[Samba] "hide files" doesn't actually hide!

Doug Sampson dougs at dawnsign.com
Thu Sep 27 19:44:19 UTC 2018 

Our server is displaying files that shouldn't be shown such as .DS_Store ._DS_Store among others. Our smb4.conf file contains the following line:

hide files = /_*/:*/.*/.AppleDB/.AppleDouble/.bin/.AppleDesktop/Temporary Items/

thus these files shouldn't be shown.

Running Samba 4.8.5_1 on FreeBSD 11.2-RELEASE-p3.

smb4.conf:

[global]
        deadtime = 10
        dedicated keytab file = /usr/local/etc/krb5.keytab
        disable netbios = Yes
        disable spoolss = Yes
        domain master = No
        kerberos method = secrets and keytab
        load printers = No
        local master = No
        log file = /var/log/samba4/log.%m
        machine password timeout = 0
        max open files = 65535
        max xmit = 65535
        mdns name = mdns
        min receivefile size = 16384
        os level = 0
        preferred master = No
        printcap name = /dev/null
        realm = EXAMPLE.COM
        security = ADS
        server string = 
        smb ports = 445
        socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
        template shell = /bin/bash
        winbind cache time = 10
        winbind enum groups = Yes
        winbind enum users = Yes
        winbind nss info = rfc2307
        winbind offline logon = Yes
        winbind refresh tickets = Yes
        winbind separator = -
        workgroup = EXAMPLE
        nfs4:chown = yes
        nfs4:acedup = merge
        nfs4:mode = special
        idmap config *:range = 1000-50000
        idmap config EXAMPLE:backend = rid
        idmap config EXAMPLE:default = yes
        idmap config EXAMPLE:range = 50001-60000
        idmap config * : backend = tdb
        admin users = EXAMPLE-doug EXAMPLE-admin "@EXAMPLE-domain admins"
        aio read size = 16384
        aio write size = 16384
        directory name cache size = 0
        hosts allow = 192.168.xxx. 192.168.xxx. 127. 10.8.
        inherit owner = windows and unix
        inherit permissions = Yes
        map acl inherit = Yes
        map readonly = no
        max connections = 65535
        read only = No
        store dos attributes = Yes
        strict locking = No
        strict sync = No
        use sendfile = Yes
        vfs objects = zfsacl acl_xattr audit netatalk

[groups]
        comment = Departmental folders
        delete veto files = Yes
        force create mode = 0770
        force directory mode = 0770
        hide files = /_*/:*/.*/.AppleDB/.AppleDouble/.bin/.AppleDesktop/Temporary Items/
        map archive = No
        path = /zdata/groups
        valid users = "@EXAMPLE-domain users" "@EXAMPLE-domain admins"
        veto files = /lost+found/Network Trash Folder/TheFindByContentFolder/TheVolumeSettingsFolder/
        vfs objects = zfsacl shadow_copy2
        shadow: localtime = no
        shadow: sort = desc
        shadow: snapdirseverywhere = yes
        shadow: format = %Y-%m-%dT%H:%M:%S
        shadow: snapdir = .zfs/snapshot


Is this a known bug?

~Doug

More information about the samba mailing list