afpovertcp. It should be noted that if DDP is in use, the connection
will still be allowed as TCP Wrappers do not impact DDP connections.
-7. PAM (Pluggable Authentication Modules for Linux)
-Linux-PAM provides a flexible mechanism for authenticating
+7. PAM (Pluggable Authentication Modules)
+PAM provides a flexible mechanism for authenticating
users. PAM was invented by SUN Microsystems.
Author: Andrew Morgan <morgan@linux.kernel.org>
You can get the Linux PAM documentation and sources from
http://www.kernel.org/pub/linux/libs/pam/
-8 Berkeley DB version 3
+Netatalk also supports other standard PAM implementations such as OpenPAM.
+
+8 Berkeley DB
Berkeley DB is a programmatic toolkit that provides fast, reliable,
scalable, and mission-critical database support to software
-developers. BDB 3 can downloaded from
+developers. BDB can downloaded from
http://www.sleepycat.com/download.html
-Netatalk's CNID database uses the library and header files from BDB3.
+Netatalk's CNID database uses the library and header files from BDB.
+Currently, Netatalk supports BDB 3.1.17, 3.2.9, 3.3.11, 4.0.14, and 4.1.25.
+The recommended version is 3.3.11 as that is the version on which most
+testing has been done.
Netatalk Frequently Asked Questions
-($Id: FAQ,v 1.9 2002-10-04 23:38:44 srittau Exp $)
+($Id: FAQ,v 1.9.2.1 2003-02-08 03:27:54 jmarcus Exp $)
-----------------------------------------------------------------------------
Q29: I compiled Samba with the --with-netatalk flag. What did that do?
Q30: What about the differences in naming schemes, and legal/illegal
characters between Windows, Macs (and unix?)
-Q31: Where can I get the cnid-db (berkely db3) software? (needed for
+Q31: Where can I get the cnid-db (Berkely DB) software? (needed for
--with-did=cnid)
Q32: What about security in Netatalk?
A: Compile with the --with-did=last flag set. This activates a different
method of calculating inodes in the software, and will hopefully fix some
of these problems. This code, along with the CNID code, was still being
- worked out in Pre7. The cnid/db3 flags also go along with this:
- --with-db3=PATH specify path to Berkeley DB3 installation
+ worked out in Pre7. The cnid/bdb flags also go along with this:
+ --with-bdb=PATH specify path to Berkeley DB installation
--with-did=[scheme] set DID scheme (cnid,last)
- (For more information on CNID, see the README.cnid file [may not exist yet],
- into which I just copied wholesale Joe's comments on what he did with
- cnid and lastdid.)
+ (For more information on CNID, see the README.cnid file.)
--with-did=last reverted things back to the old 1.4b2 directory ID
calculation algorithm. This also solved the problem of the syslog
respectively). Educating the end user is important for this problem.
-Q31: Where can I get the cnid-db (berkely db3) software? (needed for
+Q31: Where can I get the cnid-db (Berkely DB) software? (needed for
--with-did=cnid)
A: First check to see if your unix has a port or package. If not,
system against the requirements of those options. It generally fails
if your system doesn't meet the requirements. You should read the
DEVELOPER file because some of these options require external sources
-to function correctly. (PAM, OpenSSL, Berkeley DB3, TCP Wrappers, etc).
+to function correctly. (PAM, OpenSSL, Berkeley DB, TCP Wrappers, etc).
Netatalk options to the ./configure script: Use ./configure --help for
a complete list.
--enable-dropkludge: enable the experimental dropbox fix
(INSECURE!),
---with-db3=PATH: specify path to Berkeley DB3 installation,
+--with-bdb=PATH: specify path to Berkeley DB installation,
--with-did=[scheme]: set DID scheme (cnid,last),
- CNID is a new scheme using Berkeley DB3 files to store a
+ CNID is a new scheme using Berkeley DB files to store a
per-volume cnid database persistently.
The last DID scheme recreates version 37b behaviour where
DID = cnid.
-This uses a Berkeley database to store and maintain a directory of IDs
-similar to that of a catalogue file on a mac. Consequently it is the most
-reliable method. Unfortunately there seem to be heavy multi user problems
-that lead to database corruption. These are being worked on, but cnid remains
-the safest and most reliable DID scheme. See README.cnid for more details.
-
-
+The CNID scheme in Netatalk attempts to assign unique IDs to each file and
+directory, then keep those IDs persistent across mounts of the volume. This
+way, cross-volume aliases will work, and users are less likely to encounter
+duplicate CNID errors. Prior to Netatalk 1.6.0, the CNID calculation
+scheme was not persistent, and IDs were assigned based on the UNIX device and
+inode number of a given file or directory (see DID = last above). This was
+fine for the most part, but due to limitations, not all available CNIDs could
+be used. As well, these IDs could change independently from Netatalk, and
+thus were not persistent. As of Netatalk 1.6.0, the CNID scheme is now the
+default. On top of that, Netatalk uses the Concurrent Datastore method to
+avoid the need for database locking and transactions.
+
+As stated above, CNID requires Berkeley DB. Currently, Netatalk supports
+BDB 3.1.17, 3.2.9, 3.3.11, 4.0.14, and 4.1.25. The recommended version is
+3.3.11 as that is the version on which most testing has been done.
+
+CNID has seen many contributors over the years. It was conceived by
+Adrian Sun <asun@zoology.washington.edu>. His developer notes can be found
+libatalk/cnid/README file. It was later picked up and modernized by Uwe Hees
+<uwe.hees@rz-online.de>. Then, Joe Marcus Clarke <marcus@marcuscom.com>
+started fixing bugs and adding additional features. The Concurrent
+Datastore support was subsequently added by Dan Wilga <dwilga@mtholyoke.edu>.
+The CNID code is currently maintained by Joe Marcus Clarke.