Saturday, March 3, 2012

Setting up Time Machine and Netatalk 2.2.2 on Ubuntu 11.10

    This was the biggest pain to setup and get working that I have yet encountered with Ubuntu 11.10. There is a small mountain information available on the internet on how to do this, yet none if it worked. I followed all of the guides and searched "man pages" for almost two weeks before I found the the proverbial keys to the kingdom. What follows is everything I learned from weeks of trial and error.

    Before we get started, it is important to understand what I was trying to. I have been using Ubuntu 11.10 for a while now as a file server (using Samba) and as a Plex media server. Until recently everything was working just fine. I was able to share folders using Samba that let me copy new media to my server with relative ease. However, I was running low on disk space and really wanted to include space for both my wife and I's Mac's to use use Time Machine for backup.

    To accomplish this I purchased a 3TB hard drive and installed it in the Ubuntu server. I set it up for sharing as I normally would, and followed the various guides for how to do this with sparse bundle files. This was a disaster. With the production of osX Lion, Time Machine now requires the use of the Apple File sharing Protocol or AFP. The functional difference is fairly simple. When connecting to the server you use afp://<ip-address> instead of smb://<ip-address>. Sounds simple doesn't it.

    It wasn't. Not by a long shot.

    You see, there are few pieces of software that are not installed by default when you first install Ubuntu on your machine. You will need to do the following from the command line on your Ubuntu machine:

    sudo apt-get install <package name>

    The following packages will need to be installed with the above command:

    libdb4.7-dev     (Berkeley v4.7 Database Libraries [development])
  libgcrypt11      (LGPL Crypto library - runtime library)
  avahi-daemon     (Avahi mDNS/DNS-SD daemon
  tcpd             (Wietse Venema's TCP wrapper utilities)
  netatalk         (AppleTalk user binaries)

    Install all of the above onto your Ubuntu machine using the apt-get command from above. Contrary to what I have read, you do not have to uninstall or disable Samba in any way. Samba works just fine along side of Netatalk and Avahi.

    The version of Netatalk that you get from the "default" repository is (as of this writing) version 2.2.4~beta. If you are not comfortable using "beta" software, you can download the source for version 2.2.2 (the version I am using) from here. You can download on to your mac, unzip it and then copy the folder to you linux box to a convent directory to work from. Before you jump right in to things:


    Sorry, that was just to get your attention. You see, once again Ubuntu 11.10 does not come with the correct software to make software from source code. Oh it sure seems like it does, but according to this article from Ubuntu it doesn't. If you don't want to click the link here is what to do:

    sudo apt-get install build-essential checkinstall
  sudo apt-get install cvs subversion git-core mercurial 
  sudo chown $USER /usr/local/src
  sudo chmod u+rwx /usr/local/src

    You are now ready to build from source. I put my "netatalk-2.2.2" folder in ~/Downloads, it was just an easy folder since it was already setup to be a shared folder under Samba. Using a terminal, navigate to the netatalk-2.2.2 folder. Enter the following command:

    ./configure --enable-debian
    You should now have a configuration that looks like:

./configure --enable-debian output

    Next enter the following from the command line:

    sudo make install 

    This will build and install netatalk-2.2.2.

    Once you are either done building from source or you installed from the package manager, its time to start configuring. First, navigate to /usr/local/etc/netatalk and enter the following command:

    sudo nano afpd.conf

    This will open the file afpd.conf in a text based text editor. Don't worry, all of the commands you need are listed at the bottom of the terminal window. You need scroll to very last line of the file and make sure it reads exactly as follows: (make sure the is no "#" character at the beginning.

    - -tcp -noddp -uamlist,, -nosavepassword

    It was the that was tripping me up for so long. It was this trouble ticket on ask Ubunutu that finally solved it for me. But, we are not done yet. Next we need to add all of the "shares" to the afp server. To do this, in Terminal type:

    sudo nano AppleVolumes.default

    Once again, scroll all the way to the end of the file. You will see this line that start and ends with a tilde ( thats "~" character ). If you want to have access to your "User Home Folder" on your linux box, change this line to read:

    ~ "Home" allow:UserName cnidscheme:dbd options:usedots,upriv

    If not, delete this line instead.

   To explain how this line works, the "~" in the folder name on the Ubuntu machine that is to be shared. The "Home" you change to whatever you want. This is what shows up to other computers on the network as the folder name. The "allow:UserName" you change "UserName" to the user name that you use to login to your Ubuntu machine. The rest of the line (for now) is unimportant, just make sure all of the rest is there.

If you want to share more folders or drives you can do that too. My 3TB hard drive is partitioned into two 500GB partitions and one 2TB partition. (Actually, due to the space the file system takes up it's 1.8TB but that is really unimportant). These partition are mounted as:

    /media/files  (The 1.8TB partition)
    /media/tm1    (One of the 500GB partitions)
    /media/tm2    (The other 500GB partition)

    To make sure my Mac's on my network can access them via AFP, and thus use time machine, on the very next line (directly under the '~ "Home" ' line, enter the following lines:

    /media/files "Files" allow:UserName cnidscheme:dbd options:usedots,upriv

    /media/tm1 "Time Machine 1" allow:UserName cnidscheme:dbd options:usedots,upriv,tm
    /media/tm2 "Time Machine 2" allow:UserName cnidscheme:dbd options:usedots,upriv,tm

   Notice the "tm" at the end of options. This allows TimeMachine to see the folders as usable across the network. Don't try it yet; we are not done yet. 

    That is all we need to do to configure netatalk, now we need to configure Avahi. Avahi is basically a Name-Server for netatalk. It also shows you a nice icon in the Finder window for your server. You will be creating a new XML file that will control Avahi. Enter the following command from Terminal:

    sudo nano /etc/avahi/services/afpd.service

    Create the XML file as follows:

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<name replace-wildcards="yes">%h</name>

    Save and exit nano. We are almost done. With this file the way it is, you Finder icon on your mac for your Ubuntu server will be for an Apple Server. If you wish to change this, you can replace "Xserve" with the following options: Macmini, iMac, MacPro, Xserve, MacBook, MacBookPro,MacBookAir as needed or wanted. 

    Almost done. Now, in Terminal enter the following commands:

    sudo service netatalk restart
    sudo service avahi restart

    From your Mac, open a Terminal and enter the following connamd: 

    defaults write TMShowUnsupportedNetworkVolumes 1

    This line enable your Mac's Time Machine to view available TimeMachine folders on network shared drives. 

    To test everything, from your Mac, open a finder window and you should see your server on left pane under "SHARED". That means Avahi is working. To test netatalk we do two tests. For test one, select the  Finder menu item "GO -=> Connect to server". Enter "afp://<username>@<ip-address of Ubuntu server>" You can also omit the "<username>@", you will just have to manually enter your Ubuntu user name in the login window. 

    If it works, and you can browse folders, eject the connection. There is an "eject" button next to the server name in the left pane of the Finder window. Now double-click the name of the server. You will be asked to log in again. Once again, enter your Ubuntu login information. Assuming everything is working you can now open Time machine and click "Select Drive". Your two drives "tm1 and tm2" from the Ubuntu server should now show up as "Time Machine 1" and "Time Machine 2". Select one and start the backup process. 

    That it! All done! 

    I hope this has been helpful to someone out there. It took me a while to ferret out all of the details of working with Ubuntu 11.10, osX Lion and osX Snow Leopard. It took longer than expected, but now that I know how to do all of this, I will be able to re-create it, and I have learned where on the internet to search for information. happy networking and until next time ... 


  1. Thanks for this comprehensive write-up! I ran into a tiny problem when running configure (complaining about missing Berkeley DB libraries). In case anyone else has this problem, you need to:

    sudo apt-get install libdb-dev

  2. Thanks for the tip and the reply!

  3. Great tutorial! I was stuck for a while before I found this

  4. Thanks for taking the time to right this up, the first guide i found that worked first time. Cheers, Paul

  5. This comment has been removed by the author.

  6. Thanks for putting it all together.

    However I'm struggling with the permission issue on the shared drive.
    On the Ubuntu server I mounted the /share partition with acl & user_xattr options.
    next I gave the readwrite permission to nogroup and to the account that I'm using to login (using chmod and setfacl)

    I can connect to the share. I can even create dir on the root of the shared drive. However, everytime i try create a new sub dir or file under the newly create dir I get "unexpected error code -43". Behind the scene the dirs were created even when it shows that error message, but with the default name.

    I think for that reason Time Machine is not able to use the share for backup.
    Any idea what I've missed ?

  7. On your Ubuntu box (I am assuming that is the location of the shared drive/folder), try checking the permissions of the folder itself, the parent of the one you are creating the subs in.

  8. Actually my share is /opt/share.
    /opt had only unix permissions, following your suggestion I added extended permission.

    Now when I try to create sub dir I see afpd is crashing:
    Jul 22 06:05:38 spitfire afpd[4421]: ===============================================================
    Jul 22 06:05:38 spitfire afpd[4421]: INTERNAL ERROR: Signal 11 in pid 4421 (2.2.3)
    Jul 22 06:05:38 spitfire afpd[4421]: ===============================================================
    Jul 22 06:05:38 spitfire afpd[4421]: BACKTRACE: 10 stack frames:
    Jul 22 06:05:38 spitfire afpd[4421]: #0 ./sbin/afpd(netatalk_panic+0x1c) [0x44ccdc]
    Jul 22 06:05:38 spitfire afpd[4421]: #1 ./sbin/afpd() [0x44cddc]
    Jul 22 06:05:38 spitfire afpd[4421]: #2 /lib/x86_64-linux-gnu/ [0x7f8484683d80]
    Jul 22 06:05:38 spitfire afpd[4421]: #3 ./sbin/afpd(dircache_search_by_name+0x7b) [0x418e3b]
    Jul 22 06:05:38 spitfire afpd[4421]: #4 ./sbin/afpd() [0x41f3df]
    Jul 22 06:05:38 spitfire afpd[4421]: #5 ./sbin/afpd(afp_over_dsi+0x4f8) [0x40fde8]
    Jul 22 06:05:38 spitfire afpd[4421]: #6 ./sbin/afpd() [0x40eb3a]
    Jul 22 06:05:38 spitfire afpd[4421]: #7 ./sbin/afpd(main+0x7ac) [0x42ab9c]
    Jul 22 06:05:38 spitfire afpd[4421]: #8 /lib/x86_64-linux-gnu/ [0x7f848466eeff]
    Jul 22 06:05:38 spitfire afpd[4421]: #9 ./sbin/afpd() [0x40db39]

    From that point the Mac os goes into infinite loops of disconnecting/connecting to the share.

  9. Also I noticed the OS x is timing-out and retrying every now and then. This is what I saw in OS x logs:
    7/21/12 11:40:47.616 PM KernelEventAgent: tid 00000000 type 'afpfs', mounted on '/Volumes/timem', from 'afp_01xYbZ1dGnN41bx4pY4g6DcO-2.32000046', not responding

    Btw, I'm using netatalk-2.2.3 on Ubuntu and the client is OS X Lion.

  10. The folder "/opt" is a legacy folder from older linux systems. The folder was originally used for installing "other" or "3rd party" software, sort of a second applications folder and as such, permissions can be a bit wonky. Try using a folder in in your $HOME folder or a separate partition. For partitions, mounting them in the /media folder seems to work well.