Site icon Zit Seng's Blog

AFP and SMB File Sharing on CentOS 7

This is a short tutorial on setting up file sharing services on CentOS 7. I primarily wanted to document the steps on setting up Apple Filing Protocol (AFP). However, Windows file sharing, aka Server Message Block (SMB), is even simpler, so I’ll go on to that as well.

Ordinarily, these should be very simple tasks. However, CentOS 7 has changed a bunch of things, so you might initially find yourself stumbling around figuring out even relatively basic stuffs.

Furthermore, there’s the challenge that netatalk, the software required for AFP, is not available in any (at this time) repositories, including EPEL. So you’d have to do some compilation by hand. Fortunately, we can use the SRPM for Fedora to accomplish that. It’s listed in the Netatalk Wiki.

Let’s get started with netatalk.

  1. Get the SRPM.
    $ wget http://www003.upp.so-net.ne.jp/hat/files/netatalk-3.1.8-0.1.4.fc24.src.rpm
  2. Build the RPMs.
    $ rpmbuild --rebuild netatalk-3.1.10-0.1.2.fc25.src.rpm
  3. If the compile is successful, you’ll find the RPMs in ~/rpmbuild/RPMS/x86_64/. Go ahead and install.
    $ yum localinstall ~/rpmbuild/RPMS/x86_64/netatalk-3.1.10-0.1.2.el7.centos.x86_64.rpm
  4. If you don’t have avahi installed, then do it.
    $ yum install avahi
  5. Fix up firewall and startup scripts.
    $ firewall-cmd --zone=public --permanent --add-service=mdns
    $ systemctl restart firewalld
    $ systemctl enable avahi-daemon.service
    $ systemctl start avahi-daemon

That’s it. But now we’ve got to setup and sort out the init and firewall stuffs. The AFP configuration file is in /etc/netatalk/afp.conf. Here’s a bare minimum:

hostname = serverafp

[Mac Disk]
path = /media/nas/AFPShare

Put this avahi service file for AFP in /etc/avahi/services/afpd.service.

<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">serverafp</name>
<service>
<type>_afpovertcp._tcp</type>
<port>548</port>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=Xserve</txt-record>
</service>
</service-group>

I like my AFP and SMB services to use distinct hostnames. I’ll explain the reason later.

  1. Setup firewall.
    $ firewall-cmd --zone=public --permanent --add-port=548/tcp
    $ firewall-cmd --zone=public --permanent --add-port=548/udp
    $ firewall-cmd --zone=public --permanent --add-port=5353/tcp
    $ firewall-cmd --zone=public --permanent --add-port=5353/udp

    $ systemctl restart firewalld
  2. Startup scripts.
    $ systemctl enable netatalk.service
    $ systemctl start netatalk

We ought to be done.

Setting up samba, the daemon for SMB, is easier. Edit the /etc/samba/smb.conf file and add the following before the first share definition.

guest account = nobody
map to guest = bad user

I’ve also changed the NetBIOS name to be distinct from the default server hostname. Do this by editing the netbios name line in the above configuration file.

Then, create a share at the end of the same file. Here’s an example of a public share.

[Media]
 comment = Media Share
 path = /media/nas/Media
 browseable = yes
 guest ok = yes
 writable = no
 read only = yes

Change as you need.

  1. Install the RPMs if they are not yet in.
    $ yum install samba
  2. Then firewall.
    $ firewall-cmd --zone=public --permanent --add-service=samba
    $ systemctl restart firewalld

Here’s the avahi service file for SMB.

<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">serversmb</name>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
<service>
<type>_device-info._tcp</type>
<port>0</port>
<txt-record>model=LinuxPC</txt-record>
</service>
</service-group>

Just as before, I’ve customised the service name in the name element.

We’re pretty much done.

Now, let me explain the reason for my wanting separate hostnames for AFP and SMB services. You see, I want to run both services. AFP is primarily needed for my Mac clients. I need AFP because of extended attributes and resource forks required by some Mac apps. My SMB service, on the other hand, is primarily intended to serve free-access read-only shares to my streaming players.

The problem with running both services is that the Mac, which can connect to both AFP and SMB services, will get confused in the Finder’s network browser. Sure, you can use Cmd-K and manually type a server connect string. You can even save the favourite so it’s not like typing the connect string becomes inconvenient. However, I just prefer that the services are easily distinguished from their host name.

I hope this short tutorial is helpful, particularly if you want quick answers and don’t have time to struggle with the new systemd and firewalld way of life.

Updated (2016-01-30): Updated SRPM links.

Updated (2017-01-13): Updated SRPM links.

Exit mobile version