Linux Netatalk-HOWTO
by Anders Brownworth
[anders@thehamptons.com] 		2.1.0
September 18, 2000
http://www.thehamptons.com/anders/netatalk/impatient.html
Download
Tips
Home
Utilities
Contacts

Linux Netatalk-HOWTO
Quick Start - Guide for the Impatient

  • For netatalk to work, you need TCP/IP networking up and running on your machine. For Classic Appletalk networking, you also need Appletalk either compiled into your kernel or loaded as a module. (If it's a module, you can unload and reload Appletalk without rebooting your server.) If you need advice on how to compile a kernel, consult the Linux Kernel-HOWTO. Don't forget to either reboot on your new kernel or install the Appletalk module before trying to run netatalk. You have been warned!

  • Download, uncompress and untar the netatalk source.
    [ftp://ftp.u.washington.edu/public/asun/]

    Alternativly I make a pre-compiled version of netatalk available for Intel Linux with and without shadow support:

    [http://thehamptons.com/anders/netatalk/mirror/
    netatalk-1.4b2+asun2.1.1.x86-nonshadow-linux.tar.gz    ]
    [http://thehamptons.com/anders/netatalk/mirror/
    netatalk-1.4b2+asun2.1.1.x86-shadow-linux.tar.gz    ]

  • Edit the Netatalk Makefile

    • If you want to install anywhere other than /usr/local/atalk
    • If your libraries are in non-standard locations, change the apropriate lines.
    • Comment out PAM support if you don't have it.

  • Edit the etc/afpd/Makefile and add -DSHADOWPW to the CFLAGS section if you are using shadow passwords and not PAM.

  • If you are running libc.so.5, comment out -lrpcsvc in sys/linux/Makefile. If you're using PAM, make sure you add -DUSE_PAM and have -lpam -ldl.

  • Install a DES library if you don't already have one and are planning on using DES encrypted passwords. If not, you can just comment the DES line out of the Makefile.

    • Download, uncompress and untar the libdes source.
      [ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/]
    • Type make.
    • If everything compiled correctly, type make install. (you might take a look at the INSTALL file that comes with this des library.)

  • Create .passwd files for your users in their home directories and set the permissions. More notes on this are in the passwords section. (in the following example, replace "user" with the username and "group" with the group name.)

    • echo "mypass" > ~user/.passwd
    • chown user:group ~user/.passwd
    • chmod 600 ~user/.passwd

  • Install tcp wrappers if you don't already have it. (you probably already have it but to compile, netatalk needs tcpd.h)

    • Download, uncompress and untar the tcp wrappers source.
      [ftp://ftp.porcupine.org/pub/security/]
    • Type cp tcpd.h /usr/local/include
    • Type make REAL_DAEMON_DIR=/usr/sbin linux
    • You probably want to install tcp wrappers if you don't already have it so look at the included README file.

  • In the netatalk source tree, type make

  • If everything compiled without errors, type make install to install the package.

  • In the event of a compile error, you can look at the tips page or download a compiled version of netatalk for X86 and Sparc:

  • Add the following to your /etc/services file: 

        rtmp            1/ddp           # Routing Table Maintenance Protocol
    nbp             2/ddp           # Name Binding Protocol
    echo            4/ddp           # AppleTalk Echo Protocol
    zip             6/ddp           # Zone Information Protocol

    afpovertcp      548/tcp         # AFP over TCP
    afpovertcp      548/udp

  • Type cp conf/atalkd.conf /usr/local/atalk/etc. This file will automatically get updated by atalkd to reflect your network setup. If you have more than one network card or are working within zones, you will want to follow the instructions in this file and edit it by hand.

  • Type cp conf/afpd.conf /usr/local/atalk/etc. This file sets afpd options and is safe to leave alone for now.

  • Copy and edit AppleVolumes.* to setup your export options.

    • Type cp conf/AppleVolumes.default /usr/local/atalk/etc.
    • Type cp conf/AppleVolumes.system /usr/local/atalk/etc.
    • Add the following line to AppleVolumes.default: ~ "Home Directory"

  • (optional) Install rc.atalk.(sys_type) to launch netatalk when your computer boots. There is a BSD, RedHat and Sys V version of the init script in the root of the netatalk source.

  • Start up your new netatalk server:

    • Launch one of the startup scripts:
      rc.atalk.sysv start

You should be all set now. Go to a Macintosh on the ethernet, pull down the Apple menu to the Chooser and click AppleShare. Make sure Appletalk is active in the lower right hand corner, (if it's not, click Active and restart) then click on your Linux machine which should come up in the list to the right and login and mount your volume.

If you have problems logging in as anyone but "Guest", check if your system is using shadow passwords. If so, you will need to recompile and reinstall with -DSHADOWPW defined in the Makefile or convert your system to the less secure "standard password suite". (RedHat users can try pwconv and pwunconv to convert the system between shadow and standard password suites) I have a few notes on other password issues.

Origional document: [http://www.thehamptons.com/anders/netatalk/impatient.html]