Netatalk authentication gotchas and diagnostic steps for Ubuntu 10.04
Posted: September 11th, 2010 | Author: Godwin | Filed under: netatalk, Ubuntu | Tags: AppleTalk, authentication, gotchas, lucid, lynx, MacOSX 10.6, netatalk, Time Machine, uam, Ubuntu, Ubuntu 10.04 | No Comments »For some reason the netatalk package that is in the Ubuntu repository doesn’t come with any password authentication packages. So unless you want a fully non password appletalk setup on your Ubuntu server. DO NOT apt-get install netatalk!
I followed Mr. Kretschmann’s handy HowTo for installing Netatalk on Ubuntu. It seems to work for Ubuntu 10.04 (actually it should work with all linux distributions). However when I try login, I kept getting unknown username / password problem.
Here are my installation steps:
1 2 3 4 5 6 7 8 | sudo apt-get source netatalk sudo apt-get build-dep netatalk sudo apt-get install cracklib2-dev sudo apt-get install libssl-dev cd netatalk-2* sudo DEB_BUILD_OPTIONS=ssl dpkg-buildpackage -rfakeroot sudo dpkg -i ../netatalk-2*.deb echo "netatalk hold" | sudo dpkg --set-selections |
Here are my diagnostic steps:
- Check your afpd.conf and AppleVolumes.default files for any typos, especially when you are cutting and pasting!
- If you want to let each user to access his/her own directory, you should put
1~/ "$u" allow:$u cnidscheme:cdb
in AppleVolumes.default; $u is the variable for username; instead of username1/username2 combination as listed in the HowTo. The list of variable names is in the comment section of the file or here.
- Open Log File Viewer under System -> Administration. What this does is whenever there is any updates in any of the log files, the updated log file on the left will appear bold.
- What I encountered was my installation steps above only created the uams_dhx2*.so authentication libraries. My syslog file has these entries
1
2
3
4
5
6afpd[17919]: ASIP started on 192.168.168.121:548(5) (2.0.5)
afpd[17919]: uam: loading (/usr/lib/netatalk/uams_randnum.so)
afpd[17919]: uam: uam not found (status=-1)
afpd[17919]: uam: loading (/usr/lib/netatalk/uams_dhx.so)
afpd[17919]: uam: uam not found (status=-1)
afpd[17919]: Finished parsing Config File - Go to /usr/lib/netatalk directory and verify which authentication modules you have. Update your afpd.conf appropriately. Mine is:
1- -transall -uamlist uams_dhx2.so -savepassword -advertise_ssh
dhx2 authentication is only supported by MacOSX machines, if you have OS9 or earlier you will have to have the others fall back to. I think it is much easier to use a normal MacOSX machine to do Appletalk though.
- I also noticed in with Netatalk 2.0.5 (vs 2.0.3 in the HowTo), there is a Time Machine support option in the AppleVolumes.default file. So an entry like this:
1~/TimeMachine "$u" allow:$u cnidscheme:cdb options:usedots,upriv,tm
would allow a per user login to have their own TimeMachine backup. or you can do it by ip via the $c variable. With that option enabled, I can run TimeMachine without having to create my own sparsebundle etc. You still have to issue the Defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1 command in a terminal of the Mac you want to start TimeMachine though.
- Oh after each change, remember to run:
1
2/etc/init.d/netatalk stop
/etc/init.d/netatalk startI find 2 commands work better than one command using the restart flag.
Leave a Reply
You must be logged in to post a comment.