Benjamin Sherman » netatalk

Advertising Linux Services via Avahi/Bonjour

benjamin — Sun, 27 Jan 2008 22:20:42 +0000

Update: most of this information is still correct but an update for combining service definitions into one file and setting an icon is available here: http://holyarmy.org/2008/11/bonjour-avahi-addendum

In my last post I outlined how I followed others’ directions to enable netatalk on Linux and Time Machine backups to a shared AFP folder. Originally, I also described how to put all your shares on netatalk. I suppose if only have Mac clients or you REALLY want to use AFP, you can do so. As I worked with files over AFP shares, I started noticing that the performance seemed to be quite bad. No, I didn’t benchmark, but copying large video files to a shared folder over my gigabit network was substantially slower over AFP (netatalk) than over CIFS/SMB (samba). I use my network shares pretty heavily, so this was a concern. Also, netatalk tries very hard to replicate an HFS filesystem complete with resource fork support. This means that your shared directories end up with lots of extra folders named “.AppleDouble”(and a few others) containing Mac specific info. (Note: even on CIFS you’ll get the “.AppleDB” folders unless you disable a setting in Finder. I can deal with .AppleDB better than .AppleDouble AND .AppleDB) So, because of these two issues I decided to try using CIFS and samba again.

My first experiment was to try sharing a “time_machine” folder via CIFS, and using the “defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1″ hack on the previous post, I was able to get Time Machine to perform a backup. It worked, but in the end I decided that if I need to restore from this backup, I want my resource forks intact. To do that, I need AFP and netatalk. So, I removed all AFP shares except the one for Time Machine backup share. Now my Time Machine would backup and restore happily, and I could again use my Samba shares.

One of the cool things about having used AFP/netatalk was that my server and folders were showing up in my finder window. Well, that’s not a feature of AFP or netatalk, its actually avahi/Bonjour doing that. So, all I had to do was advertise the services. If you followed my previous posts, you’ve already created a service for AFP/netatalk on your server; it’s simple to create more, just add more service files. I’ll paste in all of my service files here:

/etc/avahi/services/aftp.service/

afpd.service%h AFP _afpovertcp._tcp 548
apache.service%h HTTP _http._tcp 80
rfb.service%h VNC _rfb._tcp 5901
samba.service%h _smb._tcp 139
sftp.service%h SFTP _sftp-ssh._tcp 22
ssh.service%h SSH _ssh._tcp 22

So, you can see that I’m announcing Samba/CIFS file, AFP file, Apache HTTPd, VNC (RFB) Remote Desktop, SSH and SFTP services. Leopard’s Finder only displays the CIFS, AFP and RFB services, but other applications with Bonjour support will see the other services. By default Finder opens “Screen Sharing” when you use the advertised service, but Chicken of the VNC can also browse for Bonjour enabled VNC servers. Below are screen shots of my Finder showing the shared services.

No restarts are needed for anything at this point. The services should automatically be picked up by the Linux avahi daemon, but if you really need to, you may execute /etc/init.d/avahi-daemon restart .

Time Machine backup to Linux via Netatalk

benjamin — Thu, 24 Jan 2008 07:26:49 +0000

So, when I got the upgrade from Tiger to Leopard on my MacBook Pro, I was looking for a good backup solution. I’ve used rsync in the past, but when I saw that Apple had a new Time Machine backup tool, I was curious to give it a shot. The catch is you basically needed an external USB or Firewire drive, until they recently came out with the Time Capsule. Anyway, tonight I got the itch to really see if I could make Time Machine work without buying extra hardware. I mean, seriously, I’ve got a good hunk of mirrored disk sitting on my home server; that seems like a good place to do backups.

Some googling found me this link to a blogger who’d done it!

I’ll make my own version of this post, since I had a few differences from the original I where I found the info.

First, netatalk is the Apple File Protocol server for Linux. My home server is running Ubuntu Linux 7.10 Gutsy Gibbon release. The default Debian/Ubuntu netatalk package doesn’t cut it, though, as it isn’t compiled against ssl, and Leopard has more stringent security requirements than its predecessors, so we have to custom compile a more secure version of netatalk. (Yes, you could reduce the security requirements, but I’d rather not.)

Follow the instructions in this ubuntu forum post to compile and install netatalk. After, run “echo “netatalk hold” | sudo dpkg –set-selections” to ensure that your package is not auto-upgraded (thus breaking your install).
Edit the netatalk configuration to include your backup storage location. The file /etc/netatalk/AppleVolumes.default is where the file server paths are configured. The last line of the default config grants access to home directories and looks like: (~/ “Home Directory”). You’ll need to add a line specifying where you are storing your backups; mine looks like: (/backup/time_machine/ “Time Machine”). Note: I removed the “Home Directory” line, as in general I’m happier using CIFS(Samba) to access my network shares.
Modify avahi/zeroconf to advertise AFP so that Mac Bonjour will see the fileserver. I followed these directions exactly.
Each Mac user needing access to the server has to have a corresponding user on the server, and each user needs a .passwd file in their home directory. Follow these instructions for Ubuntu only as it explains the creation of the .passwd file. Note: This is not needed, as far as I can tell, so I wouldn’t do it. I don’t like the idea of having my password in plaintext on my server.
Create a file named “.com.apple.timemachine.supported” at the root of the intended shared backup volume. (Discussed here in more detail.)
On your Mac, open a Terminal window and type: “defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1″

I rebooted, but it might not be necessary. After a bit of time, my server showed up under the “Shared” section in Finder’s left column navigation window. I did have to type in my username and password to get it to work, which can be saved in the keychain.

I added my other common shared folders (which I’d previously been accessing via Samba/CIFS). Now I’m backing up with Time Machine AND using my shared files via AFP. My Mac is happy, and I am too.

(see next post for explanation of strikeouts, but note, I don’t recommend you do the struck out actions.)