Skip to content

Installing Netatalk on openSUSE

Daniel Markstedt edited this page Nov 12, 2024 · 4 revisions

Install Netatalk

openSUSE distributes a netatalk package that can be installed with zypper.

For building and installing from source yourself, find links to the official documentation below.

Overview

This installation guide was originally written for Netatalk 3.1.11 on openSUSE Leap 42.2.

Below follows the build instructions for the legacy Autotools build system. In most cases, you want to follow the instructions in the links at the top of this page instead.

Required Packages

Install the following packages by zypper in.

  • gcc
  • libtool
  • make
  • libevent-devel (used by netatalk(8))
  • db-devel (dbd CNID backend)
  • libtdb-devel (tdb CNID backend)
  • libmysqlclient-devel (mysql CNID backend)
  • libgcrypt-devel (DHX2 auth)
  • libopenssl-devel or libressl-devel (DHX auth aka DHCAST128)
  • krb5-devel (Kerberos V auth)
  • pam-devel (PAM)
  • libavahi-devel (Bonjour support)
  • cracklib-devel (password check)
  • tcpd-devel (TCP Wrapper)
  • libacl-devel (ACL support)
  • openldap2-devel (enhanced ACL support)
  • dbus-1-devel (used by afpstats command)
  • dbus-1-glib-devel (used by afpstats command)
  • glib2-devel (used by afpstats command)
  • perl-IO-Socket-INET6 (used by asip-status.pl command)
  • systemtap-sdt-devel (DTrace-compatible)
  • tracker (used for spotlight indexing)
  • tracker-devel (used for spotlight indexing)

Build

Get the tarball from Netatalk Web Site.

Extract the tarball.

$ tar xvf netatalk-3.1.11.tar.bz2
$ cd netatalk-3.1.11

You should read the help message, in order to know configure options.

If the applicable libraries are installed, many options will be detected automatically.

$ ./configure --help

Do configure! The following options are not auto-detected.

$ ./configure \
   --with-init-style=suse-systemd \
   --without-libevent \
   --without-tdb \
   --with-cracklib \
   --enable-krbV-uam \
   --with-pam-confdir=/etc/pam.d \
   --with-dbus-sysconf-dir=/etc/dbus-1/system.d \
   --with-tracker-pkgconfig-version=1.0

The version 1.0 --with-tracker-pkgconfig-version=1.0 must match the pkg-config version of the installed Tracker libraries. Use the following commands for finding the version info:

$ pkg-config --list-all | grep tracker
...

On successful completion, you will see a report similar to the following:

Compilation summary:

   CPPFLAGS       = -I$(top_srcdir)/include -I$(top_builddir)/include -I$(top_srcdir)
   CFLAGS         = -D_U_="__attribute__((unused))" -g -O2
   LIBS           =  -lcrack
   PTHREADS:
       LIBS   =
       CFLAGS = -pthread
   TRACKER:
       LIBS   = -ltracker-sparql-1.0 -lgio-2.0 -lgobject-2.0 -Wl,--export-dynamic -lgmodule-2.0 -pthread -lglib-2.0
       CFLAGS = -pthread -I/usr/include/tracker-1.0 -I/usr/include/tracker-1.0/libtracker-sparql -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include
   SSL:
       LIBS   =  -L/usr/lib64 -lcrypto
       CFLAGS =  -I/usr/include/openssl
   LIBGCRYPT:
       LIBS   = -L/usr/lib64 -lgcrypt -ldl -lgpg-error
       CFLAGS =
   PAM:
       LIBS   =  -lpam
       CFLAGS =
   WRAP:
       LIBS   = -lwrap
       CFLAGS =
   BDB:
       LIBS   =  -L/usr/lib64 -ldb
       CFLAGS =
   GSSAPI:
       LIBS   = -lgssapi_krb5  -lcrack
       CFLAGS = -D_U_="__attribute__((unused))" -g -O2
   ZEROCONF:
       LIBS   =  -lavahi-common -lavahi-client
       CFLAGS =  -D_REENTRANT
   LDAP:
       LIBS   =  -lldap
       CFLAGS =
   LIBEVENT:
       LIBS   =
       CFLAGS =
   TDB:
       LIBS   = -ltdb
       CFLAGS =
   MySQL:
       LIBS   = -L/usr/lib64 -lmysqlclient -lpthread -lz -lm -lssl -lcrypto -ldl
       CFLAGS = -I/usr/include/mysql

Configure summary:

   INIT STYLE:
        suse-systemd
   AFP:
        Extended Attributes: ad | sys
        ACL support: yes
        Spotlight: yes
   CNID:
        backends:  dbd last tdb mysql
   UAMS:
        DHX     (PAM SHADOW)
        DHX2    (PAM SHADOW)
        RANDNUM (afppasswd)
        Kerberos V
        clrtxt  (PAM SHADOW)
        guest
   Options:
        Zeroconf support:        yes
        tcp wrapper support:     yes
        quota support:           yes
        valid shell check:       yes
        cracklib support:        yes
        ACL support:             auto
        Kerberos support:        auto
        LDAP support:            yes
        AFP stats via dbus:      yes
        dtrace probes:           yes
   Paths:
        Netatalk lockfile:       /var/lock/netatalk
        init directory:          /usr/lib/systemd/system
        dbus system directory:   /etc/dbus-1/system.d
        dbus daemon path:        /bin/dbus-daemon
        tracker prefix:          /usr
        tracker install prefix:  /usr
        tracker manager:         /usr/bin/tracker daemon
        pam config directory:    /etc/pam.d
   Documentation:
        Docbook:                 no

Docbook is not needed because it is for developers only.

Make and install.

$ make
# make install

Check

Check features and paths, using netatalk -V and afpd -V.

$ /usr/local/sbin/netatalk -V netatalk 3.1.11 - Netatalk AFP server
service controller daemon

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version. Please see the file COPYING for
further information and details.

netatalk has been compiled with support for these features:

     Zeroconf support: Avahi
    Spotlight support: Yes

                 afpd: /usr/local/sbin/afpd
           cnid_metad: /usr/local/sbin/cnid_metad
      tracker manager: /usr/bin/tracker daemon
          dbus-daemon: /bin/dbus-daemon
             afp.conf: /usr/local/etc/afp.conf
    dbus-session.conf: /usr/local/etc/dbus-session.conf
   netatalk lock file: /var/lock/netatalk
$ /usr/local/sbin/afpd -V
afpd 3.1.11 - Apple Filing Protocol
(AFP) daemon of Netatalk

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version. Please see the file COPYING for
further information and details.

afpd has been compiled with support for these features:

         AFP versions: 2.2 3.0 3.1 3.2 3.3 3.4
        CNID backends: dbd last tdb mysql
     Zeroconf support: Avahi
 TCP wrappers support: Yes
        Quota support: Yes
  Admin group support: Yes
   Valid shell checks: Yes
     cracklib support: Yes
           EA support: ad | sys
          ACL support: Yes
         LDAP support: Yes
        D-Bus support: Yes
    Spotlight support: Yes
        DTrace probes: Yes`

             afp.conf: /usr/local/etc/afp.conf
          extmap.conf: /usr/local/etc/extmap.conf
      state directory: /usr/local/var/netatalk/
   afp_signature.conf: /usr/local/var/netatalk/afp_signature.conf
     afp_voluuid.conf: /usr/local/var/netatalk/afp_voluuid.conf
      UAM search path: /usr/local/lib/netatalk//
 Server messages path: /usr/local/var/netatalk/msg/

Setting

Edit /usr/local/etc/afp.conf.

Ex:

[Global]

[Homes]

   basedir regex = /home

[Test Volume]

   path = /export/test1

[My Time Machine Volume]

   path = /export/timemachine
   time machine = yes

It's recommended to enable extended attributes of filesystem. It's no problem in case of btrfs.

If you use ext2,3 or 4, you should check it by getfattr and setfattr commands. If you use ACL, you shoud check it by getfacl and setfacl commands. If these are disabled, use tune2fs command or edit /etc/fstab file.

Ex:

 /dev/sdc2    /mountpoint    ext4    defaults,user_xattr,acl    0 2

You should check firewall. AFP's port number is 548. Zeroconf's port number is 5353.

Enabling and Starting

You must run Avahi ahead of Netatalk.

# systemctl enable avahi-daemon
# systemctl enable netatalk
# systemctl start avahi-daemon
# systemctl start netatalk

Spotlight Feature

If you use Spotlight feature, read Spotlight section in Netatalk Manual.

Set spotlight = yes.

Set spotlight = no for Time Machine's volume. The mining for sparsebundle is wasteful.

Ex:

[Global]

   spotlight = yes

[Homes]

   basedir regex = /home

[Test Volume]

   path = /export/test1

[My Time Machine Volume]

   path = /export/timemachine
   time machine = yes
   spotlight = no

Interoperation with Samba

Recent Netatalk and Samba can store metadata in the compatible format.

Using this way, the following access becomes possible.

  • from Mac to Netatalk
  • from Mac to Samba
  • from Windows to Samba

Netatalk

Using vol preset option, the same configuration is set for all volumes.

Using ea = samba, Extended Attributes become compatible with Samba.

Edit /usr/local/etc/afp.conf.

Ex:

[Global]

   vol preset = my default values

[my default values]

   ea = samba

[Homes]

   basedir regex = /home

[Test Volume]

   path = /export/test1

[My Time Machine Volume]

   path = /export/timemachine
   time machine = yes

Samba

Setting various options in [global], the same configuration is set for all shares.

Three vfs objects (catia, fruit and streams_xattr) provide enhanced compatibility with Apple SMB clients and interoperability with a Netatalk.

Using hide files, the invisible files created via Netatalk are hidden from Windows. Use hide files, not veto files.

Don't use fruit:locking = netatalk because it has a bug.

Edit /etc/samba/smb.conf.

Ex:

[global]

   ea support = Yes
   vfs objects = catia fruit streams_xattr`

   fruit:encoding = native
   streams_xattr:prefix = user.
   streams_xattr:store_stream_type = no`

   hide files = /.DS_Store/Network Trash Folder/TheFindByContentFolder/TheVolumeSettingsFolder/Temporary Items/.TemporaryItems/.VolumeIcon.icns/Icon?/.FBCIndex/.FBCLockFolder/

   read only = No

[homes]

[Test Volume]

   path = /export/test1

[My Time Machine Volume]  
path = /export/timemachine  
Clone this wiki locally