From b65ef9cbb722549195c35bb5337bb981d48c7aba Mon Sep 17 00:00:00 2001
From: ducoterra <git@ducoterra.net>
Date: Wed, 17 Dec 2025 12:32:26 -0500
Subject: [PATCH] initial smb instructions

---
 active/software_smb/smb.md | 97 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 97 insertions(+)
 create mode 100644 active/software_smb/smb.md

diff --git a/active/software_smb/smb.md b/active/software_smb/smb.md
new file mode 100644
index 0000000..8c5e919
--- /dev/null
+++ b/active/software_smb/smb.md
@@ -0,0 +1,97 @@
+# SMB
+
+- [SMB](#smb)
+  - [Install SMB](#install-smb)
+  - [Create SMB User](#create-smb-user)
+  - [Create a SMB Share](#create-a-smb-share)
+  - [Create a SMB Share with Many Users](#create-a-smb-share-with-many-users)
+
+## Install SMB
+
+```bash
+sudo dnf install samba
+sudo systemctl enable smb --now
+firewall-cmd --get-active-zones
+sudo firewall-cmd --permanent --zone=FedoraServer --add-service=samba
+sudo firewall-cmd --reload
+```
+
+## Create SMB User
+
+```bash
+sudo smbpasswd -a ducoterra
+```
+
+## Create a SMB Share
+
+```bash
+# Create share
+mkdir /btrfs/pool0/smb/ducoterra
+
+# Set proper selinux labels for samba
+sudo semanage fcontext --add --type "samba_share_t" "/btrfs/pool0/smb/ducoterra(/.*)?"
+
+# Run restorecon at the root of the btrfs subvolume
+sudo restorecon -R /btrfs/pool0
+```
+
+Edit /etc/samba/smb.conf
+
+```conf
+[ducoterra]
+        comment = My Share
+        path = /btrfs/pool0/smb/ducoterra
+        writeable = yes
+        browseable = yes
+        public = no
+        create mask = 0644
+        directory mask = 0755
+        write list = user
+```
+
+Then restart SMB
+
+```bash
+sudo systemctl restart smb
+```
+
+## Create a SMB Share with Many Users
+
+```bash
+sudo groupadd myfamily
+sudo useradd  -G myfamily jack
+sudo useradd  -G myfamily maria
+
+sudo smbpasswd -a jack
+sudo smbpasswd -a maria
+
+sudo mkdir /home/share
+sudo chgrp myfamily /home/share
+sudo chmod 770 /home/share
+sudo semanage fcontext --add --type "samba_share_t" "/home/share(/.*)?"
+sudo restorecon -R /home/share
+```
+
+```conf
+[family]
+        comment = Family Share
+        path = /home/share
+        writeable = yes
+        browseable = yes
+        public = yes
+        valid users = @myfamily
+        create mask = 0660
+        directory mask = 0770
+        force group = +myfamily
+```
+
+- valid users: only users of the group family have access rights. The @ denotes a group name.
+- force group = +myfamily: files and directories are created with this group, instead of the user group.
+- create mask = 0660: files in the share are created with permissions to allow all group users to read and write files created by other users.
+- directory mask = 0770: as before, but for directories.
+
+Don't forget to restart smb
+
+```bash
+systemctl restart smb
+```
\ No newline at end of file