Cant Access AFP shares

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

Chrisswain

New Member
Jul 12, 2016
7
0
1
50
I have a fresh build of Napp-it 16.03 built on OmniOS

Got nappit working well on SMB
created a new zfs dataset for Timemachine and i can see it but not logon to it nor can mac timemachine see the share.

does anyone have a quick guide how to get this working that is not for ver 0.8k as i have search forums to no effect

THANKS
 

zos

Member
Oct 27, 2013
41
20
8
Have you set needed config-parms for timemachine in /etc/afp.conf, like shown in this example?
Code:
[Global]
; valid log levels: severe, error, warn, note, info, debug, debug6-9, maxdebug
log level = default:info
; location of logfile
log file = /var/log/afp.log
; only allow connection from this netmask
hosts allow = 192.168.0.0/16

[Homes]
; if path is set, only access to the given dir is granted
; path = afp
basedir regex = /export/home

[TimeMachine NameOfYourMac]
; time machine support for this volume
time machine = yes
; path to Time Machine (must be writable for valid users)
path=/zfspool/NameOfYourMac
; valid users: group "staff" (@ marks user-groups)
valid users = YourUser
; vol size limit in MiB (value 1000 means 1 GB)
vol size limit = 1000000
If not, edit your /etc/afp.conf and restart netatalk:

svcadm restart netatalk
 

Chrisswain

New Member
Jul 12, 2016
7
0
1
50
This is my current afp.conf


[Global]
mimic model = TimeCapsule6,106
log level = default:warn
log file = /var/adm/afpd.log
hosts allow = 0.0.0.0/24
disconnect time = 1

[Homes]
basedir regex = /LRS/TimeMachine

[TimeMachine]
time machine = yes
path=/LRS/TimeMachine
valid users = @lrs
#200 GB (units of MB)
vol size limit = 204800
 

zos

Member
Oct 27, 2013
41
20
8
What about read/write permissions of dir "/LRS/TimeMachine"? Who is authorized to write to "/LRS/TimeMachine"?
 

Chrisswain

New Member
Jul 12, 2016
7
0
1
50
ACL of folder /LRS/TimeMachine
drwxrwxrwx+ 5 root root 6 Jul 12 20:48 (777)
ACL User/ Group acl acl-set details inheritance type option

0 user:root rwxpdDaARWcCos full_set rd(acl,att,xatt) wr(acl,att,xatt,own) add(fi,sdir) del(yes,child) x, s file,dir allow delete
1 everyone@ rwxpdDaARWcCos full_set rd(acl,att,xatt) wr(acl,att,xatt,own) add(fi,sdir) del(yes,child) x, s file,dir allow delete
 

gea

Well-Known Member
Dec 31, 2010
3,141
1,182
113
DE
I have not tried AFP for quite sime time (It is EoL, Apple switched to SMB as default protocol).
Only use case is time machine where using SMB shares is not yet supported per default.

The usual way to setup with napp-it was
- install netatalk via the maawi repository via wget -O - www.napp-it.org/afp | perl
- set nbmand of the afp filesystem to off and aclinherit + aclmode to pass-through (is the default)
- share the filesystem via napp-it, menu ZFS filesystems (use menu set en in About > Settings)

You can use local users to access the share but be aware that AFP permissions are not compatible to AD permisisons.
 
Last edited:

Chrisswain

New Member
Jul 12, 2016
7
0
1
50
Thanks Gea, Thats what I have done and i can connect to afp://ip and write to the share but Timemachine give me a The operation couldn't be completed. (OSStatus error 2.)
 

gea

Well-Known Member
Dec 31, 2010
3,141
1,182
113
DE
The error seems related to permission problems
Have you set everyone@ recursively to the shared filesystems and everything below?

(You are not allowed to restrict on the root folder)
 

gea

Well-Known Member
Dec 31, 2010
3,141
1,182
113
DE
napp-it Menu ZFS filesystems, click on a filesystem row under "Folder ACL"
You see a listing of permissions. below the listing is "reset ACL"

Set to modify, recursive
 

natkin

New Member
Jul 14, 2016
15
1
3
This is my current afp.conf
...
[TimeMachine]
time machine = yes
path=/LRS/TimeMachine
valid users = @lrs
#200 GB (units of MB)
vol size limit = 204800
I recommend you also add the following to your [TimeMachine] configuration:
Code:
vol dbpath = /LRS/TimeMachine
That way, netatalk will store the .AppleDB metadata in the same path along with the Time Machine sparsebundles. You should then set up zfs-snapshot jobs on your /LRS/TimeMachine dataset, and if a sparsebundle is intermittently corrupted by Time Machine (it does happen!), then you can zfs-rollback both the data and the netatalk metadata together. When rolling back, you should disable netatalk first, and then re-enable afterward.
 

natkin

New Member
Jul 14, 2016
15
1
3
I can still see shares and work with them via afp:/ip but still get time machine oss2 error
One thing possibly to confirm—you tested afp:// access and directory and file creation in Finder using the same account as used by Time Machine? I.e., the same account/password as stored in Keychain Access for Kind "Time Machine Password" and for Name (e.g.,) "<hostname>._afpovertcp._tcp.local."?