Apple File Protocol (AFP) using NetAtalk on CentoS


It is important to note that the AFP protocol implemented by netatalk preceeds such elements as TimeMachine and does not support calls used in the latest versions of Apples AFP. 

For generalized data-file sharing (or a networked Time Machine drive) you may be better off with Samba.

For networked home directories (or PHD) you may be better off with NFS v3.

If however, you want the combination of security and unix style permissions or if you just want AFP for  reasons of your own, NetAtalk may be for you.  Here is how to make it work:

First Install the required components:

yum install gcc

yum install automake autoconf

yum install db4-devel

yum install db4

yum install cups-devel

yum install GSSAPI

yum install libgssapi-devel

yum install libgssapi

yum install  libgssapi-devel

yum install krb5-devel

yum install krb4-devel

yum install pam-devel

yum install shadow-devel

yum install openssl-devel

yum install cracklib-devel

yum install cracklib

Then, edit the following files  to ensure compatibility with db4.

/bin/cnid/cnid_index.c and /etc/cnid_dbd/dbif.c

-    ret = db->stat(db, &sp, 0);

  1. +   ret = db->stat(db, NULL, &sp, 0);

Run configure:

./configure --enable-redhat --enable-cups --enable-pgp-uam --enable-krb4-uam --enable-krbV-uam --with-pam --with-shadow --with-ssldir=/usr --with-cracklib

ensure the following after configuring:

Configure summary:

    Install style:



         AFP 3.x calls activated: yes

         Large file support (>2GB) for AFP3: yes

         DDP enabled: yes


         backends:  cdb dbd last


         DHX     (PAM SHADOW)


         Kerberos V

         Kerberos IV


         passwd  (PAM SHADOW)



         CUPS support:           yes

         SLP support:            no

         tcp wrapper support:    yes

         quota support:          yes

         admin group support:    yes

         valid shell check:      yes

         cracklib support:       yes

         dropbox kludge:         no

         force volume uid/gid:   no

         Apple 2 boot support:   no

Make and install the software.

To configure a shared directory:

Sample line to share a file:  Note the option to enforce Unix permissions.  Without this anyone can take ownership of anything, overwriting the existing ownership and permissions no matter what the original ones are!!

In /usr/local/etc/netatalk/AppleVolumes.default:

/data options:upriv allow:eric,jane,kerstin,spidy,leon


In /usr/local/etc/netatalk/netatalk.conf

Turn some things off (like appletalk)








In /usr/local/etc/netatalk/afpd.conf

- -tcp --uamlist,,,


And to advertise via avahi:

In: /etc/avahi/services/afpd.service

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->

<!DOCTYPE service-group SYSTEM "avahi-service.dtd">


<name replace-wildcards="yes">%h AFP</name>







startup the atalk and avahi-daemon from init.d and away you go.

Note that if you have security features such as firewalling turned on, you will need to deal with opening the required ports.