Saturday, May 19, 2012

Linux file sharing for OSX

Do you want to share files from your Linux server to your Mac computers ?
Install netatalk (apt-get netatalk). Edit /etc/default/netatalk and make sure the following are as follows:

ATALK_NAME=MyFileServer
ATALKD_RUN=no PAPD_RUN=no AFPD_RUN=yes TIMELORD_RUN=no


Share your directories by editing /etc/netatalk/AppleVolumes.default (one line per share):
~/ "LinuxHome" allow:adyhasch volcharset:UTF8 dbpath:/home/storage/.dbinfo options:noadouble,usedots,upriv 

/home/storage "Storage" allow:adyhasch volcharset:UTF8 dbpath:/home/storage/.dbinfo options:noadouble,nohex,upriv,usedots,tm



Add the following line to /etc/netatalk/afpd.conf
-setuplog "default log_info /var/log/afpd.log"
-mimicmodel MacPro


To change the icon displayed in Finder, replace the value of mimicmodel with one of the following values: Xserve,PowerBook, PowerMac, Macmini, iMac, MacBook, MacBookPro, MacBookAir, MacPro, AppleTV1,1, AirPort. 


You should now have basic file sharing working. Open a Finder window on your Mac and from the menu, choose Go > Connect to server and in the dialog box add afp://mylinuxserver then press + or browse. You should now be able to browse your files. If something goes wrong, like it did on my machine,
cat /var/log/afpd.log 


I had some "connection refused" messages looking like these:

May 19 12:26:27.844314 afpd[1386] {dsi_tcp.c:112} (W:DSI): refused connect from 10.0.0.32
May 19 12:26:27.844474 afpd[1386] {dsi_getsess.c:60} (E:DSI): dsi_getsess: Connection refused
May 19 12:26:27.844488 afpd[1386] {afp_config.c:226} (E:AFPDaemon): dsi_start: session error: Connection refused

If you have similar messages, edit your hosts.allow :
afpd: ALL


You can also autoconfigure the file sharing service with Zeroconf, or Bonjour, or Avahi. On Debian I'm using the Avahi service. Go to /etc/avahi/services and add a new service file, afpd.service
Add the following to your service file:

<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h Xserve</name>
<service>
<type>_afpovertcp._tcp</type>
<port>548</port>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=Xserve</txt-record>
</service>
</service-group>



To change the icon displayed in Finder, replace the value of model= with one of the following values: Xserve,PowerBook, PowerMac, Macmini, iMac, MacBook, MacBookPro, MacBookAir, MacPro, AppleTV1,1, AirPort. 

Save and restart the avahi service:
/etc/init.d/avahi-daemon restart

Now you should see TWO servers in the finder network. One is what the Avahi service publishes, the other one is what AFP service is publishing. I guess one doesn't need the Avahi part .. o I moved the afpd.service file to a new directory named "disabled" and restarted the Avahi service. 

If you run iptables, you need the following added to your config:
# AFP
-A INPUT -p tcp --dport afpovertcp -j ACCEPT

# AppleTalk
-I INPUT -p tcp -m multiport --dport at-rtmp,at-nbp,at-echo,at-zis -j ACCEPT
-I OUTPUT -p tcp -m multiport --dport at-rtmp,at-nbp,at-echo,at-zis -j ACCEPT

# Bonjour/Zeroconf
-I INPUT -p udp --dport mdns -d 224.0.0.251 -j ACCEPT
-I OUTPUT -p udp --dport mdns -d 224.0.0.251 -j ACCEPT



Happy sharing!