FSA/README.md

# FSA - Fucking Samba Ass

Universal Samba share management script that works across all major Linux distributions.

## Features

- 🔍 **Auto-detection**: Automatically detects your Linux distribution
- 📦 **Auto-installation**: Installs Samba if not already present
- 👤 **User-aware**: Automatically detects the current user
- 🌐 **Network-aware**: Auto-detects network interfaces
- 💾 **Disk management**: Discovers and manages disk shares
- 🔄 **Persistent mounts**: Optionally adds disks to /etc/fstab for auto-mount on boot
- 🛡️ **Safe**: Creates backups before modifying configuration

## Supported Distributions

- Arch Linux / Manjaro
- Debian / Ubuntu / Linux Mint / Pop!_OS
- Fedora
- RHEL / CentOS / Rocky Linux / AlmaLinux
- openSUSE / SLES

## Installation

1. Download the script:
```bash
wget https://forgejo.mxnticek.eu/mxnticek/FSA/raw/branch/main/spravuj_sdileni.sh
chmod +x spravuj_sdileni.sh
```

2. Run with sudo (the script will auto-install Samba if needed):
```bash
sudo ./spravuj_sdileni.sh
```

## Usage

### Initialize Configuration
Create a fresh Samba configuration with your user's home directory:
```bash
sudo ./spravuj_sdileni.sh init
```

### Mount and Share a Disk

**Temporary mount** (until reboot):
```bash
sudo ./spravuj_sdileni.sh mount-share
```

**Permanent mount** (adds to /etc/fstab):
```bash
sudo ./spravuj_sdileni.sh mount-share --mode=always
```

### Manage Shares

**Discover available disks**:
```bash
sudo ./spravuj_sdileni.sh discover
```
Shows all detected disk partitions with their mount status, labels, and available space.

**List configured shares**:
```bash
sudo ./spravuj_sdileni.sh list
```

**Create a specific share**:
```bash
sudo ./spravuj_sdileni.sh create <share-name>
```

**Delete a share**:
```bash
sudo ./spravuj_sdileni.sh delete <share-name>
```

**Auto-create shares for all mounted disks**:
```bash
sudo ./spravuj_sdileni.sh auto-disks
```

### User Management

**Create a new Samba user**:
```bash
sudo ./spravuj_sdileni.sh user-create [username]
```
This will:
- Create a system user if it doesn't exist (with no shell access)
- Prompt for a Samba password
- Optionally configure which shares the user can access

**List all Samba users**:
```bash
sudo ./spravuj_sdileni.sh user-list
```

**Configure share access for a user**:
```bash
sudo ./spravuj_sdileni.sh user-access [username]
```
Interactively select which shares the user can access. This command:
- Adds the user to the `sambashare` group
- Sets proper filesystem permissions (group ownership + read/write)
- Removes single-user restrictions (`force user`) from shares
- Enables multi-user access with proper file ownership

**Revoke user access from a share**:
```bash
sudo ./spravuj_sdileni.sh user-revoke <username> <share-name>
```

**Delete a Samba user**:
```bash
sudo ./spravuj_sdileni.sh user-delete [username]
```
Optionally removes the system user as well.

### How Permissions Work

FSA uses a group-based permission system for secure multi-user access:

1. **sambashare Group**: All Samba users are added to this group
2. **Filesystem Permissions**: Share directories are owned by group `sambashare` with read/write access
3. **SetGID Bit**: Ensures new files inherit the correct group ownership
4. **No Force User**: Multi-user shares don't force a specific user, preserving actual file ownership

This means:
- ✅ Multiple users can read/write files
- ✅ Files show the actual creator's ownership
- ✅ Proper Unix permissions are maintained
- ✅ No permission denied errors

### Fixing Existing Users

If you created users before the permission system was fixed and they're getting "permission denied" errors:

```bash
sudo ./spravuj_sdileni.sh user-access <username>
```

Select the shares they should have access to. This will:
- Add them to the sambashare group
- Fix filesystem permissions
- Update share configuration

**Do NOT run `init`** - that would delete your entire configuration!

## Share Types

The script creates different types of shares:

### Home Share
- Read/write access for all users
- Guest access enabled
- Shares your user's home directory

### Disk Shares
- Automatically configured for external disks
- Custom dfree scripts for accurate disk space reporting
- Proper permissions (664/775)
- Force user/group settings

## Configuration

All shares include:
- SMB2/SMB3 protocol support
- Network restrictions (local networks only)
- Optimized socket options
- Performance tuning (sendfile, AIO)

Default allowed networks:
- 127.0.0.1 (localhost)
- 192.168.0.0/16 (private network)
- 10.0.0.0/8 (private network)
- 172.16.0.0/12 (private network)
- 100.64.0.0/10 (CGNAT/Tailscale)

## Advanced Usage

### Add [global] section to existing config
```bash
sudo ./spravuj_sdileni.sh add-global
```

### Create all shares automatically
```bash
sudo ./spravuj_sdileni.sh create-all
```
This comprehensive command will:
1. Create your home directory share
2. Detect all disk partitions on the system
3. Automatically mount any unmounted disks to `/mnt/<disk-label>`
4. Add unmounted disks to `/etc/fstab` for persistence across reboots
5. Create Samba shares for all mounted disks

Perfect for initial setup or adding multiple disks at once!

## Troubleshooting

### Check service status
```bash
sudo systemctl status smbd nmbd
# or on some distros:
sudo systemctl status smb nmb
```

### View logs
```bash
sudo journalctl -u smbd -u nmbd -f
```

### Test configuration
```bash
sudo testparm
```

### Check which shares are visible
```bash
smbclient -L localhost -N
```

## Security Notes

- Always review the generated configuration
- Shares are restricted to local networks by default
- Root share requires authentication
- Guest access is only enabled for home shares by default

## License

Do whatever the fuck you want with it.

## Author

Created with frustration and love for Samba configuration.