The goal of this article is to compile and run a Samba server on a Mac using the open source version of Samba instead of Apple’s implementation of Samba. We will configure Samba to share both public and private shares.

I should point out that there are already MacPorts formulas for Samba 3 and Samba 4. Additionally, macOS already ships with an implementation of smbd.

Apple’s Samba implementation is limited.

There is no smb.conf file for the macOS implementation of Samba. Apple’s SMB implementation uses nsmb.conf instead. Any example smb.conf file you encounter will not apply to the stock version of smbd that ships on macOS. smb.conf only applies to the open source versions of Samba.

It is probably much easier to use the MacPorts formulas rather than manually compile Samba. Though, if you would like to compile Samba from source on macOS it is certainly possible as I will explain here in this article.

Compile and Install

You will need Xcode in order to install samba from source.

Clone samba.

git clone https://git.samba.org/samba.git

Change into the samba directory.

cd samba

Optionally, you may checkout a specific branch or tag. 

git checkout samba-4.7.1

Configure samba to be installed at /opt/samba.

./configure \
	--prefix=/opt/samba \
	--without-ad-dc \
	--without-acl-support

To fix a bug with macOS support, download this tiny diff/patch file as nss.diff and apply it.

Run this from the root of the samba directory.

git apply ~/path/to/nss.diff

Make and install the app.

make && sudo make install

Config

I created directories for sharing at /srv/smb/protected and /srv/smb/public.

I found that I had to add a host entry for my machine’s FQDN to /etc/hosts or else I received some getaddrinfo and NT_STATUS_INVALID_PARAMETER errors in the samba logs. 

# /etc/hosts

...
127.0.0.1    wills-iMac.local

There are more than enough resources on samba config files out in the wild so you can Google as needed to update this config for your needs. I created my samba config at /etc/smb.conf. 

# /etc/smb.conf

[global]
passdb backend = tdbsam://etc/passdb.tdb
map to guest = Bad user

# This is a read/write share.
# This share requires auth.
[share1]
path = /srv/smb/protected
guest ok = no
read only = no

# This is a read only share.
# This share requires no auth.
[share2]
path = /srv/smb/public
guest ok = yes
read only = yes

Create a user in System Preferences -> Users & Groups named sambaUser. It can be a Sharing Only user rather than Standard or Administrator.

Make sure that the sambaUser user owns the protected directory. 

sudo chown -R sambaUser /srv/smb/protected

In our smb.conf we specified that we will use a Samba trivial password database for authentication and that it will be stored at /etc/passdb.tdb. We will now add an entry to that database for sambaUser.

Samba users must be real users on your system. You cannot make up fake users. They must correspond to users that exist on your OS. That is why we created the sambaUser. sambaUser is explicitly for authenticating against our system over Samba.

You can set a Samba password for the `sambaUser like so.

/opt/samba/bin/smbpasswd \
	-c /etc/smb.conf \
	-L \
	-a \
	-U \
	sambaUser

Run

It is possible to run this as a daemon (default), but this command runs in the foreground to help see the logs and diagnose issues. 

sudo /opt/samba/sbin/smbd \
	--log-stdout \
	--debuglevel=10 \
	--foreground \
	--configfile=/etc/smb.conf

Connect

You should be able to connect to your Samba macOS server from either a Linux Client or a Mac Client.

macOS Client (with authentication) 

sudo mount \
	-t smbfs \
	//sambaUser@the.samba.server.ip/share1 /mnt/smb

macOS Client (as guest)

sudo mount \
	-t smbfs \
	//guest@the.samba.server.ip/share2 /mnt/smb

Linux Client (with authentication) 

sudo mount \
	-t cifs \
	-o user=sambaUser \
	//the.samba.server.ip/share1 /mnt/smb

Linux Client (as guest)

sudo mount \
	-t cifs \
	-o user=guest,pass= \
	//the.samba.server.ip/share2 /mnt/smb

Citations