SAmba - impossible to create ._* files

[svoltaire2]

I am using TrueNas 13.0-U5.1 and I am unable to create a file starting by ._ from a samba client (windows or linux)
i.e. touch ._ returns:
touch: cannot touch '._t': No such file or directory

It is working when I do it from truenas server. I can't find anything in the log.
I was thinking it was part of a veto files (because Mac used to create a lot of these) but I have nothing test in smb:
testparm

Code:

# Global parameters
[global]
    aio max threads = 2
    bind interfaces only = Yes
    disable netbios = Yes
    disable spoolss = Yes
    dns proxy = No
    enable web service discovery = Yes
    interfaces = 127.0.0.1 192.168.0.167
    kernel change notify = No
    load printers = No
    logging = file
    map to guest = Bad User
    max log size = 5120
    nsupdate command = /usr/local/bin/samba-nsupdate -g
    ntlm auth = ntlmv1-permitted
    obey pam restrictions = Yes
    registry shares = Yes
    server min protocol = SMB2
    server multi channel support = No
    server role = standalone server
    server string = FreeNAS Server
    username map = /usr/local/etc/smbusername.map
    username map cache time = 60
    shadow: format = zfs-auto-snap_frequent-%Y-%m-%d-%H%M
    shadow: sort = desc
    idmap config *: range = 80000001-100000000
    fss:prune stale = true
    rpc_daemon:fssd = fork
    fruit:nfs_aces = No
    rpc_server:mdssvc = disabled
    rpc_daemon:mdssd = disabled
    idmap config * : backend = tdb
    acl allow execute always = Yes
    create mask = 0776
    directory mask = 0777
    directory name cache size = 0
    dos filemode = Yes
    hide dot files = No
    hosts allow = 192.168.0.0/24
    inherit permissions = Yes
    map acl inherit = Yes
    map archive = No
    store dos attributes = No
    strict locking = No




[photos]
    ea support = No
    level2 oplocks = No
    oplocks = No
    path = /mnt/voluz/photos
    read only = No
    smbd max xattr size = 2097152
    strict locking = Auto
    valid users = @webdav
    vfs objects = fruit streams_xattr ixnas recycle zfs_core aio_fbsd
    recycle:subdir_mode = 0700
    recycle:directory_mode = 0777
    recycle:touch = yes
    recycle:versions = yes
    recycle:keeptree = yes
    recycle:repository = .recycle/%U
    streams_xattr:store_stream_type = no
    streams_xattr:prefix = user.
    fruit:locking = netatalk
    fruit:resource = file
    fruit:metadata = netatalk
    nfs4:chown = true
    ixnas:dosattrib_xattr = false




[smb]
    access based share enum = Yes
    comment = main source
    ea support = No
    hosts allow = 192.168.0.1/24
    level2 oplocks = No
    oplocks = No
    path = /mnt/voluz
    read only = No
    smbd max xattr size = 2097152
    strict locking = Auto
    valid users = @webdav @wheel @family
    vfs objects = zfs_fsrvp fruit streams_xattr shadow_copy_zfs ixnas recycle zfs_core aio_fbsd
    crossrename:sizelimit = 500
    zfsacl:expose_snapdir = True
    ixnas:zfsacl_sortaces = true
    recycle:touch_mtime = false
    recycle:exclude_dir = .recycle
    recycle:subdir_mode = 0700
    recycle:directory_mode = 0777
    recycle:touch = false
    recycle:versions = yes
    recycle:keeptree = true
    recycle:repository = .recycle/%U
    streams_xattr:store_stream_type = no
    streams_xattr:prefix = user.
    fruit:locking = netatalk
    fruit:resource = file
    fruit:metadata = netatalk
    nfs4:chown = true
    ixnas:dosattrib_xattr = false
    shadow:include = fss-*
    shadow:ignore_empty_snaps = false

Before I opened a bug with samba, I wanted to confirm if others failed the same issue?
Even if I create the file on the server side, I can't see it on samba clients.
Would it be connected to fruit:resource / https://www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html

 

[svoltaire2]

I fixed the issue using:

fruit:veto_appledouble = no

but I am not sure it is the best approach? It is sad that this default veto option is not showing up with testparm

 

[jgreco]

but I am not sure it is the best approach? It is sad that this default veto option is not showing up with testparm

I don't think that's a good idea, but isn't it just like Apple to invent their own protocol, then screw everybody by also polluting SMB as well? In any case I am going to tag @anodos our resident all-things-SMB guru because I suspect this is a bit unlikely to accumulate any useful replies. Apple on SMB is a bit of an edge case here in the forums.

 

[anodos]

Bugs against TrueNAS should be filed against our bugtracker and not upstream. Generally speaking though, once you start throwing in auxiliary parameters the configuration is unsupported from our perspective. Users can throw almost anything in there and it is often the cause of issues that are reported to us.

 

[Etorix]

I don't think that's a good idea, but isn't it just like Apple to invent their own protocol, then screw everybody by also polluting SMB as well?

These ._ files are used to store what was the resource branch of HFS files. So it's rather a matter of "Apple dropped its own protocol and then had to find a way to make its legacy stuff work under other protocols and with non-Apple file systems".
The question is: "Why the HELL would anyone manually create an invisible file whose name prefix is reserved for a specific use case?"
Knowledgeable Unix users know better than storing their personal documents as .profile or the like. Preventing casual SMB users from creating such files with special names looks like a very reasonable default to me.

 

[jgreco]

The question is: "Why the HELL would anyone manually create an invisible file whose name prefix is reserved for a specific use case?"

That may be your question. Some of us still wonder why they dropped backarrow, a useful character, which didn't make it past ASCII-1963 (best guess). It turns out that when you go and reserve some special thingy already in use, you usually trample on something someone else is doing, even if you claim that you cannot envision why the HELL they would be doing that. But it's still rather rude.