From 74d952edb4a148578d2ff78b666fa271e0a340fa Mon Sep 17 00:00:00 2001
From: Struchkov Mark <mstruchkov@nota.tech>
Date: Fri, 23 Jan 2026 20:18:53 +0300
Subject: [PATCH] macos

---
 CLAUDE.md    | 16 +++++++++++++++-
 Dockerfile   |  3 +++
 README.md    | 10 +++++++---
 README_RU.md | 10 +++++++---
 samba.sh     | 43 ++++++++++++++++++++++++++++++++-----------
 5 files changed, 64 insertions(+), 18 deletions(-)

diff --git a/CLAUDE.md b/CLAUDE.md
index 55cf301..170779d 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -4,7 +4,7 @@ This file provides guidance to Claude Code (claude.ai/code) when working with co
 
 ## Project Overview
 
-This is a Docker image for running Samba file server, forked from dperson/samba. It provides an Alpine-based container with current Samba versions and macOS Time Machine support.
+This is a Docker image for running Samba file server, forked from dperson/samba. It provides an Alpine-based container with current Samba versions and built-in macOS compatibility (including optional Time Machine support).
 
 ## Build and Run Commands
 
@@ -46,9 +46,23 @@ Configuration can be done via CLI flags or environment variables:
 - `-G` / `GENERIC`: Set section-specific smb.conf options
 - `-n` / `NMBD`: Enable NetBIOS daemon (requires ports 137-138/udp)
 - `-p` / `PERMISSIONS`: Fix ownership/permissions on shares
+- `-t` / `TIMEMACHINE`: Enable Time Machine support (basic macOS compatibility is always enabled)
 
 Multiple shares/users: use numbered env vars (SHARE, SHARE2, SHARE3, etc.)
 
+### macOS Compatibility
+
+**Basic macOS compatibility is enabled by default** and includes:
+- Extended attributes support (icons, labels, metadata)
+- Proper handling of macOS-specific file operations
+- Character mapping for special characters
+- Automatic cleanup of system files (.DS_Store, .apdisk, etc.)
+
+**Time Machine support** is optional (use `-t` flag or `TIMEMACHINE=1`) and adds:
+- Server advertisement as Time Capsule
+- Time Machine-specific optimizations
+- Automatic backup discovery in macOS
+
 ### Exposed Ports
 
 - 137/udp, 138/udp: NetBIOS (only needed with `-n` flag)
diff --git a/Dockerfile b/Dockerfile
index 96a29a3..96dc5fc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,4 @@
+# https://hub.docker.com/_/alpine
 ARG ALPINE_VERSION=3.23
 FROM hub.docker.struchkov.dev/alpine:${ALPINE_VERSION}
 
@@ -44,6 +45,8 @@ RUN file="/etc/samba/smb.conf" && \
    aio write size = 1
    use sendfile = yes
    getwd cache = yes
+   ea support = yes
+   mangled names = no
    min receivefile size = 16384
    socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072
    hostname lookups = no
diff --git a/README.md b/README.md
index fd80d42..8e33c47 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,8 @@ Since 1992, Samba has provided secure, stable, and fast file and print services
 
 - Alpine Linux base image (minimal size)
 - SMB2/SMB3 support (SMB1 disabled by default)
-- Time Machine support for macOS
+- Built-in macOS compatibility (extended attributes, metadata handling)
+- Optional Time Machine support
 - Built-in recycle bin
 - Optimized performance settings
 - Healthcheck for status monitoring
@@ -79,7 +80,7 @@ docker run -it --rm upagge/samba -h
 | `-p` | Set ownership and permissions on shares |
 | `-r` | Disable recycle bin for shares |
 | `-S` | Disable SMB2 minimum version |
-| `-t` | Enable Time Machine support for macOS |
+| `-t` | Enable Time Machine support (macOS compatibility is always enabled) |
 | `-s` | Configure a share (see format below) |
 | `-u` | Add a user (see format below) |
 | `-w "<workgroup>"` | Configure workgroup (domain) |
@@ -132,7 +133,7 @@ docker run -it --rm upagge/samba -h
 | `RECYCLE` | Disable recycle bin |
 | `SHARE` | Share configuration (supports SHARE2, SHARE3...) |
 | `SMB` | Disable SMB2 minimum version |
-| `TIMEMACHINE` | Enable Time Machine support |
+| `TIMEMACHINE` | Enable Time Machine support (basic macOS compatibility is always enabled) |
 | `TZ` | Timezone (e.g., `Europe/London`) |
 | `USER` | User configuration (supports USER2, USER3...) |
 | `WIDELINKS` | Allow wide symbolic links |
@@ -167,6 +168,9 @@ docker run -it -p 139:139 -p 445:445 -d upagge/samba -p \
 
 ### Enabling Time Machine
 
+> **Note:** Basic macOS compatibility (extended attributes, metadata handling) is **always enabled** by default.
+> The `-t` flag adds Time Machine-specific settings for backup discovery.
+
 ```bash
 docker run -it -p 139:139 -p 445:445 -d upagge/samba -p -t \
     -u "macuser;password" \
diff --git a/README_RU.md b/README_RU.md
index 46463c0..16a87dd 100644
--- a/README_RU.md
+++ b/README_RU.md
@@ -22,7 +22,8 @@ Docker-контейнер для файлового сервера Samba.
 
 - Базовый образ Alpine Linux (минимальный размер)
 - Поддержка SMB2/SMB3 (SMB1 отключён по умолчанию)
-- Поддержка Time Machine для macOS
+- Встроенная совместимость с macOS (расширенные атрибуты, метаданные)
+- Опциональная поддержка Time Machine
 - Встроенная корзина (recycle bin)
 - Оптимизированные настройки производительности
 - Healthcheck для мониторинга состояния
@@ -79,7 +80,7 @@ docker run -it --rm upagge/samba -h
 | `-p` | Установить права владения и доступа на шарах |
 | `-r` | Отключить корзину для шар |
 | `-S` | Отключить минимальную версию SMB2 |
-| `-t` | Включить поддержку Time Machine для macOS |
+| `-t` | Включить поддержку Time Machine (совместимость с macOS уже включена) |
 | `-s` | Настроить шару (см. формат ниже) |
 | `-u` | Добавить пользователя (см. формат ниже) |
 | `-w "<workgroup>"` | Настроить рабочую группу (домен) |
@@ -132,7 +133,7 @@ docker run -it --rm upagge/samba -h
 | `RECYCLE` | Отключить корзину |
 | `SHARE` | Настройка шары (поддерживает SHARE2, SHARE3...) |
 | `SMB` | Отключить минимальную версию SMB2 |
-| `TIMEMACHINE` | Включить поддержку Time Machine |
+| `TIMEMACHINE` | Включить поддержку Time Machine (базовая совместимость с macOS уже включена) |
 | `TZ` | Часовой пояс (например, `Europe/Moscow`) |
 | `USER` | Настройка пользователя (поддерживает USER2, USER3...) |
 | `WIDELINKS` | Разрешить широкие символические ссылки |
@@ -164,6 +165,9 @@ docker run -it -p 139:139 -p 445:445 -d upagge/samba -p \
 
 ### Включение Time Machine
 
+> **Примечание:** Базовая совместимость с macOS (расширенные атрибуты, обработка метаданных) **уже включена** по умолчанию.
+> Флаг `-t` добавляет специфичные для Time Machine настройки для обнаружения бэкапов.
+
 ```bash
 docker run -it -p 139:139 -p 445:445 -d upagge/samba -p -t \
     -u "macuser;password" \
diff --git a/samba.sh b/samba.sh
index f0cf7ba..f9a6671 100755
--- a/samba.sh
+++ b/samba.sh
@@ -247,23 +247,39 @@ workgroup() { local workgroup="$1"
     sed -i 's|^\( *workgroup = \).*|\1'"$workgroup"'|' "$SMB_CONF"
 }
 
-### timemachine: enable Time Machine support for macOS
+### macos: enable basic macOS compatibility (always enabled)
+# Arguments:
+#   none)
+# Return: result
+macos() {
+    # Add fruit and streams_xattr to vfs objects
+    sed -i 's/\(vfs objects = catia\)/\1 fruit streams_xattr/' "$SMB_CONF"
+
+    # Add basic macOS compatibility configuration
+    sed -i '/\[global\]/a \
+   # macOS compatibility settings\
+   fruit:aapl = yes\
+   fruit:metadata = stream\
+   fruit:delete_empty_adfiles = yes\
+   fruit:veto_appledouble = no\
+   fruit:wipe_intentionally_left_blank_rfork = yes\
+   fruit:posix_rename = yes\
+   fruit:zero_file_id = yes\
+   fruit:copyfile = yes\
+   fruit:nfs_aces = no' "$SMB_CONF"
+}
+
+### timemachine: enable Time Machine specific settings
 # Arguments:
 #   none)
 # Return: result
 timemachine() {
-    # Add fruit and streams_xattr to vfs objects
-    sed -i 's/\(vfs objects = catia\)/\1 fruit streams_xattr/' "$SMB_CONF"
-
-    # Add Time Machine configuration
+    # Add Time Machine specific settings
     sed -i '/\[global\]/a \
-   fruit:aapl = yes\
-   fruit:metadata = stream\
+   # Time Machine settings\
    fruit:model = TimeCapsule6,116\
-   fruit:delete_empty_adfiles = yes\
    fruit:time machine = yes\
-   fruit:veto_appledouble = no\
-   fruit:wipe_intentionally_left_blank_rfork = yes' "$SMB_CONF"
+   spotlight = no' "$SMB_CONF"
 }
 
 ### widelinks: allow access wide symbolic links
@@ -355,7 +371,9 @@ Options (fields in '[]' are optional, '<>' are required):
     -p          Set ownership and permissions on the shares
     -r          Disable recycle bin for shares
     -S          Disable SMB2 minimum version
-    -t          Enable Time Machine support for macOS
+    -t          Enable Time Machine support
+                NOTE: Basic macOS compatibility is always enabled.
+                This flag adds Time Machine-specific settings (backup discovery)
     -s \"<name;/path>[;browse;readonly;guest;users;admins;writelist;comment]\"
                 Configure a share
                 required arg: \"<name>;</path>\"
@@ -440,6 +458,9 @@ while read i; do
     parse_args "$i"; generic "${PARSED_ARGS[@]}"
 done < <(env | awk '/^GENERIC[0-9=_]/ {sub (/^[^=]*=/, "", $0); print}')
 [[ "${SMB:-""}" ]] && smb
+# Enable basic macOS compatibility by default
+macos
+# Enable Time Machine only if requested
 [[ "${TIMEMACHINE:-""}" ]] && timemachine
 while read i; do
     parse_args "$i"; user "${PARSED_ARGS[@]}"