[Samba] Share access error

Rowland Penny rpenny at samba.org
Sun Dec 11 21:35:06 UTC 2022

On 11/12/2022 19:47, Luis Peromarta via samba wrote:
> So yes, running as root. No idea why that fails.
> Re. vfs objects the scientific explanation is:
> 1.- Somewhere I read this was good for Macs:
> # Configure Samba to Work Better with Mac OS X
> 	min protocol = SMB2
> 	ea support = yes
> 	vfs objects = fruit streams_xattr
> 	fruit:aapl = yes
> 	fruit:metadata = stream
> 	fruit:model = RackMac
> 	fruit:posix_rename = yes
> 	fruit:veto_appledouble = yes
> 	fruit:wipe_intentionally_left_blank_rfork = yes
> 	fruit:delete_empty_adfiles = yes

We have a wiki page for that, see here:


> And I put it in.
> 2.- A few days later - or earlier, I found that in order to set ACLs with windows I needed:
> # To configure shares using extended access control lists (ACL)
> 	vfs objects = acl_xattr
> 	map acl inherit = yes
> 	store dos attributes = yes
> And I put it in. In fairness I have no idea what those lines mean.

Can I suggest you learn why you need to add something before you add it.

The 'vfs objects' lines add (obviously) vfs objects, you can find out 
what these do by reading their manpages e.g. man vfs_acl_xattr
If you add a parameter twice, the last one is used, so you are only 
using the 'acl_xattr' vfs object.

> Re. username map, I had it configured long ago, but for some reason I thought I had no need for it, and commented it. My user.map has:
> !root = MAD\Administrator MAD\administrator Administrator administrator

That is a very old version, I thought you needed all of them, but you 
don't, you only need the first one after the '=' sign.

> But I don’t use administrator anyway so I commented the line. Is there a need for it ? Should I add MAD\Luis there ? Luis is a Domain Admin.

When you first set up Unix domain member, you need Administrator.

More information about the samba mailing list