29 Oct 07 Howto/Download: Netatalk 2.03 with encryption support for Debian 4.0
By default Debian’s netatalk package does not come with encryption support (hence why you get a warning message in OS X 10.3 & 10.4 regarding the sending of cleartext passwords). Leopard deeply cares about encryption and doesn’t even allow non-encrypted password.
There are a lot of guides available on the internet, attached is a i386 binary (sorry x86_64 folks) that has encryption support build in.
A stern warning:
My deb package does NOT include printing support through Appletalk. There seems to be a library problem. Either one must disable encryption support in the binary to allow printing or the other way around. So if you were using Appletalk and using your Debian box as a print server, this will not work with this deb package. Furthermore I have no responsibility and no liability when it comes to what the altered software package does to your computer so use at your own risk!
You need the following libararies installed in order for this to work peachy:
libdb4.2
cracklib2
cracklib-runtime
libssl0.9.8
libpam-modules
libauthen-pam-perl
libpam0g
libslp
libwrap0
Other requirements:
-A good sense of Debian understanding if something does go wrong
-Debian 4.0
-libc6 2.6+ (find out by doing ‘dpkg -l | grep libc6′)
Step 1
paste in (no quotes):
‘aptitude install libdb4.2 cracklib2 cracklib-runtime libssl0.9.8 libpam-modules libauthen-pam-perl libpam0g libslp libwrap0′
Step 2
Download my .deb package on your debian machine:
‘cd /tmp; wget http://www.disgruntled-dutch.com/media/misc/netatalk_2.0.3-4_i386.deb’
(linked here)
Step 3
Install deb package.
‘cd /tmp; dpkg -i netatalk_2.0.3-4_i386.deb’
Step 4
Tell aptitude / apt-get to not upgrade netatalk.
‘aptitude hold netatalk’
Step 5
Your done!
Tags: aptitude, deb, debian, download, encryption, etch, netatalk
26 Oct 07 How to get your Linux-based AFP server to show up correctly in Leopard’s new Finder
I upgraded to Leopard a day early, but in that day I have already found a new feature that required a change on my Linux server to make everything work peachy.
Leopard’s new Finder now lists computers under the “Shared” section on the left hand panel. This is pretty snazzy. Not only can you manually mount a server via Apple + K (Connect to server), all local servers show up here. However it seems that if your Mac and/or Linux based machine doesn’t have some sort of zeroconf (aka Bonjour) service advertising AFP, then it shows up as a Samba (aka PC Server) under Shared.
Assumption:
I assume you have netatalk configured correctly, as in your rebuild it correctly with dhx support (not by default in Debian). . You can read more about that here.
So under Debian the fix is as follows:
1. sudo su – or su -
2. aptitude install avahi-daemon
3. echo “- -noddp -uamlist uams_randnum.so,uams_dhx.so” > /etc/netatalk/afpd.conf
4. vi /etc/nsswitch
change your hosts line to be like this:
hosts: files dns mdns4
5. paste in (no quotes):
‘cd /etc/avahi/services; wget http://www.disgruntled-dutch.com/media/afpd.service’
6. /etc/init.d/netatalk restart && /etc/init.d/avahi-daemon restart && tail -n70 /var/log/syslog
Check if it started up like for example:
Oct 26 11:03:42 thenas afpd[26279]: Registering CNID module [last]
Oct 26 11:03:42 thenas afpd[26279]: Registering CNID module [cdb]
Oct 26 11:03:42 thenas afpd[26279]: Registering CNID module [dbd]
Oct 26 11:03:42 thenas afpd[26279]: Loading ConfigFile
Oct 26 11:03:42 thenas afpd[26279]: main: atp_open: Cannot assign requested address
Oct 26 11:03:42 thenas afpd[26279]: dsi_tcp: hostname 'thenas' resolves to loopback address
Oct 26 11:03:42 thenas afpd[26279]: dsi_tcp: '192.168.1.250' on interface 'eth1' will be used instead.
Oct 26 11:03:42 thenas afpd[26279]: ASIP started on 192.168.1.250:548(5) (2.0.3)
Oct 26 11:03:42 thenas afpd[26279]: Sucessfully registered afp://192.168.1.250/?NAME=thenas&ZONE= with SRVLOC
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_dhx.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_dhx.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_guest.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_guest.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_clrtxt.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_clrtxt.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_passwd.so)
Oct 26 11:03:42 thenas afpd[26279]: uam_load(uams_passwd.so): mod_symbol error for symbol uams_passwd
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_passwd.so load failure
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_gss.so)
Oct 26 11:03:42 thenas avahi-daemon[26246]: Got SIGTERM, quitting.
Oct 26 11:03:42 thenas avahi-daemon[26246]: Leaving mDNS multicast group on interface eth1.IPv4 with address 192.168.1.250.
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_gss.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: "Client Krb v2" available
Oct 26 11:03:42 thenas afpd[26279]: uam: "Cleartxt Passwrd" available
Oct 26 11:03:42 thenas afpd[26279]: uam: "No User Authent" available
Oct 26 11:03:42 thenas afpd[26279]: uam: "DHCAST128" available
Oct 26 11:03:42 thenas afpd[26279]: main: dsi_init: Address already in use
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_randnum.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_randnum.so loaded
Oct 26 11:03:42 thenas afpd[26279]: uam: loading (/usr/lib/netatalk/uams_dhx.so)
Oct 26 11:03:42 thenas afpd[26279]: uam: uams_dhx.so loaded
Oct 26 11:03:42 thenas afpd[26279]: Finished parsing Config File
Oct 26 11:03:42 thenas avahi-daemon[26290]: Found user 'avahi' (UID 107) and group 'avahi' (GID 106).
Oct 26 11:03:42 thenas avahi-daemon[26290]: Successfully dropped root privileges.
Oct 26 11:03:42 thenas avahi-daemon[26290]: avahi-daemon 0.6.21 starting up.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Successfully called chroot().
Oct 26 11:03:42 thenas avahi-daemon[26290]: Successfully dropped remaining capabilities.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Loading service file /services/afpd.service.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Joining mDNS multicast group on interface eth1.IPv4 with address 192.168.1.250.
Oct 26 11:03:42 thenas avahi-daemon[26290]: New relevant interface eth1.IPv4 for mDNS.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Network interface enumeration completed.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Registering new address record for fe80::213:d4ff:fe0a:2da8 on eth1.*.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Registering new address record for 192.168.1.250 on eth1.IPv4.
Oct 26 11:03:42 thenas avahi-daemon[26290]: Registering HINFO record with values 'I686'/'LINUX'.
Oct 26 11:03:43 thenas avahi-daemon[26290]: Server startup complete. Host name is thenas.local. Local service cookie is 962578462.
Oct 26 11:03:44 thenas avahi-daemon[26290]: Service "thenas" (/services/afpd.service) successfully established.
You are good to go!
EDIT: Had to escape the XML code.
EDIT2: added a ‘wget step’ due to mangled XML code on this blog.
Tags: afp, avahi, debian, finder, howto, leopard, nas, netatalk
16 Oct 07 How I build my 2 TB NAS
I mentioned in my last post that I procured 4x 500GB at a very good price. The intention the entire time was to build a cost effective but reliable NAS in order to store my various files centrally instead of a copy on the iMac, a copy on the laptop and another copy elsewhere. Not to mention that all these systems only had one hard drive, meaning one single failure could wipe out some of my data (with exception to the iMac which has a 250gb firewire drive to which it syncs data every night with my own little written rsync script).
There are some software solutions that have been released that purely focus on the ability to quickly create a NAS. I had simple requirements. I needed Samba for my Windows based laptops, NFS for my Linux workstation and AFP for the Macs. FreeNAS was the first thing that came to my mind. Openfiler was out, one because it hadn’t been developed in over a year (doesn’t show developer commitment in my mind then) and NAS lite required you to have a hardware RAID controller. While ideally that would’ve been the nicest, there are some software solutions that do a very well job. Unfortunately FreeNAS was not reliable. The latest RC missed a ata.timeout flag, which caused my disks to get “detached” because the spinup too longer then my 5 seconds. I tried the beta which did include this functionality but after the loads were without any clear reason why at 2.x – 3.x and my file transfers were moving like molasses, I rebooted the machine. It never came back up. The restart process literally damaged the software based RAID. At this point I let the idea rest for 3 days until I decided that I didn’t need a dedicated NAS solution/package to get my NAS to work. I have enough experience now to get my own machine together and it’ll be exactly what I want.
My current job requires me to use Red Hat and Solaris. Both are very well developed operating systems (I’m even going to a Solaris training camp in December paid by my work) but they aren’t my choice of operating system. My last employment had me use Debian and I really like how Debian works and is setup. DEB packages are fantastic and aptitude (apt-get previously) makes it even better. It is, in my opinion, years ahead of RPMs and the Yum software. So I downloaded the 140MB Debian 4.0 Netinst CD and I was on my way to getting Debian rolled onto my old desktop.
