Got a Mac? I do...a new shiny one.
Got a Linux server that you use as a file server on your network? Sick of problems with SAMBA (or even like SAMBA in the first place)? So was I, until today when I decided to figure out how to setup Apple Filing Protocol (AFP) and Bonjour under Linux, Ubuntu 9.04 in my case. In the following tutorial, we’re going to install and configure, Netatalk and Avahi.
Building Netatalk
Netatalk is the Open Source implementation of AFP. Since Mac OS X requires encryption to work properly, and the standard netatalk package doesn’t include this feature. So we are going to build our own netatalk package from source with encryption enabled. To start, we’re going to download install dependencies for netatalk. Then ensure we install the dependencies for encryption support, and finally grab the source for netatalk.
sudo apt-get build-dep netatalk sudo apt-get install cracklib2-dev fakeroot libssl-dev sudo apt-get source netatalk
Now that we have source we can move into the netatalk directory and start building the package with encryption enabled:
cd netatalk-2* sudo DEB_BUILD_OPTIONS=ssl dpkg-buildpackage -rfakeroot
This will take a few minutes… Go grab yourself a tasty beverage.
Once completed, hopefully without errors (the ones about being unable to sign the package are OK) you should have a netatalk-2..something.deb package in your home directory. To install it, issue the following command.
sudo dpkg -i ~/netatalk_2*.debConfigure Netatalk
The first thing we are going to do, is disable some services provided by netatalk which are not needed for just file sharing. This will speed up the startup and response time of netatalk significantly. In the following examples I’ll be using nano, but feel free to fire up your favorite text editor.
sudo nano /etc/default/netatalk
Locate the following startup options and change them as noted below. If you’re also interested in sharing a Linux connected printer, enable the pap daemon as well.
ATALKD_RUN=no
PAPD_RUN=no
CNID_METAD_RUN=yes
AFPD_RUN=yes
TIMELORD_RUN=no
A2BOOT_RUN=no
PAPD_RUN=no
CNID_METAD_RUN=yes
AFPD_RUN=yes
TIMELORD_RUN=no
A2BOOT_RUN=no
The cnid_meta daemon service handles all the metadata for us which would get lost since your Linux server isn’t formatted as Apple’s HFS+. Go ahead and save an exit this file, and lets move on to the afpd.conf file.
sudo nano /etc/netatalk/afpd.confAt the very bottom of the file you should see a line similar to the following line. Replace it with the following, save and exit.
- -transall -uamlist uams_randnum.so,uams_dhx.so -nosavepassword -advertise_ssh
Configuring shared volumes
The next step is telling afpd what volumes we want to share. This is configured in the /etc/netatalk/AppleVolumes.default file.
Scroll to the bottom of the document and define your shared volumes. There should already be a line starting with ~/ allowing the sharing of home directories via AFP.
~/ "$u" cnidscheme:cdbYou can setup as many shared volumes as you wish. You can even define which users are allowed to access each share. You do this using the allow option. On my server, I have the following setup for my work folder.
/server/work work allow:igs-awilliams,igs-lwhiteOnce you’re done setting up your shared volumes, restart netatalk using the init.d script.
sudo /etc/init.d/netatalk restartEven so we have a fully configured AFP it will not show up in the Finder sidebar on OS X, it is however reachable via ‘Go -> Connect to Server’ in Finder). OS X use a service called Bonjour for automagic discovery, which displays the server on your sidebar. Linux can emulate this functionality with an open source implementation of Bonjour called Avahi.
Installing Avahi
Avahi is the daemon that will advertise all defined services across your network just like Bonjour does. We are going to install the avahi daemon and the mDNS library used for imitating the Bonjour service. When fully configured this will allow machines running OS X in your network to discover your Linux server automatically.
sudo apt-get install avahi-daemon sudo apt-get install libnss-mdns
Our configuration starts with the /etc/nsswitch.conf file. Simply add “mdns” to the end of the line that starts with “hosts:” – when completed it should look something like this.
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 mdns
Now we have to tell Avahi which services it should advertise across the network, in our case we just want to advertise AFP volumes. This is done by creating a XML file for each service in the /etc/avahi/services/ directory. Create the file /etc/avahi/services/afpd.service and insert the following XML code.
%h
_afpovertcp._tcp
548
_device-info._tcp
0
model=Xserve
The only thing left to do is restart Avahi.
sudo /etc/init.d/avahi-daemon restartThat's it, you have configured the Avahi daemon to advertise AFP sharing across your network which should cause any computer running OS X to automagically discover it. Within a few moments it should show up in your Finder’s sidebar. You should be able to connect using the username and password from your Linux server. Once connected you should see the Volumes we defined in the AppleVolumes.default file.
May Your Skill Prevail!
