Install Netatalk 3.1.11 on openSUSE Leap 42.2
Install the following packages by "zypper in".
- libevent-devel (used by netatalk(8))
- db-devel (dbd CNID backend)
- libtdb-devel (tdb CNID backend)
- libmysqlclient-devel (mysql CNID backend)
- libgcrypt-devel (DHX2 auth)
- libopenssl-devel or libressl-devel (DHX auth aka DHCAST128)
- krb5-devel (Kerberos V auth)
- pam-devel (PAM)
- libavahi-devel (Bonjour support)
- cracklib-devel (password ckeck)
- tcpd-devel (TCP Wrapper)
- libacl-devel (ACL support)
- openldap2-devel (enhanced ACL support)
- dbus-1-devel (used by afpstats command)
- dbus-1-glib-devel (used by afpstats command)
- glib2-devel (used by afpstats command)
- perl-IO-Socket-INET6 (used by asip-status.pl command)
- systemtap-sdt-devel (DTrace-compatible)
- tracker (used for spotlight indexing)
- tracker-devel (used for spotlight indexing)
Get the tarball from Netatalk Web Site.
Extract the tarball.
$ tar xvf netatalk-3.1.11.tar.bz2 $ cd netatalk-3.1.11
You should read the help message, in order to know configure options.
If the applicable libraries are installed, many options will be detected automatically.
$ ./configure --help
Do configure! The following options are not auto-detected.
$ ./configure \ --with-init-style=suse-systemd \ --without-libevent \ --without-tdb \ --with-cracklib \ --enable-krbV-uam \ --with-pam-confdir=/etc/pam.d \ --with-dbus-sysconf-dir=/etc/dbus-1/system.d \ --with-tracker-pkgconfig-version=1.0
The version 1.0 --with-tracker-pkgconfig-version=1.0 must match the pkg-config version of the installed Tracker libraries. Use the following commands for finding the version info:
$ pkg-config --list-all | grep tracker ...
On successful completion, you will see a report similar to the following:
Compilation summary: CPPFLAGS = -I$(top_srcdir)/include -I$(top_builddir)/include -I$(top_srcdir) CFLAGS = -D_U_="__attribute__((unused))" -g -O2 LIBS = -lcrack PTHREADS: LIBS = CFLAGS = -pthread TRACKER: LIBS = -ltracker-sparql-1.0 -lgio-2.0 -lgobject-2.0 -Wl,--export-dynamic -lgmodule-2.0 -pthread -lglib-2.0 CFLAGS = -pthread -I/usr/include/tracker-1.0 -I/usr/include/tracker-1.0/libtracker-sparql -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include SSL: LIBS = -L/usr/lib64 -lcrypto CFLAGS = -I/usr/include/openssl LIBGCRYPT: LIBS = -L/usr/lib64 -lgcrypt -ldl -lgpg-error CFLAGS = PAM: LIBS = -lpam CFLAGS = WRAP: LIBS = -lwrap CFLAGS = BDB: LIBS = -L/usr/lib64 -ldb CFLAGS = GSSAPI: LIBS = -lgssapi_krb5 -lcrack CFLAGS = -D_U_="__attribute__((unused))" -g -O2 ZEROCONF: LIBS = -lavahi-common -lavahi-client CFLAGS = -D_REENTRANT LDAP: LIBS = -lldap CFLAGS = LIBEVENT: LIBS = CFLAGS = TDB: LIBS = -ltdb CFLAGS = MySQL: LIBS = -L/usr/lib64 -lmysqlclient -lpthread -lz -lm -lssl -lcrypto -ldl CFLAGS = -I/usr/include/mysql Configure summary: INIT STYLE: suse-systemd AFP: Extended Attributes: ad | sys ACL support: yes Spotlight: yes CNID: backends: dbd last tdb mysql UAMS: DHX (PAM SHADOW) DHX2 (PAM SHADOW) RANDNUM (afppasswd) Kerberos V clrtxt (PAM SHADOW) guest Options: Zeroconf support: yes tcp wrapper support: yes quota support: yes valid shell check: yes cracklib support: yes ACL support: auto Kerberos support: auto LDAP support: yes AFP stats via dbus: yes dtrace probes: yes Paths: Netatalk lockfile: /var/lock/netatalk init directory: /usr/lib/systemd/system dbus system directory: /etc/dbus-1/system.d dbus daemon path: /bin/dbus-daemon tracker prefix: /usr tracker install prefix: /usr tracker manager: /usr/bin/tracker daemon pam config directory: /etc/pam.d Documentation: Docbook: no
Docbook is not needed because it is for developers only.
Make and install.
$ make # make install
Check features and paths, using "netatalk -V" and "afpd -V".
$ /usr/local/sbin/netatalk -V netatalk 3.1.11 - Netatalk AFP server service controller daemon This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. Please see the file COPYING for further information and details. netatalk has been compiled with support for these features: Zeroconf support: Avahi Spotlight support: Yes afpd: /usr/local/sbin/afpd cnid_metad: /usr/local/sbin/cnid_metad tracker manager: /usr/bin/tracker daemon dbus-daemon: /bin/dbus-daemon afp.conf: /usr/local/etc/afp.conf dbus-session.conf: /usr/local/etc/dbus-session.conf netatalk lock file: /var/lock/netatalk
$ /usr/local/sbin/afpd -V afpd 3.1.11 - Apple Filing Protocol (AFP) daemon of Netatalk This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. Please see the file COPYING for further information and details. afpd has been compiled with support for these features: AFP versions: 2.2 3.0 3.1 3.2 3.3 3.4 CNID backends: dbd last tdb mysql Zeroconf support: Avahi TCP wrappers support: Yes Quota support: Yes Admin group support: Yes Valid shell checks: Yes cracklib support: Yes EA support: ad | sys ACL support: Yes LDAP support: Yes D-Bus support: Yes Spotlight support: Yes DTrace probes: Yes afp.conf: /usr/local/etc/afp.conf extmap.conf: /usr/local/etc/extmap.conf state directory: /usr/local/var/netatalk/ afp_signature.conf: /usr/local/var/netatalk/afp_signature.conf afp_voluuid.conf: /usr/local/var/netatalk/afp_voluuid.conf UAM search path: /usr/local/lib/netatalk// Server messages path: /usr/local/var/netatalk/msg/
[Global] [Homes] basedir regex = /home [Test Volume] path = /export/test1 [My Time Machine Volume] path = /export/timemachine time machine = yes
It's recommended to enable extended attributes of filesystem. It's no problem in case of btrfs.
If you use ext2,3 or 4, you should check it by "getfattr" and "setfattr" commands. If you use ACL, you shoud check it by "getfacl" and "setfacl" commands. If these are disabled, use "tune2fs" command or edit "/etc/fstab" file.
/dev/sdc2 /mountpoint ext4 defaults,user_xattr,acl 0 2
You should check firewall. AFP's port number is 548. Zeroconf's port number is 5353.
Enabling and Starting
You must run Avahi ahead of Netatalk.
# systemctl enable avahi-daemon # systemctl enable netatalk # systemctl start avahi-daemon # systemctl start netatalk
If you use Spotlight feature, read Spotlight section in Netatalk Manual.
Set "spotlight = yes".
Set "spotlight = no" for Time Machine's volume. The mining for sparsebundle is wasteful.
[Global] spotlight = yes [Homes] basedir regex = /home [Test Volume] path = /export/test1 [My Time Machine Volume] path = /export/timemachine time machine = yes spotlight = no
Some problems have been reported.
Interoperation with Samba
Recent Netatalk and Samba can store metadata in the compatible format.
Using this way, the following access becomes possible.
- from Mac to Netatalk
- from Mac to Samba
- from Windows to Samba
Using "vol preset" option, the same configuration is set for all volumes.
Using "ea = samba", Extended Attributes become compatible with Samba.
[Global] vol preset = my default values [my default values] ea = samba [Homes] basedir regex = /home [Test Volume] path = /export/test1 [My Time Machine Volume] path = /export/timemachine time machine = yes
Setting various options in [global], the same configuration is set for all shares.
Three vfs objects (catia, fruit and streams_xattr) provide enhanced compatibility with Apple SMB clients and interoperability with a Netatalk.
Using "hide files", the invisible files created via Netatalk are hidden from Windows. Use "hide files", not "veto files".
Don't use "fruit:locking = netatalk" because it has a bug.
[My Time Machine Volume] is commented out because Time Machine feature can not be used via SMB.
[global] foo = bar baz = qux ea support = Yes vfs objects = catia fruit streams_xattr ; fruit:locking = netatalk fruit:encoding = native streams_xattr:prefix = user. streams_xattr:store_stream_type = no hide files = /.DS_Store/Network Trash Folder/TheFindByContentFolder/TheVolumeSettingsFolder/Temporary Items/.TemporaryItems/.VolumeIcon.icns/Icon?/.FBCIndex/.FBCLockFolder/ read only = No [homes] [Test Volume] path = /export/test1 ;[My Time Machine Volume] ; path = /export/timemachine