Enabling Recycle Bin for Samba File Server

You can use the built-in network recycle bin to automatically save all files deleted by a user on the Samba file server on Linux. For this, the vfs_recycle (Virtual File System) module is used.

The CIFS VFS modules are installed with the samba package on most Linux distributions. If needed, you can install VFS modules manually. For example, on Ubuntu / Linux Mint / Debian:

$ sudo apt update
$ sudo apt install samba-vfs-modules

Check if the module is installed:

$ apt list | grep samba-vfs

By default, when you delete files from the samba shared folder, they are permanently deleted. A Linux file server administrator can create a network recycle bin. The Samba Recycle Bin is a hidden directory to which all Samba objects that have been deleted by the user are moved.

We will look at the option of creating a global Samba recycle bin (for all samba shares and users).

Create a recycle directory and grant permissions:

# mkdir –p /mnt/smb/.recycle
# mkdir chmod –r 777 /mnt/smb/.recycle

Open the file /etc/samba/smb.conf and add the following settings to the [global] section:

# mcedit /etc/samba/smb.conf

vfs object = recycle
recycle:repository = /mnt/smb/.recycle
recycle:keeptree = yes
recycle:versions = yes
recycle:touch = yes
recylce:exclude_dir = /tmp /TMP /temp /TEMP /public /cache /CACHE
recycle:exclude = *.TMP *.tmp *.temp ~$* *.log *.bak


• vfs objects = recycle — enable the Samba recycle bin;
  I If you are using any other VFS modules, you must specify them on the single line: vfs object = recycle full_audit shadow_copy2
• recycle:repository — set recycle bin directory for storing deleted samba objects. The directory has to be located on the same file system as the SMB folder. If you specify the path in the format /mnt/smb/.recycle/%U, then the deleted files will be saved to the directory with the name of the user who removed the file or folder. If the parameter is not set, a .recycle directory will be created at the root of each SMB share;
• recycle:keeptree — delete objects while keeping the directory tree
  If you use the path to recycle bin in the /mnt/smb/.recycle/%U format, it will be available in the recycle bin as /mnt/smb/.recycle/username/docs/1.txt
• recycle:touch — change the time of the last access to the file when it is moved to the Recycle Bin;
• recycle:touch_mtime = yes – update the last modified date of the file when it is moved to the recycle bin;
• recycle:versions — add version number when deleting files with matching name (Copy #N of);
• recylce:exclude_dir – exclude directories
• recycle:exclude – add exclusions for specific file types. Files with these extensions will be permanently deleted;
• recycle maxsize – you can set the maximum size of files (in bytes) that need to be saved to the recycle bin.

By default, the Recycle Bin is created with permissions set to 0700. These permissions are inherited by all objects in the Recycle Bin. You can change the default permissions:

recycle:directory_mode = 2770

You will also be able to change the default permissions for nested directories.

recycle:subdir_mode = MODE

To apply the change, you need to restart samba:

# systemctl restart smb

To automatically clean up deleted files older than 60 days from the samba recycle bin, use the following bash script:

#!/bin/bash
recyclePath="/mnt/smb/.recycle"
maxStoreDays="60"
/usr/bin/find $recyclePath -name "*" -ctime +$maxStoreDays -exec rm {} \;

Allow the script to run:

# chmod +x /root/bin/cleanup_samba_recycle.sh

Create a cron job to clean up the recycle samba daily:

# crontab -e

0 4 * * * /root/bin/cleanup_samba_recycle.sh