napp-it 0.8k with netatalk3

gea

Well-Known Member
Dec 31, 2010
2,502
842
113
DE
new napp-it 0.8k

due to problems with netatalk2 and OpenIndiana i have
uploaded napp-it 0.8k + netatalk3 installer for OI 151a5

http://napp-it.org/downloads/changelog_en.html

netatalk3 not fully tested and currently without Bonjour support
(connect via finder -> go to server -> afp://ip )

Any insights about Bonjour or PAM support for AD are welcome
 
Last edited:

reh

New Member
Jul 31, 2012
1
0
0
using oi_151.1.5 I upgraded to napp-it 0.8k
installed afp3 (over existing 2.2.3 from 0.8h)

now the afp service doesn't start any more:
sudo /etc/init.d/netatalk: command not found

Any suggestions?
 

gea

Well-Known Member
Dec 31, 2010
2,502
842
113
DE
using oi_151.1.5 I upgraded to napp-it 0.8k
installed afp3 (over existing 2.2.3 from 0.8h)

now the afp service doesn't start any more:
sudo /etc/init.d/netatalk: command not found

Any suggestions?
initscript is no longer used in netatalk3
use svcadm like napp-it (see napp-it menu services afp)
 

mixer

Member
Nov 26, 2011
92
0
6
Though my OI Napp-IT system needs an update, I am going to set up a test system with 151a5 and your latest and I'll try out AFP and let you know my findings. This will be this weekend. Thanks Gea!
 

mixer

Member
Nov 26, 2011
92
0
6
The machine I planned to use was not at all happy with Open Indiana, not sure why. Sometimes I could get the installer to boot, and it seemed happy, but the installed OS would never boot.

So I installed it to a new VM in Virtualbox on my OSX laptop.

I don't see any problems with AFP! It shows up in the Finder sidebar, and even Time Machine seems willing to use it for a backup destination. I guess I should add that the client machine is 10.8.

I actually noticed more problems with the Napp-IT web gui than with my other installed version (0.6i). Mostly issues with clicking on something and getting a "processing, please wait..." message but then nothing happening after that. Manually reloading the same page would bring it right up [though it is possible sometimes I actually was NOT waiting as long as I should have, it may have still been working]. Also, sometimes a fully blank page appears after trying to change something (Folder ACL for example) These both happened both in Safari and Firefox.

All your efforts are much appreciated though, Gea, Napp-IT is amazing (I've said it before and I'll say it again).
 
Last edited:

mixer

Member
Nov 26, 2011
92
0
6
@Jeggs101 -- on the contrary, I was reporting it generally worked fine for me, and the little issues I had with blank page loads etc could just be due to my less-than-adequate test setup. And even if not, a few manual page reloads is not a big deal to me.
 

gea

Well-Known Member
Dec 31, 2010
2,502
842
113
DE
napp-it works perfect with OI 151a5 (This is the main platform for napp-it)

I suppose, your virtualbox installation lacks RAM or performance.
Napp-it is calling Unix system commands via a webserver and CGI.
If this takes too long, you have a webserver timeout.

btw
I use OI on my Macbook Pro without any problem.
I have 8 GB RAM (2 GB for OI) on a SSD and Fusion
 

mixer

Member
Nov 26, 2011
92
0
6
That is probably true, Gea. Maybe I have some settings for the VM incorrect. I did give it 4GB of RAM though. Sorry for casting any doubts!
 

mixer

Member
Nov 26, 2011
92
0
6
Upon updating my "production" system to the a5 / 0.8k / netatalk 3 I have not experienced any hangs. It's all working great!
 

mixer

Member
Nov 26, 2011
92
0
6
Since I'm digging into the system for a disk change right now I checked on my AFP again, and it seems version 3 is not actually running. In Napp-IT Gui it says:
Code:
afp-server   :  online netatalk V.3
but on the OI 151a5 system I get:
Code:
$ netatalk-config --version
2.2.1
and
Code:
afpd -v
afpd 2.2.1 - Apple Filing Protocol (AFP) daemon of Netatalk

This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version. Please see the file COPYING for further information and details.

afpd has been compiled with support for these features:

          AFP versions: 2.2 3.0 3.1 3.2 3.3 
DDP(AppleTalk) Support: No
         CNID backends: dbd last tdb 

             afpd.conf: /etc/netatalk/afpd.conf
   AppleVolumes.system: /etc/netatalk/AppleVolumes.system
  AppleVolumes.default: /etc/netatalk/AppleVolumes.default
    afp_signature.conf: /etc/netatalk/afp_signature.conf
      afp_voluuid.conf: /etc/netatalk/afp_voluuid.conf
         afp_ldap.conf: /etc/netatalk/afp_ldap.conf
       UAM search path: /etc/netatalk/uams/
  Server messages path: /etc/netatalk/msg/
              lockfile: /var/spool/locks/afpd
Maybe it installed but didn't activate somehow?

Code:
# svcs
online         Aug_19   svc:/network/netatalk:default
I performed the update on 19-8-2012.

What should I do?
 
Last edited:

gea

Well-Known Member
Dec 31, 2010
2,502
842
113
DE
Since I'm digging into the system for a disk change right now I checked on my AFP again, and it seems version 3 is not actually running. In Napp-IT Gui it says:
Code:
afp-server   :  online netatalk V.3
but on the OI 151a5 system I get:
Code:
$ netatalk-config --version
2.2.1
and
Code:
afpd -v
afpd 2.2.1 - Apple Filing Protocol (AFP) daemon of Netatalk

This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version. Please see the file COPYING for further information and details.

afpd has been compiled with support for these features:

          AFP versions: 2.2 3.0 3.1 3.2 3.3 
DDP(AppleTalk) Support: No
         CNID backends: dbd last tdb 

             afpd.conf: /etc/netatalk/afpd.conf
   AppleVolumes.system: /etc/netatalk/AppleVolumes.system
  AppleVolumes.default: /etc/netatalk/AppleVolumes.default
    afp_signature.conf: /etc/netatalk/afp_signature.conf
      afp_voluuid.conf: /etc/netatalk/afp_voluuid.conf
         afp_ldap.conf: /etc/netatalk/afp_ldap.conf
       UAM search path: /etc/netatalk/uams/
  Server messages path: /etc/netatalk/msg/
              lockfile: /var/spool/locks/afpd
Maybe it installed but didn't activate somehow?

Code:
# svcs
online         Aug_19   svc:/network/netatalk:default

What should I do?

The service is a netatalk3 only thing. Netatalk2 was started via iniscript.
Check the running version (installed in different places than the old v2 files) with /usr/local/sbin/afpd -V
 

mixer

Member
Nov 26, 2011
92
0
6
Code:
/usr/local/sbin/afpd -V
afpd 3.0 - Apple Filing Protocol (AFP) daemon of Netatalk

This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version. Please see the file COPYING for further information and details.

afpd has been compiled with support for these features:

          AFP versions: 2.2 3.0 3.1 3.2 3.3 
         CNID backends: dbd last tdb 
      Zeroconf support: mDNSResponder
  TCP wrappers support: Yes
         Quota support: Yes
   Admin group support: Yes
    Valid shell checks: Yes
      cracklib support: No
            EA support: ad | sys
           ACL support: Yes
          LDAP support: Yes

              afp.conf: /usr/local/etc/afp.conf
       state directory: /usr/local/var/netatalk/
    afp_signature.conf: /usr/local/var/netatalk/afp_signature.conf
      afp_voluuid.conf: /usr/local/var/netatalk/afp_voluuid.conf
       UAM search path: /usr/local/lib/netatalk//
  Server messages path: /usr/local/var/netatalk/msg/
Hmm. I'm confused. I guess this means that things are OK, but I just ran dbd -r on all my AFP-shared folders and it re-created all the .AppleDouble files. Did I call the wrong dbd and now I have to do /usr/local/bin/dbd -r (or probably -u to upgrade now?). If that is correct is there any action I can take to kind of lock things into the AFP3 version, so afpd or dbd on the command line calls the /usr/local/bin version?

Finally, I see Netatalk 3.0.1 is out. Easy upgrade for that I should do myself, or wait until Napp-IT can update it for me?

Thanks for holding my hand on this one...

-----update

Since I'm working on the system, I went ahead and did the OI updates that were offered. So, I'm at 151a7 now. I don't know if it was a result of that or just the fact that I rebooted, but now AFP fails to start (or perhaps starts once but is trying to start twice). svcs says that network/netatalk is in 'maintenance' state, not running. (I checked in /etc/init.d for legacy AFP startup and it was not there)

looking at /var/svc/log/network-netatalk:default.log

Code:
[ Oct 11 17:47:49 Stopping because service disabled. ]
[ Oct 11 17:47:50 Executing stop method (:kill). ]
[ Oct 11 18:10:17 Enabled. ]
[ Oct 11 18:10:59 Executing start method ("/usr/local/sbin/netatalk"). ]
[ Oct 11 18:11:01 Method "start" exited with status 0. ]
[ Oct 11 18:35:31 Enabled. ]
[ Oct 11 18:36:19 Executing start method ("/usr/local/sbin/netatalk"). ]
netatalk is already running (pid = 676), or the lock file is stale.
[ Oct 11 18:36:21 Method "start" exited with status 3. ]
[ Oct 11 18:36:21 Executing start method ("/usr/local/sbin/netatalk"). ]
netatalk is already running (pid = 676), or the lock file is stale.
[ Oct 11 18:36:21 Method "start" exited with status 3. ]
[ Oct 11 18:36:21 Executing start method ("/usr/local/sbin/netatalk"). ]
netatalk is already running (pid = 676), or the lock file is stale.
[ Oct 11 18:36:21 Method "start" exited with status 3. ]
--- a little later...

I was able to manually start Netatalk by killing it and relaunching it /usr/local/sbin/netatalk
 
Last edited:

mixer

Member
Nov 26, 2011
92
0
6
Happy Update --

Maybe it was just first boot jitters, but I now rebooted and AFP came up just fine and even the gnome applet failure that happened on the first boot after 151a7 update did not recur. Odd. I'll leave that messy post there for posterity I suppose but as of now I don't need any help with this -- except the question about #/dbd versus #/usr/local/bin/dbd and similar for the other Netatalk 3 binaries.

Is it safe to just delete anything in /etc/netatalk and any binaries I find in /bin and /sbin for the Netatalk 2 files?

I have an afpd and cnid_dbd and cnid_metad in /usr/sbin. I have in /usr/bin netatalk-config and afpldaptest and afppasswd and dbd and cnid_create. I have in /bin afppasswd and netatalk-config and dbd and cnid2_create... that list is probably incomplete.

I don't mind removing some files but I don't want to break anything. But if all the files that Netatalk 3 uses will be at or below /usr/local then I could probably just go on a fun deleting fest and then if my path is correct simply calling dbd -r on the command line would get the right one. Do I have that right?
 
Last edited:

mixer

Member
Nov 26, 2011
92
0
6
Next problem: intermittent failures where the Finder says:

something wrong with the volume's CNID DB, using temporary CNID DB instead
which goes on to say it is going to open in read-only mode.

The error in the log that corresponds is:
Code:
Oct 12 21:37:42.199322 afpd[3119] {cnid_dbd.c:420} (E:CNID): transmit: Request to dbd daemon (db_dir /reds/media) timed out.
Oct 12 21:37:42.199425 afpd[3119] {file.c:239} (E:AFPDaemon): Reopen volume /reds/media using in memory temporary CNID DB.
I wonder if it has anything to do with permissions?
Code:
drwxrwxrwx+  8 root     root           9 Oct 12 21:37 .
drwxr-xr-x+  6 root     root           7 Oct 12 21:18 ..
drwxrwxrwx+  2 root     staff          3 Aug 18 14:37 .AppleDesktop
-rw-r--r--+  1 me       staff      21508 Sep 26 15:58 .DS_Store
drwx--S---+  7 me       staff          8 Oct 12 21:32 music
drwxrwxrwx+  2 root     staff          2 Oct 12 21:31 Network Trash Folder
drwx--S---+ 34 me       staff         36 Oct 12 21:31 photos
drwxrwxrwx+  2 root     staff          2 Oct 12 21:28 Temporary Items
drwx--S---+ 22 me       staff         49 Oct 12 21:28 video
Do those permissions look bad? Any way to fix them?

I'm looking into this more now, but if you have any clues, please share!

---edit---

just restarting the service made it work ok... Not sure what makes this crop up sometimes.
 
Last edited:

gea

Well-Known Member
Dec 31, 2010
2,502
842
113
DE
Next problem: intermittent failures where the Finder says:
which goes on to say it is going to open in read-only mode.
..
- If you like a "clean" system, you should reinstall or use a snapshot prior netatalk 2 to install netatalk3
- You must look at ACL not Unix permissions (CIFS is ACL only and AFP is ACL aware)
- You must keep the folder ACL of the shared dataset at everyone@=modify/ root=full
(You can use ACL without inheritance for the dataset and the owner@ for newly created files)

You can only restrict ACL on newly created files and folders

ps
Current napp-it afp installer is 3.01
 

mixer

Member
Nov 26, 2011
92
0
6
When I create a new ZFS Folder for the purpose of AFP sharing, I create with napp-it web gui with settings: case-insensitive, SMB share off, smb guest off, atime off, nbmand off. Then I add an entry in /usr/local/etc/apf.conf for it. In napp-it I see ACL settings default to e=modi and perm 777+ which I accepted and left that way -- I think that is the same as what you said above. It looks like this:
Code:
current settings:
drwxrwxrwx+ 32 root     root          42 Oct 12 22:02 /reds/file-archives
              user:root:full_set:fd-----:allow
              everyone@:modify_set:fd-----:allow
I am not attempting to restrict permissions further on any files or folders in my AFP shares, they are just for me to access and use. I have to admit that when doing anything on unix-like operating systems, ownership and permissions are what give me the most problems -- I just didn't learn computers with that in mind (I guess I learned mostly on Apple II and 'classic' Mac OS.

With regard to Netatalk 3.01, can I upgrade from 3.0 where I am now by just installing again with, as root:
Code:
wget -O - www.napp-it.org/afp | perl
Thank you for keeping Netatalk up-to-date for us. Your help is always appreciated, Gea. As is napp-it! :)
 

gea

Well-Known Member
Dec 31, 2010
2,502
842
113
DE
When I create a new ZFS Folder for the purpose of AFP sharing, I create with napp-it web gui with settings: case-insensitive, SMB share off, smb guest off, atime off, nbmand off. Then I add an entry in /usr/local/etc/apf.conf for it.

With regard to Netatalk 3.01, can I upgrade from 3.0 where I am now by just installing again with, as root:
Code:
wget -O - www.napp-it.org/afp | perl
For sharing, you can use the menu zfs folder. There you have a column for SMB, AFP and NFS tho share a folder.
And yes you only need to rerun the afp installer to update to 3.0.1