Leopard, AFP and the Hardy Heron

Damon Timm has a great post on installing netatalk on Ubuntu with SSL support.  I won't go through the licensing issues again (I feel like enough people have done that already).  Suffice to say, Ubuntu doesn't ship netatalk with SSL enabled, and Leopard requires SSL support to connect to AFP shares out of the box.  It's easy enough to allow Leopard to use plaintext passwords with the following command:

defaults write com.apple.AppleShareClient afp_cleartext_allow -bool true

I just felt it would be a better idea to enable SSL by default on Hardy.This, as they say, is where things get tricky.  First, the version of netatalk in Hardy is broken (see discussion of the bug in Debian here).  There are one of two ways to fix this, simply hand-edit the offending patch, or use the source packages provided by Debian.  With this in mind, you can use the following instructions to download and build netatalk on Hardy (keeping in mind, as Damon mentions, you must have the Universe repository enabled in /etc/apt/sources.list):

$ mkdir -p ~/src/netatalk
$ cd ~/src/netatalk
$ sudo aptitude install devscripts cracklib2-dev dpkg-dev libssl-dev build-essential
$ sudo apt-get build-dep netatalk
$ apt-get source netatalk

Edit: the current version in Hardy is now 2.0.3-9.  The patch is no longer necessary.  If you choose to use the apt-get source line above, you should hand-edit the offending patch (that is until the MOTU update netatalk from version 2.0.3-7 to 2.0.3-8).  Below is a diff containing the only change necessary:

--- netatalk-2.0.3/debian/patches/107_afpd-zeroconf.patch
2007-12-21 21:53:43.000000000 +0100
+++ netatalk-2.0.3.new/debian/patches/107_afpd-zeroconf.patch
2007-12-21 21:56:52.000000000 +0100
@@ -350,7 +350,7 @@
+{
+  struct context *ctx = userdata;
+
-+  assert(g == ctx->group);
++  assert(!ctx->group || g == ctx->group);
+
+  switch (state) {
+

At this point you're free to continue building netatalk.  EDIT: sudo su isn't necessary with the new version of the package.

NB: the instructions below differ from Damon's because building with an environment variable before "sudo" when env_reset is set in sudoers (the default behavior in Hardy) makes your efforts useless!  You should sudo su before creating the build rather than building with sudo (unless you don't mind the potential security risk of removing env_reset from sudoers)

$ cd netatalk-2.0.3
$ DEB_BUILD_OPTIONS=ssl dpkg-buildpackage -us -uc
$ sudo debi

You should now be able to connect from Leopard to your Hardy Heron home directory!

blog comments powered by Disqus

Related Posts

• 04 Apr 2010 » Building and Installing MongoDB on Ubuntu 10.04
• 08 Dec 2008 » Install Glassfish for Deployment on Ubuntu 8.10
• 07 Dec 2008 » JRuby on Rails on Glassfish on Ubuntu 8.10