Community Forum

Resolved
0 votes
Honestly I'm disappointed in Microsoft. That said i was looking for a other client OS. See my other post. I tried different Linux Distro's. The one i like is Mint, but i searched further. A friend of my has a iPhone so i played with this device, and i must say a nice device. A very fast user interface. Way better than Windows Mobile. Then the idea came to install Mac OSX snow leopard on my desktop computer. I wanted to try this client OS. Now i'm writing this post from behind my Mac OSX machine. What a fast OS i'm impressed. Way better as Windows 7. I will test this OS for a couple of months to see i can used to it, and maybe i will buy a Mac Book Pro.

My first suggestion is it possible to set up a forum for Mac related problems and a forum for Windows related problems and of course for Linux.

Now my question is there a forum member who has Time Machine working with ClearOS? Can you point me in the right direction. I tried different things, Googled but get stuck... Thanks.
Monday, February 22 2010, 07:21 PM
Share this post:
Responses (75)
  • Accepted Answer

    nuke
    nuke
    Offline
    Wednesday, February 20 2013, 11:58 PM - #Permalink
    Resolved
    0 votes
    Having done a fresh install of COS5.2sp1, I need to get Netatalk reinstalled. As Netatalk 3.0.2 is the current stable I thought I'd give it a try to install. It was much easier to install than the earlier versions. Here are the steps for those who are interested.

    I'm not sure if all the following were required but they were listed in one or other of the earlier posts, so I decided to be safe and install them anyway. Note that avahi was already installed. (I'm thinking to upgrade to a more recent version but decided to hold off.)

    yum install gcc
    yum install libgcrypt
    yum install openssl-devel
    yum install openssl-devel gcc libgcrypt-devel pam-devel
    yum install db4-devel
    yum install avahi-compat-libdns_sd.i386
    yum install avahi-tools.i386
    yum install avahi-devel


    Download Berkeley DB from Oracle's site. I downloaded the most recent version which is Berkeley DB 5.3.21.


    tar xzf db-5.3.21.tar.gz
    cd db-5.3.21/build_unix
    ../dist/configure --with-mutex="x86/gcc-assembly" --with-uniquename
    make
    make install


    Note from the messages that Berkeley DB 5.3.21 was installed in /usr/local/BerkeleyDB.5.3/lib. You'll need this soon.

    In an earlier post we downloaded and installed nss-mdns-0.10-2.el5.i386.rpm. So here it is again:
    wget ftp://ftp.pbone.net/mirror/atrpms.net/el5-i386/atrpms/stable/nss-mdns-0.10-2.el5.i386.rpm
    rpm -Uhv nss-mdns-0.10-2.el5.i386.rpm


    Changed the /etc/nsswitch.conf file as follows:
    change the line hosts to:
    hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 mdns


    Create or update the afpd.services file in the /etc/avahi/services/ directory

    touch /etc/avahi/services/afpd.service 
    vi /etc/avahi/services/afpd.service


    Copy and paste the following into the file

    CTYPE service-group SYSTEM "avahi-service.dtd">
    <service-group>
    <name replace-wildcards="yes">%h</name>
    <service>
    <type>_afpovertcp._tcp</type>
    <port>548</port>
    </service>
    <service>
    <type>_device-info._tcp</type>
    <port>0</port>
    <txt-record>model=Xserve</txt-record>
    </service>
    </service-group>



    To restart avahi and avahi-dns are running with the following commands:

    /etc/init.d/avahi-daemon restart
    /etc/init.d/avahi-dnsconfd restart


    Now to Netatalk. Download netatalk-3.0.2 from the Netatalk site.

    tar xzf netatalk-3.0.2
    cd netatalk-3.0.2
    ./configure --with-init-style=redhat-sysv --enable-redhat-sysv --with-bdb=/usr/local/BerkeleyDB.5.3/ --with-pam --with-acls
    make
    make install


    To make sure that Netatalk & Avahi start after a reboot:

    ntsysv


    select netatalk & avahi & avahi-dns in the list so they start on reboot.

    Now start Netatalk.

    service netatalk start


    If all went well, you should get "OK" back.

    Now you have to change the ONE configuration file to meet your needs. In the older versions there were numerous config files. Please read the documentation on afp.conf at the Netatalk site for all the options.

    So you have an idea of what I did, here is the original and new afp.conf files.

    ;
    ; Netatalk 3.x configuration file
    ;

    [Global]
    ; Global server settings

    ; [Homes]
    ; basedir regex = /xxxx


    New afp.conf with my comments. Please remove the comments.

    ;
    ; Netatalk 3.x configuration file
    ;

    [Global]
    ; Global server settings
    loglevel = default:warn #set up logging
    log file = /var/log/afpd.log
    afp listen = 192.168.1.1 #Netatalk takes the first IP address it finds. So I want to make sure it pick the server and not our WAN connection.
    hosts allow = 192.168.1.0/24 192.168.2.0/24 # These are the only segments allowed to access the server via Netatalk
    mimic model = RackMac #Make the server look like an XServe in the Mac Finder and Bonjour

    [Homes]
    basedir regex = /home

    [ShareFolder]
    path = /home/ShareFolder
    valid users = user1 user2 user3 user4
    time machine = no
    unix priv = yes

    ; [My AFP Volume]
    ; path = /path/to/volume


    If you want to use Time Machine you can use this afp.conf as a starting point.

    ;
    ; Netatalk 3.x configuration file
    ;

    [Global]
    mimic model = TimeCapsule6,106
    log level = default:warn
    log file = /var/log/afpd.log
    hosts allow = 192.168.1.0/16


    [TimeMachine]
    path = /mnt/timemachine
    valid users = tmuser #Whatever your user's name is that is using Time Machine
    time machine = yes


    So now you have your afp.conf set up. You have to do:

    service netatalk restart


    So you can properly use extended attributes (all those resource forks and dot files) you should do the following in your /etc/fstab for /home volume. In my case I have /home on a separate drive. So in my fstab I added user_xattr and it now looks like this:


    /dev/sdb1 /home ext3 defaults,user_xattr 1 2


    Then do a
    mount -a
    to remount all drives without rebooting.

    Your done. Have fun with Netatalk and Time Machine on your COS5.2!
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Friday, December 28 2012, 11:08 PM - #Permalink
    Resolved
    0 votes
    Hi Tim.

    I gave up getting Time Machine backups to work properly some time back. I find that I don't like Time Machine. It is a resource hog and flakey as hell.

    I'm still running COS5.2 with the Netatalk and Avahi as per the earlier posts. It works like a dream. All Panther, Tiger, SL, Mountain Lion clients connect to the COS without issues. I'm connected to the server all day with a MBP running ML 10.8.2.

    I have a separate Backup image on the COS which is accessed by each client using rsync to update the /User files each day. To automate I ended up using Carbon Copy Cloner. It was a free cloning tool using rsync but recently started to charge a small fee. It was worth paying for it as it also has helped migrate files and make full bootable images from older macs.

    What I've recently noticed is that Apple doesn't use Samba anymore in Mountain Lion. I read that they don't like the GPL3 license, so they are cobbling something together themselves. As with many "new" technologies from Apple it doesn't work properly at the start. Probably will be OK in 10.9 or 10.10 ....

    So if your macs run ML and are trying to connect to COS with smb then that could be the problem.(??)

    I'm going to look at compiling Samba myself for ML and see that fixes connecting to windows shares. If that is of interest, I'll start a thread but I think it's a bit off topic for COS.
    The reply is currently minimized Show
  • Accepted Answer

    Tim Burton
    Tim Burton
    Offline
    Friday, December 28 2012, 09:22 PM - #Permalink
    Resolved
    0 votes
    Bump...

    Anyone have this working with Mountain Lion yet?

    If so, a "how to" available?

    Loved it when it worked... back in the Snow Leopard days.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, November 19 2011, 06:58 AM - #Permalink
    Resolved
    0 votes
    Yes it worked but it was just a quick install and test experiment. I'm not sure yet which way to go (desktop; Linux, Mac OS or Windows). So i spent no to much time with this experiment.

    Edit: oh you ask specifically of it works with Lion? Yes i had running Lion on my Hackintosh.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, November 18 2011, 10:39 PM - #Permalink
    Resolved
    0 votes
    Marcel van Leeuwen wrote:
    herballizard wrote:
    Has anyone gotten the new version of the Berkeley DB running yet


    I did some testing with ClearOS 6.1 Beta 1. The Epel repo has a rpm of Netatalk 2.2.1. See Tim's post.

    Link


    Hey marcel did you end up getting it to work with lion?
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Wednesday, November 16 2011, 09:26 PM - #Permalink
    Resolved
    0 votes
    I gave up getting Netatalk 2.1 or later to compile and ended up using v2.0.5. I could get all the dependencies relatively easily for COS 5.2 when using v2.0.5. I've not upgraded Netatalk since it seems to work OK.

    There is some neat stuff in v2.2.x though.
    Summary of hot stuff and enhancements in 2.2

    AFP 3.3 support (necessary for TimeMachine and Lion)

    Robust network disconnect/reconnect, especially important for Time Machine

    Support for fast AFP searches (CNID backend "dbd" only)

    POSIX draft 1e ACL support

    Complete Netatalk volume compatible ad file utility suite

    Dynamic filesystem cache

    Builtin Zeroconf registration of the AFP server and TimeMachine volumes

    Support for ACLs without a common Directory Service between server and client
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, November 16 2011, 08:51 PM - #Permalink
    Resolved
    0 votes
    herballizard wrote:
    Has anyone gotten the new version of the Berkeley DB running yet


    I did some testing with ClearOS 6.1 Beta 1. The Epel repo has a rpm of Netatalk 2.2.1. See Tim's post.

    Link
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Wednesday, November 16 2011, 02:18 PM - #Permalink
    Resolved
    0 votes
    I'm not at home, but I think I have v4.6 running. I did get help from some people in the forum. If you search on my userid, the solution should come up. I don't remember it being particularly complicated except there were a bunch of dependencies to find, download and install manually.
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, November 16 2011, 12:46 PM - #Permalink
    Resolved
    0 votes
    Has anyone gotten the new version of the Berkeley DB running yet
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, November 12 2011, 01:37 PM - #Permalink
    Resolved
    0 votes
    I did a build from source (no rpmbuild). You need at least verso 4.6.0 of Berkeley's DB and ClearOS has version 4.3.29. Pfff... CentOS 5 is getting old...
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, November 12 2011, 12:58 PM - #Permalink
    Resolved
    0 votes
    nuke wrote:
    Marcel, setting up netatalk is outlined earlier in this thread. BTW , we've been using the COS 5.2 server for time machine backups since getting netatalk installed for Leopard and Snow Leonard machines. Haven,t got a Lion machine yet. There shouldn't be a problem though.


    If you want to use Timemachine (Mac OS Lion) you need the latest Netatalk 2.2.1.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, November 12 2011, 12:49 PM - #Permalink
    Resolved
    0 votes
    I tried to build Netatalk 2.2.1 from source (rpmbuild). I only found this source rpm (2.2.1). So i tried to build it but it complains about crack, quota and tcp_wrappers devel. This is not available on a ClearOS install.
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Saturday, November 12 2011, 12:23 PM - #Permalink
    Resolved
    0 votes
    Marcel, setting up netatalk is outlined earlier in this thread. BTW , we've been using the COS 5.2 server for time machine backups since getting netatalk installed for Leopard and Snow Leonard machines. Haven,t got a Lion machine yet. There shouldn't be a problem though.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, November 12 2011, 09:05 AM - #Permalink
    Resolved
    0 votes
    I tried the how-to in combination with Mac OS Lion and it's not working. I've made some screen shots.

    http://img339.imageshack.us/img339/6120/screenshot20111112at953.png

    http://img406.imageshack.us/img406/6120/screenshot20111112at953.png

    So we need AFP or to be precise Netatalk 2.2.1.

    Edit: Netatalk 2.2.1 is indeed needed when you use Mac OS Lion
    The reply is currently minimized Show
  • Accepted Answer

    Friday, November 11 2011, 03:28 PM - #Permalink
    Resolved
    0 votes
    Dave, I can do some testing. I have a Hackintosh with mac OS Lion.
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, November 10 2011, 11:56 PM - #Permalink
    Resolved
    0 votes
    Here is a howto to setup Time Machine on Snow Leopard using Samba and CIFS.

    http://www.clearfoundation.com/docs/howtos/time_machine
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, June 26 2011, 05:07 AM - #Permalink
    Resolved
    0 votes
    I virtually gave up on running time machine and ended up using solaris express with napp-it

    However what I did pull out of napp-it's config was my working config which has each of the lines commented out this is for the newer build of netatalk though but I figured that It might help someone out trying to get this working. It would be awesome if GEA (author of napp-it) jumped on board with clear

    (1): → # This file looks empty when viewed with "vi". In fact, there is one
    (2): → # '~', so users with no AppleVolumes file in their home directory get
    (3): → # their home directory by default.
    (4): → # volume format:
    (5): → # :DEFAULT: [all of the default options except volume name]
    (6): → # path [name] [casefold:x] [options:z,l,j] \
    (7): → # [allow:a,@b,c,d] [deny:a,@b,c,d] [dbpath:path] [password:p] \
    (8): → # [rwlist:a,@b,c,d] [rolist:a,@b,c,d] [limitsize:value in bytes] \
    (9): → # [preexec:cmd] [root_preexec:cmd] [postexec:cmd] [root_postexec:cmd] \
    (10): → # [allowed_hosts:IPv4 address[/IPv4 netmask bits]] \
    (11): → # [denied_hosts:IPv4 address[/IPv4 netmask bits]] \
    (12): → # ... more, see below ...
    (13): → # name: volume name. it can't include the ':' character
    (14): → # variable substitutions:
    (15): → # you can use variables for both <path> and <name> now. here are the
    (16): → # rules:
    (17): → # 1) if you specify an unknown variable, it will not get converted.
    (18): → # 2) if you specify a known variable, but that variable doesn't have
    (19): → # a value, it will get ignored.
    (20): → # the variables:
    (21): → # $b -> basename of path
    (22): → # $c -> client's ip or appletalk address
    (23): → # $d -> volume pathname on server
    (24): → # $f -> full name (whatever's in the gecos field)
    (25): → # $g -> group
    (26): → # $h -> hostname
    (27): → # $i -> client ip without tcp port or appletalk network
    (28): → # $s -> server name (can be the hostname)
    (29): → # $u -> username (if guest, it's whatever user guest is running as)
    (30): → # $v -> volume name (either ADEID_NAME or basename of path)
    (31): → # $z -> zone (may not exist)
    (32): → # casefold options [syntax: casefold:option]:
    (33): → # tolower -> lowercases names in both directions
    (34): → # toupper -> uppercases names in both directions
    (35): → # xlatelower -> client sees lowercase, server sees uppercase
    (36): → # xlateupper -> client sees uppercase, server sees lowercase
    (37): → # allow/deny/rwlist/rolist format [syntax: allow:user1,@group]:
    (38): → # user1,@group,user2 -> allows/denies access from listed users/groups
    (39): → # rwlist/rolist control whether or not the
    (40): → # volume is ro for those users.
    (41): → # allowed_hosts -> Only listed hosts and networks are allowed,
    (42): → # all others are rejected. Example:
    (43): → # allowed_hosts:10.1.0.0/16,10.2.1.100
    (44): → # denied_hosts -> Listed hosts and nets are rejected,
    (45): → # all others are allowed. Example:
    (46): → # denied_hosts: 192.168.100/24,10.1.1.1
    (47): → # preexec -> command to be run when the volume is mounted,
    (48): → # ignore for user defined volumes
    (49): → # root_preexec -> command to be run as root when the volume is mounted,
    (50): → # ignore for user defined volumes
    (51): → # postexec -> command to be run when the volume is closed,
    (52): → # ignore for user defined volumes
    (53): → # root_postexec -> command to be run as root when the volume is closed,
    (54): → # ignore for user defined volumes
    (55): → # veto -> hide files and directories,where the path matches
    (56): → # one of the "/" delimited vetoed names. Matches are
    (57): → # partial, e.g. path is /abc/def/file and veto:/abc/
    (58): → # will hide the file.
    (59): → # adouble -> specify the format of the metadata files.
    (60): → # default is "v2". netatalk 1.x used "v1".
    (61): → # "osx" cannot be treated normally any longer.
    (62): → # volsizelimit -> size in MiB. Useful for TimeMachine: limits the
    (63): → # reported volume size, thus preventing TM from using
    (64): → # the whole real disk space for backup.
    (65): → # Example: "volsizelimit:1000" would limit the
    (66): → # reported disk space to 1 GB.
    (67): → # codepage options [syntax: options:charsetname]
    (68): → # volcharset -> specifies the charset to be used
    (69): → # as the volume codepage
    (70): → # e.g. "UTF8", "UTF8-MAC", "ISO-8859-15"
    (71): → # maccharset -> specifies the charset to be used
    (72): → # as the mac client codepage
    (73): → # e.g. "MAC_ROMAN", "MAC_CYRILLIC"
    (74): → # perm -> default permission value
    (75): → # OR with the client requested perm
    (76): → # Use with options:upriv
    (77): → # dperm -> default permission value for directories
    (78): → # OR with the client requested perm
    (79): → # Use with options:upriv
    (80): → # fperm -> default permission value for files
    (81): → # OR with the client requested perm
    (82): → # Use with options:upriv
    (83): → # umask -> set perm mask
    (84): → # Use with options:upriv
    (85): → # dbpath:path -> store the database stuff in the following path.
    (86): → # cnidserver:server[:port]
    (87): → # -> Query this servername or IP address
    (88): → # (default:localhost) and port (default: 4700)
    (89): → # for CNIDs. Only used with CNID backend "dbd".
    (90): → # This option here overrides any setting from
    (91): → # afpd.conf:cnidserver.
    (92): → # password:password -> set a volume password (8 characters max)
    (93): → # cnidscheme:scheme -> set the cnid scheme for the volume,
    (94): → # default is [dbd]
    (95): → # available schemes: [dbd last tdb]
    (96): → # ea -> none|auto|sys|ad
    (97): → # Specify how Extended Attributes are stores. default
    (98): → # is auto.
    (99): → # auto: try "sys" (by setting an EA on the shared
    (100): → # directory itself), fallback to "ad". Requires
    (101): → # writable volume for performing the test.
    (102): → # Note: options:ro overwrites "auto" with "none."
    (103): → # sys: Use filesystem EAs
    (104): → # ad: Use files in AppleDouble directories
    (105): → # none: No EA support
    (106): → # miscellaneous options [syntax: options:option1,option2]:
    (107): → # tm -> enable TimeMachine support
    (108): → # prodos -> make compatible with appleII clients.
    (109): → # crlf -> enable crlf translation for TEXT files.
    (110): → # noadouble -> don't create .AppleDouble unless a resource
    (111): → # fork needs to be created.
    (112): → # ro -> mount the volume as read-only.
    (113): → # mswindows -> enforce filename restrictions imposed by MS
    (114): → # Windows. this will also invoke a default
    (115): → # codepage (iso8859-1) if one isn't already
    (116): → # specified.
    (117): → # nohex -> don't do :hex translations for anything
    (118): → # except dot files. specify usedots as well if
    (119): → # you want that turned off. note: this option
    (120): → # makes the / character illegal.
    (121): → # usedots -> don't do :hex translation for dot files. note: when
    (122): → # this option gets set, certain file names
    (123): → # become illegal. these are .Parent and
    (124): → # anything that starts with .Apple.
    (125): → # invisibledots -> don't do :hex translation for dot files. note: when
    (126): → # this option gets set, certain file names
    (127): → # become illegal. these are .Parent and
    (128): → # anything that starts with .Apple. also, dot
    (129): → # files created on the unix side are marked invisible.
    (130): → # limitsize -> limit disk size reporting to 2GB. this is
    (131): → # here for older macintoshes using newer
    (132): → # appleshare clients. yucko.
    (133): → # nofileid -> don't advertise createfileid, resolveid, deleteid
    (134): → # calls
    (135): → # root_preexec_close -> a non-zero return code from root_preexec close the
    (136): → # volume being mounted.
    (137): → # preexec_close -> a non-zero return code from preexec close the
    (138): → # volume being mounted.
    (139): → # nostat -> don't stat volume path when enumerating volumes list
    (140): → # upriv -> use unix privilege.
    (141): → # illegalseq -> encode illegal sequence in filename asis,
    (142): → # ex "\217-", which is not a valid SHIFT-JIS char,
    (143): → # is encoded as U\217 -
    (144): → # acls -> Enable ACLs on this volume. Requires a NFSv4 ACLs
    (145): → # compatible filesystem (e.g. ZFS) and an ACL API
    (146): → # compatible to *Solaris. In other words: this requires
    (147): → # Solaris, Opensolaris or a derived distribution.
    (148): → # nocnidcache -> Don't store and read CNID to/from AppleDouble file.
    (149): → # This should not be used as it also prevents a CNID
    (150): → # database rebuild with `dbd`!
    (151): → # caseinsensitive -> The underlying FS is case insensitive (only
    (152): → # test with JFS in OS2 mode)
    (153): → # dropbox -> Allows a volume to be declared as being a "dropbox."
    (154): → # Note that netatalk must be compiled with dropkludge
    (155): → # support for this to function. Warning: This option
    (156): → # is deprecated and might not work as expected.
    (157): → # dropkludge -> same as "dropbox"
    (158): → # nodev -> always use 0 for device number, helps when the
    (159): → # device number is not constant across a reboot,
    (160): → # cluster, ...
    (161): → # The line below sets some DEFAULT, starting with Netatalk 2.1.
    (162): → :DEFAULT: options:upriv,usedots
    (163): → # The "~" below indicates that Home directories are visible by default.
    (164): → # If you do not wish to have people accessing their Home directories,
    (165): → # please put a pound sign in front of the tilde or delete it.
    (166): → # End of File
    (167): → /altonaspool/testfolder testfolder options:tm allow:@staff volsizelimit:300000

    Line 167 says that /pathname/foldername has a folder called foldername with the option of time machine (note the tm) and to allow all members of the unix group staff access and enforce a limit on the size of the volume that time machine can use.

    Hope this helps someone out
    The reply is currently minimized Show
  • Accepted Answer

    Michael
    Michael
    Offline
    Sunday, May 22 2011, 05:19 AM - #Permalink
    Resolved
    0 votes

    yum install openssl-devel gcc libgcrypt-devel pam-devel


    I missed that line!!

    Grrr!

    Should work now, after a rebuild
    The reply is currently minimized Show
  • Accepted Answer

    Michael
    Michael
    Offline
    Saturday, May 21 2011, 07:37 PM - #Permalink
    Resolved
    0 votes
    Wow. Alot of effort has gone in here :)

    I'm gonna give this a shot today/tomorrow.

    I need AFP support because MAC -> SAMBA is useless!
    Laptops lose connection after sleep. They can't reconnect, and finder often gets stuck trying to access shares.

    Cheers
    Michael.
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Tuesday, January 04 2011, 06:32 PM - #Permalink
    Resolved
    0 votes
    nuke wrote:
    I have one error. Any idea what exactly this means?
    Something wrong with the volume's CNID DB, using temporarty CNID DVB instead. Check server messages for details!
    It still works but apparently something isn't 100% correct. I'd appreciate knowing what is wrong.

    Thanks in advance.


    I figured this one out last week. If you set
    cnidscheme:dbd
    then all the error messages go away. While using dbd isn't as good as using cdb it appears not to make a significant difference so far.

    So the lines in the AppleVolumes.default should be:

    ~/ "$u" allow:user1,user2,user3,user_etc cnidscheme:dbd
    /var/flexshare/shares/backup TimeMachine allow:user1,user2,user3,user_etc perm:0777 cnidscheme:dbd options:usedots,upriv
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Saturday, September 18 2010, 08:19 PM - #Permalink
    Resolved
    0 votes
    Pardon?? Why do you say that? The firewall seems to be working fine for me.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, September 14 2010, 03:15 PM - #Permalink
    Resolved
    0 votes
    It's a somewhat manual process at the moment. We a setting up the ability for community contribs in the new 6.0 framework.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, September 14 2010, 10:46 AM - #Permalink
    Resolved
    0 votes
    Well, I know I've seen the avahi-daemon.conf from 0.6.25 in ubuntu (undoubtedly Debian upstream), and it has interface control parameters.

    Anybody running a ClearOS Community Repo where we can contribute this stuff?
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Monday, September 13 2010, 11:28 PM - #Permalink
    Resolved
    0 votes
    Tony,
    I have a similar output from log:messages.

    I'm just going to shut avahi-daemon down for now and disable from ntsysv for now until this is fixed.

    Thanks.
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Monday, September 13 2010, 11:06 PM - #Permalink
    Resolved
    0 votes
    Sorry, I'm too much a newbie to be able to read the code. But I'll help if I can.

    We are running an old version as far as I can tell ... 0.6.16. The lastest seems to be 0.6.27.

    Just found this at avahi.org:
    Fedora now moved Avahi from "extras" to "core", so i guess it is good enough for them. (BTW: they provide an SElinux policy file for avahi which can be used to make avahi even more secure)

    Have you seen this policy? Perhaps it has some ideas for the conf file.

    And:
    Please keep in mind that Avahi is mostly used in local area networks and that it ignores traffic from non-local networks.


    Would disabling multicast on eth0 help or screw up things?
    The reply is currently minimized Show
  • Accepted Answer

    Monday, September 13 2010, 10:09 PM - #Permalink
    Resolved
    0 votes
    I just noticed something REALLY bad:
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Loading service file /services/afpd.service.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: New relevant interface eth0.IPv6 for mDNS.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Joining mDNS multicast group on interface eth0.IPv6 with address <IPV6 addr>. <=== THAT'S MY EXTERNAL INTERFACE
    Sep 13 18:00:48 gateway kernel: eth0: Promiscuous mode enabled.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: New relevant interface eth0.IPv4 for mDNS.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Joining mDNS multicast group on interface eth0.IPv4 with address <IPV4 addr>. <=== THAT'S MY EXTERNAL INTERFACE
    Sep 13 18:00:48 gateway kernel: eth0: Promiscuous mode enabled.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: New relevant interface eth1.IPv6 for mDNS.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Joining mDNS multicast group on interface eth1.IPv6 with address <IPV6 addr>.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: New relevant interface eth1.IPv4 for mDNS.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Joining mDNS multicast group on interface eth1.IPv4 with address <IPV4addr>.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Network interface enumeration completed.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Registering new address record for <IPV6 addr> on eth0. <=== THAT'S MY EXTERNAL INTERFACE
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Registering new address record for <IPV4 addr> on eth0.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Registering new address record for <IPV6 addr> on eth1.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Registering new address record for <IPV4 addr> on eth1.
    Sep 13 18:00:48 gateway avahi-daemon[10333]: Registering HINFO record with values 'I686'/'LINUX'.


    Anybody know how to stop Avahi from listening on the external interface? I've googled the avahi-daemon.conf file directives, but only found an entry that appears to be geared towards later builds.

    Adding "deny-interfaces=" or "allow-interfaces=" directives to the Avahi 0.6.16 (default in ClearOS 5.2) configs, avahi-daemon refuses to start.

    Or is this simply a matter of getting a later RPM?

    Translation: Be warned if you're setting up TimeMachine on ClearOS - Avahi will broadcast your network info on your public-facing NIC.
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Sunday, September 12 2010, 07:11 PM - #Permalink
    Resolved
    0 votes
    I have one error. Any idea what exactly this means?
    Something wrong with the volume's CNID DB, using temporarty CNID DVB instead. Check server messages for details!
    It still works but apparently something isn't 100% correct. I'd appreciate knowing what is wrong.

    Thanks in advance.
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Sunday, September 12 2010, 07:09 PM - #Permalink
    Resolved
    0 votes
    Thanks Tony!

    That works with one change.

    When you want to compile Berkeley DB you need the following command
    ../dist/configure --with-mutex="x86/gcc-assembly" --with-uniquename
    The /dist/ was missing and is necessary to get it to compile using your command.

    To whoever asked how to get a flexshare to save Timemachine backups to, do the following.

    Use webconfig to setup a backup group who can use the flexshare. I created a group called "everyone" and selected all the users. I guess you could create one for just the people who should access the Timemachine backup folder.

    Use webconfig to set up a shared folder that is only for files. I created a flexshare called backup. The group is "everyone". Enable both the general and file for share "backup".

    Now go to the terminal.

    vi /usr/local/etc/netatalk/AppleVolumes.default

    Put the following in the AppleVolumes.default file after the "~/ "$u" allow:user1,user2,user3 cnidscheme:cdb:" that you put in before.
    /var/flexshare/shares/backup backup allow:user1,user2,user3 cnidscheme:cdb options:usedots,upriv

    Save the file and
    /etc/init.d/avahi-daemon restart
    service netatalk restart


    Go to your Mac. Look at Network in the Go menu. You should now see the "user" home folder on the server and the "backup" folder. Mount the "backup" folder and then set up TimeMachine.

    To add a sparsebundle file for each Mac to backup try the following. (source:

    hdiutil create -size 100g -fs HFS+J -volname “TimeMachine ID” HID_001122334455.sparsebundle
    Where ID is the name of the Mac, 001122334455 is the MAC address of the Mac ethernet card. 100g is the limit of the sparsebundle.

    Update: I can vouch that this is working. I have two Macs set up with TimeMachine now and they are doing their hourly update OK.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, September 11 2010, 08:35 PM - #Permalink
    Resolved
    0 votes
    TIME MACHINE/NETATALK 2.1.3 WORKING!

    I got netatalk 2.1.3 licked, using the instructions started by neonapster, did some googling, read the manpages for netatalk2.1.3, and here's what I came up with:

    yum install openssl-devel gcc libgcrypt-devel pam-devel

    Download Berkeley DB 4.8 from Oracle

    Download Netatalk 2.1.3 from Sourceforge

    Build Berkeley DB:
    Tar xvj <BDB tar file>
    cd <bdb>/build_unix
    ../dist/configure --with-mutex="x86/gcc-assembly" --with-uniquename
    make && make install


    Build Netatalk:
    tar xvj <netatalk tar file>
    cd <netatalk-2.1.3>
    ./configure --enable-redhat --with-bdb=/usr/local/BerkeleyDB.4.8/ --with-pam
    ## the WITH-PAM part makes it possible to authenticate users against ClearOS's LDAP server ##
    make && make install


    Files to edit:
    /usr/local/etc/netatalk/afpd.conf (add to bottom):
    -tcp -noddp -uamlist uams_dhx_pam.so,uams_dhx2_pam.so -nosavepassword
    #set up a debug logfile
    -setuplog "default log_maxdebug /var/log/afpd.log"


    /usr/local/etc/netatalk/netatalk.conf
    AFPD_UAMLIST="-U uams_dhx_pam.so,uams_dhx2_pam.so"


    service netatalk start
    (it's not called atalk anymore, and doesn't show in "services" under webconfig)
    to make it run at at startup, do "ntsysv" and put a check next to netatalk

    Then do the avahi stuff neonapster posted. I think I did download nss-mdns (not sure if its necessary, but i did it)

    Lastly, set up your shares (again, using neonapsters instructions).

    You can also tail /var/log/afpd.log to see what it's doing. When you're satisfied it works properly, comment the "setuplog" line out of afpd.conf

    Done. Enjoy!
    The reply is currently minimized Show
  • Accepted Answer

    Friday, August 06 2010, 07:53 AM - #Permalink
    Resolved
    0 votes
    Have someone get time machine in mac os x to work with clearos ?

    I can't make it work :(

    //yabbah
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 06 2010, 10:39 PM - #Permalink
    Resolved
    0 votes
    For me is a must to have good support of macosx on this, im planning on migrating a bunch of clients to clearos, but i really need a good/reliable file sharing service for mac users (samba crashes even with 10.6.4 fix). I think it will be a good idea to have a mac section on the forum. (or maybe a netatalk one)


    I have no problems with samba shares (or flexshares) and OSX 10.6.4
    Only change I added was: unix extensions = no in /etc/samba/smb.conf
    The reply is currently minimized Show
  • Accepted Answer

    Monday, July 05 2010, 08:43 PM - #Permalink
    Resolved
    0 votes
    ok, i've been fighting both afpd and my own ignorance and ended up with nothing but a useless install....

    i managed to compile and install both avahi and netatalk (v 2.05) but it seems something's not good.

    I have 1 problem (well, i hope i have only one), no UAM is installed with netatalk, i compiled netatalk with ssl support, and configure seems good.

    here is a piece of my var/log/messages


    Jul  5 21:06:48 server afpd[7642]: Registering CNID module [last]
    Jul 5 21:06:48 server afpd[7642]: Registering CNID module [cdb]
    Jul 5 21:06:48 server afpd[7642]: Registering CNID module [dbd]
    Jul 5 21:06:48 server afpd[7642]: main: atp_open: Cannot assign requested address
    Jul 5 21:06:48 server afpd[7642]: ASIP started on 192.168.10.1:548(5) (2.0.5)

    **** LOOK AT THIS TWO
    Jul 5 21:06:48 server afpd[7642]: uam: uam not found (status=-1)
    Jul 5 21:06:48 server afpd[7642]: uam: uam not found (status=-1)
    *****


    Jul 5 21:07:33 server avahi-daemon[7662]: Found user 'avahi' (UID 70) and group 'avahi' (GID 70).
    Jul 5 21:07:33 server avahi-daemon[7662]: Successfully dropped root privileges.
    Jul 5 21:07:33 server avahi-daemon[7662]: avahi-daemon 0.6.16 starting up.
    Jul 5 21:07:33 server avahi-daemon[7662]: Successfully called chroot().
    Jul 5 21:07:33 server avahi-daemon[7662]: Successfully dropped remaining capabilities.
    Jul 5 21:07:33 server avahi-daemon[7662]: Loading service file /services/afpd.service.
    Jul 5 21:07:33 server avahi-daemon[7662]: New relevant interface eth1.IPv6 for mDNS.
    Jul 5 21:07:33 server avahi-daemon[7662]: Joining mDNS multicast group on interface eth1.IPv6 with address fe80::2e0:4cff:fe31:6cb5.
    Jul 5 21:07:33 server avahi-daemon[7662]: New relevant interface eth1.IPv4 for mDNS.
    Jul 5 21:07:33 server avahi-daemon[7662]: Joining mDNS multicast group on interface eth1.IPv4 with address 192.168.10.1.
    Jul 5 21:07:33 server avahi-daemon[7662]: New relevant interface eth0.IPv6 for mDNS.
    Jul 5 21:07:33 server avahi-daemon[7662]: Joining mDNS multicast group on interface eth0.IPv6 with address fe80::21d:7dff:feca:39d5.
    Jul 5 21:07:33 server avahi-daemon[7662]: New relevant interface eth0.IPv4 for mDNS.
    Jul 5 21:07:33 server avahi-daemon[7662]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.168.1.10.
    Jul 5 21:07:33 server avahi-daemon[7662]: Network interface enumeration completed.
    Jul 5 21:07:33 server avahi-daemon[7662]: Registering new address record for fe80::2e0:4cff:fe31:6cb5 on eth1.
    Jul 5 21:07:33 server avahi-daemon[7662]: Registering new address record for 192.168.10.1 on eth1.
    Jul 5 21:07:33 server avahi-daemon[7662]: Registering new address record for fe80::21d:7dff:feca:39d5 on eth0.
    Jul 5 21:07:33 server avahi-daemon[7662]: Registering new address record for 192.168.1.10 on eth0.
    Jul 5 21:07:33 server avahi-daemon[7662]: Registering HINFO record with values 'I686'/'LINUX'.
    Jul 5 21:07:34 server avahi-daemon[7662]: Server startup complete. Host name is server.local. Local service cookie is 3157987120.
    Jul 5 21:07:34 server avahi-daemon[7662]: Service "server" (/services/afpd.service) successfully established.
    Jul 5 21:07:38 server afpd[7642]: server_child[1] 7666 exited 1
    Jul 5 21:07:38 server afpd[7667]: ASIP session:548(5) from 192.168.10.196:55097(7)
    Jul 5 21:07:38 server afpd[7642]: server_child[1] 7667 done
    Jul 5 21:07:39 server afpd[7642]: server_child[1] 7668 exited 1
    Jul 5 21:07:39 server afpd[7669]: ASIP session:548(5) from 192.168.10.196:55100(7)
    Jul 5 21:07:39 server afpd[7642]: server_child[1] 7669 done
    Jul 5 21:07:50 server afpd[7642]: server_child[1] 7670 exited 1
    Jul 5 21:07:50 server afpd[7671]: ASIP session:548(5) from 192.168.10.196:55104(7)
    Jul 5 21:07:50 server afpd[7642]: server_child[1] 7671 done


    it seems there is no UAM installed, i even checked netatalk.conf to ensure its enabled on it...

    # specify this if you don't want dhx and dhx2
    # available options: uams_guest.so, uams_clrtxt.so,
    # uams_dhx.so, uams_dhx2.so,
    # uams_randnum.so

    AFPD_UAMLIST="-U uams_dhx_pam.so,uams_dhx2_pam.so,uams_dhx.so,uams_dhx2.so"


    im blocked...

    any help?


    OFFTOPIC

    For me is a must to have good support of macosx on this, im planning on migrating a bunch of clients to clearos, but i really need a good/reliable file sharing service for mac users (samba crashes even with 10.6.4 fix). I think it will be a good idea to have a mac section on the forum. (or maybe a netatalk one)
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, June 06 2010, 11:56 PM - #Permalink
    Resolved
    0 votes
    I happen to be reading over this http://iscsitarget.sourceforge.net/ and then it sparked an idea and came across this

    http://arstechnica.com/civis/viewtopic.php?f=19&t=169869

    Only issue seems to be that most people are seeing 10mb p/sec read writes.
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Friday, June 04 2010, 02:29 PM - #Permalink
    Resolved
    0 votes
    Hi herbalizard!

    I got side tracked over the past week and haven't gotten around to working on this.

    Sorry to hear that 2.1 didn't work. Thanks for trying. I'm still going to try and uninstall and reinstall 2.05 now the Open-SSL-devel is installed. I hope that will work.

    Could you explain what you mean by
    what about using the iSCSI part of the backup server as the target and use globalSAN for osx as the initiator. Therefore also allow remote time machine backups...
    ?

    Sorry, I'm too much of a newbie to understand. :S
    The reply is currently minimized Show
  • Accepted Answer

    Friday, June 04 2010, 08:55 AM - #Permalink
    Resolved
    0 votes
    Well 2.1 was painful and I got no where with it. Just putting it out there but what about using the iSCSI part of the backup server as the target and use globalSAN for osx as the initiator. Therefore also allow remote time machine backups...

    Any takers?
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Saturday, May 22 2010, 02:00 PM - #Permalink
    Resolved
    0 votes
    No worries.

    I haven't had a chance to try to uninstall and recompile v2.0.5 now that I have OpenSSL-devel installed.

    Hopefully I can do this test over the long weekend. I'll post my results.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, May 21 2010, 08:44 PM - #Permalink
    Resolved
    0 votes
    Sorry haven't had much time to have a crack at the 2.1 install yet, I have a huge project to finish which is sucking up all my time
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Sunday, May 16 2010, 12:26 AM - #Permalink
    Resolved
    0 votes
    Looks like cracklib2 & cracklib2-dev are Debian named packages. Here is the home of the package .

    I can't find any Centos/Redhat rpm so far. I check out http://dag.wieers.com/rpm/ but no joy.

    :-(

    Time for a break. My head hurts.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, May 16 2010, 12:14 AM - #Permalink
    Resolved
    0 votes
    yum install openssl openssl-devel should take care of libssl but I like you am beating my head against a deb package wall with cracklib2
    The reply is currently minimized Show
  • Accepted Answer

    nuke
    nuke
    Offline
    Saturday, May 15 2010, 11:55 PM - #Permalink
    Resolved
    0 votes
    My first step has been to find out about this libssl-dev. I downloaded the CentOS install disks for 5.4 and searched the disks and didn't find any libssl.

    What I should have done is to do a Google first. Would have saved a bunch of time. :-)

    There isn't a libssl-devel in CentOS/Redhat. That is a Debian/Ubuntu name for the ssl libraries. No libssl in CentOS Somehow we have to use openssl-devel which is in the repo system.

    Now I have to figure how to uninstall Netatalk and then compile using OpenSSL-devel libraries instead. This is a bit out of my league at the moment. Will need to do some more reading.

    Also will need to figure out about the cracklib thing. And then figure out why and how they are used in Netatalk compiling.

    I think this should be easier....
    The reply is currently minimized Show
Your Reply