Thanks to the answer provided by @harrymc I was able to setup Samba with enabled recycle bin. These are the steps I have made:
1. Disable Virtual Box shared folders
First of all I have disabled any Virtual Box shared folders so that all file sharing is done via Samba configured network shares only - this is no requirement though.
2. Install Samba
I then followed the instructions at https://wiki.debian.org/SambaServerSimple for installing Samba ...
apt-get install samba samba-client
3. Create Samba user
... and then creating a new user with:
smbpasswd -a johndoe
4. Update Samba config
To configure the shared folders I have then updated my /etc/samba/smb.conf
with a respective section named [shared]
which will map to //debian/shared
as the name of the host computer is debian in my case.
[shared]
path = /home/johndoe/shared
comment = My Shared Folder
read only = no
browseable = yes
create mask = 0777
directory mask = 0777
guest ok = no
hide files = /.recycle/
vfs objects = recycle
recycle:repository = .recycle
recycle:keeptree = yes
recycle:versions = yes
recycle:touch = yes
recycle:minsize = 0
recycle:maxsixe = 0
5. Restart Samba
Once I finished the configuration I have saved the file and restarted samba with:
sudo service smbd restart
6. Done
And that's it. Back at the Windows guest I connected to //debian/shared
using Windows Explorer and entered the credentials for johndoe as configured before. And now, when deleting a file, I am still asked whether I want to delete it permanently but when confirming with yes the file is actually not deleted but moved to the recycle repository directory.
Notes:
I have recognized that deleting an empty folder at guest will remove it permanently at host as well instead of moving to recycle repository directory.
Protecting recycle bin ...
Though the hide files = /.recycle/
setting ensures that the recycle repository folder is not visible with Windows Explorer standard settings it is possible to use a recycle repository outside of the shared folder as well - so that no client is able to delete its contents. To set it to /home/johndoe/.shared.recycle
I used:
recycle:repository = ../.shared.recycle
Additional configuration
A bit out of scope of this question - but here you can see my complete configuration file. Many of the settings at [global]
were initially present after installing samba. But as I always want to know what is actually configured I had a look at https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html manual pages and then changed some of the default settings.
[global]
workgroup = WORKGROUP
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1024
syslog only = no
syslog = 0
server role = standalone server
map to guest = Never
usershare allow guests = no
pam password change = yes
obey pam restrictions = yes
unix password sync = no
passdb backend = tdbsam
encrypt passwords = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
;[homes]
; comment = Home Directories
; browseable = no
; read only = yes
; create mask = 0700
; directory mask = 0700
; valid users = %S
;[printers]
; path = /var/spool/samba
; comment = All Printers
; browseable = no
; read only = yes
; create mask = 0700
; printable = yes
; guest ok = no
;[print$]
; path = /var/lib/samba/printers
; comment = Printer Drivers
; browseable = yes
; read only = yes
; guest ok = no
#[shared]
# ... as shown above
As you can see I have commented [printers]
and [print$]
sections as I don't want to share my printers for now.
I as well commented the [homes]
section. Mainly because I don't know much about the implications in terms of security when having it enabled. If someone wants to elaborate on this here you are welcome!
What I think I do understand is map to guest = Never
and usershare allow guests = no
will disabled guest access completely.
But I don't know much about the other security related settings shown above. If someone could explain to me what they mean alone or all together that would be great. Especially pam password change
, obey pam restrictions
and unix password sync
are not so clear to me though I have read the respective chapter at man pages:
https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#PAMPASSWORDCHANGE
https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#OBEYPAMRESTRICTIONS
https://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#UNIXPASSWORDSYNC
Finally the settings for passdb backend
, encrypt passwords
, passwd program
and passwd chat
come with the installation at Debian Jessie per default.
Thanks for pointing me to the right details at Samba! As the weekend is near I hope I'll find the time to continue my efforts on it soon and will share my findings here. – conceptdeluxe – 2015-05-29T11:31:48.253
I'd like to give the bounty to you but I am not sure what happens if I set my more detailed answer as accepted - will you still get it? – conceptdeluxe – 2015-05-31T21:21:17.237
Bounty and acceptation are entirely separate. You can accept one answer and give the bounty to another. If an answer is accepted it will get automatically the bounty, but not if answered by the poster himself. So you have to assign the bounty manually if you intend to accept another answer, – harrymc – 2015-06-01T05:21:07.403