AFP Linux server

This is a guide on how to mimic an OS X file server using Linux and the open source implementation of AFP, Netatalk. These instructions are for Ubuntu Server 10.04, but should translate pretty easily to other distros.

I have a Linux NAS, but all my other computers are Macs. NFS is simple, but buggy. There are all sorts of problems if you disconnect from the network without unmounting first. Also, I ran into issues where Finder would just lockup upon opening an NFS mounted directory.

Time to make the switch to AFP.

Installing netatalk

OS X doesn’t like sending clear text passwords, so you have to install libgcrypt-dev so netatalk builds the uams_dhx2.so module.

sudo aptitude install build-essential libdb-dev libgcrypt-dev
wget http://prdownloads.sourceforge.net/netatalk/netatalk-2.1.4.tar.bz2?download -O netatalk-2.1.4.tar.bz2
tar xjf netatalk-2.1.4.tar.bz2
cd netatalk-2.1.4
./configure --prefix=/usr/local/netatalk-2.1.4
make && sudo make install

Because we installed by source, we gotta do some symlinking and creating of config files, etc. First off, I like to make a link in /usr/local.

sudo ln -s /usr/local/netatalk-2.1.4 /usr/local/netatalk

Now we’re going to link the config stuff to /etc.

sudo ln -s /usr/local/netatalk/etc/netatalk /etc/netatalk

Now install this initd script as /etc/init.d/netatalk and edit SBIN_PATH and BIN_PATH according to where you installed netatalk.

BIN_PATH=/usr/local/netatalk/bin
SBIN_PATH=/usr/local/netatalk/sbin

Configuring netatalk

Pretty easy. You just gotta configure two things: afpd and what volumes you want to share.

My /etc/netatalk/afpd.conf is just one line.

- -tcp -noddp -uamlist uams_dhx2.so,uams_guest.so -nosavepassword

It says “my default server uses tcp, not ddp and allows users to authentica via dhx2 or as a guest without saving their password.” At least, that’s what I think it says. The afpd.conf file is well document and it also has a man page.

My /etc/netatalk/AppleVolumes.default is similarly simple.

:DEFAULT: options:upriv,usedots
/mnt/quantum "Quantum" allowed_hosts:192.168.0.0/16

The :DEFAULT: section applies to all volumes. upriv means use Unix privileges and usedots means hide files that start with a dot. I’m only exporting one volume named Quantum and the arguments are pretty self explanatory. Again, the AppleVolumes.default is well documented and there a man page for it as well.

Now you can start it up.

sudo /etc/init.d/netatalk start

And connect to it via Finder -> Go -> Connect to Server…

For the “Server Address:” I fill out afp://hostname/Quantum where “hostname” is my Linux machine’s hostname and “Quantum” is the name of my volume.

The authentication credentials are your Linux username and password. Your Linux user will need permissions on the exported volume (obviously).

Troubleshooting

Can’t connect? See what’s going on by changing your afpd.conf to be something like.

- -tcp -noddp -uamlist uams_dhx2.so,uams_guest.so -nosavepassword -setuplog "default log_debug /tmp/afpd.log"

Now you can tail -f /tmp/afpd.log to see what’s going on when you try to connect. Note, there are other log levels than “log_debug” if you need more info. See the man page.

Configuring Avahi

So by now you’ve noticed that your Linux AFP server doesn’t show up in the Finder’s sidebar like other real Macs do. Not a problem, we can fix that by installing and configuring Avahi to advertise it.

sudo aptitude install avahi-daemon libnss-mdns

Now edit /etc/nsswitch.conf and make sure the “hosts” line has “mdns” in it.

hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4 mdns

Now create a new file /etc/avahi/services/afpd.service and fill it out.

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
  <name replace-wildcards="yes">%h</name>
  <service>
    <type>_afpovertcp._tcp</type>
    <port>548</port>
  </service>
  <service>
    <type>_device-info._tcp</type>
    <port>0</port>
    <txt-record>model=MacPro</txt-record>
  </service>
</service-group>

You can change “MacPro” to one of PowerBook, PowerMac, Macmini, iMac, MacBook, MacBookPro, MacBookAir, Xserve, AppleTV1,1, AirPort in order to change the icon that shows up in Finder.

Now restart Avahi and your Linux AFP server should show up in the Finder’s sidebar!

sudo /etc/init.d/avahi-daemon restart