Netatalk is a free, open-source implementation of the Apple Filing Protocol (AFP). It allows Unix-like operating systems to serve as file servers for Macintosh computers.
Netatalk v3 is availabe as AUR.AUR in the
The older version of netatalk, v2, is distributed as broken link: archived in aur-mirror] and supports the Apple Macintosh network protocols, including AppleTalk (ATalk), Apple Filing Protocol (AFP), and Printer Access Protocol (PAP).AUR[
With the deprecation of DDP (and therefore ATalk, PAP, timelord, and a2boot), netatalk also dropped these features in netatalk>=3.0. The legacy 2.x branch with DDP support is still available in the AUR as AUR[broken link: archived in aur-mirror]. DDP is only necessary to support Mac OS <= 9, but OS X <= 10.3 will also benefit from the integration of SLP since it does not fully support Bonjour/Zeroconf. DDP would network older Macs which ran on AppleTalk instead of TCP/IP, and timelord and a2boot were for time-synchronization and Apple II booting. PAP may still be necessary for users with LaserWriter printers without TCP/IP support.
- Install AUR if you only need the "modern" features cnid_metad and afpd, with Bonjour/Zeroconf support only.
- Install broken link: archived in aur-mirror] to build the full complement of legacy features with SLP support. AUR[
Enable and/or start
netatalk.service using systemd.
Besides the configuration files that are installed (and checked during upgrade), netatalk may generate two files
/var/state/netatalk/afp_signature.conf which holds the system UUID, and
/var/state/netatalk/afp_voluuid.conf which holds volume UUIDs for TimeMachine. These files may remain after package removal and should be kept in most cases to disambiguate the services broadcast over the local network.
Netatalk 3.x uses a single configuration file,
man afp.conf and the following example (make sure processes have write access to
[Global] mimic model = TimeCapsule6,106 log level = default:warn log file = /var/log/afpd.log hosts allow = 192.168.1.0/16 [Homes] basedir regex = /home [TimeMachine] path = /mnt/timemachine valid users = tmuser time machine = yes [Shared Media] path = /srv/share/media valid users = joe sam
In order to allow guest read-only access to your shared folders, add following line to the
[Global] uam list = uams_guest.so
To allow guest read/write access, first, allow read-only access as in the previous example and then add following lines to a particular share section:
[Your Share] path = /mnt/public/share rwlist = nobody
Edit the afpd configuration file (
/etc/netatalk/afpd.conf), and add a line similar to
- -mimicmodel TimeCapsule6,106 -setuplog "default log_warn /var/log/afpd.log"
This tells netatalk to use the system's hostname, mimic a TimeCapsule, and log warnings and errors to file.
Edit the volumes configuration file
/etc/netatalk/AppleVolumes.default, and append the following to add a TimeMachine-like share
<path_to_share> <sharename> allow:<username> options:usedots,upriv,tm
volsizelimit:<limit_in_whole_mebibytes>argument can be useful here to limit the total space reported to TimeMachine.
- If you wish to turn off "home" shares, change the
If you use the iptables package for firewall services, consider adding the following: (replace
-A as necessary)
iptables -I INPUT -p udp --dport mdns -d 126.96.36.199 -j ACCEPT iptables -I OUTPUT -p udp --dport mdns -d 188.8.131.52 -j ACCEPT
iptables -I INPUT -p tcp --dport afpovertcp -j ACCEPT
iptables -I INPUT -p tcp --dport slp -j ACCEPT iptables -I OUTPUT -p tcp --dport slp -j ACCEPT iptables -I INPUT -p udp --dport slp -j ACCEPT iptables -I OUTPUT -p udp --dport slp -j ACCEPT
iptables -I INPUT -p tcp -m multiport --dport at-rtmp,at-nbp,at-echo,at-zis -j ACCEPT iptables -I OUTPUT -p tcp -m multiport --dport at-rtmp,at-nbp,at-echo,at-zis -j ACCEPT
Bonjour/Zeroconf is now a requirement of netatalk and is compiled by default. No configuration is necessary, netatalk will register its own services using the dbus link. Make sure you set
-mimicmodel to the desired string (see
/System/Library/CoreServices/CoreTypes.bundle/Contents/Info.plist on a Mac for a full list).
You may need to enable and/or start
avahi-daemon.service using systemd if it is not running yet.