X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=config%2Fafpd.conf.tmpl;h=c2830c1450f2a96762881fb56b8b75c346fbca40;hb=refs%2Ftags%2Fbranch-dircache-rewrite-commit;hp=6ad81a4a0bbdeb825f8dff5de00b3d24ea82f8f0;hpb=98dec374d236253850f9045a934f31a163ee110a;p=netatalk.git diff --git a/config/afpd.conf.tmpl b/config/afpd.conf.tmpl index 6ad81a4a..c2830c14 100644 --- a/config/afpd.conf.tmpl +++ b/config/afpd.conf.tmpl @@ -12,12 +12,12 @@ # # The following options are available: # Transport Protocols: -# -[no]tcp Make AFP-over-TCP [not] available -# -[no]ddp Make AFP over AppleTalk [not] available. if you -# have -proxy specified, specify -uamlist "" to +# -[no]tcp Make "AFP over TCP" [not] available +# -[no]ddp Make "AFP over AppleTalk" [not] available. +# If you have -proxy specified, specify -uamlist "" to # prevent ddp connections from working. # -# -transall Make both available (default) +# -transall Make both available # # Transport Options: # -ipaddr Specifies the IP address the server should respond @@ -49,13 +49,15 @@ # if you don't want the proxy server to act as # a ddp server as well, set -uamlist to an # empty string. +# -slp Register this server with the Service +# Location Protocol. # # # Authentication Methods: # -uampath Use this path to look for User Authentication Modules. # (default: :UAMS_PATH:) # -uamlist Comma-separated list of UAMs. (default: -# uams_guest.so,uams_clrtxt.so,uams_dhx.so) +# uams_dhx.so,uams_dhx2.so) # # some commonly available UAMs: # uams_guest.so: Allow guest logins @@ -72,11 +74,16 @@ # Allow Diffie-Hellman eXchange # (DHX) for authentication. # +# uams_dhx2.so: (uams_dhx2_pam.so or uams_dhx2_passwd.so) +# Allow Diffie-Hellman eXchange 2 +# (DHX2) for authentication. +# # Password Options: # -[no]savepassword [Don't] Allow clients to save password locally # -passwdfile Use this path to store Randnum -# passwords. (default: ~/.passwd. the only other -# userful value is :ETCDIR:/afppasswd.) +# passwords. (Default: :ETCDIR:/afppasswd. The only +# other useful value is ~/.passwd. See 'man afppasswd' +# for details.) # -passwdminlen <#> minimum password length. may be ignored. # -[no]setpassword [Don't] Allow clients to change their passwords. # -loginmaxfail <#> maximum number of failed logins. this may be @@ -94,18 +101,109 @@ # :ETCDIR:/AppleVolumes.default # (same as -u on command line) # -[no]uservol [Don't] Read the user's volume file -# -# -nlspath Prepend this path to each code page filename -# in volume options (default: :NLS_PATH:). +# -closevol Immediately unmount volumes removed from AppleVolumes +# files on SIGHUP sent to the afp master process. # # Miscellaneous: +# -authprintdir Specifies the path to be used (per server) to +# store the files required to do CAP-style +# print authentication which papd will examine +# to determine if a print job should be allowed. +# These files are created at login and if they +# are to be properly removed, this directory +# probably needs to be umode 1777 # -guestname "user" Specifies the user name for the guest login # (default "nobody", same as -g on command line) # -loginmesg "Message" Client will display "Message" upon logging in # (no default, same as -l "Message" on commandline) # -nodebug Switch off debugging -# -tickleval Specify the tickle timeout interval (in seconds) +# -client_polling With this switch enabled, afpd won't advertise +# that it is capable of server notifications, so that +# connected clients poll the server every 10 seconds +# to detect changes in opened server windows. +# Note: Depending on the number of simultaneously +# connected clients and the network's speed, this can +# lead to a significant higher load on your network! +# -sleep AFP 3.x wait number hours before disconnecting +# clients in sleep mode. Default 10 hours +# -tickleval Specify the tickle timeout interval (in seconds). +# Note, this defaults to 30 seconds, and really +# shouldn't be changed. If you want to control +# the server idle timeout, use the -timeout option. +# -timeout Specify the number of tickles to send before +# timing out a connection. The default is 4, therefore +# a connection will timeout in 2 minutes. # -icon Use the platform-specific icon. +# -volnamelen +# Max length of UTF8-MAC volume name for Mac OS X. +# Note that Hangul is especially sensitive to this. +# 255: limit of spec +# 80: limit of generic Mac OS X (default) +# 73: limit of Mac OS X 10.1, if >= 74 +# Finder crashed and restart repeatedly. +# Mac OS 9 and earlier is not influenced by this, +# Maccharset volume names are always limitted to 27. +# -[un]setuplog " []" +# Specify that any message of a loglevel up to the given loglevel +# should be logged to the given file. If the filename is ommited the +# loglevel applies to messages passed to syslog. +# +# By default (no explicit -setuplog and no buildtime configure flag +# --with-logfile) afpd logs to syslog with a default +# logging setup equivalent to "-setuplog default log_info". +# +# If build with --with-logfile[=somefile] (default logfile +# /var/log/netatalk.log) afpd defaults to a setup that is equivalent +# to "-setuplog default log_info [netatalk.log|somefile]" +# +# logtypes: Default, AFPDaemon, Logger, UAMSDaemon +# loglevels: LOG_SEVERE, LOG_ERROR, LOG_WARN, LOG_NOTE, LOG_INFO, LOG_DEBUG, +# LOG_DEBUG6, LOG_DEBUG7, LOG_DEBUG8, LOG_DEBUG9, LOG_MAXDEBUG +# +# Example: Useful default config +# -setuplog "default log_info /var/log/afpd.log" +# +# Debugging config +# -setuplog "default log_maxdebug /var/log/afpd.log" +# +# -signature { user: | host } +# Specify a server signature. This option is useful while +# running multiple independent instances of afpd on one +# machine (eg. in clustered environments, to provide fault +# isolation etc.). "host" signature type allows afpd generating +# signature automatically (based on machine primary IP address). +# "user" signature type allows administrator to set up a signature +# string manually. Examples: three servers running on one machine: +# first -signature user:USERS +# second -signature user:USERS +# third -signature user:ADMINS +# First two servers will act as one logical AFP service - if user logs in to +# first one and then connects to second one, session will be automatically +# redirected to the first one. But if client connects to first and then to third, +# will be asked for password twice and will see resources of both servers. +# Traditional method of signature generation causes two independent afpd instances +# to have the same signature and thus cause clients to be redirected automatically +# to server (s)he logged in first. +# -k5service +# -k5realm +# These are required if the server supports Kerberos 5 authentication +# +# Codepage Options: +# -unixcodepage Specifies the servers unix codepage, e.g. "ISO-8859-15" or "UTF8". +# This is used to convert strings to/from the systems locale, e.g. +# for authenthication. Defaults to LOCALE if your system supports it, +# otherwise ASCII will be used. +# +# -maccodepage Specifies the mac clients codepage, e.g. "MAC_ROMAN". +# This is used to convert strings to the systems locale, e.g. +# for authenthication and SIGUSR2 messaging. This will also be +# the default for volumes maccharset. +# +# CNID related options: +# -cnidserver ipaddress:port Specifies the IP address and port of a cnid_metad server. +# + + # # Some examples: # @@ -125,5 +223,6 @@ # "User Volume" -uamlist uams_clrtxt.so -port 12000 # "special" -notcp -defaultvol -systemvol # + # default: -# - -transall -uamlist uams_guest.so,uams_clrtxt.so,uams_dhx.so -nosavepassword +# - -tcp -noddp -uamlist uams_dhx.so,uams_dhx2.so -nosavepassword