Samba 4, simple directory sharing

With Samba being the clusterfuck it is, every time a new version is released you have to expect something to be messed up.
This time they added a bunch of new features like MS Active Directory support, too bad that now the simple directory sharing is broken/not working like it did before.
Something like 1 year ago I wrote a small guide about how to setup a Samba share on Centos 6 and I used the same smb.conf file on more than 10 machines without any problem since yesterday, when I tried it on my fresh installed Fedora 18 (which uses Samba 4.0.0). First of all, in the “Standalone Server Options” is reported that “security” options “share and server” are deprecated; too bad I just used “share” to save me the hassle of setting up a new user and stuff even if I would like the directory to be fully accessible by everyone without any restriction.
I tried it anyway with “security = share” but there was no way to make the folder accessible, when trying to access the Samba share I always got a popup in which I had to login.
So, at the end of the story, like it or not, I had to setup a new user, create a samba user and edit the “smb.conf” file.

Create a new samba user - “smbuser” in this example - and set a password.


smbpasswd -a smbuser

Leaving the password field blank will result in a fully accessible share like the one that was possible to setup with samba version 3.* using “security = share”.
If SELinux is installed, change the security context of the shared folder.


chcon -t samba_share_t /home/user/Public

In case the directory to share is placed somewhere else (e.g. /mnt/) use sealert command and follow the instructions.


sealert -a /var/log/audit/audit.log

Then, edit the smb.conf file as follow.


[global]
	workgroup = WORKGROUP
	security = user

	netbios name = hostname

	wins support = yes
	client lanman auth = yes

	security = user
	passdb backend = tdbsam

	#printing = cups
	#printcap name = cups
	#load printers = no
	#cups options = raw

[Public]
	path = /home/user/Public
	valid users = user
	writable  = yes
	browsable = yes
	read only = no
	guest ok = yes
	public = yes
	create mask = 0666
	directory mask = 0777

Restart samba service and voilà.
Everything else should be like it was before, chkconfig xyz to set automatic service loading at system startup, service xyz to manage services status.
Other usefull commands are: smbclient -L 127.0.0.1 to print the share/s list and other usefull informations, while smbclient //127.0.0.1/_share_name_ can be used to check if the share is working without needing another machine.
In case SELinux is enabled and the folder to be shared is not the usual ~/Public other than setting the proper context (chcon) is also required to issue the following command: sudo setsebool -P samba_export_all_rw on (parameter -P stands for permanent).