Sharing root (/) via SAMBA

Trying to share the root directory as “root” via SAMBA. This worked in OpenSUSE 12 and 13, but after upgrading to LEAP 15.0 and mounting the share on a Windows 10 machine (everybody is in WORKGROUP), the mount itself appears to work but “there is no there there” - I get permission errors trying to access, list or anything else.

The active parts of my smb.conf are:

comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
guest ok = Yes

comment = root
force group = root
force user = root
guest ok = Yes
path = /
read only = No
inherit acls = No

I can set up and share the /home directory as “users” as shown above, mount it on Windows 10, and it works a treat. What’s special about the root directory, and how can I overcome it? (No worries about security, this is all internal to my home network which is double-firewalled from the outside world. Nobody but friends in here…)

Worse, restarting smb now shows the root share, but when selecting it in Windows 10 (part of Mount a Drive) it says I don’t have the rights to access the share - even before I specify a user/password from either Windows 10 or Linux.

Exactly the same setup works perfectly in OpenSUSE 12 and 13.

How do I unlock “/” in smb in OpenSUSE LEAP 15?

The various help documents for Leap 15 are here:

Self finds it easier searching PDF’s
example download and read book.opensuse.reference_color_en.pdf eg 21 Samba.


The “force user” or “force group” parameters in your smb.conf need to be in a [root$] section …

The following will allow read-only access from a Redmond box but, “other” permissions in the system directories will prevent the Redmond OS from being able to read everything:

path = /
create mask = 0755
valid user = myname
browsable = yes

It’s also possible that an openSUSE Policy rule will prevent the SMB access to “/” …

Kudos to dcurtisfra! Based on his reply, here’s what I came up with:

  1. ln -s / /slash

  2. add the following to /etc/samba/smb.conf:

comment = root
force group = root
force user = root
guest ok = Yes
hosts allow =
inherit acls = Yes
path = /slash
read only = No
admin users = root
available = Yes
browseable = Yes
create mask = 0777
directory mask = 0777
locking = Yes
printable = No
public = Yes
strict locking = No
valid users = root
writeable = Yes
write list = root

Yeah, some of that may not be necessary, but…

  1. systemctl stop smb.service

  2. systemctl start smb.service

  3. On my Windows 10 box, a simple Computer / Mount Network Drive specifying “\<OpenSUSE machine name>\slash”, entering root’s password when prompted, and we’re done.

Warning: Make sure your security is adequate (in my case, an internal network most heavily firewalled from the outside world - never been penetrated, hacked, breached, whatever in more than two decades), because this is a wide-open share. Your security settings may (and probably should) vary…

Color this thread closed.

This is outright dangerous. Just saying.

Totally, 100 %, agree !!! …

But, even if I can’t imagine why and, even if I totally disagree with the facility provided by the Samba folks, the fact remains that, the Samba community provides the capability and, this post’s originator needs to use the capability, for what ever reason …

Yes, yes, yes: within the current World we’re living in, every Server system, with, AFAICS, no exceptions, regardless of the Network Protocol being used, is condemned to export only that application data, and no more than that, which needs to be distributed within the network the concerned Server system is serving …

And, here endeth the Sermon