Basic Installation ================== Netatalk is known to run on these operating systems: OS Versions Hardware Notes -- -------- -------- ----- Solaris 2.5-8 Sparc Linux 1.3.x,2.x PC FreeBSD 2.2-current PC after 12 Sept 96 NetBSD 1.3 PC OpenBSD 2.2 PC SunOS 4.1+ Sparc kernel must have VDDRV option installed Ultrix 4.[1-4] 3100,5000 Tru64 4.0 Alpha afpd only See README.platforms for more information. Quickly: $> ./configure [options] $> make $> make install ---------------------------------------------------------------- 0. Get the source A. Download a binary. Several Linux distributions support netatalk with a package. There are also Deb's and RPM packages available on the the Netatalk Sourceforge site. (http://sourceforge.net/projects/netatalk/) B. Download the tarball. There are tar.gz and tar.bz2 files available for download and compiling. (http://sourceforge.net/projects/netatalk/) C. Anonymous CVS. Downloading of the CVS source can be done quickly and easily. 1. make sure you have cvs installed. $> which cvs should produce a path to cvs. 2. if you don't have one make a source directory. Mine is ~lance/src/working/ cd to this directory. 3. Authenticate yourself with your local cvs and the remote cvs: (all one line) cvs \ -d:pserver:anonymous@cvs.netatalk.sourceforge.net:/cvsroot/netatalk \ login Just hit enter for the password for the anonymous user. 4. Now that both machines know who you are, get the source: (all one line) cvs -z3 \ -d:pserver:anonymous@cvs.netatalk.sourceforge.net:/cvsroot/netatalk \ co netatalk This tells cvs what compression, (-z3) what protocol, repository and where the source is (-d:protocol:host:path) what to do (co is an alias for checkout) and what (netatalk) module. This will create a netatalk directory and download a complete and fresh copy of the netatalk source ---------------------------------------------------------------- 1. ./autogen.sh (Not necessary for a release tarball.) This shell script runs libtoolize, aclocal, autoheader, automake and autoconf. This sets up all the conditions for the next step. You may or may not have to do this. If you downloaded a release tarball, or if your download contains a ./configure file then this has already been run for you. ---------------------------------------------------------------- 2. ./configure This step reads the options to the ./configure program and checks your system against the requirements of those options. It generally fails if your system doesn't meet the requirements. You should read the DEVELOPER file because some of these options require external sources to function correctly. (PAM, OpenSSL, Berkeley DB, TCP Wrappers, etc). Netatalk options to the ./configure script: Use ./configure --help for a complete list. --disable-admin-group: disable admin group (default on), --disable-ddp: disable DDP support (AppleTalk), --enable-debug: enable debugging messages in syslog, --enable-dropkludge: enable the experimental dropbox fix (INSECURE!), --with-bdb=PATH: specify path to Berkeley DB installation, --with-did=[scheme]: set DID scheme (cnid,last), CNID is a new scheme using Berkeley DB files to store a per-volume cnid database persistently. The last DID scheme recreates version 37b behaviour where directory id's are incrementally calculated versus the new hash method. Unfortunately for machines that have a lot of devices, and/or a lot of inodes the hash can fail with multiple directories resolving to the same DID. --with-message-dir=path: path to message files [default is DISABLED], --enable-srvloc: Turn on Server Location Protocol support, --with-pam: enable pluggable authentication modules support, PAM provides a flexible mechanism for authenticating users. PAM was invented by SUN Microsystems. Linux-PAM is a suite of shared libraries that enable the local system administrator to choose how applications authenticate users. You can get the Linux PAM documentation and sources from http://www.kernel.org/pub/linux/libs/pam/ --with-shadow: enable shadow password support, --disable-shell-check: disable checking for a valid shell, --with-flock-locks: enable flock locks support, --with-tcp-wrappers: enable TCP wrappers support. Wietse Venema's network logger, also known as TCPD or LOG_TCP. These programs log the client host name of incoming telnet, ftp, rsh, rlogin, finger etc. requests. Security options are: access control per host, domain and/or service; detection of host name spoofing or host address spoofing; booby traps to implement an early-warning system. TCP Wrappers can be gotten at ftp://ftp.porcupine.org/pub/security/ --with-ssl-dirs=[PATH]: specify path to OpenSSL installation. NOTE: This is dependent on the same directory layout as the source distribution of Openssl. That is: ./include/ and ./lib/ to be on the same level. Many .rpm formats do not have their files laid out in this format. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. This is required to enable DHX login support, which will encrypt all of the passwords being sent across the connection. (Some old mac clients don't support this, check the FAQ for the section on AppleShare clients.) Check to see if your unix has OpenSSL already, or get everything at http://www.openssl.org/ --with-uams-path=path: path to UAMs [default=PKGCONF/uams] --enable-fhs: use Filesystem Hierarchy Standard (FHS) compatibility --with-ssl-dir=PATH: specify path to openssl installation (must contain lib and include dirs) --enable-pgp-uam: enable build of PGP UAM module --enable-krb4-uam: enable build of Kerberos v4 UAM module --enable-overwrite: Overwrite configuration files in PKGCONFDIR ---------------------------------------------------------------- 3. make Compile all of the programs. Note: GNU make is required to build netatalk. ---------------------------------------------------------------- 4. make install Install the programs, scripts and man pages in the places specified by the ./configure process.