##### Server

# Create Linux users
useradd alice
useradd bob

# Create a directory to be shared; set ro permissions for alice using 
# file mode bits and rw permissions for bob using file acls
mkdir /home/smbshare
chown alice:alice /home/smbshare
chmod 0500 /home/smbshare
setfacl -m u:bob:rwx /home/smbshare
setfacl -m m:rwx /home/smbshare

# Create a file for testing purposes
echo 'Hello world!' > /home/smbshare/test.txt

# Add users to Samba database
pdbedit -a -u alice
pdbedit -a -u bob

# Define share in smb.conf and restart the smb daemon
vim /etc/samba/smb.conf
    comment = smbshare for alice(ro) and bob(rw)
    path = /home/smbshare
    browseable = yes
    writeable = yes
    valid users = alice bob

systemctl reload smb


# Set the SELinux permissions and open samba on firewall
chcon -R -t samba_share_t /home/smbshare

firewall-cmd --add-service=samba --permanent
firewall-cmd --reload


##### Client

# Create Linux users
useradd alice
useradd bob

# Mount the remote Samba share
mkdir /mnt/smbshare
mount -t cifs -o username=alice,password=pass //192.168.1.112/smbshare /mnt/smbshare

# Now test the permissions 
su - alice
cd /mnt/smbshare
cat test.txt        # shows the contents of test.txt, as expected
echo 'I am alice' > test2.txt   # permission denied, as expected
exit

su - bob
cd /mnt/smbshare    # permission denied -- ???? NOT AS EXPECTED
exit

# I think it doesn't matter under which user to mount, but just to be sure 
# I tried to mount using bob's credentials
umount /mnt/smbshare
mount -t cifs -o username=bob,password=pass //192.168.1.112/smbshare /mnt/smbshare

# After checking file permissions I got the same results as above: 
# alice have read-only permissions (as expected), bob have no access (NOT as expected)