Solaris 11.1 Netatalk 3.0.1 Broken

Discussion in 'SSDs & Data Storage' started by taishan, Dec 10, 2012.

  1. taishan

    taishan n00bie

    Messages:
    19
    Joined:
    Jun 6, 2012
    After doing a fresh install of Solaris 11.1 and firing off the AFP script for napp-it, I noticed that I cannot login or access my AFP shares. I have not been able to figure out what is going on. Does anyone else have this problem?

    Thanks to some footnotes on the napp-it site, I have CIFS working again (thank god). Any help would be immensely appreciated.
     
  2. taishan

    taishan n00bie

    Messages:
    19
    Joined:
    Jun 6, 2012
    Wow guys really? Nothing after 88 views? I've already sifted through /etc/pam.d/netatalk and found nothing of note there. This is a fresh install of 11.1, only things installed are napp-it (via wget -O - www.napp-it.org/nappit | perl), netatalk 3.0.1 (via wget -O - www.napp-it.org/afp | perl) and apcupsd (built from source).

    I have a pool that was previously mounted under Solaris 11.0 (zpool 33, upgraded to zpool 34 on installing 11.1), CIFS works fine as usual after touching up pam per the notes on _Gea's site.

    I had netatalk 3.0.1 running just fine under Solaris 11.0, but it appears something isn't working on 11.1 (I'm guessing auth). AFP connections are refused at login attempts from OS X 10.8.x.
     
  3. _Gea

    _Gea 2[H]4U

    Messages:
    3,646
    Joined:
    Dec 5, 2010
    I have seen the same problem but no solution yet.

    Unless someone find another way,
    you have to wait for a netatalk 3.0.2+ because there is no obvious pam setting.

    If you use it commercially, you may request netatalk support at
    http://www.netafp.com/
     
    Last edited: Dec 13, 2012
  4. taishan

    taishan n00bie

    Messages:
    19
    Joined:
    Jun 6, 2012
    Thanks _Gea - it's good to know I'm not the only one having this issue. For now I guess I will have to limp along on CIFS until the netatalk team figures something out.
     
  5. taishan

    taishan n00bie

    Messages:
    19
    Joined:
    Jun 6, 2012
    As an update for the curious - looks like this is an official netatalk bug with zeroconf (mDNSResponder BUG#443). It's been patched in git already, so I guess the next point release should fix it. Cross your fingers Solaris/Mac users.
     
  6. xenophon61

    xenophon61 n00bie

    Messages:
    2
    Joined:
    Dec 25, 2012
    My experience, although at first glance similar (could not see/mount AFP shares), points to a configuration issue with Netatalk 3.0.2, not a bug.

    I can't claim expertise on Solaris innards, but apparently the default Netatalk installation may leave its configuration file [apf.conf] unpopulated with information about the system, even after an upgrade from Netatalk 2.2 --- at least that's what happened in my case.

    By editing the afp.conf by hand, I was able to see the AFP shares on the Mountain Lion Finder sidebar and mount them without trouble.

    Bonjour/ZeroConf, as mentioned, is certainly problematic with this release.

    Anyway, if it helps somebody, here's a brief writeup:

    http://lycabettus.wordpress.com/2012/12/24/netatalk-3-and-solaris-11-1/
     
  7. _Gea

    _Gea 2[H]4U

    Messages:
    3,646
    Joined:
    Dec 5, 2010
    Hi
    which of the settings makes the difference?
    As I see, only special is:
    uam list = uams_guest.so,uams_dhx.so,uams_dhx2.so

    which was not in a default install.
    Does this make the difference with S11.1 ?

    and fix the login problem?

    Avahi settings from netatalk 2.2 should not disturb (not used)
     
  8. idea

    idea Gawd

    Messages:
    615
    Joined:
    Jan 24, 2005
    Why would you choose AFP over NFS?
     
  9. westrock2000

    westrock2000 [H]ardForum Junkie

    Messages:
    8,886
    Joined:
    Jun 3, 2005
    May not be in a Windows ecosystem?
     
  10. xenophon61

    xenophon61 n00bie

    Messages:
    2
    Joined:
    Dec 25, 2012
    In my case, the "afp.conf" file had no default settings whatsoever (only comments); I googled around and came up with a set of parameters that worked for guest access.

    HTH

    With greetings from Athens,

    Xen
     
  11. _Gea

    _Gea 2[H]4U

    Messages:
    3,646
    Joined:
    Dec 5, 2010
    The problem with S11.1 are regular users that cannot login.
    But working guestlogin is somtimes ok
     
  12. _Gea

    _Gea 2[H]4U

    Messages:
    3,646
    Joined:
    Dec 5, 2010
    hi

    I have got the solution from Cong/UK:
    cp /etc/pam.d/other /etc/pam.d/netatalk

    I have added the fix to the current afp installer for netatalk 3.0.1 (supports now Illumian, Omni bloody, OI and Solaris 11.1) to care about
    wget -O - www.napp-it.org/afp | perl
     
    Last edited: Jan 5, 2013
  13. dedobot

    dedobot [H]Lite

    Messages:
    72
    Joined:
    Jun 19, 2012
    Excellent,that was I waiting. Will try it Monday.
    Thanks again Gea !
     
  14. taishan

    taishan n00bie

    Messages:
    19
    Joined:
    Jun 6, 2012
    _Gea,

    Thank you thank you thank you! Simple, quick, and worked like a champ. Now I just have to figure out why none of the ACLs are passing through properly on the ZFS volume under AFP (yes aclinherit and aclmode are both set to passthrough). CIFS works fine, as expected. It doesn't even look like my file perm and directory perm options are working properly. Anyone else having that particular issue?

    Jason
     
    Last edited: Jan 7, 2013