netatalk errors with files on an SBM/CIFS share

benfranske

New Tinkerer
Dec 30, 2021
16
9
3
Due to my particular system topology I would like to run netatalk on a different system than where the files are actually located. I was hoping that I could use an SMB/CIFS share on the fileserver which I could then mount to a directory on the netatalk machine and use netatalk to share...

No problems with getting the files mounted on /macshare on the netatalk machine (and forcing them to be owned by a specific uid/gid). I can read/write all the files and directories in there as the user from Linux no problem. I can also read the files just fine from my macs over AppleTalk. I can even create directories. However, attempting to create any files gives a -50 error on the mac side and on Linux a "afp_setforkparams(myfilename): ad_flush: Permission denied" error and I am also getting some occasional errors like "deletecurdir: error deleting .AppleDouble in "/macshare/Temporary Items"

These seem to indicate some sort of permissions error but I can't figure out what it is. If I try using a local directory on the netatalk machine for files it seems to work correctly (though I do still get some of the deletecurdir errors on occasion). If I try manipulating the same files on the netatalk machine directly using the same user account as via AppleTalk the user seems to be able to create and delete at will (as they should based on the file permissions). So this seems to be some permissions interaction between netatalk and the SMB/CIFS mounted files.

Any thoughts on the internals of netatalk and why it would throw permissions errors when the same user acting directly on Linux has no issues? Thanks!
 

MacinJosh

Tinkerer
Jan 16, 2022
52
54
18
46
Finland
www.atariancomputing.com
My requirements sound identical to yours. I'm surprised you got as far as you did. My attempts at using SMB or NFS shares resulted in this error on the Mac side:
Code:
"Message from server <server name>"
Something wrong with the volume's CNID DB, using temporary CNID DB instead.  Check server messages for details.  Switching to read-only mode.

After the error the share was read-only. I know that to be a problem with the folder ownership that I couldn't change or force. So I'm kinda interested in how you managed to get that far.

My compromise was to share the A2FILES folder on the A2SERVER via NSF and it happily mounted in Windows after installing NSF in the Windows Features section. This works flawlessly on both sides. I can share files seamlessly this way. A2SERVER is running on Hyper-V on my rack server.

Josh.
 

shascall

New Tinkerer
Jan 18, 2022
6
0
1
My requirements sound identical to yours. I'm surprised you got as far as you did. My attempts at using SMB or NFS shares resulted in this error on the Mac side:
Code:
"Message from server <server name>"
Something wrong with the volume's CNID DB, using temporary CNID DB instead.  Check server messages for details.  Switching to read-only mode.

After the error the share was read-only. I know that to be a problem with the folder ownership that I couldn't change or force. So I'm kinda interested in how you managed to get that far.

My compromise was to share the A2FILES folder on the A2SERVER via NSF and it happily mounted in Windows after installing NSF in the Windows Features section. This works flawlessly on both sides. I can share files seamlessly this way. A2SERVER is running on Hyper-V on my rack server.

Josh.

Is cnid_metad running?
 

pfuentes69

Active Tinkerer
Oct 27, 2021
380
293
63
Switzerland
In my case I’m running the Netatalk (setup coming with the RASCSI) and created an SMB share to be able to transfer files from a modern Mac and the issue I have is that file metadata (eg. Creator) is lost, so it’s not practical.
 

shascall

New Tinkerer
Jan 18, 2022
6
0
1
In my case I’m running the Netatalk (setup coming with the RASCSI) and created an SMB share to be able to transfer files from a modern Mac and the issue I have is that file metadata (eg. Creator) is lost, so it’s not practical.

Did Mavericks dump support for afp? Netatalk shares work for me on Big Sur. I don't think resource forks created on an SMB share are going to work when reshared over Netatalk (I seem to recall trying this years ago but can't verify right now.) Did you modify AppleVolumes.system?
 

pfuentes69

Active Tinkerer
Oct 27, 2021
380
293
63
Switzerland
Did Mavericks dump support for afp? Netatalk shares work for me on Big Sur. I don't think resource forks created on an SMB share are going to work when reshared over Netatalk (I seem to recall trying this years ago but can't verify right now.) Did you modify AppleVolumes.system?
How can you connect to the Netatalk server from a modern Mac? I can’t see it on the Finder. I can only connect from a Classic OS.
 

shascall

New Tinkerer
Jan 18, 2022
6
0
1
How can you connect to the Netatalk server from a modern Mac? I can’t see it on the Finder. I can only connect from a Classic OS.
I just enter the IP of the Netatalk server manually in the "Go->Connect to Server" window, for example afp://10.10.10.10. My Netatalk server runs Mojave (no DDP support) so that's even how I get to it from System 7 (requires AppleTalk > 3.7.4 I think.)
 

pfuentes69

Active Tinkerer
Oct 27, 2021
380
293
63
Switzerland
I just enter the IP of the Netatalk server manually in the "Go->Connect to Server" window, for example afp://10.10.10.10. My Netatalk server runs Mojave (no DDP support) so that's even how I get to it from System 7 (requires AppleTalk > 3.7.4 I think.)
I'm using Big Sur and I get this:
Screenshot 2022-01-21 at 09.00.44.png

(I'm using Netatalk 2.2, with the setup via the RASCSI easyintall.sh. It works fine from my Classic Macs)
 

shascall

New Tinkerer
Jan 18, 2022
6
0
1
I'm using Big Sur and I get this:
View attachment 2571
(I'm using Netatalk 2.2, with the setup via the RASCSI easyintall.sh. It works fine from my Classic Macs)

I'm running Netatalk 2.2.6 with NetBSD's pkgsrc patches (and a patch or two of my own) on Mojave with System 7.6.1 and Mojave/Big Sur clients, so it's possible to get working depending on the setup. I'm guessing that error is because you're using an unsupported (by Big Sur) UAM. What are your active lines in afpd.conf? What does ps -ef | grep afpd show? What is the output of asip-status.pl x.x.x.x (where x.x.x.x is you server's IP)?
 

pfuentes69

Active Tinkerer
Oct 27, 2021
380
293
63
Switzerland
I'm running Netatalk 2.2.6 with NetBSD's pkgsrc patches (and a patch or two of my own) on Mojave with System 7.6.1 and Mojave/Big Sur clients, so it's possible to get working depending on the setup. I'm guessing that error is because you're using an unsupported (by Big Sur) UAM. What are your active lines in afpd.conf? What does ps -ef | grep afpd show? What is the output of asip-status.pl x.x.x.x (where x.x.x.x is you server's IP)?
I’ll check this when back at home and give you the details.
In the meantime maybe @rdmark can see this, as he prepared the install script for the RASCSI project.
 

benfranske

New Tinkerer
Dec 30, 2021
16
9
3
Any thoughts on the internals of netatalk and why it would throw permissions errors when the same user acting directly on Linux has no issues? Thanks!
bumping my original question to see if anyone has any ideas on why netatalk would have an issue writing to a mounted SMB/CIFS share or workarounds which would allow the underlying storage to be on a different system.
 

rdmark

Moderator
Staff member
Oct 3, 2021
164
230
43
@benfranske What version of Netatalk are you running?

In the case of Netatalk 2.2, have you tried different ea (extended attributes) settings? What I would imagine is that SMB gets confused by the weird binary files created in the .AppleDouble dirs by the default AppleDouble v2 implementation in 2.2.

Netatalk 3.1 is probably a better choice as it uses a more *NIX-like metadata storage scheme. Actually, according to the Netatalk wiki 3.1 even has a Samba-compatibile ea setting.
 

pfuentes69

Active Tinkerer
Oct 27, 2021
380
293
63
Switzerland
I'm running Netatalk 2.2.6 with NetBSD's pkgsrc patches (and a patch or two of my own) on Mojave with System 7.6.1 and Mojave/Big Sur clients, so it's possible to get working depending on the setup. I'm guessing that error is because you're using an unsupported (by Big Sur) UAM. What are your active lines in afpd.conf? What does ps -ef | grep afpd show? What is the output of asip-status.pl x.x.x.x (where x.x.x.x is you server's IP)?
Hi,
it took me a while...

content of afpd.conf:
"RPi Server" -transall -uamlist uams_guest.so,uams_clrtxt.so,uams_dhx.so -defaultvol /etc/netatalk/AppleVolumes.default -systemvol /etc/netatalk/AppleVolumes.system -nosavepassword -nouservol -guestname "nobody" -setuplog "default log_maxdebug /var/log/afpd.log"

running process:
root 733 1 0 2021 ? 00:00:45 /usr/local/sbin/afpd -U uams_dhx2.so -g nobody -c 50 -n raspberrypi


EDIT: I never tried before to connect as "guest". With Guest I can connect, but only in read-only mode, so not useful.
 
Last edited:

NJRoadfan

New Tinkerer
Feb 6, 2022
26
6
3
My compromise was to share the A2FILES folder on the A2SERVER via NSF and it happily mounted in Windows after installing NSF in the Windows Features section. This works flawlessly on both sides. I can share files seamlessly this way. A2SERVER is running on Hyper-V on my rack server.

Josh.
A2SERVER has an option to setup Samba and share the A2FILES folder. The caveat is that one should never connect to the A2FILES share (or any Netatalk 2.x share for that matter) via SMB under MacOS X. The reason is SMB and Netatalk 2.x use an incompatible method of storing extended attributes (aka AppleDouble). You'll land up toasting the resource forks of your files in a hurry. Netatalk 3.x fixed this, but dropped AppleTalk support.

OP,

What you want to do is likely going to lead to trouble. I know I tried this years ago with other AFP server software (PCMaclan) and SMB shares. What version of Netatalk are you trying to do this with? 2.x might give you trouble due to the above, 3.x might work. Besides the extended attribute issue, you may be running into file locking issues. Re-sharing a file share is not a normal use case.
 

benfranske

New Tinkerer
Dec 30, 2021
16
9
3
@benfranske What version of Netatalk are you running?

In the case of Netatalk 2.2, have you tried different ea (extended attributes) settings? What I would imagine is that SMB gets confused by the weird binary files created in the .AppleDouble dirs by the default AppleDouble v2 implementation in 2.2.

Netatalk 3.1 is probably a better choice as it uses a more *NIX-like metadata storage scheme. Actually, according to the Netatalk wiki 3.1 even has a Samba-compatibile ea setting.
2.2 because I need EtherTalk support for my vintage collection. I have not tried alternative ea settings which I could play with for testing but one of the points is to continue using an old netatalk share from 10 years ago which already has a lot of data stored in the .AppleDouble format so... I'm also not that convinced that Samba doesn't know what to do with the .AppleDouble files, the Samba protocol shouldn't really care what's being stored a file should be a file to it just like to the underlying filesystem.
 

benfranske

New Tinkerer
Dec 30, 2021
16
9
3
A2SERVER has an option to setup Samba and share the A2FILES folder. The caveat is that one should never connect to the A2FILES share (or any Netatalk 2.x share for that matter) via SMB under MacOS X. The reason is SMB and Netatalk 2.x use an incompatible method of storing extended attributes (aka AppleDouble). You'll land up toasting the resource forks of your files in a hurry. Netatalk 3.x fixed this, but dropped AppleTalk support.

OP,

What you want to do is likely going to lead to trouble. I know I tried this years ago with other AFP server software (PCMaclan) and SMB shares. What version of Netatalk are you trying to do this with? 2.x might give you trouble due to the above, 3.x might work. Besides the extended attribute issue, you may be running into file locking issues. Re-sharing a file share is not a normal use case.
Well the files are being held on one Linux server, and I'm running netatalk 2.x on a second Linux server. My desire is to keep the files on my primary fileserver as it's well backed up, etc. I just can't run netatalk on there because it is a lxc container and can't run strange kernel modules. I have similar issues with some other software so what I usually do is share the files from the fileserver with Samba and mount them to a directory on a different Linux server which runs the software that need to access them (netatalk in this case). I do not access the SMB shared files from any modern Macs (so no issue there with the different way the resource forks are stored).

Essentially I just want the files physically stored on a different system than the one running netatalk.