AFP

From Alessandro's Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

this is the protocol used for network file sharing in Apple systems (at leas for the latest ones)

V>=3.1 server settings

in /etc/netatalk/

  • afp.conf is the only .conf file now.

V2<= server settings

in /etc/netatalk/

  • afpd.conf is the server configuration file, a backup server might look like this:
 - -transall -ipaddr 192.168.0.10 -port 548  -noddp -uamlist uams_dhx.so,uams_dhx2.so -nozeroconf

user permissions

  • in /etc/netatalk/AppleVolumes.default we can set the file permissions to use for each service.
    • example: we have a network with an all-users group and we want them to be able to overwrite each-other files. Others can read:
      • umask:002
      • dperm:0775
      • fperm:0664
    • default linux behaviour, with read only to group users.
      • umask:022
      • dperm:0755
      • fperm:0644
  • the complete line:
/directory/shared/ "Awesome Share" options:usedots,upriv,noadouble,nohex cnidscheme:cdb umask:002 dperm:0775 fperm:0664

veto files

  • this option hides the objects specified between slashes
veto: recycled/desktop.ini/Folder Settings/

UAM list

  • usually in one of these dirs:
/usr/local/etc/netatalk/uams
/usr/lib/atalk
/usr/lib64/netatalk

ls /usr/lib/atalk/
uams_dhx2_pam.so  uams_dhx2_passwd.so  uams_dhx_pam.so  uams_dhx_passwd.so  uams_gss.so  uams_guest.so  uams_pam.so  uams_passwd.so  uams_randnum.so

Fedora 18

  • a config file is located here:
/usr/libexec/netatalk/netatalk.sh

Volumes

 path [name] [casefold:x] [options:z,l,j] \
   [allow:a,@b,c,d] [deny:a,@b,c,d] [dbpath:path] [password:p] \
   [rwlist:a,@b,c,d] [rolist:a,@b,c,d] [limitsize:value in bytes] \
   [preexec:cmd] [root_preexec:cmd] [postexec:cmd]  [root_postexec:cmd] \
   [allowed_hosts:IPv4 address[/IPv4 netmask bits]] \
   [denied_hosts:IPv4 address[/IPv4 netmask bits]] \
   ... more, see below ...
  • defaults:
:DEFAULT: options:upriv,usedots,tm  umask:002 dperm:0775 fperm:0664
  • only user home with defaults:
~
  • a time machine volume (user based) :
/backup/timemachine/$u/                         "TimeMachine"  options:usedots,upriv,noadouble,nohex,tm
  • a share allowed only to some users and group "video"
/export/ingestion  "Ingest" options:usedots,upriv,noadouble,nohex cnidscheme:cdb umask:002 dperm:0775 fperm:0664 allow:ale,jack,@video

a read only share

  • we need to create an hidden folder for AppleDB files:
mkdir /share/hidden
chmod 700 /share/hidden
dbpath:/share/hidden/.AppleDB/
  • a read only share
/export/mirror/share     "Share-snapshot"  options:usedots,noadouble,nohex,ro,nocnidcache

problem solving

Finder "stuck" on connect to share

  • in the log you'll see the server stopping after a message like this:

afpd[]: Setting uid/gid to 100/100

  • the solution in my case was:
    • stop the server
    • remove the Finder database file .AppleDB
    • restart server.
find . -maxdepth 9 -name '.AppleDouble' -type d -exec rm -rf "{}" \;
find . -maxdepth 9 -name '._.DS_Store' -delete
find . -name \.AppleDouble -o -name \.AppleDB -o -name \.DS_Store -o -name \.AppleDesktop -o -name Network\ Trash\ Folder -o -name Temporary\ Items -delete

when having a mirror server

  • DB becomes inconsistent due to path change (if different server) , the RSYNC command will need to exclude some files:
cat /mirror/excludes_afp
.AppleDB/
.DS_Store
.AppleDesktop/
.AppleDouble/
.TemporaryItems/
Temporary Items/
Network Trash Folder/
  • example:
rsync -a --delete --delete-excluded --exclude-from=excludes_afp source_host:/dir/ /mirror/host/
  • mediacluster excludes
.encoding.log
.encoding.log.post.txt
.encoding.log.p2.txt
.stats.mbtree
.stats
ingestion/done/
virtual/

version 3

 * Following config files are obsolete now:
 * afpd.conf, netatalk.conf, AppleVolumes.default and afp_ldap.conf
 * in favour of
 * /etc/afp.conf

 * Please convert your existing configs before you restart your daemon

 * The new AppleDouble default backend is appledouble = ea
 * Existing entries will be updated on access, but can do an offline
 * conversion with
 * dbd -ruve /path/to/Volume

variables

 rules:
     1) if you specify an unknown variable, it will not get converted. 
     2) if you specify a known variable, but that variable doesn't have
        a value, it will get ignored.

 the variables:
 $b   -> basename of path
 $c   -> client's ip or appletalk address
 $d   -> volume pathname on server    
 $f   -> full name (whatever's in the gecos field)
 $g   -> group
 $h   -> hostname 
 $i   -> client ip without tcp port or appletalk network   
 $s   -> server name (can be the hostname)
 $u   -> username (if guest, it's whatever user guest is running as)
 $v   -> volume name (either ADEID_NAME or basename of path)
 $z   -> zone (may not exist)
 $$   -> $

references

Retrieved from "https://wiki.alessandro.delgallo.net//index.php?title=AFP&oldid=6411"