1 # Netatalk 2.x afp volume cofiguration
2 # This file looks empty when viewed with "vi". In fact, there is one
3 # '~', so users with no AppleVolumes file in their home directory get
4 # their home directory by default.
8 # :DEFAULT: [all of the default options except volume name]
9 # path [name] [casefold:x] [options:z,l,j] \
10 # [allow:a,@b,c,d] [deny:a,@b,c,d] [dbpath:path] [password:p] \
11 # [rwlist:a,@b,c,d] [rolist:a,@b,c,d] [limitsize:value in bytes] \
12 # [preexec:cmd] [root_preexec:cmd] [postexec:cmd] [root_postexec:cmd] \
13 # [allowed_hosts:IPv4 address[/IPv4 netmask bits]] \
14 # [denied_hosts:IPv4 address[/IPv4 netmask bits]] \
15 # ... more, see below ...
17 # name: volume name. it can't include the ':' character
21 # variable substitutions:
22 # you can use variables for both <path> and <name> now. here are the
24 # 1) if you specify an unknown variable, it will not get converted.
25 # 2) if you specify a known variable, but that variable doesn't have
26 # a value, it will get ignored.
29 # $b -> basename of path
30 # $c -> client's ip or appletalk address
31 # $d -> volume pathname on server
32 # $f -> full name (whatever's in the gecos field)
35 # $i -> client ip without tcp port or appletalk network
36 # $s -> server name (can be the hostname)
37 # $u -> username (if guest, it's whatever user guest is running as)
38 # $v -> volume name (either ADEID_NAME or basename of path)
39 # $z -> zone (may not exist)
44 # casefold options [syntax: casefold:option]:
45 # tolower -> lowercases names in both directions
46 # toupper -> uppercases names in both directions
47 # xlatelower -> client sees lowercase, server sees uppercase
48 # xlateupper -> client sees uppercase, server sees lowercase
50 # allow/deny/rwlist/rolist format [syntax: allow:user1,@group]:
51 # user1,@group,user2 -> allows/denies access from listed users/groups
52 # rwlist/rolist control whether or not the
53 # volume is ro for those users.
54 # allowed_hosts -> Only listed hosts and networks are allowed,
55 # all others are rejected. Example:
56 # allowed_hosts:10.1.0.0/16,10.2.1.100
57 # denied_hosts -> Listed hosts and nets are rejected,
58 # all others are allowed. Example:
59 # denied_hosts: 192.168.100/24,10.1.1.1
60 # preexec -> command to be run when the volume is mounted,
61 # ignore for user defined volumes
62 # root_preexec -> command to be run as root when the volume is mounted,
63 # ignore for user defined volumes
64 # postexec -> command to be run when the volume is closed,
65 # ignore for user defined volumes
66 # root_postexec -> command to be run as root when the volume is closed,
67 # ignore for user defined volumes
68 # veto -> hide files and directories,where the path matches
69 # one of the "/" delimited vetoed names. Matches are
70 # partial, e.g. path is /abc/def/file and veto:/abc/
72 # adouble -> specify the format of the metadata files.
73 # default is "v2". netatalk 1.x used "v1".
74 # "osx" cannot be treated normally any longer.
75 # volsizelimit -> size in MiB. Useful for TimeMachine: limits the
76 # reported volume size, thus preventing TM from using
77 # the whole real disk space for backup.
78 # Example: "volsizelimit:1000" would limit the
79 # reported disk space to 1 GB.
83 # codepage options [syntax: options:charsetname]
84 # volcharset -> specifies the charset to be used
85 # as the volume codepage
86 # e.g. "UTF8", "UTF8-MAC", "ISO-8859-15"
87 # maccharset -> specifies the charset to be used
88 # as the legacy client (<=Mac OS 9) codepage
89 # e.g. "MAC_ROMAN", "MAC_CYRILLIC"
91 # perm -> default permission value
92 # OR with the client requested perm
93 # Use with options:upriv
94 # dperm -> default permission value for directories
95 # OR with the client requested perm
96 # Use with options:upriv
97 # fperm -> default permission value for files
98 # OR with the client requested perm
99 # Use with options:upriv
100 # umask -> set perm mask
101 # Use with options:upriv
102 # dbpath:path -> store the database stuff in the following path.
103 # cnidserver:server[:port]
104 # -> Query this servername or IP address
105 # (default:localhost) and port (default: 4700)
106 # for CNIDs. Only used with CNID backend "dbd".
107 # This option here overrides any setting from
108 # afpd.conf:cnidserver.
109 # password:password -> set a volume password (8 characters max)
110 # cnidscheme:scheme -> set the cnid scheme for the volume,
111 # default is [:DEFAULT_CNID_SCHEME:]
112 # available schemes: [:COMPILED_BACKENDS:]
113 # ea -> none|auto|sys|ad
114 # Specify how Extended Attributes are stores. default
116 # auto: try "sys" (by setting an EA on the shared
117 # directory itself), fallback to "ad". Requires
118 # writable volume for performing the test.
119 # Note: options:ro overwrites "auto" with "none."
120 # sys: Use filesystem EAs
121 # ad: Use files in AppleDouble directories
122 # none: No EA support
126 # miscellaneous options [syntax: options:option1,option2]:
127 # tm -> enable TimeMachine support
128 # prodos -> make compatible with appleII clients.
129 # crlf -> enable crlf translation for TEXT files.
130 # noadouble -> don't create .AppleDouble unless a resource
131 # fork needs to be created.
132 # ro -> mount the volume as read-only.
133 # mswindows -> enforce filename restrictions imposed by MS
134 # Windows. this will also invoke a default
135 # codepage (iso8859-1) if one isn't already
137 # nohex -> don't do :hex translations for anything
138 # except dot files. specify usedots as well if
139 # you want that turned off. note: this option
140 # makes the / character illegal.
141 # usedots -> don't do :hex translation for dot files. note: when
142 # this option gets set, certain file names
143 # become illegal. these are .Parent and
144 # anything that starts with .Apple.
145 # invisibledots -> don't do :hex translation for dot files. note: when
146 # this option gets set, certain file names
147 # become illegal. these are .Parent and
148 # anything that starts with .Apple. also, dot
149 # files created on the unix side are marked invisible.
150 # limitsize -> limit disk size reporting to 2GB. this is
151 # here for older macintoshes using newer
152 # appleshare clients. yucko.
153 # nofileid -> don't advertise createfileid, resolveid, deleteid
155 # root_preexec_close -> a non-zero return code from root_preexec close the
156 # volume being mounted.
157 # preexec_close -> a non-zero return code from preexec close the
158 # volume being mounted.
159 # nostat -> don't stat volume path when enumerating volumes list
160 # upriv -> use unix privilege.
161 # illegalseq -> encode illegal sequence in filename asis,
162 # ex "\217-", which is not a valid SHIFT-JIS char,
163 # is encoded as U\217 -
164 # nocnidcache -> Don't store and read CNID to/from AppleDouble file.
165 # This should not be used as it also prevents a CNID
166 # database rebuild with `dbd`!
167 # caseinsensitive -> The underlying FS is case insensitive (only
168 # test with JFS in OS2 mode)
169 # dropbox -> Allows a volume to be declared as being a "dropbox."
170 # Note that netatalk must be compiled with dropkludge
171 # support for this to function. Warning: This option
172 # is deprecated and might not work as expected.
173 # dropkludge -> same as "dropbox"
174 # nodev -> always use 0 for device number, helps when the
175 # device number is not constant across a reboot,
179 # The line below sets some DEFAULT, starting with Netatalk 2.1.
180 :DEFAULT: options:upriv,usedots
182 # The "~" below indicates that Home directories are visible by default.
183 # If you do not wish to have people accessing their Home directories,
184 # please put a pound sign in front of the tilde or delete it.