Samba4 issues with Time Machine: cannot create new backup on Samba share
Thought I'd post some additional info for people. My currently working smb.conf is as follows. Adding fruit:metadata = stream worked for only a short while for me, so below are the results of hours of additional testing.
Note this is on Debian 10 (Buster) so things like password change command will be different on other distributions. Also note that the order of modules in the setting vfs objects = catia fruit streams_xattr is significant and important.
# NOTE: Whenever you modify this file you should run the command
# "testparm" to check that you have not made any basic syntactic
# errors.
[global]
workgroup = WORKGROUP
min protocol = SMB2
log file = /var/log/samba/log.%m
max log size = 5000
logging = file
security = USER
panic action = /usr/share/samba/panic-action %d
server role = standalone server
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
username map = /etc/samba/users.map
map to guest = bad user
guest account = XXXYOURGUESTACCOUNT
# Time Machine settings
vfs objects = catia fruit streams_xattr
fruit:model = RackMac
fruit:advertise_fullsync = true
fruit:metadata = stream
fruit:veto_appledouble = no
#default is yes, not necessary to specify fruit:posix_rename = no
#default is yes, not necessary to specify fruit:zero_file_id = yes
fruit:wipe_intentionally_left_blank_rfork = yes
fruit:delete_empty_adfiles = yes
ea support = yes
#default is yes, not necessary to specify fruit:aapl = yes
# Make share visible to Windows
#Disabled for a Mac-Only network
# lanman auth = no
# ntlm auth = yes
# wins support = yes
# local master = yes
# preferred master = yes
# Allow symlinks
# follow symlinks = yes
# wide links = yes
# unix extensions = no
#======================= Share Definitions =======================
[SHARED DRIVE]
path = /PATH/TO/YOUR/SHARED/FOLDER
valid users = @YOURGUESTUSERGROUP
writable = yes
durable handles = yes
kernel oplocks = no
kernel share modes = no
posix locking = no
vfs objects = catia fruit streams_xattr
#default is yes, not necessary to specify ea support = yes
#default is yes, not necessary to specify browseable = yes
read only = no
inherit acls = yes
fruit:time machine = yes
fruit:metadata = stream
fruit:locking = netatalk
guest ok = yes
[Time Machine]
path = /PATH/TO/YOUR/SHARED/FOLDER
valid users = @YOURGUESTUSERGROUP
writable = yes
durable handles = yes
kernel oplocks = no
kernel share modes = no
posix locking = no
vfs objects = catia fruit streams_xattr
#default is yes, not necessary to specify ea support = yes
browseable = no
read only = no
inherit acls = yes
fruit:time machine = yes
fruit:metadata = stream
fruit:locking = netatalk
fruit:time machine max size = 1.9T
**EDIT: Turns out Samba 4.9 on Debian 10 DOES automatically advertise TimeMachine destinations, as long as there are no Samba-related advertisements in /etc/avahi/services. My system wasn't advertising the TimeMachine share because I also had a manual smb share setup for avahi. When I disabled BOTH, Samba properly advertised both.
*** OLD SEE ABOVE Also note that The Samba build with Debian 10 currently does not have built-in support for advertising Time Machine shares. Normally specifying fruit:time machine = yes will trigger Samba to advertise a Time Machine destination via Avahi, but this specific support is not built with the Samba included in Debian 10. You'll need to configure a .service definition in /etc/avahi/services/. I created time_machine_advert.service in that folder. You'll need to restart avahi to be sure it gets applied with sudo systemctl restart avahi. I have two Time Machine destinations. Multiples can be advertised within a single file by simply duplicating the txt record and incrementing dkX, i.e. dk1, dk2 etc.
<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_adisk._tcp</type>
<txt-record>sys=waMa=0,adVF=0x100</txt-record>
<txt-record>dk0=adVN=SAMBA SHARE NAME EXACTLY,adVF=0x82</txt-record>
<txt-record>dk1=adVN=SAMBA SHARE NAME #2 EXACTLY,adVF=0x82</txt-record>
</service>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
</service-group>
There are some additional useful sites for Samba configuration with regards to Time Machine here:
Samba team's official guide to Time Machine configuration, although this alone didn't get a working config for me: https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X
smb.conf reference: https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html
vfs_fruit (the Apple compatibility module for Samba) reference https://www.samba.org/samba/docs/current/man-html/vfs_fruit.8.html
Ken Murphy's smb.conf on GitHub that finally pushed me over the edge and got my setup working: https://github.com/KenMurphy/SambaConfigs/blob/master/smb.conf
A general Samba on Debian guide: https://www.antoneliasson.se/journal/time-machine-compatible-samba-on-debian-buster/