<manvolnum>5</manvolnum>
- <refmiscinfo class="date">30 Apr 2013</refmiscinfo>
+ <refmiscinfo class="date">05 Jun 2014</refmiscinfo>
<refmiscinfo class="source">@NETATALK_VERSION@</refmiscinfo>
</refmeta>
<title>VARIABLE SUBSTITUTIONS</title>
<para>You can use variables in volume names. The use of variables in paths
- is not supported for now.</para>
+ is limited to $u.</para>
<orderedlist>
<listitem>
any incoming request. The network address may be specified either
in dotted-decimal format for IPv4 or in hexadecimal format for
IPv6.</para>
+ <para>IPv6 address + port combination must use URL the format
+ using square brackets [IPv6]:port</para>
</listitem>
</varlistentry>
<listitem>
<para>This specifies the DSI server quantum. The default value is
- 1 MB. The maximum value is 0xFFFFFFFFF, the minimum is 32000. If
- you specify a value that is out of range, the default value will
- be set. Do not change this value unless you're absolutely sure,
- what you're doing</para>
+ 0x100000 (1 MiB). The maximum value is 0xFFFFFFFFF, the minimum is
+ 32000. If you specify a value that is out of range, the default
+ value will be set. Do not change this value unless you're
+ absolutely sure, what you're doing</para>
</listitem>
</varlistentry>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>recvfile = <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>no</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Whether to use splice() on Linux for receiving data.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>splice size = <replaceable>number</replaceable> (default:
+ <emphasis>64k</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Maximum number of bytes spliced.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>use sendfile = <replaceable>BOOLEAN</replaceable> (default:
<emphasis>yes</emphasis>) <type>(G)</type></term>
</listitem>
</varlistentry>
+
<varlistentry>
<term>zeroconf = <replaceable>BOOLEAN</replaceable> (default:
<emphasis>yes</emphasis>) <type>(G)</type></term>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>chmod request = <replaceable>preserve (default) | ignore | simple</replaceable>
+ <type>(G/V)</type></term>
+
+ <listitem>
+ <para>Advanced permission control that deals with ACLs.</para>
+
+ <itemizedlist>
+ <listitem><para>
+ <option>ignore</option> - UNIX chmod() requests are completely ignored
+ </para></listitem>
+ <listitem><para>
+ <option>preserve</option> - preserve ZFS ACEs for
+ named users and groups or POSIX ACL group mask
+ </para></listitem>
+ <listitem><para>
+ <option>simple</option> - just to a chmod() as
+ requested without any extra steps
+ </para></listitem>
+ </itemizedlist>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>close vol = <replaceable>BOOLEAN</replaceable> (default:
<emphasis>no</emphasis>) <type>(G)</type></term>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>cnid mysql host = <replaceable>MySQL server address</replaceable>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>name or address of a MySQL server for use with the mysql CNID
+ backend.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>cnid mysql user = <replaceable>MySQL user</replaceable>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>MySQL user for authentication with the server.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>cnid mysql pw = <replaceable>password</replaceable>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>Password for MySQL server.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>cnid mysql db = <replaceable>database name</replaceable>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>Name of an existing database for which the specified user
+ has full privileges.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>cnid server = <replaceable>ipaddress[:port]</replaceable>
<type>(G)/(V)</type></term>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>dbus daemon = <parameter>path</parameter>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>Sets the path to dbus-daemon binary used by Spotlight feature.
+ The default is <filename>/bin/dbus-daemon</filename>.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>dircachesize = <replaceable>number</replaceable>
<type>(G)</type></term>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>force xattr with sticky bit =
+ <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>no</emphasis>) <type>(G/V)</type></term>
+
+ <listitem>
+ <para>Writing metadata xattr on directories with the
+ sticky bit set may fail even though we may have write
+ access to a directory, because if the sticky bit is set
+ only the owner is allowed to write xattrs.</para>
+
+ <para>By enabling this option Netatalk will write the
+ metadata xattr as root.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>guest account = <replaceable>name</replaceable>
<type>(G)</type></term>
</listitem>
</varlistentry>
- <varlistentry>
- <term>login message = <replaceable>message</replaceable>
- <type>(G)/(V)</type></term>
-
- <listitem>
- <para>Sets a message to be displayed when clients logon to the
- server. The message should be in <option>unix charset</option> and
- should be quoted. Extended characters are allowed.</para>
- </listitem>
- </varlistentry>
-
<varlistentry>
<term>ignored attributes = <replaceable>all | nowrite | nodelete | norename</replaceable>
<type>(G)/(V)</type></term>
<listitem>
<para>Speficy a set of file and directory attributes that shall
- be ignored by the server, <attribute>all</attribute> includes all
+ be ignored by the server, <option>all</option> includes all
the other options.</para>
<para>In OS X when the Finder sets a lock on a file/directory or you
set the BSD uchg flag in the Terminal, all three attributes are
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>login message = <replaceable>message</replaceable>
+ <type>(G)/(V)</type></term>
+
+ <listitem>
+ <para>Sets a message to be displayed when clients logon to the
+ server. The message should be in <option>unix charset</option> and
+ should be quoted. Extended characters are allowed.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>mimic model = <replaceable>model</replaceable>
<type>(G)</type></term>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>sparql results limit =
+ <replaceable>NUMBER</replaceable> (default:
+ <emphasis>UNLIMITED</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Impose a limit on the number of results queried from Tracker
+ via SPARQL queries.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>spotlight =
+ <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>no</emphasis>) <type>(G)/(V)</type></term>
+
+ <listitem>
+ <para>Whether to enable Spotlight searches. Note: once the global
+ option is enabled, any volume that is not enabled won't be
+ searchable at all. See also <emphasis>dbus daemon</emphasis>
+ option.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>spotlight attributes =
+ <replaceable>COMMA SEPERATED STRING</replaceable> (default:
+ <emphasis>EMPTY</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>A list of attributes that are allowed to be used in
+ Spotlight searches. By default all attributes can be
+ searched, passing a string limits attributes to elements
+ of the string. Example: <programlisting>spotlight
+ attributes = *,kMDItemTextContent</programlisting>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>spotlight expr =
+ <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>yes</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Whether to allow the use of logic expression in
+ searches.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>start dbus =
+ <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>yes</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Whether to start a dbus instance for use with Tracker.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>start tracker =
+ <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>yes</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Whether to start Tracker with
+ <emphasis>tracker-control -s</emphasis>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>veto message = <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>no</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Send optional AFP messages for vetoed files. Then whenever a
+ client tries to access any file or directory with a vetoed name,
+ it will be sent an AFP message indicating the name and the
+ directory.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>vol dbpath = <replaceable>path</replaceable>
- <type>(G)</type></term>
+ <type>(G)/(V)</type></term>
<listitem>
<para>Sets the database information to be stored in path. You have
to specify a writable location, even if the volume is read only.
The default is
- <filename>@localstatedir@/netatalk/CNID/</filename>.</para>
+ <filename>@localstatedir@/netatalk/CNID/$v/</filename>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>vol dbnest = <replaceable>BOOLEAN</replaceable> (default:
+ <emphasis>no</emphasis>) <type>(G)</type></term>
+
+ <listitem>
+ <para>Setting this option to true brings back Netatalk 2
+ behaviour of storing the CNID database in a folder called
+ .AppleDB inside the volume root of each share.</para>
</listitem>
</varlistentry>
afpd processes notify interested listeners about certain filesystem
event by UDP network datagrams.</para>
+ <para>The following FCE events are defined:</para>
+
+ <itemizedlist>
+ <listitem><para>file modification (<option>fmod</option>)</para></listitem>
+ <listitem><para>file deletion (<option>fdel</option>)</para></listitem>
+ <listitem><para>directory deletion (<option>ddel</option>)</para></listitem>
+ <listitem><para>file creation (<option>fcre</option>)</para></listitem>
+ <listitem><para>directory creation (<option>dcre</option>)</para></listitem>
+ <listitem><para>file move or rename (<option>fmov</option>)</para></listitem>
+ <listitem><para>directory move or rename (<option>dmov</option>)</para></listitem>
+ <listitem><para>login (<option>login</option>)</para></listitem>
+ <listitem><para>logout (<option>logout</option>)</para></listitem>
+ </itemizedlist>
+
<variablelist>
<varlistentry>
<term>fce listener = <replaceable>host[:port]</replaceable>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>fce version = <replaceable>1|2</replaceable>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>FCE protocol version, default is 1. You need version
+ 2 for the fmov, dmov, login or logout events.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>fce events =
- <replaceable>fmod,fdel,ddel,fcre,dcre,tmsz</replaceable>
+ <replaceable>fmod,fdel,ddel,fcre,dcre,fmov,dmov,login,logout</replaceable>
<type>(G)</type></term>
<listitem>
seconds.</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term>fce ignore names = <replaceable>NAME[/NAME2/...]</replaceable>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>Slash delimited list of filenames for which FCE
+ events shall not be generated. Default: .DS_Store.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>fce notify script = <replaceable>PATH</replaceable>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>Script which will be executed for every FCE event,
+ see contrib/shell_utils/fce_ev_script.shfrom the Netatalk
+ sources for an example script.</para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</refsect2>
mode. You can adjust this behaviour with the configuration option
<option>mac acls</option>:</para>
- <variablelist id="mac_acls">
+ <variablelist id="map_acls">
<varlistentry>
<term>map acls = <parameter>none|rights|mode</parameter>
<type>(G)</type></term>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>ldap group attr = <parameter>dn</parameter>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>Name of the LDAP attribute with the groups short
+ name.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>ldap uuid string = <parameter>STRING</parameter>
<type>(G)</type></term>
internal UUID representation is converted to and from the binary
format used in the objectGUID attribute found on objects in Active
Directory when interacting with the server.</para>
-
+ <para>See also the options <option>ldap user filter</option> and
+ <option>ldap group filter</option>.</para>
<para><variablelist>
<varlistentry>
<term>string</term>
</varlistentry>
<varlistentry>
- <term>ldap group attr = <parameter>dn</parameter>
+ <term>ldap user filter = <parameter>STRING (default: unused)</parameter>
<type>(G)</type></term>
<listitem>
- <para>Name of the LDAP attribute with the groups short
- name.</para>
+ <para>Optional LDAP filter that matches user objects. This is necessary for Active Directory
+ environments where users and groups are stored in the same directory subtree.</para>
+ <para>Recommended setting for Active Directory: <parameter>objectClass=user</parameter>.</para>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term>ldap group filter = <parameter>STRING (default: unused)</parameter>
+ <type>(G)</type></term>
+
+ <listitem>
+ <para>Optional LDAP filter that matches group objects. This is necessary for Active Directory
+ environments where users and groups are stored in the same directory subtree.</para>
+ <para>Recommended setting for Active Directory: <parameter>objectClass=group</parameter>.</para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
</refsect2>
</refsect1>
<listitem>
<para>hide files and directories,where the path matches one of the
'/' delimited vetoed names. The veto string must always be
- terminated with a '/', eg. "veto1/", "veto1/veto2/".</para>
+ terminated with a '/', eg. "veto files = veto1/", "veto files =
+ veto1/veto2/".</para>
</listitem>
</varlistentry>
</variablelist>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>delete veto files = <replaceable>BOOLEAN</replaceable>
+ (default: <emphasis>no</emphasis>) <type>(V)</type></term>
+
+ <listitem>
+ <para>This option is used when Netatalk is attempting to delete a
+ directory that contains one or more vetoed files or directories
+ (see the veto files option). If this option is set to no (the
+ default) then if a directory contains any non-vetoed files or
+ directories then the directory delete will fail. This is usually
+ what you want.</para>
+ <para>If this option is set to yes, then Netatalk will attempt to
+ recursively delete any files and directories within the vetoed
+ directory.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>follow symlinks = <replaceable>BOOLEAN</replaceable> (default:
<emphasis>no</emphasis>) <type>(V)</type></term>
Setting the option to true causes afpd to follow symlinks on the
server. symlinks may point outside of the AFP volume, currently
afpd doesn't do any checks for "wide symlinks".</para>
+ <note>
+ <para>This option will subtly break when the symlinks point
+ across filesystem boundaries.</para>
+ </note>
</listitem>
</varlistentry>