• Updated 2023-07-12: Hello, Guest! Welcome back, and be sure to check out this follow-up post about our outage a week or so ago.

Yet Another Netatalk 2.2 Fork

slipperygrey

Well-known member
[Crossposting from TinkerDifferent]

While researching Netatalk integration with RaSCSI it struck me just how painful it was to get Netatalk 2.2 working well on a modern Linux distro. For those who are unaware, Netatalk 3.x dropped support for the AppleTalk / DDP protocol in favor of TCP/IP. For us who want to use Netatalk with really quite old Macs (and Apple //e & //gs) Netatalk 2.2 is mandatory. Unfortunately, Netatalk 2.2.6 (which was the last one in the 2.x series) no longer compiles out of the box on modern systems. In addition, there is an outstanding bug that frequently causes it to fail to run on Linux with an error in setifaddr.

As a matter of fact, in the 5 years since the release of Netatalk 2.2.6 an impressive number of forks and projects with their own downstream patchset to keep Netatalk running have emerged. Here are a few of the major ones that I encountered:
All this fragmentation seemed like a huge missed opportunity to me. After a few months of gathering patches and testing, I'm ready to share with you all Netatalk 2.x, the latest and greatest among Netatalk forks!

The way I approached the development process, was to work in relatively atomic PRs against the mainline branch-netatalk-2-2. For one, it gives the community insight into each and every change that has gone into this fork, and secondly, it is keeping the flame and hope alive that we one day can get a mainline Netatalk 2.2.7 release! As such, you may leverage Netatalk PRs on GitHub as the changelog.

A high level changelog summary:
  • All daemons can run as systemd services. Use the --enable-systemd configure option.
  • Printer server: Better compatibility with Apple LaserWriter 7 and 8 drivers on Mac OS and GS/OS (special thanks to @NJRoadfan and the A2SERVER team!)
  • The Timelord daemon can now run on modern systems. (special thanks to @cheesestraws for the patch!)
  • Apple II: Better compatibility with Asante and Dayna network bridges
  • Apple II: Retain folder dates when copying on GS/OS
  • Support both Linux and NetBSD FIRSTNET behavior, which caused errors like "setifaddr: eth0 (1-65534): Invalid argument. try specifying a smaller net range"
  • Add support for OpenSSL 1.1, while retaining backwards compatibility with OpenSSL 1.0
  • Make it possible to compile with LDAP support
  • Make it possible to disable AppleTalk session tickles, and other improvements for better support for AppleTalk 58 and earlier
  • Resolved a large number of autoconf bootstrap and compiler warnings and errors (gcc 10)
If you want to play around with it, please simply clone the repo and check out the branch-netatalk-2-x branch.

To compile all the bells and whistles for vintage Macs, while disabling features that don't make sense for the same, configure like this:

./configure --enable-systemd --enable-ddp --enable-a2boot --enable-cups --enable-timelord --enable-zeroconf --disable-quota --sysconfdir=/etc --with-uams-path=/usr/lib/netatalk

Afterwards, a 'make install' will install and enable the systemd services, and you can start the 'atalkd' and 'afpd' services. The papd, timelord, and a2boot services are optional and only for those who need printer server, time server, and Apple II netboot functionality, respectively.

I'd love to get feedback and bug reports, if you run into anything! I'm a total noob when it comes to AFP (and C programming) so I may very well have made plenty mistakes!
 
Last edited by a moderator:

Byte Knight

Well-known member
Very cool! I consider Netatalk 2.2.6 "essential" for moving files between my modern and vintage Macs.

I could never get the printer server with A2SERVER to work properly with my modern Brother laser printer (but it does work fine with IP printing) so I'll have to give this one a try.

What exactly does the Timelord daemon do?
 

slipperygrey

Well-known member
Very cool! I consider Netatalk 2.2.6 "essential" for moving files between my modern and vintage Macs.

I could never get the printer server with A2SERVER to work properly with my modern Brother laser printer (but it does work fine with IP printing) so I'll have to give this one a try.

What exactly does the Timelord daemon do?
As long as your Brother printer is CUPS / AirPrint compatible, it should be straight-forward to get it to work with papd. What was the issue you were having when using the A2SERVER version?

The Timelord daemon is a time server. If you have the 'Tardis' Chooser extension installed, it will sync the Mac's clock with the server's system time when booting. Note that the code in this fork has the limitation that is syncs GMT time, and not the local time zone. See discussion in a sister thread here.

Some screenshots for illustration. :)
 

Attachments

  • c2.jpg
    c2.jpg
    45.6 KB · Views: 39
  • chooser1.jpg
    chooser1.jpg
    42 KB · Views: 42

NJRoadfan

Well-known member
Older versions of A2SERVER didn't bother to setup the printer server at all. Ivan disabled it in the netatalk build used.
 

Byte Knight

Well-known member
As long as your Brother printer is CUPS / AirPrint compatible, it should be straight-forward to get it to work with papd. What was the issue you were having when using the A2SERVER version?

The Timelord daemon is a time server. If you have the 'Tardis' Chooser extension installed, it will sync the Mac's clock with the server's system time when booting. Note that the code in this fork has the limitation that is syncs GMT time, and not the local time zone. See discussion in a sister thread here.

Some screenshots for illustration. :)
Thanks for the Timelord description.

I followed the instructions on this page, and was able to print from the cups web page and can get my printer to show up under Chooser -> LaserWriter 8, but it gets stuck at "Status: print spooler processing job" when printing...
 
Last edited:

slipperygrey

Well-known member
Those steps in that Reddit post are pretty much completely different from what I did to get it working (apart from installing the cups package.)

Anyhow, if it helps, here is my write-up in the RaSCSI wiki about how I got my HP Tango working. See the Troubleshooting section further down. I had similar issues with the process getting stuck when the printer spooler tried to communicate with the printer, although I don't recall the exact message. What helped was to go through the Add Printer workflow in the CUPS webapp, where it turned out the Tango had several interfaces (?) exposed. The 'driverless' one worked for me. I also had to pick specifically the LaserWriter PPD, as the General one didn't work.
 

Attachments

  • Screenshot 2022-01-10 at 18-52-50 Add Printer - CUPS 2 3 3op2.png
    Screenshot 2022-01-10 at 18-52-50 Add Printer - CUPS 2 3 3op2.png
    35.9 KB · Views: 32
  • c5.jpg
    c5.jpg
    42.8 KB · Views: 32

cheesestraws

Well-known member
Incidentally, you may find it diplomatically advisable not to mention my involvement in things over on TD: I am not exactly persona grata over there :).
 

NJRoadfan

Well-known member
By default CUPS should auto-discover and add AirPrint compatible printers it finds in the network as available printer queues. The cupsautoadd line in papd.conf takes care of the netatalk configuration. Try test printing with a text document first. Classic MacOS, particularly in emulators, has pretty poor AppleTalk network performance. When testing papd in Basilisk II and SheepShaver, it was dog slow with DDP Appletalk transfers, but TCP/IP seemed fine.
 

mactjaap

Well-known member
Nice one!
On the MacIPRPi I just use a Debian repo from old times to do a apt-get install netatalk. It is simple and works. But… a well kept, bug free, updated 2.2.6 (2.2.7…) is fantastic! I will do some R&D with this code. Thanks for all your work and sharing!
Let’s keep DDP alive!
 

slipperygrey

Well-known member
Nice one!
On the MacIPRPi I just use a Debian repo from old times to do a apt-get install netatalk. It is simple and works. But… a well kept, bug free, updated 2.2.6 (2.2.7…) is fantastic! I will do some R&D with this code. Thanks for all your work and sharing!
Let’s keep DDP alive!

Thanks, and please let us know how it goes! It always a good thing to be on more contemporary distros. :)

Speaking about bugs... There is one that I'd love to be able to fix before considering tagging a release, namely this one. Does anyone here who's a long-time Netatalk user know if this was always an issue, or a relatively recent regression?

To summarize the bug: When you have a >31 char long file name on the Linux file system, Netatalk will shorten the file name when you interact with it from AFP. However, when you subsequently move that file with AFP, afpd crashes.
 

NJRoadfan

Well-known member
I would look at the AppleDouble handling code (CNID). Maybe the truncated file name is not retaining its link to the actual Linux file somewhere during the move process, or a dangling pointer somewhere. I don't know if classic MacOS ever supported 32+ character long file names, but OS X certainly did.

Does the crash still happen with netatalk 3.x running with a classic macOS client?
 
Last edited:

slipperygrey

Well-known member
I would look at the AppleDouble handling code (CNID). Maybe the truncated file name is not retaining its link to the actual Linux file somewhere during the move process, or a dangling pointer somewhere. I don't know if classic MacOS ever supported 32+ character long file names, but OS X certainly did.

Does the crash still happen with netatalk 3.x running with a classic macOS client?
Good questions... So for starters I tested both adouble v1 and v2 implementations that Netatalk provides, with identical outcomes. Then I inspected the meta data file that is created in .AppleDouble while testing, and could confirm that the shortened file name is represented accurately there and matches what the actual file is named, so that wasn't the immediate problem it seems.

I had some challenges testing the same scenario with Netatalk 3.1. For one, I wasn't able to authenticate with a 3.1 AFP share with a system that runs anything older than Mac OS 9. The 31 char file name limit is an HFS thing, which means 7.x or earlier. With HFS+ is was increased to 255 chars.... But now when talking about it, I should probably try that 255 char boundary and see what happens.
 

NJRoadfan

Well-known member
You may need to force netatalk 3.x to use less secure login handshakes. Maybe create a share with no login security. I think 3.x still supports AFP2.2 clients (first TCP/IP revision).
 

elvis

Member
I'd love to get feedback and bug reports, if you run into anything! I'm a total noob when it comes to AFP (and C programming) so I may very well have made plenty mistakes!
By sheer coincidence I found your project earlier this week, and have been tinkering with it most of the week.

I'm mucking about with my own project at the moment, although I'm not a developer (just a lowly sysadmin), so I'm just combining a lot of open source tools into one installer for people to run on a Raspberry Pi for network storage all manner of old computers and consoles.

I've gotten Netatalk 3 working with Mac OS X machines (tested on my real iMac G5 OSX 10.5.8), and Netatalk 3 (manual IP only) and Netatalk 2 (AppleTalk automatic detection) on my real iMac 333 running OS 9.2.1.

I've been playing with GSport running ROM3 and System 6.0.2 with not much luck. I can get A2SERVER compiled and running on a Debian 8 Jessie VM and working with GSport no problems, everything shows up as expected. But no luck with other various Netatalk2 attempts.

I've tested:
* RPi4 + Debian 11 + Netatalk2.2.5 deb file - works fine in OS9, share/zone name shows up in System6 but on connect "no response from server"
* VM + Debian 11 + your project from source - share and zone show up, but on connect "the file server "NAME" does no use a recognizable logon sequence, you cannot connect to it"
* VM + Debian 10 + your project from source- identical to Debian 11.
* VM + Debian 8 + A2SERVER - works fine in System6

I'm wondering where to go from here. I'm trying to dig through the A2SERVER source to see what sort of magic is being done there, if anything. Whether I've missed a config item or something?

Relevant bits:

afpd.conf
Code:
- -transall -hostname RETRO -uamslst unams_guest.so,/uams_clrtxt.so,uams_randnum.so,uams_dhx.so,uams_dhx2.so

AppleVolumes.default:
Code:
/data/RETRO          RETRO           options:prodos

atalkd.conf:
Code:
enp0s3 -router -phase 2 -net 1 -zone "RETRO"

(After starting the service, atalkd.conf populates an -addr item)
 

Melkhior

Well-known member
* VM + Debian 11 + your project from source - share and zone show up, but on connect "the file server "NAME" does no use a recognizable logon sequence, you cannot connect to it"
I had that one when I tried this version; you just need to tell netatalk to use something compatible, see http://netatalk.sourceforge.net/2.2/htmldocs/configuration.html#authentication. 'uams_cleartxt.so' is likely to be the most compatible option, so for instance use
Code:
- -ddp -notcp -uamlist uams_clrtxt.so
in your afpd.conf for an AppleTalk-only, highly insecure (password in clear text over the network!) AFP server. Then your Mac should connect using your Linux user & password. Then you can try re-enabling other features and see what happens.
Probably safer to try with a near-empty atalkd.conf as well (just the enp0s3 with no options).
 

elvis

Member
in your afpd.conf for an AppleTalk-only, highly insecure (password in clear text over the network!) AFP server. Then your Mac should connect using your Linux user & password. Then you can try re-enabling other features and see what happens.
Probably safer to try with a near-empty atalkd.conf as well (just the enp0s3 with no options).
With atalkd.conf:
Code:
enp0s3

and afpd.conf:
Code:
- -ddp -notcp -uamlist uams_clrtxt.so

Nothing shows up in System6 at all. (No share appears to connect to).

uams_clrtxt.so is a symlink to uams_passwd.so

[edit]

OK, found a combination that works:

afpd.conf
Code:
- -ddp -notcp -uamlist uams_randnum.so

afppasswd used to set the password for randnum.

atalkd.conf:
Code:
enp0s3 -router -phase 2 -net 1 -zone "retro"

I'm going to spend the weekend seeing if I can come up with a magic combination of settings that work with both System 6 ,OS9 and OSX simultaneously, as that's the goal of the project I'm working on.
 
Last edited:

Melkhior

Well-known member
Then I can't help sorry; for me this settings enabled my Q650 to see and mount the share after I the same authentication error - but it's running 8.1 not 6.x.
Edit: nice that it works for you now :)
 
Last edited:

NJRoadfan

Well-known member
Old clients like the IIgs only support cleartext and randnum authentication. A2SERVER's scripts set up the randnum password for you.
 
Top