 |
| Apple Mac OS 9 in SheepShaver communicating over AppleTalk network protocol with Ubuntu Linux nodes via Netatalk |
With 10 DECnet nodes connected to the global hobbyist HECnet network stable and staying up, I started to wonder what other non-Internet Protocol (non-TCP/IP) networking experiment I could run. Apple's classic AppleTalk protocol came to mind.
Originally released as AppleNet in 1983 for the Apple II and Lisa, AppleTalk has roots in Xerox XNS. AppleTalk's ancestry is no less illustrious than DECnet.
Originally released as AppleNet in 1983 for the Apple II and Lisa, AppleTalk has roots in Xerox XNS. AppleTalk's ancestry is no less illustrious than DECnet.
Despite phenomenal rise of the Internet Protocol (TCP/IP), AppleTalk was supported all the way to the 2009 release of Mac OS X Snow Leopard. Interoperability with TCP/IP was introduced as far back as 1988 with MacTCP and later MacIP (Wikipedia) which basically piggybacked IP over AppleTalk. However, my objective here was to stay away from IP completely, and focus on pure AppleTalk.
I had zero experience with AppleTalk networking. Fortunately, there is still enough reading material out on the 'net to get a feel for it. "Inside Macintosh: Networking" is a great book. The Netatalk 2.0 documentation is fabulous. And Cisco's Protocol Filter appendix is handy in deciphering stuff like 0x809b ether-type packets that suddenly pop up in packet dumps once AppleTalk kicks in. 0x809b is EtherTalk, "an Apple AppleTalk networking protocol that enables AppleTalk to communicate over Ethernet cabling."
After reading around a bit, and not being a AppleTalk expert, I set myself the simplest of objectives of this experiment:
I had zero experience with AppleTalk networking. Fortunately, there is still enough reading material out on the 'net to get a feel for it. "Inside Macintosh: Networking" is a great book. The Netatalk 2.0 documentation is fabulous. And Cisco's Protocol Filter appendix is handy in deciphering stuff like 0x809b ether-type packets that suddenly pop up in packet dumps once AppleTalk kicks in. 0x809b is EtherTalk, "an Apple AppleTalk networking protocol that enables AppleTalk to communicate over Ethernet cabling."
 |
| EtherTalk (ethertype 0x809b) frames captured by iptraf-ng on Ubuntu Linux |
Objectives
After reading around a bit, and not being a AppleTalk expert, I set myself the simplest of objectives of this experiment:
- Bring up a classic Macintosh virtual machine running Mac OS with Ubuntu Linux as host
- Configure Mac OS and the virtual machine to support AppleTalk networking
- Add AppleTalk support to Ubuntu Linux host machine
- Have the Mac OS virtual machine access files on Ubuntu host machine via AppleTalk
- Bring in more Ubuntu Linux boxes supporting AppleTalk to the happy AppleTalk island
As the screenshot at the top of this post demonstrates, this experiment is pretty successful. In summary, the objectives were met respectively by:
- SheepShaver on Ubuntu running Mac OS 9, with sheep_net kernel network module
- The Mac OS 9 installation procedure installs AppleTalk
- Netatalk 2.0
- Netatalk version 2.2.5 on Ubuntu 17
- Netatalk version 2.2.2 on Ubuntu 14
- Editing configuration files of Netatalk daemons
- Same as 4
A note of caution: I had initially grabbed and built Netatalk 3.0 from source, but fell back to Netatalk 2.0 because support for AppleTalk was discarded in Netatalk 3.0.
Configuring SheepShaver to run a virtual Classic Apple Power Macintosh 9500 / PowerPC G4 CPU with MacOS 9 on Ubuntu Linux
Build SheepShaver from Source
There is some documentation here and here which boil down to the following. The Ubuntu version I built and run SheepShaver on is Ubuntu 17.04.
First, make sure the required packages are installed.
$ sudo apt-get install build-essential autoconf git libx11-dev libesd0-dev gtk+3.0-dev libsdl-dev libgtk+2.0-dev
Then, with root privileges, edit the file /etc/sysctl.conf to add the following lines at the bottom (this allows SheepShaver to run from a non-root account):
# --
# Needed for SheepShaver Mac Classic emulator
# --
vm.mmap_min_addr=0
Still with root privileges, enter the following command (or reboot):
service procps start
The following script fetches the SheepShaver source code and builds it.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # build-sheepshaver.sh | |
| # | |
| # Downloads / updates SheepShaver source and compiles it | |
| # | |
| # --- | |
| # Supratim Sanyal | |
| # Details: http://bit.ly/MacOS9-SheepShaver | |
| # --- | |
| mkdir -p ~/sheepshaver.build | |
| cd ~/sheepshaver.build/ | |
| git clone https://github.com/cebix/macemu.git # Will fail if already run before but okay to fail then | |
| cd ~/sheepshaver.build/macemu/ | |
| git rebase | |
| git gc | |
| cd ./SheepShaver/ | |
| make links | |
| cd ./src/Unix/ | |
| ./autogen.sh | |
| make | |
| cd ~ | |
| date | |
| ls -l ~/sheepshaver.build/macemu/SheepShaver/src/Unix/SheepShaver | |
| echo Now run build-sheep-net.sh |
I found various packages, all from standard Ubuntu repositories, to get a autoconfig result of:
SDL support ...................... : none
BINCUE support ................... : no
LIBVHD support ................... : no
FBDev DGA support ................ : yes
XFree86 DGA support .............. : yes
XFree86 VidMode support .......... : yes
Using PowerPC emulator ........... : yes
Enable JIT compiler .............. : yes
Enable video on SEGV signals ..... : yes
ESD sound support ................ : yes
GTK user interface ............... : gtk2
mon debugger support ............. : no
Addressing mode .................. : real
Bad memory access recovery type .. : siginfo
Once the main SheepShaver program has been built, the following script builds the sheep_net.ko kernel module.
The following script installs the sheep_net.ko kernel module and creates the /dev/sheep_net network device with the right ownership:
I created a directory ~/sheepshaver.run/ and copied over the SheepShaver binary from the build location (~/sheepshaver.build/macemu/SheepShaver/src/Unix/SheepShaver). I then looked around the internet to locate a "New World" ROM (newworld86.rom) and a Mac OS 9 bootable installer image (Mac OS 9.toast). There are pointers to where they can be obtained from at "Setting up SheepShaver for Mac OS X". I placed both these items in the same directory as the SheepShaver binary.
I created a subdirectory called "shared" to share files between the Ubuntu host and SheepShaver's Mac desktop. This directory is configured to be the "Unix Root" on SheepShaver and shows up as the drive "Unix" on the virtual Mac desktop. It simplifies transfer of files between Ubuntu host and Mac OS 9 virtual machines guest; anything copied into "shared" shows up in the "Unix" drive on Mac OS desktop though they cannot be executed directly from there, requiring me to copy executable installers from "Unix" to a local place on Mac OS first.
Finally I fired up SheepShaver, added the boot disk image, created two disk drives of 250 MB each, disabled sound (I do not want audio!), set the network interface and launched the emulated PowerMac G4. Here is a series of pictures of the options I configured in each tab:
When the "Start" button is clicked, SheepShaver saves the configuration out to a dotted (hidden) text file called ".sheepshaver_prefs" in the home directory, i.e. "~/.sheepshaver_prefs". It then launches the virtual Power Macintosh and boots from the CD image.
On examining ~/.sheepshaver_prefs I found a time-saving trick - setting "nogui" to "true" does not launch the heavy graphical configuration tool first but boots up the Mac OS 9 virtual machine directly. It is much easier to directly edit ~/.sheepshaver_prefs instead of having to deal with a GUI. Here is my ~/.sheepshaver_prefs:
disk SANYALnet-MacOS9-Disk1.dsk
disk SANYALnet-MacOS9-Disk2.dsk
extfs shared
screen win/800/600
windowmodes 0
screenmodes 0
seriala /dev/null
serialb /dev/null
rom newworld86.rom
bootdrive 0
bootdriver 0
ramsize 536870912
frameskip 12
gfxaccel false
nocdrom true
nonet false
nosound true
nogui true
noclipconversion false
ignoresegv true
ignoreillegal true
jit true
jit68k false
keyboardtype 5
ether vde-decnet-tap2
keycodes false
mousewheelmode 1
mousewheellines 3
dsp /dev/dsp
mixer /dev/mixer
ignoresegv true
idlewait true
I use the following script to start the Mac OS 9 SheepShaver application with the X11 GUI going to a detached virtual X11 display screen using the "xpra" tool.
As expected for new disks, the installer asks to initialize them. I decided to initialize the two disks with "Mac OS Extended" file system instead of the default "Mac OS Standard". It appears from the literature around the internet that "Mac OS Extended" is actually a journaling file system with better performance for normal use.
More importantly, the "Update Apple Hard Disk Drivers" checkbox in the "Options" screen accessible via the "Options..." button needs to be unchecked (cleared) for successful SheepShaver installation; SheepShaver hangs if this button is checked.
As far as "Customize" is concerned, I pretty much selected everything except Speech-related features.
I then proceeded with the installation by clicking "Start".
Once installation completed (it takes about 7 - 8 minutes), I shut Mac OS 9 down and restarted SheepShaver to get back to the launcher options GUI. I then removed the CD ROM from the list of volumes and booted up Mac OS 9 from the hard disk.
On booting up the first time after installation, Mac OS 9 presents a "Mac OS Setup Assistant" window. It is very important the Setup Assistant be not used; all configuration can be done separately using the various Control Panels reachable via the Apple logo at the top left. Mac OS Setup Assistant hangs SheepShaver, close it immediately!
That completes the base installation of Mac OS 9 on SheepShaver, ready to be configured for its networking features. Here are a couple of more screenshots.
It took me a while and many SheepShaver freezes to figure this out:
Mac OS 9 in SheepShaver needs to have an IP address, netmask and gateway configured, and the configured Gateway needs to be reachable, to not freeze and stay up even if we are using only AppleTalk.
It does not matter if the configured IP Gateway actually connects to the internet or anything at all; as long as Mac OS 9 can see it, it is happy.
I used the TCP/IP control panel to configure a dummy IP address, subnet mask, router (Apple speak for Gateway) and Name server (DNS).
Then I assigned the router and DNS address configured in Mac OS 9 to a different plug on the same VDE switch on the Ubuntu host so that Mac OS 9 can see the IP gateway. There is no IP traffic after a few initial startup packets.
$ ip addr show vde-decnet-tap3
13: vde-decnet-tap3: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether 82:29:cd:e3:f6:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.217.1/27 brd 192.168.217.31 scope global vde-decnet-tap3
valid_lft forever preferred_lft forever
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # build-sheep-net.sh | |
| # | |
| # Builds sheep_net.ko kernel module | |
| # build-sheepshaver.sh should have been run previously | |
| # | |
| # --- | |
| # Supratim Sanyal | |
| # Details: http://bit.ly/MacOS9-SheepShaver | |
| # --- | |
| if [ -d ~/sheepshaver.build/macemu/SheepShaver/src/Unix/Linux/NetDriver ]; then | |
| echo Netdriver source directory present. | |
| else | |
| echo "Run build-sheepshaver.sh first" | |
| exit 0 | |
| fi | |
| cd ~/sheepshaver.build/macemu/SheepShaver/src/Unix/Linux/NetDriver | |
| make | |
| date | |
| ls -l ~/sheepshaver.build/macemu/SheepShaver/src/Unix/Linux/NetDriver/sheep_net.ko | |
| echo now run install-sheep-net.sh |
The following script installs the sheep_net.ko kernel module and creates the /dev/sheep_net network device with the right ownership:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # install-sheep-net.sh | |
| # | |
| # Installs sheep_net.ko kernel module and creates sheep_net | |
| # device for use by SheepShaver emulation on classic Power Macintosh G4 | |
| # build-sheepshaver.sh and build-sheep-net.sh should have been run previously | |
| # | |
| # Needs sudo root access | |
| # | |
| # --- | |
| # Supratim Sanyal | |
| # Details: http://bit.ly/MacOS9-SheepShaver | |
| # --- | |
| # Check if sheep_net kernel module is already loaded | |
| if [ `lsmod | grep -o ^sheep_net` ]; then | |
| echo "sheep_net kernel module is already present" | |
| exit 0 | |
| fi | |
| # Check if running as root | |
| if [ "$EUID" -ne 0 ]; then | |
| echo "Must run as root - try again with sudo!" | |
| exit 0 | |
| fi | |
| #insmod ~/sheepshaver.build/macemu/BasiliskII/src/Unix/Linux/NetDriver/sheep_net.ko | |
| insmod /home/macos/sheepshaver.run/sheep_net.ko | |
| depmod | |
| chown macos:macos /dev/sheep_net | |
| date | |
| ls -l /dev/sheep_net | |
| lsmod | grep sheep_net | |
| exit 0 |
Configure and run SheepShaver
I created a directory ~/sheepshaver.run/ and copied over the SheepShaver binary from the build location (~/sheepshaver.build/macemu/SheepShaver/src/Unix/SheepShaver). I then looked around the internet to locate a "New World" ROM (newworld86.rom) and a Mac OS 9 bootable installer image (Mac OS 9.toast). There are pointers to where they can be obtained from at "Setting up SheepShaver for Mac OS X". I placed both these items in the same directory as the SheepShaver binary.
I created a subdirectory called "shared" to share files between the Ubuntu host and SheepShaver's Mac desktop. This directory is configured to be the "Unix Root" on SheepShaver and shows up as the drive "Unix" on the virtual Mac desktop. It simplifies transfer of files between Ubuntu host and Mac OS 9 virtual machines guest; anything copied into "shared" shows up in the "Unix" drive on Mac OS desktop though they cannot be executed directly from there, requiring me to copy executable installers from "Unix" to a local place on Mac OS first.
Finally I fired up SheepShaver, added the boot disk image, created two disk drives of 250 MB each, disabled sound (I do not want audio!), set the network interface and launched the emulated PowerMac G4. Here is a series of pictures of the options I configured in each tab:
 |
| SheepShaver Mac OS 9 Disk Volume and Shared Directory configuration |
 |
| SheepShaver Mac OS 9 Graphics and Sound configuration |
 |
| SheepShaver Mac OS 9 Keyboard and Mouse configuration |
 |
| SheepShaver Mac OS 9 Serial Ports and Network Adapter configuration I used a port on a VDE (Virtual Distributed Ethernet) switch already configured and used by my DECnet nodes |
 |
| SheepShaver Mac OS 9 Memory and Misc. configuration |
 |
| SheepShaver Mac OS 9 JIT Compiler configuration |
When the "Start" button is clicked, SheepShaver saves the configuration out to a dotted (hidden) text file called ".sheepshaver_prefs" in the home directory, i.e. "~/.sheepshaver_prefs". It then launches the virtual Power Macintosh and boots from the CD image.
On examining ~/.sheepshaver_prefs I found a time-saving trick - setting "nogui" to "true" does not launch the heavy graphical configuration tool first but boots up the Mac OS 9 virtual machine directly. It is much easier to directly edit ~/.sheepshaver_prefs instead of having to deal with a GUI. Here is my ~/.sheepshaver_prefs:
disk SANYALnet-MacOS9-Disk1.dsk
disk SANYALnet-MacOS9-Disk2.dsk
extfs shared
screen win/800/600
windowmodes 0
screenmodes 0
seriala /dev/null
serialb /dev/null
rom newworld86.rom
bootdrive 0
bootdriver 0
ramsize 536870912
frameskip 12
gfxaccel false
nocdrom true
nonet false
nosound true
nogui true
noclipconversion false
ignoresegv true
ignoreillegal true
jit true
jit68k false
keyboardtype 5
ether vde-decnet-tap2
keycodes false
mousewheelmode 1
mousewheellines 3
dsp /dev/dsp
mixer /dev/mixer
ignoresegv true
idlewait true
I use the following script to start the Mac OS 9 SheepShaver application with the X11 GUI going to a detached virtual X11 display screen using the "xpra" tool.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # run-macintosh.sh | |
| # | |
| # Starts up SheepShaver Mac OS 9 with AppleTalk and DECnet networking emulator | |
| # with the X11 GUI inside a detached X11 display using xpra on screen :100 | |
| # | |
| # Use "xpra attach" to attach to SheepShaver X11 GUI, ctrl-c to detach | |
| # | |
| # --- | |
| # Supratim Sanyal | |
| # Details: http://bit.ly/MacOS9-SheepShaver | |
| # --- | |
| echo $0 `date` | |
| echo ----- | |
| echo "MacOS9 SheepShaver Configuration file (editable): ~/.sheepshaver_prefs" | |
| echo "Do not forget to install sheep_net network driver before starting MacOS9" | |
| echo ----- | |
| # Check if SheepShaver is already running | |
| if pidof -x SheepShaver >/dev/null; then | |
| echo "Error SheepShaver Mac already running" | |
| echo "SheepShaver PID: `pidof -x SheepShaver`" | |
| xpra list | |
| echo "check \"xpra attach\" (Ctrl-c to detach)" | |
| exit 0 | |
| fi | |
| # Check if sheep_net kernel module is loaded | |
| MODULE=sheep_net | |
| if [ `lsmod | grep -o ^$MODULE` ]; then | |
| echo "sheep_net kernel module is present, continuing ..." | |
| else | |
| echo "sheep_net kernel module is not loaded, load it first." | |
| echo "run ~/install-sheep-net.sh" | |
| exit 0 | |
| fi | |
| cd ~/sheepshaver.run/ | |
| #if [ -f nohup.out ]; then | |
| # mv -vf nohup.out nohup.out.bak | |
| #fi | |
| #nohup nice --adjustment=15 ionice -c3 ./SheepShaver & | |
| # Detach and run X11 Mac OS9 GUI in xpra display :100 | |
| xpra stop # Kill any existing detached session | |
| echo "starting MACOS9 in xpra display :100" | |
| nice --adjustment=15 ionice -c3 xpra start :100 -d -all --start-child=./SheepShaver | |
| sleep 5 | |
| echo "`xpra list`" | |
| echo " " | |
| echo Attach to MacOS X11 GUI using \"xpra attach\", detach using ctrl-c | |
| echo It is now `date` | |
| sync | |
| exit 0 |
Install Mac OS 9 in SheepShaver
 |
| Mac OS 9 Installation CD Boot in SheepShaver |
More importantly, the "Update Apple Hard Disk Drivers" checkbox in the "Options" screen accessible via the "Options..." button needs to be unchecked (cleared) for successful SheepShaver installation; SheepShaver hangs if this button is checked.
 |
| Mac OS 9 installation options: "Update Apple Hard Disk Drivers" must be unchecked for SheepShaver |
 |
| Mac OS 9 Customized Installation Example: Selecting "All" Internet Access Features |
I then proceeded with the installation by clicking "Start".
 |
| Mac OS 9 on SheepShaver CD ROM image installation progress |
Once installation completed (it takes about 7 - 8 minutes), I shut Mac OS 9 down and restarted SheepShaver to get back to the launcher options GUI. I then removed the CD ROM from the list of volumes and booted up Mac OS 9 from the hard disk.
 |
| Mac OS 9 SheepShaver Configuration for Hard-Disk only volumes (CD ROM volume removed) |
 |
| The Mac OS 9 Setup Assistant: Close the Setup Assistant immediately; it hangs SheepShaver |
 |
| Clean initial installation of Mac OS 9 on Power Macintosh emulated by SheepShaver for Ubuntu Linux |
Get Mac OS 9 in SheepShaver Ready for AppleTalk
It took me a while and many SheepShaver freezes to figure this out:
Mac OS 9 in SheepShaver needs to have an IP address, netmask and gateway configured, and the configured Gateway needs to be reachable, to not freeze and stay up even if we are using only AppleTalk.
It does not matter if the configured IP Gateway actually connects to the internet or anything at all; as long as Mac OS 9 can see it, it is happy.
I used the TCP/IP control panel to configure a dummy IP address, subnet mask, router (Apple speak for Gateway) and Name server (DNS).
 |
| TCP/IP Control Panel on Mac OS 9 |
Then I assigned the router and DNS address configured in Mac OS 9 to a different plug on the same VDE switch on the Ubuntu host so that Mac OS 9 can see the IP gateway. There is no IP traffic after a few initial startup packets.
$ ip addr show vde-decnet-tap3
13: vde-decnet-tap3: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether 82:29:cd:e3:f6:56 brd ff:ff:ff:ff:ff:ff
inet 192.168.217.1/27 brd 192.168.217.31 scope global vde-decnet-tap3
valid_lft forever preferred_lft forever
I did not have to do much else in terms of preparing for AppleTalk; it did really work "automagically" as claimed once Netatalk was configured on the Ubuntu host.
Install and Configure Netatalk on Linux Ubuntu
Unfortunately my total ignorance of AppleTalk resulted in spending significant time in numerous false starts before everything fell into place. One of the bigger mistakes I made was to download and build Netatalk 3.0 from source, only to realize later that they completely took out support for AppleTalk in Netatalk 3.0 onwards.
There is no AppleTalk router in my setup. All AppleTalk nodes are plugged into the same VDE virtual switch. Also, there is no AppleTalk Zone Name required or specified; there is only one zone which is also the default zone.
Ultimately what worked was a straight-forward installation from standard Ubuntu repository which pulled in Netatalk version 2.2.5 (on Ubuntu 17), and edits to just four files.
/etc/default/netatalk
To use the AFP file server, I enabled both the cnid_metad and afpd daemons. Since I am only interested in AppleTalk, I enabled the atalkd, papd and timelord "legacy" daemons but left the a2boot daemon disabled because I have no need for netbooting. Here is /etc/default/netatalk configuration file from MOKSHA which is the Ubuntu 17.04 host machine for SheepShaver.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Netatalk 2.x configuration | |
| # | |
| # ----- | |
| # Install sheep_net.ko kernel module and sheep_net device for | |
| # SheepShaver Power Macintosh G4 emulator for Classic Mac OS 9 | |
| # emulation and connect over AppleTalk using Netatalk: | |
| # | |
| # Complete instructions: http://bit.ly/MacOS9-SheepShaver | |
| # | |
| # A SANYALnet Labs Hobbyist Project | |
| # Supratim Sanyal - http://tuklusan.decsystem.org/ | |
| # ----- | |
| ######################################################################### | |
| # Global configuration | |
| ######################################################################### | |
| #### machine's AFPserver/AppleTalk name. | |
| #ATALK_NAME=machinename | |
| #### server (unix) and legacy client (<= Mac OS 9) charsets | |
| ATALK_UNIX_CHARSET='LOCALE' | |
| ATALK_MAC_CHARSET='MAC_ROMAN' | |
| #### Don't Edit. export the charsets, read form ENV by apps | |
| export ATALK_UNIX_CHARSET | |
| export ATALK_MAC_CHARSET | |
| ######################################################################### | |
| # AFP specific configuration | |
| ######################################################################### | |
| #### Set which daemons to run. | |
| #### If you use AFP file server, run both cnid_metad and afpd. | |
| CNID_METAD_RUN=yes | |
| AFPD_RUN=yes | |
| #CNID_METAD_RUN=no | |
| #AFPD_RUN=no | |
| #### maximum number of clients that can connect: | |
| #AFPD_MAX_CLIENTS=20 | |
| #### UAMs (User Authentication Modules) | |
| #### available options: uams_dhx.so, uams_dhx2.so, uams_guest.so, | |
| #### uams_clrtxt.so(legacy), uams_randnum.so(legacy) | |
| #AFPD_UAMLIST="-U uams_dhx2.so,uams_clrtxt.so" | |
| #### Set the id of the guest user when using uams_guest.so | |
| #AFPD_GUEST=nobody | |
| #### config for cnid_metad. Default log config: | |
| #CNID_CONFIG="-l log_note" | |
| ######################################################################### | |
| # AppleTalk specific configuration (legacy) | |
| ######################################################################### | |
| #### Set which legacy daemons to run. | |
| #### If you need AppleTalk, run atalkd. | |
| #### papd, timelord and a2boot are dependent upon atalkd. | |
| #ATALKD_RUN=no | |
| #PAPD_RUN=no | |
| #TIMELORD_RUN=no | |
| #A2BOOT_RUN=no | |
| ATALKD_RUN=yes | |
| PAPD_RUN=yes | |
| TIMELORD_RUN=yes | |
| A2BOOT_RUN=no | |
| #### Control whether the daemons are started in the background. | |
| #### If it is dissatisfied that legacy atalkd starts slowly, set "yes". | |
| #### In case using systemd/systemctl, this is not so significant. | |
| #ATALK_BGROUND=no | |
| #### Set the AppleTalk Zone name. | |
| #### NOTE: if your zone has spaces in it, you're better off specifying | |
| #### it in atalkd.conf | |
| #ATALK_ZONE=@zone | |
| #ATALK_ZONE=@moksha |
/etc/netatalk/atalkd.conf
The virtual Ethernet card on my SheepShaver configuration is connected to a plug on a Virtual Distributed Ethernet (VDE) switch running on MOKSHA which also happens to host four more virtual machines that communicate over DECnet. All I needed to do with atalkd.conf is stick in the name of a hitherto unused VDE plug network device, just by itself, on the last line. Netatalk actually modifies this file on startup with a startup AppleTalk net-range and a self-generated node number (which it decides on "automagically" based on what it can see on the network) and adds those items to the configuration itself. Here is my atalkd.conf from MOKSHA after being modified by Netatalk.
/etc/netatalk/afpd.conf
This file configures file-sharing between Ubuntu and Mac OS 9 over AppleTalk. Interested only in AppleTalk, I disabled TCP and enabled DDP ("Datagram Delivery Protocol") that is part of the AppleTalk stack. I also enabled guest access requiring no authentication and a "welcome" message that is displayed when a guest connection is established to Ubuntu from Mac OS 9.
The Ubuntu directory made available publicly to Mac OS 9 over AppleTalk is actually configured in the next file.
Here is my afpd.conf file.
/etc/netatalk/AppleVolumes.default
This file defines the directories to be shared by Ubuntu over AppleTalk for Mac OS clients. I configured just one directory to be shared with Mac OS. (I have a lofty goal of making this directory available over the FAL service of DECnet as well, hence the name). Here is my AppleVolumes.default configuration file.
Of course, the netatalk service has to restarted using the standard Ubuntu systemctl (or service on Ubuntu 14) tool for configuration changes to take effect. Also, netatalk has to be enabled for starting up at boot using systemctl (or update-rc.d on Ubuntu 14).
With the Ubuntu 17 host and SheepShaver Mac OS 9 communicating successfully over AppleTalk at this point, I added two more Ubuntu 14 nodes FEDACH and FOMFOR into the AppleTalk mix. They were already bridged into the DECnet VDE switch that I am using for AppleTalk too.
Once again I simply used Ubuntu's standard apt-get command to install Netatalk from the repos.
FEDACH, FOMFOR and MOKSHA have identical /etc/default/netatalk and /etc/netatalk/AppleVolumes.default configuration files.
The network adapter on FEDACH and FOMFOR dedicated to non-IP protocols (i.e. DECnet and AppleTalk only) is eth1. I accordingly updated /etc/netatalk/atalkd.conf with a single item "eth1" and restarted the netatalk service. As expected, Netatalk looked around, negotiated with other AppleTalk nodes and "automagically" filled in additional parameters with the same net ranges but unique node addresses as follows:
FEDACH - /etc/netatalk/atalkd.conf:
eth1 -phase 2 -net 0-65534 -addr 65280.225
FOMFOR - /etc/netatalk/atalkd.conf:
eth1 -phase 2 -net 0-65534 -addr 65280.149
I edited the /etc/netatalk/afpd.conf files on the two nodes to reflect the correct node names and login (welcome) messages:
FEDACH - /etc/netatalk/afpd.conf:
"FEDACH" -ddp -notcp -uamlist uams_guest.so -loginmesg "Welcome to FEDACH over AppleTalk, a SANYALnet Labs Ubuntu 14.04 server also speaking DECnet Phase IV and Internet Protocol (IP)."
FOMFOR - /etc/netatalk/afpd.conf:
"FOMFOR" -ddp -notcp -uamlist uams_guest.so -loginmesg "Welcome to FOMFOR over AppleTalk, a SANYALnet Labs Ubuntu 14.04 server also speaking DECnet Phase IV and Internet Protocol (IP)."
Moving on from AppleTalk, I went ahead to install DEC Pathworks for Macintosh and added DECnet support to Mac OS 9, thus having Mac OS 9 talking both AppleTalk and DECnet. But DECnet for Macintosh and Pathworks for Macintosh are the subjects of a separate post that I will get to some time! If it is up, you can see this Mac OS 9 virtual machine on HECnet.
Comments welcome.
The virtual Ethernet card on my SheepShaver configuration is connected to a plug on a Virtual Distributed Ethernet (VDE) switch running on MOKSHA which also happens to host four more virtual machines that communicate over DECnet. All I needed to do with atalkd.conf is stick in the name of a hitherto unused VDE plug network device, just by itself, on the last line. Netatalk actually modifies this file on startup with a startup AppleTalk net-range and a self-generated node number (which it decides on "automagically" based on what it can see on the network) and adds those items to the configuration itself. Here is my atalkd.conf from MOKSHA after being modified by Netatalk.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ----- | |
| # Install sheep_net.ko kernel module and sheep_net device for | |
| # SheepShaver Power Macintosh G4 emulator for Classic Mac OS 9 | |
| # emulation and connect over AppleTalk using Netatalk: | |
| # | |
| # Complete instructions: http://bit.ly/MacOS9-SheepShaver | |
| # | |
| # A SANYALnet Labs Hobbyist Project | |
| # Supratim Sanyal - http://tuklusan.decsystem.org/ | |
| # ----- | |
| # | |
| # | |
| # Format of lines in this file: | |
| # | |
| # interface [ -seed ] [ -router | -dontroute ] | |
| # [ -phase { 1 | 2 } ] [ -addr net.node ] | |
| # [ -net first[-last] ] [ -zone ZoneName ] ... | |
| # | |
| # -seed only works if you have multi-interfaces. Any missing arguments are | |
| # automatically configured from the network. Note: lines can't actually be | |
| # split, tho it's a good idea. | |
| # | |
| # -router is like -seed but it allows single-interface routing. -dontroute | |
| # disables routing for the specified interface. | |
| # | |
| # Some examples: | |
| # | |
| # The simplest case is no atalkd.conf. This works on most platforms | |
| # (notably not Solaris), since atalkd can discover the local interfaces | |
| # on the machine. | |
| # | |
| # Very slightly more complicated: | |
| # | |
| # le0 | |
| # or | |
| # eth0 | |
| # | |
| # for Solaris/SunOS or Linux. | |
| # | |
| # A much more complicated example: | |
| # | |
| # le0 -phase 1 | |
| # le1 -seed -phase 2 -addr 66.6 -net 66-67 -zone "No Parking" | |
| # | |
| # This turns on transition routing between the le0 and le1 | |
| # interfaces on a Sun. It also causes atalkd to fail if other | |
| # routers disagree about it's configuration of le1. | |
| # | |
| #vde-decnet-tap3 -seed -phase 2 -addr 2005.79 -net 2005-2006 -zone "moksha" | |
| ## | |
| vde-decnet-tap3 -phase 2 -net 0-65534 -addr 65280.80 |
/etc/netatalk/afpd.conf
This file configures file-sharing between Ubuntu and Mac OS 9 over AppleTalk. Interested only in AppleTalk, I disabled TCP and enabled DDP ("Datagram Delivery Protocol") that is part of the AppleTalk stack. I also enabled guest access requiring no authentication and a "welcome" message that is displayed when a guest connection is established to Ubuntu from Mac OS 9.
The Ubuntu directory made available publicly to Mac OS 9 over AppleTalk is actually configured in the next file.
 |
| AppleTalk Network File Share Login Message |
Here is my afpd.conf file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # CONFIGURATION FOR AFPD (Netatalk 2.x) | |
| # | |
| # ----- | |
| # Install sheep_net.ko kernel module and sheep_net device for | |
| # SheepShaver Power Macintosh G4 emulator for Classic Mac OS 9 | |
| # emulation and connect over AppleTalk using Netatalk: | |
| # | |
| # Complete instructions: http://bit.ly/MacOS9-SheepShaver | |
| # | |
| # A SANYALnet Labs Hobbyist Project | |
| # Supratim Sanyal - http://tuklusan.decsystem.org/ | |
| # ----- | |
| # | |
| # | |
| # Each single line defines a virtual server that should be available. | |
| # Though, using "\" character, newline escaping is supported. | |
| # Empty lines and lines beginning with `#' are ignored. | |
| # Options in this file will override both compiled-in defaults | |
| # and command line options. | |
| # | |
| # | |
| # Format: | |
| # - [options] to specify options for the default server | |
| # "Server name" [options] to specify an additional server | |
| # | |
| # | |
| # The following options are available: | |
| # Transport Protocols: | |
| # -[no]tcp Make "AFP over TCP" [not] available | |
| # -[no]ddp Make "AFP over AppleTalk" [not] available. | |
| # If you have -proxy specified, specify -uamlist "" to | |
| # prevent ddp connections from working. | |
| # | |
| # -transall Make both available | |
| # | |
| # Transport Options: | |
| # -ipaddr <ipaddress> Specifies the IP address that the server should | |
| # advertise and listens to. The default is advertise | |
| # the first IP address of the system, but to listen | |
| # for any incoming request. The network address may | |
| # be specified either in dotted-decimal format for | |
| # IPv4 or in hexadecimal format for IPv6. | |
| # This option also allows to use one machine to | |
| # advertise the AFP-over-TCP/IP settings of another | |
| # machine via NBP when used together with the -proxy | |
| # option. | |
| # -server_quantum <number> | |
| # Specifies the DSI server quantum. The minimum | |
| # value is 1MB. The max value is 0xFFFFFFFF. If you | |
| # specify a value that is out of range, you'll get | |
| # the default value (currently the minimum). | |
| # -admingroup <groupname> | |
| # Specifies the group of administrators who should | |
| # all be seen as the superuser when they log in. | |
| # Default is disabled. | |
| # -ddpaddr x.y Specifies the DDP address of the server. | |
| # the default is to auto-assign an address (0.0). | |
| # this is only useful if you're running on | |
| # a multihomed host. | |
| # -port <number> Specifies the TCP port the server should respond | |
| # to (default is 548) | |
| # -fqdn <name:port> specify a fully-qualified domain name (+optional | |
| # port). this gets discarded if the server can't | |
| # resolve it. this is not honored by appleshare | |
| # clients <= 3.8.3 (default: none) | |
| # -hostname <name> Use this instead of the result from calling | |
| # hostname for dertermening which IP address to | |
| # advertise, therfore the hostname is resolved to | |
| # an IP which is the advertised. This is NOT used for | |
| # listening and it is also overwritten by -ipaddr. | |
| # -proxy Run an AppleTalk proxy server for specified | |
| # AFP/TCP server (if address/port aren't given, | |
| # then first IP address of the system/548 will | |
| # be used). | |
| # if you don't want the proxy server to act as | |
| # a ddp server as well, set -uamlist to an empty | |
| # string. | |
| # -dsireadbuf [number] | |
| # Scale factor that determines the size of the | |
| # DSI/TCP readahead buffer, default is 12. This is | |
| # multiplies with the DSI server quantum (default | |
| # ~300k) to give the size of the buffer. Increasing | |
| # this value might increase throughput in fast local | |
| # networks for volume to volume copies. Note: This | |
| # buffer is allocated per afpd child process, so | |
| # specifying large values will eat up large amount of | |
| # memory (buffer size * number of clients). | |
| # -tcprcvbuf [number] | |
| # Try to set TCP receive buffer using setsockpt(). | |
| # Often OSes impose restrictions on the applications | |
| # ability to set this value. | |
| # -tcpsndbuf [number] | |
| # Try to set TCP send buffer using setsockpt(). | |
| # Often OSes impose restrictions on the applications | |
| # ability to set this value. | |
| # -slp Register this server with the Service Location | |
| # Protocol (if SLP support was compiled in). | |
| # -nozeroconf Don't register this server with the Multicats | |
| # DNS Protocol. | |
| # -advertise_ssh Allows Mac OS X clients (10.3.3-10.4) to | |
| # automagically establish a tunneled AFP connection | |
| # through SSH. This option is not so significant | |
| # for the recent Mac OS X. See the Netatalk Manual | |
| # in detail. | |
| # | |
| # | |
| # Authentication Methods: | |
| # -uampath <path> Use this path to look for User Authentication Modules. | |
| # (default: /usr/lib/netatalk) | |
| # -uamlist <a,b,c> Comma-separated list of UAMs. | |
| # (default: uams_dhx.so,uams_dhx2.so) | |
| # | |
| # some commonly available UAMs: | |
| # uams_guest.so: Allow guest logins | |
| # | |
| # uams_clrtxt.so: (uams_pam.so or uams_passwd.so) | |
| # Allow logins with passwords | |
| # transmitted in the clear. | |
| # | |
| # uams_randnum.so: Allow Random Number and Two-Way | |
| # Random Number exchange for | |
| # authentication. | |
| # | |
| # uams_dhx.so: (uams_dhx_pam.so or uams_dhx_passwd.so) | |
| # Allow Diffie-Hellman eXchange | |
| # (DHX) for authentication. | |
| # | |
| # uams_dhx2.so: (uams_dhx2_pam.so or uams_dhx2_passwd.so) | |
| # Allow Diffie-Hellman eXchange 2 | |
| # (DHX2) for authentication. | |
| # | |
| # Password Options: | |
| # -[no]savepassword [Don't] Allow clients to save password locally | |
| # -passwdfile <path> Use this path to store Randnum passwords. | |
| # (Default: /etc/netatalk/afppasswd. The only other | |
| # useful value is ~/.passwd. See 'man afppasswd' | |
| # for details.) | |
| # -passwdminlen <#> minimum password length. may be ignored. | |
| # -[no]setpassword [Don't] Allow clients to change their passwords. | |
| # -loginmaxfail <#> maximum number of failed logins. this may be | |
| # ignored if the uam can't handle it. | |
| # | |
| # AppleVolumes files: | |
| # -defaultvol <path> Specifies path to AppleVolumes.default file | |
| # (default /etc/netatalk/AppleVolumes.default, | |
| # same as -f on command line) | |
| # -systemvol <path> Specifies path to AppleVolumes.system file | |
| # (default /etc/netatalk/AppleVolumes.system, | |
| # same as -s on command line) | |
| # -[no]uservolfirst [Don't] read the user's ~/AppleVolumes or | |
| # ~/.AppleVolumes before reading | |
| # /etc/netatalk/AppleVolumes.default | |
| # (same as -u on command line) | |
| # -[no]uservol [Don't] Read the user's volume file | |
| # -closevol Immediately unmount volumes removed from | |
| # AppleVolumes files on SIGHUP sent to the afp | |
| # master process. | |
| # | |
| # Miscellaneous: | |
| # -authprintdir <path> Specifies the path to be used (per server) to | |
| # store the files required to do CAP-style | |
| # print authentication which papd will examine | |
| # to determine if a print job should be allowed. | |
| # These files are created at login and if they | |
| # are to be properly removed, this directory | |
| # probably needs to be umode 1777 | |
| # -guestname "user" Specifies the user name for the guest login | |
| # (default "nobody", same as -g on command line) | |
| # -loginmesg "Message" Client will display "Message" upon logging in | |
| # (no default, same as -l "Message" on commandline) | |
| # -nodebug Switch off debugging | |
| # -client_polling With this switch enabled, afpd won't advertise | |
| # that it is capable of server notifications, so that | |
| # connected clients poll the server every 10 seconds | |
| # to detect changes in opened server windows. | |
| # Note: Depending on the number of simultaneously | |
| # connected clients and the network's speed, this can | |
| # lead to a significant higher load on your network! | |
| # -sleep <number> AFP 3.x wait number hours before disconnecting | |
| # clients in sleep mode. Default 10 hours | |
| # -tickleval <number> Specify the tickle timeout interval (in seconds). | |
| # Note, this defaults to 30 seconds, and really | |
| # shouldn't be changed. If you want to control | |
| # the server idle timeout, use the -timeout option. | |
| # -timeout <number> Specify the number of tickles to send before | |
| # timing out a connection. | |
| # The default is 4, therefore a connection will | |
| # timeout in 2 minutes. | |
| # -[no]icon [Don't] Use the platform-specific icon. Recent | |
| # Mac OS don't display it any longer. | |
| # -volnamelen <number> | |
| # Max length of UTF8-MAC volume name for Mac OS X. | |
| # Note that Hangul is especially sensitive to this. | |
| # 255: limit of spec | |
| # 80: limit of generic Mac OS X (default) | |
| # 73: limit of Mac OS X 10.1, if >= 74 | |
| # Finder crashed and restart repeatedly. | |
| # Mac OS 9 and earlier is not influenced by this, | |
| # Maccharset volume names are always limitted to 27. | |
| # -[un]setuplog "<logtype> <loglevel> [<filename>]" | |
| # Specify that any message of a loglevel up to the | |
| # given loglevel should be logged to the given file. | |
| # If the filename is ommited the loglevel applies to | |
| # messages passed to syslog. | |
| # | |
| # By default (no explicit -setuplog and no buildtime | |
| # configure flag --with-logfile) afpd logs to syslog | |
| # with a default logging setup equivalent to | |
| # "-setuplog default log_info". | |
| # | |
| # If build with --with-logfile[=somefile] | |
| # (default logfile /var/log/netatalk.log) afpd | |
| # defaults to a setup that is equivalent to | |
| # "-setuplog default log_info [netatalk.log|somefile]" | |
| # | |
| # logtypes: Default, AFPDaemon, Logger, UAMSDaemon | |
| # loglevels: LOG_SEVERE, LOG_ERROR, LOG_WARN, | |
| # LOG_NOTE, LOG_INFO, LOG_DEBUG, | |
| # LOG_DEBUG6, LOG_DEBUG7, LOG_DEBUG8, | |
| # LOG_DEBUG9, LOG_MAXDEBUG | |
| # | |
| # Example: Useful default config | |
| # -setuplog "default log_info /var/log/afpd.log" | |
| # | |
| # Debugging config | |
| # -setuplog "default log_maxdebug /var/log/afpd.log" | |
| # | |
| # -signature { user:<text> | auto } | |
| # Specify a server signature. This option is useful | |
| # while running multiple independent instances of | |
| # afpd on one machine (e.g. in clustered environments, | |
| # to provide fault isolation etc.). | |
| # Default is "auto". | |
| # "auto" signature type allows afpd generating | |
| # signature and saving it to afp_signature.conf | |
| # automatically (based on random number). | |
| # "host" signature type switches back to "auto" | |
| # because it is obsoleted. | |
| # "user" signature type allows administrator to | |
| # set up a signature string manually. | |
| # Examples: three servers running on one machine: | |
| # first -signature user:USERS | |
| # second -signature user:USERS | |
| # third -signature user:ADMINS | |
| # First two servers will act as one logical AFP | |
| # service. If user logs in to first one and then | |
| # connects to second one, session will be | |
| # automatically redirected to the first one. But if | |
| # client connects to first and then to third, | |
| # will be asked for password twice and will see | |
| # resources of both servers. | |
| # Traditional method of signature generation causes | |
| # two independent afpd instances to have the same | |
| # signature and thus cause clients to be redirected | |
| # automatically to server (s)he logged in first. | |
| # -k5keytab <path> | |
| # -k5service <service> | |
| # -k5realm <realm> | |
| # These are required if the server supports | |
| # Kerberos 5 authentication | |
| # -ntdomain | |
| # -ntseparator | |
| # Use for e.g. winbind authentication, prepends | |
| # both strings before the username from login and | |
| # then tries to authenticate with the result | |
| # through the available and active UAM authentication | |
| # modules. | |
| # -dircachesize entries | |
| # Maximum possible entries in the directory cache. | |
| # The cache stores directories and files. It is used | |
| # to cache the full path to directories and CNIDs | |
| # which considerably speeds up directory enumeration. | |
| # Default size is 8192, maximum size is 131072. Given | |
| # value is rounded up to nearest power of 2. Each | |
| # entry takes about 100 bytes, which is not much, but | |
| # remember that every afpd child process for every | |
| # connected user has its cache. | |
| # -fcelistener host[:port] | |
| # Enables sending FCE events to the specified host, | |
| # default port is 12250 if not specified. Specifying | |
| # mutliple listeners is done by having this option | |
| # once for each of them. | |
| # -fceevents fmod,fdel,ddel,fcre,dcre,tmsz | |
| # Speficies which FCE events are active, default is | |
| # fmod,fdel,ddel,fcre,dcre. | |
| # -fcecoalesce all|delete|create | |
| # Coalesce FCE events. | |
| # -fceholdfmod seconds | |
| # This determines the time delay in seconds which is | |
| # always waited if another file modification for the | |
| # same file is done by a client before sending an FCE | |
| # file modification event (fmod). For example saving | |
| # a file in Photoshop would generate multiple events | |
| # by itself because the application is opening, | |
| # modifying and closing a file mutliple times for | |
| # every "save". Defautl: 60 seconds. | |
| # -keepsessions Enable "Continuous AFP Service". This means the | |
| # ability to stop the master afpd process with a | |
| # SIGQUIT signal, possibly install an afpd update and | |
| # start the afpd process. Existing AFP sessions afpd | |
| # processes will remain unaffected. Technically they | |
| # will be notified of the master afpd shutdown, sleep | |
| # 15-20 seconds and then try to reconnect their IPC | |
| # channel to the master afpd process. If this | |
| # reconnect fails, the sessions are in an undefined | |
| # state. Therefor it's absolutely critical to restart | |
| # the master process in time! | |
| # -noacl2maccess Don't map filesystem ACLs to effective permissions. | |
| # | |
| # Codepage Options: | |
| # -unixcodepage <CODEPAGE> Specifies the servers unix codepage, | |
| # e.g. "ISO-8859-15" or "UTF8". | |
| # This is used to convert strings to/from | |
| # the systems locale, e.g. for authenthication. | |
| # Defaults to LOCALE if your system supports it, | |
| # otherwise ASCII will be used. | |
| # | |
| # -maccodepage <CODEPAGE> Specifies the legacy clients (<= Mac OS 9) | |
| # codepage, e.g. "MAC_ROMAN". | |
| # This is used to convert strings to the | |
| # systems locale, e.g. for authenthication | |
| # and SIGUSR2 messaging. This will also be | |
| # the default for volumes maccharset. | |
| # | |
| # CNID related options: | |
| # -cnidserver <ipaddress:port> | |
| # Specifies the IP address and port of a | |
| # cnid_metad server, required for CNID dbd | |
| # backend. Defaults to localhost:4700. | |
| # The network address may be specified either | |
| # in dotted-decimal format for IPv4 or in | |
| # hexadecimal format for IPv6. | |
| # | |
| # Avahi (Bonjour) related options: | |
| # -mimicmodel <model> | |
| # Specifies the icon model that appears on | |
| # clients. Defaults to off. Examples: RackMac | |
| # (same as Xserve), PowerBook, PowerMac, Macmini, | |
| # iMac, MacBook, MacBookPro, MacBookAir, MacPro, | |
| # AppleTV1,1, AirPort | |
| # | |
| # | |
| # Some examples: | |
| # | |
| # The simplest case is to not have an afpd.conf. | |
| # | |
| # 4 servers w/ names server1-3 and one w/ the hostname. servers | |
| # 1-3 get routed to different ports with server 3 being bound | |
| # specifically to address 192.168.1.3 | |
| # | |
| # - | |
| # server1 -port 12000 | |
| # server2 -port 12001 | |
| # server3 -port 12002 -ipaddr 192.168.1.3 | |
| # | |
| # a dedicated guest server, a user server, and a special | |
| # AppleTalk-only server: | |
| # | |
| # "Guest Server" -uamlist uams_guest.so \ | |
| # -loginmesg "Welcome guest! I'm a public server." | |
| # "User Server" -uamlist uams_dhx2.so -port 12000 | |
| # "special" -ddp -notcp -defaultvol <path> -systemvol <path> | |
| # | |
| # default: | |
| # - -tcp -noddp -uamlist uams_dhx.so,uams_dhx2.so | |
| "MOKSHA" -ddp -notcp -uamlist uams_guest.so -loginmesg "Welcome to MOKSHA over AppleTalk, a SANYALnet Labs Ubuntu 17.04 server also speaking broken DECnet Phase IV and fluent Internet Protocol (IP)." |
/etc/netatalk/AppleVolumes.default
This file defines the directories to be shared by Ubuntu over AppleTalk for Mac OS clients. I configured just one directory to be shared with Mac OS. (I have a lofty goal of making this directory available over the FAL service of DECnet as well, hence the name). Here is my AppleVolumes.default configuration file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Netatalk 2.x afp volume cofiguration | |
| # | |
| # ----- | |
| # Install sheep_net.ko kernel module and sheep_net device for | |
| # SheepShaver Power Macintosh G4 emulator for Classic Mac OS 9 | |
| # emulation and connect over AppleTalk using Netatalk: | |
| # | |
| # Complete instructions: http://bit.ly/MacOS9-SheepShaver | |
| # | |
| # A SANYALnet Labs Hobbyist Project | |
| # Supratim Sanyal - http://tuklusan.decsystem.org/ | |
| # ----- | |
| # | |
| # volume format: | |
| # :DEFAULT: [all of the default options except volume name] | |
| # path [name] [casefold:x] [options:z,l,j] \ | |
| # [allow:a,@b,c,d] [deny:a,@b,c,d] [dbpath:path] [password:p] \ | |
| # [rwlist:a,@b,c,d] [rolist:a,@b,c,d] [limitsize:value in bytes] \ | |
| # [preexec:cmd] [root_preexec:cmd] [postexec:cmd] [root_postexec:cmd] \ | |
| # [allowed_hosts:IPv4 address[/IPv4 netmask bits]] \ | |
| # [denied_hosts:IPv4 address[/IPv4 netmask bits]] \ | |
| # ... more, see below ... | |
| # | |
| # name: volume name. it can't include the ':' character | |
| # | |
| # | |
| # variable substitutions: | |
| # you can use variables for both <path> and <name> now. here are the | |
| # rules: | |
| # 1) if you specify an unknown variable, it will not get converted. | |
| # 2) if you specify a known variable, but that variable doesn't have | |
| # a value, it will get ignored. | |
| # | |
| # the variables: | |
| # $b -> basename of path | |
| # $c -> client's ip or appletalk address | |
| # $d -> volume pathname on server | |
| # $f -> full name (whatever's in the gecos field) | |
| # $g -> group | |
| # $h -> hostname | |
| # $i -> client ip without tcp port or appletalk network | |
| # $s -> server name (can be the hostname) | |
| # $u -> username (if guest, it's whatever user guest is running as) | |
| # $v -> volume name (either ADEID_NAME or basename of path) | |
| # $z -> zone (may not exist) | |
| # $$ -> $ | |
| # | |
| # | |
| # casefold options [syntax: casefold:option]: | |
| # tolower -> lowercases names in both directions | |
| # toupper -> uppercases names in both directions | |
| # xlatelower -> client sees lowercase, server sees uppercase | |
| # xlateupper -> client sees uppercase, server sees lowercase | |
| # | |
| # allow/deny/rwlist/rolist format [syntax: allow:user1,@group]: | |
| # user1,@group,user2 -> allows/denies access from listed users/groups | |
| # rwlist/rolist control whether or not the | |
| # volume is ro for those users. | |
| # allowed_hosts -> Only listed hosts and networks are allowed, | |
| # all others are rejected. Example: | |
| # allowed_hosts:10.1.0.0/16,10.2.1.100 | |
| # denied_hosts -> Listed hosts and nets are rejected, | |
| # all others are allowed. Example: | |
| # denied_hosts: 192.168.100/24,10.1.1.1 | |
| # preexec -> command to be run when the volume is mounted, | |
| # ignore for user defined volumes | |
| # root_preexec -> command to be run as root when the volume is mounted, | |
| # ignore for user defined volumes | |
| # postexec -> command to be run when the volume is closed, | |
| # ignore for user defined volumes | |
| # root_postexec -> command to be run as root when the volume is closed, | |
| # ignore for user defined volumes | |
| # veto -> hide files and directories,where the path matches | |
| # one of the "/" delimited vetoed names. Matches are | |
| # partial, e.g. path is /abc/def/file and veto:/abc/ | |
| # will hide the file. | |
| # adouble -> specify the format of the metadata files. | |
| # default is "v2". netatalk 1.x used "v1". | |
| # "osx" cannot be treated normally any longer. | |
| # volsizelimit -> size in MiB. Useful for TimeMachine: limits the | |
| # reported volume size, thus preventing TM from using | |
| # the whole real disk space for backup. | |
| # Example: "volsizelimit:1000" would limit the | |
| # reported disk space to 1 GB. | |
| # | |
| # codepage options [syntax: options:charsetname] | |
| # volcharset -> specifies the charset to be used | |
| # as the volume codepage | |
| # e.g. "UTF8", "UTF8-MAC", "ISO-8859-15" | |
| # maccharset -> specifies the charset to be used | |
| # as the legacy client (<=Mac OS 9) codepage | |
| # e.g. "MAC_ROMAN", "MAC_CYRILLIC" | |
| # | |
| # perm -> default permission value | |
| # OR with the client requested perm | |
| # Use with options:upriv | |
| # dperm -> default permission value for directories | |
| # OR with the client requested perm | |
| # Use with options:upriv | |
| # fperm -> default permission value for files | |
| # OR with the client requested perm | |
| # Use with options:upriv | |
| # umask -> set perm mask | |
| # Use with options:upriv | |
| # dbpath:path -> store the database stuff in the following path. | |
| # cnidserver:server[:port] | |
| # -> Query this servername or IP address | |
| # (default:localhost) and port (default: 4700) | |
| # for CNIDs. Only used with CNID backend "dbd". | |
| # This option here overrides any setting from | |
| # afpd.conf:cnidserver. | |
| # password:password -> set a volume password (8 characters max) | |
| # cnidscheme:scheme -> set the cnid scheme for the volume, | |
| # default is [dbd] | |
| # available schemes: [dbd last tdb] | |
| # ea -> none|auto|sys|ad | |
| # Specify how Extended Attributes are stores. default | |
| # is auto. | |
| # auto: try "sys" (by setting an EA on the shared | |
| # directory itself), fallback to "ad". Requires | |
| # writable volume for performing the test. | |
| # Note: options:ro overwrites "auto" with "none." | |
| # sys: Use filesystem EAs | |
| # ad: Use files in AppleDouble directories | |
| # none: No EA support | |
| # | |
| # | |
| # miscellaneous options [syntax: options:option1,option2]: | |
| # tm -> enable TimeMachine support | |
| # prodos -> make compatible with appleII clients. | |
| # crlf -> enable crlf translation for TEXT files. | |
| # noadouble -> don't create .AppleDouble unless a resource | |
| # fork needs to be created. | |
| # ro -> mount the volume as read-only. | |
| # mswindows -> enforce filename restrictions imposed by MS | |
| # Windows. this will also invoke a default | |
| # codepage (iso8859-1) if one isn't already | |
| # specified. | |
| # nohex -> don't do :hex translations for anything | |
| # except dot files. specify usedots as well if | |
| # you want that turned off. note: this option | |
| # makes the / character illegal. | |
| # usedots -> don't do :hex translation for dot files. note: when | |
| # this option gets set, certain file names | |
| # become illegal. these are .Parent and | |
| # anything that starts with .Apple. | |
| # invisibledots -> don't do :hex translation for dot files. note: when | |
| # this option gets set, certain file names | |
| # become illegal. these are .Parent and | |
| # anything that starts with .Apple. also, dot | |
| # files created on the unix side are marked invisible. | |
| # limitsize -> limit disk size reporting to 2GB. this is | |
| # here for older macintoshes using newer | |
| # appleshare clients. yucko. | |
| # nofileid -> don't advertise createfileid, resolveid, deleteid | |
| # calls | |
| # root_preexec_close -> a non-zero return code from root_preexec close the | |
| # volume being mounted. | |
| # preexec_close -> a non-zero return code from preexec close the | |
| # volume being mounted. | |
| # nostat -> don't stat volume path when enumerating volumes list | |
| # upriv -> use unix privilege. | |
| # illegalseq -> encode illegal sequence in filename asis, | |
| # ex "\217-", which is not a valid SHIFT-JIS char, | |
| # is encoded as U\217 - | |
| # nocnidcache -> Don't store and read CNID to/from AppleDouble file. | |
| # This should not be used as it also prevents a CNID | |
| # database rebuild with `dbd`! | |
| # caseinsensitive -> The underlying FS is case insensitive (only | |
| # test with JFS in OS2 mode) | |
| # dropbox -> Allows a volume to be declared as being a "dropbox." | |
| # Note that netatalk must be compiled with dropkludge | |
| # support for this to function. Warning: This option | |
| # is deprecated and might not work as expected. | |
| # dropkludge -> same as "dropbox" | |
| # nodev -> always use 0 for device number, helps when the | |
| # device number is not constant across a reboot, | |
| # cluster, ... | |
| # | |
| # The line below sets some DEFAULT, starting with Netatalk 2.1. | |
| :DEFAULT: options:upriv,usedots | |
| # By default all users have access to their home directories. | |
| #~/ "Home Directory" | |
| /home/decnet "/home/decnet" | |
| # End of File |
Of course, the netatalk service has to restarted using the standard Ubuntu systemctl (or service on Ubuntu 14) tool for configuration changes to take effect. Also, netatalk has to be enabled for starting up at boot using systemctl (or update-rc.d on Ubuntu 14).
More AppleTalk Nodes
With the Ubuntu 17 host and SheepShaver Mac OS 9 communicating successfully over AppleTalk at this point, I added two more Ubuntu 14 nodes FEDACH and FOMFOR into the AppleTalk mix. They were already bridged into the DECnet VDE switch that I am using for AppleTalk too.
Once again I simply used Ubuntu's standard apt-get command to install Netatalk from the repos.
FEDACH, FOMFOR and MOKSHA have identical /etc/default/netatalk and /etc/netatalk/AppleVolumes.default configuration files.
The network adapter on FEDACH and FOMFOR dedicated to non-IP protocols (i.e. DECnet and AppleTalk only) is eth1. I accordingly updated /etc/netatalk/atalkd.conf with a single item "eth1" and restarted the netatalk service. As expected, Netatalk looked around, negotiated with other AppleTalk nodes and "automagically" filled in additional parameters with the same net ranges but unique node addresses as follows:
FEDACH - /etc/netatalk/atalkd.conf:
eth1 -phase 2 -net 0-65534 -addr 65280.225
FOMFOR - /etc/netatalk/atalkd.conf:
eth1 -phase 2 -net 0-65534 -addr 65280.149
FEDACH - /etc/netatalk/afpd.conf:
"FEDACH" -ddp -notcp -uamlist uams_guest.so -loginmesg "Welcome to FEDACH over AppleTalk, a SANYALnet Labs Ubuntu 14.04 server also speaking DECnet Phase IV and Internet Protocol (IP)."
FOMFOR - /etc/netatalk/afpd.conf:
"FOMFOR" -ddp -notcp -uamlist uams_guest.so -loginmesg "Welcome to FOMFOR over AppleTalk, a SANYALnet Labs Ubuntu 14.04 server also speaking DECnet Phase IV and Internet Protocol (IP)."
Continuing fun with Mac OS 9 Non-TCP/IP Networking Protocols
 |
| Power Macintosh 9500 / PowerPC G4 CPU / Mac OS 9 communicating over both AppleTalk and DECnet (no IP) |
Moving on from AppleTalk, I went ahead to install DEC Pathworks for Macintosh and added DECnet support to Mac OS 9, thus having Mac OS 9 talking both AppleTalk and DECnet. But DECnet for Macintosh and Pathworks for Macintosh are the subjects of a separate post that I will get to some time! If it is up, you can see this Mac OS 9 virtual machine on HECnet.
Comments welcome.