===== Bonjour Ubuntu =====
{{bonjour_xserve.png }}
In our small design agency, we only use Mac (about 6) and we would like to settle down a file server using [[index|ubuntu]] and fully integrate it to behave like a Mac.
In an Apple environment, computers share files using AFP protocol and discover themselves using Bonjour.
===== Software and Hardware =====
As i am writing those lines, my Ubuntu box is a tiny Asus EEE Box, it runs under
[[http://www.ubuntu.com/products/whatIsubuntu/serveredition| Ubuntu Server Edition]] 9.10 (Karmic Koala) on 32bits (which means i386 architecture) and my Macs are laptops and Mac Pro running on Mac OS X Snow Leopard 10.6 to Mac OS X Tiger 10.4
===== Installing Netatalk with dependencies =====
I can't install netatalk from standard deb package :
AFP's standard out-of-the-packet implementation on Netatalk, doesn't work well with MAC OSX : it requires encryption to work properly but the standard package of netatalk provided in the Ubuntu repositories doesn’t include this feature.
I gonna have to rebuild the package with a specific option, and for that, I need specific tools, let's get them :
sudo apt-get install devscripts cracklib2-dev dpkg-dev libssl-dev
I need the source
mkdir -p ~/src/netatalk
cd ~/src/netatalk
apt-get source netatalk
what are the dependencies
sudo apt-get build-dep netatalk
When I get them, then I can go onto the needed folder and rebuild the package from source with my specific option.
cd netatalk-2.0.4~beta2/
DEB_BUILD_OPTIONS=ssl sudo dpkg-buildpackage -us -uc
If on DEB_BUILD_OPTIONS=ssl sudo dpkg-buildpackage -us -uc you get the message dpkg-buildpackage: warning: Build dependencies/conflicts unsatisfied; aborting. then, it may be related to a libcupsys2-dev has no installation candidate in your sudo apt-get build-dep netatalk task use sudo aptitude install libcups2-dev to install it.
If you get a loooong scrolling matrix-like text full of warnings, then, it means that everything went right.
Finally, use the debi command to install the package on your machine. That's all you have to know, don't google for debi, you might have spot on some Debi Laszewski pictures.
sudo debi
===== Configuring Netatalk and AFPD =====
Now that netatalk is installed, let's configure it.
How do I know that it has been successfully installed ? try to restart it by using the standard ubuntu deamon restart procedure :
sudo /etc/init.d/netatalk restart
Well, this takes a while.
{{bonjour_netatalk_initial_restart.png}}
==== Netatalk ====
As you can read, Netatalk starts with 3 standard protocols : atalkd afpd and papd. Well, we don't need those stuffs, and to make it easier, and much faster we gonna disactivate those old protocols. For instance Netatalk starts the old AppleTalk protocol by default which is just needed for pre OS X systems.
As I am a [[http://www.vim.org/|vi]] geek and I am running Ubuntu Server Edition i gonna use this editor, but feel free to use any other you want.
sudo vi /etc/default/netatalk
on the "Set which daemons to run" part, replace the default values with these to enable just AFP and disable all unneeded services.
{{bonjour_vinetatalk.png}}
The cnid_meta daemon is required because cnid_metad waits for requests from afpd to start up instances of the cnid_dbd daemon, says the [[http://netatalk.sourceforge.net/2.0/htmldocs/cnid_metad.8.html|documentation]].
ATALKD_RUN=no
PAPD_RUN=no
CNID_METAD_RUN=yes
AFPD_RUN=yes
TIMELORD_RUN=no
A2BOOT_RUN=no
==== AFP ====
Let's now configure AFP, edit the afpd.conf file
sudo vi /etc/netatalk/afpd.conf
paste at the very bottom of the document this line - -transall -uamlist uams_randnum.so,uams_dhx.so -nosavepassword -advertise_ssh and yes, it really starts with dash space dash, that's all for now.
===== Configure shared Volumes =====
Now that Netatalk and AFP are configured, let's tell the afpd daemon what Volumes to share. This is defined in the AppleVolumes.default file inside /etc/netatalk/.
==== Adding users volumes ====
sudo vi /etc/netatalk/AppleVolumes.default
At the end of file,
~/ "Home Directory"
becomes
~/ "Home Directory" cnidscheme:cdb options:usedots,upriv
{{bonjour_applevolumes.png}}
==== Options ====
* usedots option makes the server keep the files beginning with a dot (such as .htaccess) not to be translated on to some :2e files.
* upriv adds support to the AFP3 unix privileges.
{{bonjour_usedots.png}}
==== Tiget Compatibility ====
If like in my case, you still have some Tiger machines connecting to the ubuntu box, don't use this upriv option.
==== Restarting ====
That's all for folder configuration, let's restart the netatalk deamon
sudo /etc/init.d/netatalk restart
{{bonjour_netatalk_better_restart.png}}
This time, you can see that only wanted services are showing up.
===== Installing and configuring Avahi ====
Let's say Bonjour to the other Macs on the network : the Avahi daemon will advertise all defined services across your network just like Bonjour do. So let's install the avahi daemon and the mDNS library used for imitating the Bonjour service. When fully configured this will cause all Macs in your network to discover your Ubuntu box automatically.
==== Installing ====
sudo apt-get install avahi-daemon
sudo apt-get install libnss-mdns
==== Configuring ===
Then, let's configure nsswitch
sudo vi /etc/nsswitch.conf
Just add "mdns" at the end of the line that starts with "hosts:". Now the line should look like this:
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 mdns
=== Advertise services ====
To tell Avahi which services it should advertise across the network, let's create a xml-file for each service inside /etc/avahi/services/ following a special syntax.
sudo vi /etc/avahi/services/afpd.service
Paste this in the newly created document
%h
_afpovertcp._tcp
548
_device-info._tcp
0
model=Xserve
==== Finishing ====
At this state, if you look into the Finder, you won't have any new server
{{bonjour_finder_before.png}}
sudo /etc/init.d/avahi-daemon restart
Check in your Finder, after a few seconds, a new server should appear (in this case "hermes")
{{bonjour_finder_after.png}}
Simply connect as your ubuntu user and access your files.
{{bonjour_finder_connect.png}}
With this config, you have full privileges on the remote host's home directory, so take care
{{bonjour_finder_connected.png}}
==== Pinning netatalk ====
Some issue I encounted is :
on the next netatalk version, as running a basic apt-get upgrade, it asks to upgrade netatalk.
If you don't pay atttention and upgrade it, it will replace the modified binary with a standard one that doesn't cope totally with apple system.
To resolve that, the package should be kept-back. To do so, sudo this :
echo libxfont1 hold | dpkg --set-selections
Since then, on each apt-get upgrade, this message should appear
The following packages have been kept back:
landscape-common netatalk
The following packages will be upgraded:
tzdata
If you made this mistake, simply uninstall the new netatalk by apt-get remove netatalk then repeat procedure to recompile and debi it.
===== References =====
* As a simple walkthrough for expermiented users, see smok3's blog post [[http://kravca.mu/blog/2009/11/ubuntu-and-osx/|ubuntu and osx]]
* Most of the steps of this tutorial are heavily inspired by Matthias Kretschmann's how-to [[http://www.kremalicious.com/2008/06/ubuntu-as-mac-file-server-and-time-machine-volume/|HowTo: Make Ubuntu A Perfect Mac File Server And Time Machine Volume]]
* This old ubuntuforums thread [[http://ubuntuforums.org/showthread.php?t=410274|How To: Install Netatalk (AFP) with Encrypted Authentication]] is a good start too.
* Pinning back is explained in the [[https://help.ubuntu.com/community/PinningHowto|PinningHowto]] wiki page on ubuntu
* Of course, [[http://avahi.org/|avahi]] and [[http://netatalk.sourceforge.net/2.0/htmldocs|netatalk]] are well documented