Samba 4.9.x package support thread


umm ok actually i have wsdd2 installed and running... will try to disable windows firewall...

this is the output of testparam

root@Ansuel-Router:~# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: The "null passwords" option is deprecated
Processing section "[homes]"
Processing section "[Download]"
Processing section "[Firmware]"
Loaded services file OK.

Press enter to see a dump of your service definitions

# Global parameters
        bind interfaces only = Yes
        deadtime = 15
        disable netbios = Yes
        enable core files = No
        interfaces = lo br-lan
        load printers = No
        map to guest = Bad User
        netbios name = ANSUEL-SHARE
        null passwords = Yes
        passdb backend = smbpasswd
        printcap name = /dev/null
        security = USER
        server string = Ansuel Share
        socket options = IPTOS_LOWDELAY TCP_NODELAY
        idmap config * : backend = tdb
        delete veto files = Yes
        invalid users = root
        use sendfile = Yes
        veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/

        browseable = No
        comment = Home Directories
        create mask = 0750
        read only = No

        create mask = 0777
        directory mask = 0777
        guest ok = Yes
        path = /mnt/data/Download
        read only = No

        create mask = 0644
        directory mask = 0644
        guest ok = Yes
        path = /mnt/data/firmware

in share i see openwrt-smb but i changed the name with luci app (also if i click openwrt-smb it gives me an error)


Seems all fine to me, you should see the Download, Firmware shares via explorer. Did you check the openwrt system logs, maybe something is reported there related to this?

PS: I can only guess, since so far i could always see my shares with a similar config out of the box, as long as wsdd2 was running.


@Ansuel have you made sure in Win 10 that network is 'Private' and has file sharing enabled? (it's off by default, and default is 'public' network).


It's finally building for the WRT1900ACS. I was able to successfully add the snapshots to my config and download/install samba4 successfully:

> src/gz openwrt_snapshotpackages
> src/gz openwrt_snapshotluci
Installing luci-app-samba4 (git-18.247.53383-f6dd876-1) to root...
Installing libtirpc (1.1.4-1) to root...
Installing libcomerr (1.44.1-1) to root...
Installing libss (1.44.1-1) to root...
Installing krb5-libs (1.16.1-3) to root...
Installing libpopt (1.16-1) to root...
Installing libcap (2.25-2) to root...
Installing jansson (2.11-1) to root...
Installing libgmp (6.1.2-1) to root...
Installing libnettle (3.3-1) to root...
Installing liblzma (5.2.4-1) to root...
Installing libbz2 (1.0.6-4) to root...
Installing libexpat (2.2.6-1) to root...
Installing libopenssl (1.0.2p-1) to root...
Installing libarchive (3.3.2-1) to root...
Installing libgpg-error (1.32-1) to root...
Installing libgcrypt (1.8.3-1) to root...
Installing libpam (1.2.0-2) to root...
Installing libdbus (1.12.10-1) to root...
Installing dbus (1.12.10-1) to root...
Installing libavahi-dbus-support (0.7-2) to root...
Installing libdaemon (0.14-5) to root...
Installing avahi-dbus-daemon (0.7-2) to root...
Installing libavahi-client (0.7-2) to root...
Installing libattr (20170915-1) to root...
Installing attr (20170915-1) to root...
Installing samba4-libs (4.8.5-1) to root...
Installing samba4-server (4.8.5-1) to root...
Configuring libpam.
Configuring libexpat.
Configuring libdbus.
Configuring dbus.
Configuring libavahi-dbus-support.
Configuring libdaemon.
Configuring avahi-dbus-daemon.
Configuring liblzma.
Configuring libgpg-error.
Configuring libgcrypt.
Configuring libcap.
Configuring libcomerr.
Configuring libss.
Configuring krb5-libs.
Configuring libavahi-client.
Configuring libgmp.
Configuring libnettle.
Configuring libbz2.
Configuring libopenssl.
Configuring libarchive.
Configuring libattr.
Configuring attr.
Configuring jansson.
Configuring libtirpc.
Configuring libpopt.
Configuring samba4-libs.
Configuring samba4-server.
Configuring luci-app-samba4.

dbus[32638]: Unknown group "netdev" in message bus configuration file

I'm sure you're aware it took about 60% of my free space on flash with all those extra dependencies. I've been using mbedtls for most of my packages but can transfer to openssl since samba4 seems to require it, but I don't see much ability to cut down on the size usage from my end.

Few log problems from the install:

Wed Sep  5 08:23:48 2018 avahi-daemon[32671]: Found user 'nobody' (UID 65534) and group 'nogroup' (GID 65534).
Wed Sep  5 08:23:48 2018 avahi-daemon[32671]: Successfully dropped root privileges.
Wed Sep  5 08:23:48 2018 avahi-daemon[32671]: avahi-daemon 0.7 starting up.
Wed Sep  5 08:23:48 2018 daemon.warn avahi-daemon[32671]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Wed Sep  5 08:23:48 2018 avahi-daemon[32671]: No service file found in /etc/avahi/services.

The luci config is awesome and I love the template generation, you really make it easy.

Unfortunately I can't get the simplest "guest" login to work out of the box. I get as far as connecting to the smb://share, selecting the volumes I want to mount in MacOS, but then it says there was a problem connecting to the server "".

I am attempting to share both mounted drives. They have chmod 775 in the main share a owned by "root" and group "staff". I'll see if the old OpenWRT samba3 guide can help point me in the right direction.

I would also love for you to add time machine support to this package feed so I can test that as well!

You rock Andy!


@yaravawiba The snapshot version only got the build fix, but does not have the avahi/timemachine fixes, yet.

You might want to hold of for a few more days, i'm finishing up my package builder and will release it tomorrow or at the weekend. This will allow you to build my samba4 feed against your firmware version (18.06.1). It will setup/build and host the results automatically, so you can avoid mixing snapshot/18.06.1 packages.

PS: Regarding the access error, try un-commenting those lines in the template:

	#force group = root
	#force user = root

Sorry i fly blind for Mac, since i have no test machine for it.


That, in addition to removing anything in the "allowed users" column, worked like a charm. Thanks!

I'll use this instantiation but also hold for the package builder.


oki here is the first version of my package-builder scripts, i still need to find a way to setup macOS in a VM, so its untested there. I also need to complete and verify all documentations steps in the next days, but you can give it a try.


Ran across this while trying to find a solution for samba discovery with windows 10. Anyway long story short. I am a openwrt user and installed this package and it works great. I also installed wsdd2 on my debian workstation and it works great there also. Using with the latest snapshot.

Thanks a lot!


@alphahere Thanks and glad this worked for you.

The latest updates are merged into snapshots, which includes avahi support is now enabled by default. This is so macOS/Linux/Phone users can also see/browse shares by name out of the box. In a windows only environment avahi is not needed, since wsdd2 handles the same job, so you can disable avahi via luci/startup or disable the option at build time.

The other changes are related to macOS compatibility and Apple timemachine support, there are now new options in luci.

Lastly there is a new option "Force Root" which does exactly what it sounds like, forces root user/group on the share. This is mainly to avoid invalid user access errors.


Quick note for macOS users, i finally gave in and now have a dual VM (hyper-v, vmware) setup so i can actually test all the macOS stuff myself.

I just confirmed that the latest changes seem to work in high-sierra, so for macOS just enable the global compatibility option and than you can use Force Root, Allow Guests along with deselecting read-only to get a quick&dirty share working, without any user management.

For timemachine i recommend deselect browseable and use Allow Guests and Guests only along with selecting the Timemachine Share option and a Timemachine size of at least 12-16GB.

The only issue i found, is that you seem to need restart samba after you have created a new Timemachine share, until macOS picks it up in the selection screen. I put this on my to-do list, so keep this in mind for now.

PS: I noticed that user management is really bad atm, since you have to manually add users/groups to the /etc/passwd, /etc/groups files and than use smbpasswd -a username or temper with the samba passdb backend. I will try to add some options to luci, to remedy this.


This is good stuff. I upgraded the snapshot samba4 packages to 4.8.5-2, however luci-app-samba4 did not show an update and when I go in luci to enable Time Machine support I don't see an option.


Try uninstall the luci package and reinstall from snapshots.


My bad, I didn't add the snapshot luci feed either. That fixed it. After running into this bug and fixing it, this runs like butter right out of the box. Will continue testing, and will think about the best way to start better organizing and consolidating the wiki. Samba4 is ready for primetime!

There are tons of docs that I think are ripe for revisiting. Is there any reason besides size that samba3 is still around?


New URLs:

The old pages are for archival purposes only and do not receive updates any more.


Thats strange, i had no issues at all. Maybe you did manually mount the share from the previous versions by ip? It should work out of the box, for me the "browse-able" unset timemachine share only shows up in the timemachine disk settings. Maybe we should force timemachine shares "invisible" by default? Is there a reason to have them show up also in the finder, some kind of hybrid mode using the same dir?

Yeah samba3 is 60% smaller, still works fine for most devices, so is the only solution for low space targets, if you don't want to fiddle with a extroot. I also have this hotplug feature still on my to-do, so if you need this samba3 is the way to go. So i expect samba3 to stay until it becomes unmaintained or a major security bug can't be fixed.


Hm, so there is a problem.

"The identity of the Backup disk "Backup" has changed since the previous backup. The disk may have been replaced or erased, or someone may be trying to trick your computer into backing up the wrong disk."

Then, when I go into the TM share, there are different sparsebundle files, each sequentially named on each time I either closed the computer or the backup was restarted and I clicked "ok" do the above dialog box. The incremental backups are not working as intended.

Time Machine also stops backing up as soon as I shut the laptop down. This never used to happen, as I have it on a power adapter with the enable power nap function turned on. When I relaunch, I repeat the above error message and begin a new backup.

Any ideas? Seems like it's a new problem to the 10.12 and up MacOS.


@yaravawiba Yes its a known bug introduced in samba 4.8.5, will be fixed in the next version. See:

PS: Samba 4.9 was just released today, so i will setup a new PR for it and this should be fixed than.
I will try to fix my package-builder script for macOS today, so you can try compile/install your own samba4.9 version from my feed and give some feedback on the whole process. :stuck_out_tongue:


oki new 4.9.0 version is in my feed and a PR has been created.
The package-builder script was fixed and tested on macOS, everything seems to work.


Great, I'm a super newbie user but I might try that in lieu of waiting for the patch to be merged mainstream.

In other news, I'm testing smb connection on a nvidia shield, trying to connect to the router via the nvidia shield. It's not working. In doing some research apparently the shield only supports SMB1, which they are updating but it's taking a crazy amount of time. Do you know if samba4 supports SMB1?


Yes samba4 supports all versions smb1-3, but Windows 10 removed smb1 support by default. You have to enable it via Programs and Features/Turn Windows Features on or off/SMB 1.0. Its not recommend for security reasons, but also wont break anything. So as a workaround in a simple local lan, you can try enable it.

PS: Thanks to Dirk Brenken 4.9.0 is already merged, you can still try the package-builder and give some feedback.