try NetBIOS.
port445=no_netbios
# Set hard or soft mount of shares
# Hard mount: a request is issued repeatedly until the request is satisfied.
# Soft mount: tried until completed, the retry limit is met or the timeout limit is met.
#soft=yes
# Disable multichannel support if you have both Wi-Fi and wired networks
mc_on=no
# Some Wi-Fi networks advertise faster speeds than the connected wired network
mc_prefer_wired=yes
# Apple SMB extensions:
# ReadDirAttr: This feature changes how macOS handles reads of file metadata stored in
# alternate data stream when listing the contents of large directories. Finder info,
# access rights, and resource fork size are returned more efficiently for the files
# in the directory.
# ???
# OsxCopyFile: With the SMB2 protocol, Microsoft implemented server-side optimizations
# when copying files between directories on the file share. The extension introduced by
# Apple ensures that all Apple-specific file metadata is properly copied along with the file
# itself. The copy process is also simplified as it is executed in just one request as
# opposed to splitting the requests into logical chunks which was the case in
# the original feature.
#aapl_off=false
# File IDs are legacy compatibility elements for AFP and are not supported by SMB.
#file_ids_off=yes
# Disable Directory caching. macOS will re-download the full contents of the
# folder(s) and metadata every time you browse an SMB share.
#dir_cache_off=yes
Hi there, thanks for the info! :-)
I'm very newbie to Linux in general and in smb share in particular. After setting my Linux (Ubuntu 25.10) /etc/samba/smb.conf and my Mac's /etc/nsmb.conf as per your examples, I've just modified the permissions for .DS_STORE files with this:
defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool FALSENow something weird is happening: I cannot set the color tag of "old" files, but if I create new files/dir I can set tags correctly.
A couple of steps backwards: I have created two ZFS datasets and mounted them in: /mnt/zpool/dataset1 and /mnt/zpool/dataset2
Just after having created them I realised I couldn't write anything into them at all. So in terminal I execute:
sudo chmod -R a=rwx /mnt/zpool/datasetsprobably a big mistake but I'm a dummy in Linux! Both datasets were empty, anyway. Subsequently I've copied from an USB disk all my stuff in both the datasets. What should I do now to have color tags working properly?
when I go reading permission on copied files, this is what I get:
stat -c "%a" filename664 orls -l filename-rw-rw-r-- admin adminand
stat -c "%a" dirname775 orls -l dirnamedrwxrwxr-x admin adminwhile on newly created files what I get is this:
stat -c "%a" filename777 orls -l filename-rwxrwxrwx+ sambausr sambausrand
stat -c "%a" dirname775 orls -l dirname-rwxrwxrwx sambausr sambausrand all these even if I have in smb.conf:
is there a way to fix it? Thanks in advance! :-)