Share Files for Classic Macs with a NetBSD-based Netatalk Server || dressupgeekout

Introduction

The Apple Filing Protocol (AFP) is (was?) popular for sharing files on Mac OS. It’s basically Apple’s version of the Network File System (NFS) but it works out of the box with even very old versions of Mac OS.

Netatalk is a free and open source implementation of AFP. It integrates especially well with NetBSD. Here, I’ll show you how I set up my NetBSD/amd64 machine to share files with my Power Mac running OS 9.

On the NetBSD side

1. Install Netatalk.

Netatalk 2 is not the newest version, but I think it works better (or easier, at least) on NetBSD.

doas pkgin install netatalk22

Configuration files should be installed to /usr/pkg/etc/netatalk. All of the Netatalk-specific configuration files mentioned below will be in there.

2. Specify which volumes to export.

You should add some new entries to the end of AppleVolumes.default. Each entry has two fields. The first field is the directory to make available for sharing. The rest is a quoted string: a short, human-oriented description that will be displayed to the client. Here are some examples.

~ "$u's Home Directory"
/mnt/IMPORTANT "The Important Data"
/home/newton/appleshare "Isaac's Shared Files"

3. Create the password file.

The file server daemon, afpd, could be configured to allow authentication with your actual NetBSD name and password. Unfortunately, due to limitations in AppleTalk and/or AFP itself, the password may not be longer than 8 characters. The problem is that your NetBSD password may well be longer than 8 characters. Therefore, that method works if and only if your NetBSD password is 8 characters or less.

The next best thing is to create a password specifically for AppleShare purposes. I recommend that you use this approach, regardless. In my opinion, it’s the most straightforward way to get read and write access from your Mac over AFP. This new AFP-specific password must also be 8 characters maximum, which is annoyingly short, but at least it can be different from your ordinary NetBSD password.

Create a default AFP password file:

doas afppasswd -c

Add your username to it. You’ll be invited to provide a new password:

doas afppasswd charlotte

NOTE: If here you specify a password longer than 8 characters, afppasswd will report an error, saying “passwords don’t match!” even when they actually do match.

4. Modify afpd.conf to allow authenticating with the new password.

Add something like the following to afpd.conf:

"My Cool Server" -transall -uamlist uams_randnum.so -loginmesg "Welcome!"

To be clear, there are other authentication methods available to Netatalk (uams_randnum.so is not the most secure). However, the clients which come with Mac OS 9 (Chooser, Network Browser, etc.) understand very few of them. In my view, using the password file is perfectly fine for our use case, which assumes just a simple LAN at home.

5. Enable the afpd system service (and friends).

Copy the applicable rc scripts from the Netatalk package to the system rc.d:

doas cp /usr/pkg/share/examples/rc.d/afpd /etc/rc.d
doas cp /usr/pkg/share/examples/rc.d/atalkd /etc/rc.d
doas cp /usr/pkg/share/examples/rc.d/cnid_metad /etc/rc.d

(For completeness: papd also comes from Netatalk, but that’s only for sharing networked printers, which is outside the scope of this document.)

Add the following to your rc.conf. I do believe all of them are required:

mdnsd=YES
cnid_metad=YES
atalkd=YES
afpd=YES

You could enable each of these services in turn right now, in the order listed above. (Beware, atalkd takes a minute or two to spin up for some reason.)

doas service mdnsd start
doas service cnd_metad start
doas service atalkd start
doas service afpd start

However, I think it’s just easier to reboot your NetBSD machine right now. Everything will be running correctly when NetBSD comes back up again. Going forward, any time you want to make changes to your configuration, you should be able to interact only with afpd to see your changes applied.

doas service afpd restart

That’s the hard part done!

On the Mac side

1. Use your favorite AppleShare client!

You can use the Chooser, or you can use the Network Browser. I think the Network Browser is nicer, but you might prefer to use the Chooser because you get some extra options. For example, the Chooser lets you specify whether you’d like the remote volume to be mounted automatically every time your Mac starts up. Handy!

If you use the Chooser, click on “AppleShare,” select your server from the list and log in.

If you use the Network Browser, click on the “AppleTalk” drop-down menu. Your file server should be listed underneath.

Bingo! Now your old Mac can retrieve files from and save files to a remote volume.