Subtitle: How to install Netatalk

Version and revision: V1.2 / R 0.8.

For Nethserver 6.6 and above.

Accessible to: Novice / Beginner

Date of presentation: Released on 2015-09-20

Description:

Made the installation of Netatalk to provide the Apple Filing protocol (AFP). Netatalk is an OpenSource software package, that can be used to turn a *NIX machine into an extremely high-performance and reliable file server for Macintosh computers.

Nowadays, the Time Machine backup need the AFP to work and the Netatalk is in the version 3.1.7, at this date of presentation.

To work properly, Netatalk need the avahi-deamon:How to make NethServer OS X Friendly - Avahi

I've got a 1 tb drive mount in /opt/timemachine.

Here my fstab:

# vi fstab
#------------------------------------------------------------
# BE CAREFUL WHEN MODIFYING THIS FILE! It is updated automatically
# by the NethServer software. A few entries are updated during
# the template processing of the file and white space is removed,
# but otherwise changes to the file are preserved.
#------------------------------------------------------------
/dev/mapper/vg_microserver-lv_root      /       ext4    defaults        1 1
UUID=6aa634e2-6cb9-4044-91d2-5f1dc258b718       /boot   ext4    defaults        1 2
/dev/mapper/vg_microserver-home /home   ext4    defaults        1 2
/dev/mapper/vg_microserver-backup       /opt/timemachine        ext4    defaults        1 2
/dev/mapper/vg_microserver-lv_swap      swap    swap    defaults        0 0
tmpfs   /dev/shm        tmpfs   defaults        0 0
devpts  /dev/pts        devpts  gid=5,mode=620  0 0
sysfs   /sys    sysfs   defaults        0 0
proc    /proc   proc    defaults        0 0

I want a specific user tmbackup to connect to the NetServer instance for making the backup.

All this how to is inspired from http://netatalk.sourceforge.net/wiki/index.php/Netatalk_3.1.7_SRPM_for_Fedora_and_CentOS

First, we download the source:

# wget http://www003.upp.so-net.ne.jp/hat/files/netatalk-3.1.7-1.2.fc24.src.rpm

To build Netatalk we need at least “rpm-build”, “gcc” and “make” packages.

 # yum install rpm-build gcc make

And install the SRPM

# rpm -ivh netatalk-3.1.7-1.2.fc24.src.rpm

The following messages don't have a problem.

warning: group hat does not exist - using root

warning: user hat does not exist - using root

Build by using “rpmbuild” command.

 # cd ~/rpmbuild/SPECS/
 # rpmbuild -bb netatalk.spec

If “error: Failed build dependencies: zzz” is displayed,
execute “#yum install zzz

All this stuff to install:

  • bison-2.4.1-5.el6.x86_64
  • cracklib-devel-2.8.16-4.el6.x86_64
  • dbus-devel-1.2.24-8.el6_6.x86_64
  • glib2-devel-2.28.8-4.el6.x86_64
  • dbus-glib-devel-0.86-6.el6.x86_64
  • flex-2.5.35-9.el6.x86_64
  • xml-common-0.6.3-33.el6.noarch
  • sgml-common-0.6.3-33.el6.noarch
  • docbook-dtds-1.0-51.el6.noarch
  • docbook-style-xsl-1.75.2-6.el6.noarch
  • libattr-devel-2.4.44-7.el6.x86_64
  • db4-cxx-4.7.25-19.el6_6.x86_64
  • db4-devel-4.7.25-19.el6_6.x86_64
  • libacl-devel-2.2.49-6.el6.x86_64
  • libgpg-error-devel-1.7-4.el6.x86_64
  • libcom_err-devel-1.41.12-21.el6.x86_64
  • zlib-devel-1.2.3-29.el6.x86_64
  • cyrus-sasl-devel-2.1.23-15.el6_6.2.x86_64
  • mysql-5.1.73-5.el6_6.x86_64
  • libsepol-devel-2.0.41-4.el6.x86_64
  • libselinux-devel-2.0.94-5.8.el6.x86_64
  • keyutils-libs-devel-1.4-5.el6.x86_64
  • krb5-devel-1.10.3-37.el6_6.x86_64
  • openssl-devel-1.0.1e-30.el6.11.x86_64
  • tcp_wrappers-7.6-57.el6.x86_64
  • quota-3.17-21.el6_5.x86_64
  • quota-devel-3.17-21.el6_5.x86_64
  • mysql-devel-5.1.73-5.el6_6.x86_64
  • openldap-devel-2.4.39-8.el6.x86_64
  • libgcrypt-devel-1.4.5-11.el6_4.x86_64
  • pam-devel-1.1.1-20.el6.x86_64
  • systemtap-sdt-devel-2.5-5.el6.x86_64
  • libtdb-devel-1.2.10-1.el6.x86_64
  • tcp_wrappers-devel-7.6-57.el6.x86_64

After build the rpm and install it

 # cd ~/rpmbuild/RPMS/x86_64/
 # rpm -ivh netatalk-3.1.7-1.2.el6.x86_64.rpm

If “error: Failed dependencies: xxx is needed by…” is displayed, execute “#yum install xxx

In my case it complain about dbus-python

# yum install dbus-python

Check features and paths, using “afpd -V”.

# afpd -V
afpd 3.1.7 - Apple Filing Protocol (AFP) daemon of Netatalk

This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version. Please see the file COPYING for further information and details.

afpd has been compiled with support for these features:

          AFP versions:	2.2 3.0 3.1 3.2 3.3 3.4 
         CNID backends:	dbd last tdb mysql 
      Zeroconf support:	Avahi
  TCP wrappers support:	Yes
         Quota support:	Yes
   Admin group support:	Yes
    Valid shell checks:	Yes
      cracklib support:	Yes
            EA support:	ad | sys
           ACL support:	Yes
          LDAP support:	Yes
         D-Bus support:	Yes
     Spotlight support:	No
         DTrace probes:	Yes

              afp.conf:	/etc/netatalk//afp.conf
           extmap.conf:	/etc/netatalk//extmap.conf
       state directory:	/var/lib/netatalk/
    afp_signature.conf:	/var/lib/netatalk/afp_signature.conf
      afp_voluuid.conf:	/var/lib/netatalk/afp_voluuid.conf
       UAM search path:	/usr/lib64/netatalk//
  Server messages path:	/var/lib/netatalk/msg/

Now let's go to setup up the service, editing the “/etc/netatalk/afp.conf”.

Here's mine:

# vi afp.conf
;
; Netatalk 3.x configuration file
;

[Global]
; Global server settings
uam list = uams_guest.so , uams_randnum.so , uams_dhx.so , uams_dhx2.so
mimic model = Xserve
log level = default:warn
log file = /var/log/afpd.log
afp interfaces = eth1, eth2
afp listen = 192.168.1.0/24 , 192.168.2.0 /24

; [Homes]
; basedir regex = /home

; [My AFP Volume]
; path = /path/to/volume

[TimeMachine]
path = /opt/timemachine
valid users = tmbackup
time machine = yes

To configure this file, I've needed this link: http://netatalk.sourceforge.net/3.1/htmldocs/configuration.html#authentication

We need to adjust the firewall, we will open the TCP port 548 for the GREEN network

# config set fw_netatalk service status enabled TCPPorts 548 access private
# signal-event firewall-adjust
# signal-event runlevel-adjust

We need to add the user tmbackup, and set a password

# useradd tmbackup
# passwd tmbackup

This user need all rights on the /opt/timemachine directory

# cd /opt
# chown tmbackup timemachine

And finally enable the service att startup and start the service

# chkconfig netatalk on
# service netatalk start

At this point on the Mac, we can see the server in the Finder, and configure the Time Machine Backup

It's recommended to connect one time in the Finder and keep the password in the Keychain

Until now SElinux don't complain 8-)