SECURITY: Remove dangerous root filesystem share

Removed server-root share that exposed entire / filesystem via Samba.

Why this is dangerous:
- Exposes all system files (/etc/passwd, /etc/shadow, etc.)
- Allows modification of system configuration
- Could allow privilege escalation
- Risk of accidental deletion of critical files
- No legitimate use case for sharing entire root filesystem

Changes:
- Removed "server-root" from default SHARES array
- Removed "root" share type from create_share() function
- Removed server-root creation from create-all command
- Updated README to remove Root Share documentation
- Updated create-all description to reflect home directory only

Added to README:
- Section explaining how to fix existing users with permission issues
- Clear warning: "Do NOT run init - that would delete your configuration"
- Instructions to use user-access to fix permissions instead

Users should only share specific directories they need, not the entire filesystem!

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

README.md

@@ -133,6 +133,21 @@ This means:
 - ✅ Proper Unix permissions are maintained
 - ✅ No permission denied errors
 
+### Fixing Existing Users
+
+If you created users before the permission system was fixed and they're getting "permission denied" errors:
+
+```bash
+sudo ./spravuj_sdileni.sh user-access <username>
+```
+
+Select the shares they should have access to. This will:
+- Add them to the sambashare group
+- Fix filesystem permissions
+- Update share configuration
+
+**Do NOT run `init`** - that would delete your entire configuration!
+
 ## Share Types
 
 The script creates different types of shares:
@@ -142,12 +157,6 @@ The script creates different types of shares:
 - Guest access enabled
 - Shares your user's home directory
 
-### Root Share
-- Full filesystem access
-- Requires authentication
-- Only accessible by the detected user
-- Runs with root privileges
-
 ### Disk Shares
 - Automatically configured for external disks
 - Custom dfree scripts for accurate disk space reporting
@@ -181,7 +190,7 @@ sudo ./spravuj_sdileni.sh add-global
 sudo ./spravuj_sdileni.sh create-all
 ```
 This comprehensive command will:
-1. Create static shares (home directory and root filesystem)
+1. Create your home directory share
 2. Detect all disk partitions on the system
 3. Automatically mount any unmounted disks to `/mnt/<disk-label>`
 4. Add unmounted disks to `/etc/fstab` for persistence across reboots

spravuj_sdileni.sh

@@ -84,7 +84,6 @@ DETECTED_INTERFACES=$(ip -o link show | awk -F': ' '{print $2}' | grep -v '^lo$'
 # --- Nastavení sdílení ---
 declare -A SHARES=(
     ["${DETECTED_USER}-home"]="/home/${DETECTED_USER}|Domovska slozka uzivatele ${DETECTED_USER}|home"
-    ["server-root"]="/|Celý server (root filesystem)|root"
 )
 
 CONFIG_FILE="/etc/samba/smb.conf"
@@ -266,20 +265,6 @@ create_share() {
    guest ok = yes
    hosts allow = 127.0.0.1 192.168.0.0/16 10.0.0.0/8 172.16.0.0/12 100.64.0.0/10
    comment = $comment
-EOT
-            ;;
-        "root") cat <<EOT >> "$CONFIG_FILE"
-
-[$share_name]
-   path = $share_path
-   writable = yes
-   guest ok = no
-   valid users = $DETECTED_USER
-   admin users = $DETECTED_USER
-   force user = root
-   force group = root
-   hosts allow = 127.0.0.1 192.168.0.0/16 10.0.0.0/8 172.16.0.0/12 100.64.0.0/10
-   comment = $comment
 EOT
             ;;
         "disk")
@@ -358,7 +343,6 @@ create_all() {
     # 1. Vytvoř statická sdílení
     echo "Krok 1/4: Vytvářím statická sdílení..."
     create_share "${DETECTED_USER}-home"
-    create_share "server-root"
 
     echo ""
     echo "Krok 2/4: Hledám diskové oddíly..."