It's been a few years since I looked at the afpd and it's possible I'm reading the log entries wrong but it it might be an avenue to explore....
Is the afpd accessing the files as "nobody" rather than "guest"?
> Feb 25 18:46:27 (none) daemon.info afpd[554]: ASIP session:548(
> Feb 25 18:46:27 (none) daemon.info afpd[554]: login noauth
> Feb 25 18:46:27 (none) daemon.info afpd[554]: login nobody (uid 99, gid 99) AFP3.1
> Feb 25 18:46:28 (none) daemon.info afpd[554]: afp_getsrvrparms(
> Feb 25 18:46:28 (none) daemon.info afpd[554]: afp_getsrvrparms(
> Feb 25 18:46:33 (none) daemon.info afpd[554]: logout nobody
I wouldn't expect "nobody" to have rw permissions.
regards,
Drew
M.J. Johnson wrote: Since I didn't see any response to my last post, let me ask a slightly different question:
How shall I go about changing the permissions on the share I'm looking to publish using netatalk? Is it just a simple chmod to the directory? I believe I tried this via SSH, but the permissions didn't take...
One more piece of information: although I can't recall explicitly doing so, it appears a guest account already exists on the Slug. From /etc/passwd:
guest:xqnMpE/
Okay - looking through /var/log/messages, I found these entries when the Slug starts up:
Feb 25 18:39:14 (none) daemon.info afpd[450]: Registering CNID module [last]
Feb 25 18:39:14 (none) daemon.info afpd[450]: Registering CNID module [cdb]
Feb 25 18:39:14 (none) daemon.info afpd[450]: Registering CNID module [dbd]
Feb 25 18:39:15 (none) daemon.debug afpd[450]: Loading ConfigFile
Feb 25 18:39:17 (none) daemon.err afpd[450]: main: atp_open: Address family not supported by protocol
Feb 25 18:39:18 (none) daemon.info afpd[450]: ASIP started on 192.168.0.178:
Feb 25 18:39:18 (none) daemon.debug afpd[450]: uam: loading (/opt/etc/netatalk/
Feb 25 18:39:18 (none) daemon.info afpd[450]: uam: uams_guest.so loaded
Feb 25 18:39:18 (none) daemon.debug afpd[450]: Locale charset 'ANSI_X3.4-1968' unsupported, using ASCII instead
Feb 25 18:39:18 (none) daemon.info afpd[450]: uam: "No User Authent" available
Feb 25 18:39:18 (none) daemon.debug afpd[450]: Finished parsing Config File
Then, when I try and connect over afp from my OS X client, I get these entries:
Feb 25 18:46:23 (none) daemon.info afpd[553]: ASIP session:548(
Feb 25 18:46:23 (none) daemon.info afpd[450]: server_child[
Feb 25 18:46:27 (none) daemon.info afpd[554]: ASIP session:548(
Feb 25 18:46:27 (none) daemon.info afpd[554]: login noauth
Feb 25 18:46:27 (none) daemon.info afpd[554]: login nobody (uid 99, gid 99) AFP3.1
Feb 25 18:46:28 (none) daemon.info afpd[554]: afp_getsrvrparms(
Feb 25 18:46:28 (none) daemon.info afpd[554]: afp_getsrvrparms(
Feb 25 18:46:33 (none) daemon.info afpd[554]: logout nobody
Feb 25 18:46:33 (none) daemon.info afpd[554]: 0.14KB read, 0.12KB written
Feb 25 18:46:33 (none) daemon.info afpd[450]: server_child[
So, it looks like I'm getting permission errors when I attempt to login as guest, indicating either (1.) permissions are not setup for the TimeMachine share, or (2.) the permissions are not inclusive enough. However, I have no idea if the permissions are native to afpd, to the system, or something else entirely.
I realize I'm pretty far down the rabbit hole on this one, but I appreciate any ideas the community might have.
Thanks again.
Accordig to http://netatalk.
"Extended logging capabilities are only available if Netatalk was built using --with-logfile. As of Netatalk 2.0, the default is --without-logfile since the logger code is partially broken and needs a complete rewrite (the -setuplog option might not work as expected). If Netatalk was built without logger support then the daemons log to syslog."
I checked in /var/log and don't see any netatalk*.log file, so I'm assuming netatalk has been compiled without logging enabled.
Here's where I show my lack of *nix skillz: where would I find the syslog on an unslung system?
- M.J.
I just tried this on my nslu2 running debian lenny
1) It does not work when using
AppleVolumes.
and the default afpd.conf
2) It does work without authentication using
afpd.conf: "Time Capsule" -uamlist uams_guest.so
AppleVolumes.
In case 1) I get errno -1069 in the terminal or
when using finder: Volume user could not be mounted
Under 2) I used finder and connected via
afp://ip address/TimeMachine
as guest - and there it was !
Hmm, what are the log files in your case
/var/log/syslog has some info in my case.
Otherwise it should not be too hard to compile under debian but the problem must have a simpler solution than that.
Marc
> connect using afp from my Mac OS X machine. I followed the instructions:
>
> Finder-> Go -> Connect to server
> afp://192.168.
>
> I was challenged with:
>
> 'Enter your user name and password to access the file server "Time
> Capsule".'
>
> I attempted to login as guest, since that was how I configured afpd.conf,
> and received the error:
>
> 'Connection failed - There was an error connecting to the server. Check the
> server name or IP address and try again.'
>
> The only configurations I made were to /opt/etc/netatalk/
> allow guest access:
>
> "Time Capsule" -uamlist uams_guest.so
>
> and to /opt/etc/netatalk/
>
> /share/hdd/data/
>
> pulse_and_saw commented that he had to compile from source on Debian
> Lenny to get authentication working against Mac OS X. I'm not sure if I'm
> up for that (having never done so for any packages running on my Unslung
> 6.10 NSLU), so I'll ask the two questions:
>
> 1. Is there any knowledge among this community what might be causing
> authentication to fail against Mac OS X 10.5.8 (which is what I'm running)?
>
> 2. Are there how-tos available that might assist me if I decide I'm
> willing to compile netatalk from source on my Unslung box?
>
> Thanks in advance,
>
> - M.J.
No comments:
Post a Comment