X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=man%2Fman5%2Fafpd.conf.5.tmpl;h=c6d02887ff27c15404fd820193ea8df77eb1170e;hb=260c314546ffcfdbef47f2c7de82d5310b26df0a;hp=f08d35982dd2036f4827a8ef2574adfa1270511f;hpb=abd42ab346f542f6c561c43084a58fb4e9e2bc1e;p=netatalk.git
diff --git a/man/man5/afpd.conf.5.tmpl b/man/man5/afpd.conf.5.tmpl
index f08d3598..c6d02887 100644
--- a/man/man5/afpd.conf.5.tmpl
+++ b/man/man5/afpd.conf.5.tmpl
@@ -1,13 +1,13 @@
'\" t
.\" Title: afpd.conf
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
-.\" Generator: DocBook XSL Stylesheets v1.74.3
-.\" Date: 23 December 2009
-.\" Manual: Netatalk 2.1
-.\" Source: Netatalk 2.1
+.\" Generator: DocBook XSL Stylesheets v1.75.2
+.\" Date: 15 Aug 2011
+.\" Manual: Netatalk 2.2
+.\" Source: Netatalk 2.2
.\" Language: English
.\"
-.TH "AFPD\&.CONF" "5" "23 December 2009" "Netatalk 2.1" "Netatalk 2.1"
+.TH "AFPD\&.CONF" "5" "15 Aug 2011" "Netatalk 2.2" "Netatalk 2.2"
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
@@ -46,7 +46,7 @@ is used instead of a server name, the default server is specified\&. Server name
.PP
Each server has to be configured on a
\fBsingle\fR
-line\&. Though newline escaping is supported\&.
+line\&. Though, using "\e" character, newline escaping is supported\&.
.sp .5v
.RE
The possible options and their meanings are:
@@ -90,7 +90,7 @@ allows guest logins
.PP
uams_clrtxt\&.so
.RS 4
-(uams_pam\&.so or uams_passwd\&.so) Allow logins with passwords transmitted in the clear\&.
+(uams_pam\&.so or uams_passwd\&.so) Allow logins with passwords transmitted in the clear\&. (legacy)
.RE
.PP
uams_randum\&.so
@@ -98,7 +98,7 @@ uams_randum\&.so
allows Random Number and Two\-Way Random Number Exchange for authentication (requires a separate file containing the passwords, either :ETCDIR:/afppasswd file or the one specified via
\fB\-passwdfile\fR\&. See
\fBafppasswd\fR(1)
-for details
+for details\&. (legacy)
.RE
.PP
uams_dhx\&.so
@@ -131,9 +131,18 @@ These are required if the server supports the Kerberos 5 authentication UAM\&.
.RS 4
Use for eg\&. winbind authentication, prepends both strings before the username from login and then tries to authenticate with the result through the availabel and active UAM authentication modules\&.
.RE
+.PP
+\-adminauthuser
+.RS 4
+Specifying eg
+\fB\-adminauthuser root\fR
+whenever a normal user login fails, afpd will try to authenticate as the specified
+\fBadminauthuser\fR\&. If this succeeds, a normal session is created for the original connecting user\&. Said differently: if you know the password of
+\fBadminauthuser\fR, you can authenticate as any other user\&.
+.RE
.SH "CODEPAGE OPTIONS"
.PP
-With OS X Apple introduced the AFP3 protocol\&. One of the big changes was, that AFP3 uses Unicode names encoded as UTF\-8 decomposed\&. Previous AFP/OS versions used codepages like MacRoman, MacCentralEurope, etc\&.
+With OS X Apple introduced the AFP3 protocol\&. One of the big changes was, that AFP3 uses Unicode names encoded as Decomposed UTF\-8 (UTF8\-MAC)\&. Previous AFP/OS versions used codepages like MacRoman, MacCentralEurope, etc\&.
.PP
To be able to serve AFP3 and older clients at the same time,
\fBafpd\fR
@@ -145,7 +154,7 @@ option\&. The default is MacRoman, which should be fine for most western users\&
.PP
As
\fBafpd\fR
-needs to interact with unix operating system as well, it need\'s to be able to convert from UTF\-8/MacCodepage to the unix codepage\&. By default
+needs to interact with unix operating system as well, it need\'s to be able to convert from UTF8\-MAC/MacCodepage to the unix codepage\&. By default
\fBafpd\fR
uses the systems LOCALE, or ASCII if your system doesn\'t support locales\&. You can set the unix codepage using the
\fB\-unixcodepage\fR
@@ -196,23 +205,23 @@ Enables or disables AFP\-over\-Appletalk\&. If
\fB\-proxy\fR
is specified, you must instead use
\fB\-uamlist ""\fR
-to prevent DDP connections from working\&.
+to prevent DDP connections from working\&. (default is \-noddp)
.RE
.PP
\-[no]tcp
.RS 4
-Enables or disables AFP\-over\-TCP
+Enables or disables AFP\-over\-TCP (default is \-tcp)
.RE
.PP
\-transall
.RS 4
-Make both available (default)
+Make both available
.RE
.SH "TRANSPORT OPTIONS"
.PP
\-advertise_ssh
.RS 4
-Allows Mac OS X clients (10\&.3\&.3 or above) to automagically establish a tunneled AFP connection through SSH\&. If this option is set, the server\'s answers to client\'s FPGetSrvrInfo requests contain an additional entry\&. It depends on both client\'s settings and a correctly configured and running
+Allows Mac OS X clients (10\&.3\&.3\-10\&.4) to automagically establish a tunneled AFP connection through SSH\&. If this option is set, the server\'s answers to client\'s FPGetSrvrInfo requests contain an additional entry\&. It depends on both client\'s settings and a correctly configured and running
\fBsshd\fR(8)
on the server to let things work\&.
.if n \{\
@@ -256,24 +265,24 @@ listens to\&. The default is advertise the first IP address of the system, but t
when used together with the
\fB\-proxy\fR
option\&.
-.PP \fBExample.\ \&IP/hostname example configuration\fR fluxxus \fB\-hostname\fR afp\&.apple\&.com \fB\-ipaddr\fR 127\&.0\&.0\&.1 \fB\-fqdn\fR www\&.microsoft\&.comResult:.TS
-allbox tab(:);
-l
-l
-l.
-T{
-(UTF8) Server name: fluxxus
-T}
-T{
-Listening and advertised network address:
- 127\&.0\&.0\&.1
-T}
-T{
-Advertised network address:
- www\&.microsoft\&.com
-T}
-.TE
-.sp 1
+.PP
+\fBExample.\ \&afpd.conf onfiguration line\fR
+.sp
+.if n \{\
+.RS 4
+.\}
+.nf
+ fluxxus \-hostname afp\&.example\&.org \-ipaddr 192\&.168\&.0\&.1 \-fqdn www\&.example\&.com
+
+.fi
+.if n \{\
+.RE
+.\}
+.sp
+
+\fBResult\fR
+.sp
+(UTF8) Server name: fluxxus, Listening and advertised network address: 192\&.168\&.0\&.1, Advertised network address: www\&.example\&.com, hostname is not used\&.
.RE
.PP
\-port \fI[port number]\fR
@@ -293,6 +302,28 @@ server as well, set
This specifies the DSI server quantum\&. The default value is 303840\&. The maximum value is 0xFFFFFFFFF, the minimum is 32000\&. If you specify a value that is out of range, the default value will be set\&. Do not change this value unless you\'re absolutely sure, what you\'re doing
.RE
.PP
+\-dsireadbuf \fI[number]\fR
+.RS 4
+Scale factor that determines the size of the DSI/TCP readahead buffer, default is 12\&. This is multiplies with the DSI server quantum (default ~300k) to give the size of the buffer\&. Increasing this value might increase throughput in fast local networks for volume to volume copies\&.
+\fINote\fR: This buffer is allocated per afpd child process, so specifying large values will eat up large amount of memory (buffer size * number of clients)\&.
+.RE
+.PP
+\-tcprcvbuf \fI[number]\fR
+.RS 4
+Try to set TCP receive buffer using setsockpt()\&. Often OSes impose restrictions on the applications ability to set this value\&.
+.RE
+.PP
+\-tcpsndbuf \fI[number]\fR
+.RS 4
+Try to set TCP send buffer using setsockpt()\&. Often OSes impose restrictions on the applications ability to set this value\&.
+.RE
+.PP
+\-nozeroconf
+.RS 4
+Disable automatic Zeroconf
+service registration if support was compiled in\&.
+.RE
+.PP
\-slp
.RS 4
Register this server using the Service Location Protocol (if SLP
@@ -342,7 +373,7 @@ With this switch enabled, afpd won\'t advertise that it is capable of server not
\fBNote\fR
.ps -1
.br
-Do not use this option any longer as Netatalk 2\&.0 correctly supports server notifications, allowing connected clients to update folder listings in case another client changed the contents\&.
+Do not use this option any longer as Netatalk 2\&.x correctly supports server notifications, allowing connected clients to update folder listings in case another client changed the contents\&.
.sp .5v
.RE
.RE
@@ -354,7 +385,38 @@ Immediately unmount volumes removed from AppleVolumes files on SIGHUP sent to th
.PP
\-cnidserver \fI[ipaddress:port]\fR
.RS 4
-Specifies the IP address and port of a cnid_metad server, required for CNID dbd backend\&. Defaults to localhost:4700\&. The network address may be specified either in dotted\-decimal format for IPv4 or in hexadecimal format for IPv6\&.
+Specifies the IP address and port of a cnid_metad server, required for CNID dbd backend\&. Defaults to localhost:4700\&. The network address may be specified either in dotted\-decimal format for IPv4 or in hexadecimal format for IPv6\&.\-
+.RE
+.PP
+\-dircachesize\fI entries\fR
+.RS 4
+Maximum possible entries in the directory cache\&. The cache stores directories and files\&. It is used to cache the full path to directories and CNIDs which considerably speeds up directory enumeration\&.
+.sp
+Default size is 8192, maximum size is 131072\&. Given value is rounded up to nearest power of 2\&. Each entry takes about 100 bytes, which is not much, but remember that every afpd child process for every connected user has its cache\&.
+.RE
+.PP
+\-fcelistener \fIhost[:port]\fR
+.RS 4
+Enables sending FCE events to the specified
+\fIhost\fR, default
+\fIport\fR
+is 12250 if not specified\&. Specifying mutliple listeners is done by having this option once for each of them\&.
+.RE
+.PP
+\-fceevents \fIfmod,fdel,ddel,fcre,dcre,tmsz\fR
+.RS 4
+Speficies which FCE events are active, default is
+\fIfmod,fdel,ddel,fcre,dcre\fR\&.
+.RE
+.PP
+\-fcecoalesce \fIall|delete|create\fR
+.RS 4
+Coalesce FCE events\&.
+.RE
+.PP
+\-fceholdfmod \fIseconds\fR
+.RS 4
+This determines the time delay in seconds which is always waited if another file modification for the same file is done by a client before sending an FCE file modification event (fmod)\&. For example saving a file in Photoshop would generate multiple events by itself because the application is opening, modifying and closing a file mutliple times for every "save"\&. Defautl: 60 seconds\&.
.RE
.PP
\-guestname \fI[name]\fR
@@ -364,7 +426,12 @@ Specifies the user that guests should use (default is "nobody")\&. The name shou
.PP
\-[no]icon
.RS 4
-[Dont\'t] Use the platform\-specific icon
+[Don\'t] Use the platform\-specific icon\&. Recent Mac OS don\'t display it any longer\&.
+.RE
+.PP
+\-keepsessions
+.RS 4
+Enable "Continuous AFP Service"\&. This means the ability to stop the master afpd process with a SIGQUIT signal, possibly install an afpd update and start the afpd process\&. Existing AFP sessions afpd processes will remain unaffected\&. Technically they will be notified of the master afpd shutdown, sleep 15\-20 seconds and then try to reconnect their IPC channel to the master afpd process\&. If this reconnect fails, the sessions are in an undefined state\&. Therefor it\'s absolutely critical to restart the master process in time!
.RE
.PP
\-loginmesg \fI[message]\fR
@@ -374,6 +441,16 @@ Sets a message to be displayed when clients logon to the server\&. The message s
and should be quoted\&. Extended characters are allowed\&.
.RE
.PP
+\-mimicmodel \fImodel\fR
+.RS 4
+Specifies the icon model that appears on clients\&. Defaults to off\&. Examples: RackMac (same as Xserve), PowerBook, PowerMac, Macmini, iMac, MacBook, MacBookPro, MacBookAir, MacPro, AppleTV1,1, AirPort\&.
+.RE
+.PP
+\-noacl2maccess
+.RS 4
+Don\'t map filesystem ACLs to effective permissions\&.
+.RE
+.PP
\-nodebug
.RS 4
Disables debugging\&.
@@ -386,9 +463,11 @@ AFP 3\&.x waits
hours before disconnecting clients in sleep mode\&. Default is 10 hours\&.
.RE
.PP
-\-signature { user: | host }
+\-signature { user: | auto }
.RS 4
-Specify a server signature\&. This option is useful while running multiple independent instances of afpd on one machine (eg\&. in clustered environments, to provide fault isolation etc\&.)\&. "host" signature type allows afpd generating signature automatically (based on machine primary IP address)\&. "user" signature type allows administrator to set up a signature string manually\&. The maximum length is 16 characters
+Specify a server signature\&. This option is useful while running multiple independent instances of afpd on one machine (eg\&. in clustered environments, to provide fault isolation etc\&.)\&. Default is "auto"\&. "auto" signature type allows afpd generating signature and saving it to
+:ETCDIR:/afp_signature\&.conf
+automatically (based on random number)\&. "host" signature type switches back to "auto" because it is obsoleted\&. "user" signature type allows administrator to set up a signature string manually\&. The maximum length is 16 characters\&.
.PP
\fBExample.\ \&Three server definitions using 2 different server signatures\fR
.sp
@@ -418,7 +497,6 @@ Max length of UTF8\-MAC volume name for Mac OS X\&. Note that Hangul is especial
.nf
73: limit of Mac OS X 10\&.1
80: limit for Mac OS X 10\&.4/10\&.5 (default)
-123: limit for Mac OS X 10\&.6
255: limit of spec
.fi
.if n \{\
@@ -473,7 +551,7 @@ The config is case\-ignoring
.RS 4
.\}
.nf
-\-setuplog "default log_info /var/log/afpd\&.log"
+\- \-setuplog "default log_info /var/log/afpd\&.log"
.fi
.if n \{\
.RE
@@ -485,7 +563,7 @@ The config is case\-ignoring
.RS 4
.\}
.nf
-\-setuplog "default log_maxdebug /var/log/afpd\&.log"
+\- \-setuplog "default log_maxdebug /var/log/afpd\&.log"
.fi
.if n \{\
.RE
@@ -497,7 +575,7 @@ The config is case\-ignoring
.RS 4
.\}
.nf
-\-setuplog "default log_info /var/log/afpd\&.log"
+\- \-setuplog "default log_info /var/log/afpd\&.log" \e
\-setuplog "UAMSDaemon log_maxdebug /var/log/uams\&.log"
.fi
.if n \{\
@@ -517,7 +595,7 @@ specifying any string as filename is sufficient for the config parser to disting
.RS 4
.\}
.nf
-\-unsetuplog "default \-"
+\- \-unsetuplog "default \-"
.fi
.if n \{\
.RE
@@ -544,7 +622,7 @@ Specify the number of tickles to send before timing out a connection\&. The defa
.RS 4
.\}
.nf
-\- \-transall \-uamlist uams_dhx\&.so,uams_dhx2\&.so
+\- \-tcp \-noddp \-uamlist uams_dhx\&.so,uams_dhx2\&.so \-nosavepassword
.fi
.if n \{\
.RE
@@ -556,7 +634,7 @@ Specify the number of tickles to send before timing out a connection\&. The defa
.RS 4
.\}
.nf
-\- \-transall \-maccodepage mac_cyrillic \-unixcodepage utf8
+\- \-maccodepage mac_cyrillic \-unixcodepage utf8
.fi
.if n \{\
.RE
@@ -568,7 +646,7 @@ Specify the number of tickles to send before timing out a connection\&. The defa
.RS 4
.\}
.nf
-\- \-transall \-uamlist uams_dhx\&.so,uams_dhx2\&.so,uams_guest\&.so,uams_gss\&.so \e
+\- \-uamlist uams_dhx\&.so,uams_dhx2\&.so,uams_guest\&.so,uams_gss\&.so \e
\-k5service afpserver \-k5keytab /path/to/afpserver\&.keytab \e
\-k5realm YOUR\&.REALM \-fqdn your\&.fqdn\&.namel:548
.fi
@@ -584,7 +662,7 @@ Specify the number of tickles to send before timing out a connection\&. The defa
.nf
"Guest Server" \-uamlist uams_guest\&.so \-loginmesg "Welcome guest!"
"User Server" \-uamlist uams_dhx2\&.so \-port 12000
-"special" \-notcp \-defaultvol \-systemvol
+"special" \-ddp \-notcp \-defaultvol \-systemvol
.fi
.if n \{\
.RE
@@ -593,4 +671,6 @@ Specify the number of tickles to send before timing out a connection\&. The defa
.PP
\fBafpd\fR(8),
\fBafppasswd\fR(1),
-\fBAppleVolumes.default\fR(5)
+\fBAppleVolumes.default\fR(5),
+\fBafp_signature.conf\fR(5),
+\fBcnid_metad\fR(8)