This is a short tutorial on setting up file sharing services on CentOS 7. I primarily wanted to document the steps on setting up Apple Filing Protocol (AFP). However, Windows file sharing, aka Server Message Block (SMB), is even simpler, so I’ll go on to that as well.
Ordinarily, these should be very simple tasks. However, CentOS 7 has changed a bunch of things, so you might initially find yourself stumbling around figuring out even relatively basic stuffs.
Furthermore, there’s the challenge that netatalk, the software required for AFP, is not available in any (at this time) repositories, including EPEL. So you’d have to do some compilation by hand. Fortunately, we can use the SRPM for Fedora to accomplish that. It’s listed in the Netatalk Wiki.
Let’s get started with netatalk.
- Get the SRPM.
$ wget http://www003.upp.so-net.ne.jp/hat/files/netatalk-3.1.8-0.1.4.fc24.src.rpm - Build the RPMs.
$ rpmbuild --rebuild netatalk-3.1.10-0.1.2.fc25.src.rpm - If the compile is successful, you’ll find the RPMs in ~/rpmbuild/RPMS/x86_64/. Go ahead and install.
$ yum localinstall ~/rpmbuild/RPMS/x86_64/netatalk-3.1.10-0.1.2.el7.centos.x86_64.rpm - If you don’t have avahi installed, then do it.
$ yum install avahi - Fix up firewall and startup scripts.
$ firewall-cmd --zone=public --permanent --add-service=mdns$ systemctl restart firewalld$ systemctl enable avahi-daemon.service$ systemctl start avahi-daemon
That’s it. But now we’ve got to setup and sort out the init and firewall stuffs. The AFP configuration file is in /etc/netatalk/afp.conf. Here’s a bare minimum:
hostname = serverafp [Mac Disk] path = /media/nas/AFPShare
Put this avahi service file for AFP in /etc/avahi/services/afpd.service.
<?xml version="1.0" standalone='no'?><!--*-nxml-*--> <!DOCTYPE service-group SYSTEM "avahi-service.dtd"> <service-group> <name replace-wildcards="yes">serverafp</name> <service> <type>_afpovertcp._tcp</type> <port>548</port> </service> <service> <type>_device-info._tcp</type> <port>0</port> <txt-record>model=Xserve</txt-record> </service> </service-group>
I like my AFP and SMB services to use distinct hostnames. I’ll explain the reason later.
- Setup firewall.
$ firewall-cmd --zone=public --permanent --add-port=548/tcp$ firewall-cmd --zone=public --permanent --add-port=548/udp
$ firewall-cmd --zone=public --permanent --add-port=5353/tcp
$ firewall-cmd --zone=public --permanent --add-port=5353/udp$ systemctl restart firewalld - Startup scripts.
$ systemctl enable netatalk.service$ systemctl start netatalk
We ought to be done.
Setting up samba, the daemon for SMB, is easier. Edit the /etc/samba/smb.conf file and add the following before the first share definition.
guest account = nobody map to guest = bad user
I’ve also changed the NetBIOS name to be distinct from the default server hostname. Do this by editing the netbios name line in the above configuration file.
Then, create a share at the end of the same file. Here’s an example of a public share.
[Media] comment = Media Share path = /media/nas/Media browseable = yes guest ok = yes writable = no read only = yes
Change as you need.
- Install the RPMs if they are not yet in.
$ yum install samba - Then firewall.
$ firewall-cmd --zone=public --permanent --add-service=samba$ systemctl restart firewalld
Here’s the avahi service file for SMB.
<?xml version="1.0" standalone='no'?> <!DOCTYPE service-group SYSTEM "avahi-service.dtd"> <service-group> <name replace-wildcards="yes">serversmb</name> <service> <type>_smb._tcp</type> <port>445</port> </service> <service> <type>_device-info._tcp</type> <port>0</port> <txt-record>model=LinuxPC</txt-record> </service> </service-group>
Just as before, I’ve customised the service name in the name element.
We’re pretty much done.
Now, let me explain the reason for my wanting separate hostnames for AFP and SMB services. You see, I want to run both services. AFP is primarily needed for my Mac clients. I need AFP because of extended attributes and resource forks required by some Mac apps. My SMB service, on the other hand, is primarily intended to serve free-access read-only shares to my streaming players.
The problem with running both services is that the Mac, which can connect to both AFP and SMB services, will get confused in the Finder’s network browser. Sure, you can use Cmd-K and manually type a server connect string. You can even save the favourite so it’s not like typing the connect string becomes inconvenient. However, I just prefer that the services are easily distinguished from their host name.
I hope this short tutorial is helpful, particularly if you want quick answers and don’t have time to struggle with the new systemd and firewalld way of life.
Updated (2016-01-30): Updated SRPM links.
Updated (2017-01-13): Updated SRPM links.
Your link to nettalk isn’t working anymore.
Today, 27. Sept. 2019, CentOS 7.6.1810, it is in the EPEL Repository.
Just activate the Repo and type yum install netatalk.
@lethargo
You can find the latest version of the software here:
http://netatalk.sourceforge.net/wiki/index.php/Netatalk_3.1.11_SRPM_for_Fedora_and_CentOS
@admin
On the CentOS 7 server I would imagine you use lvm to create the local file system you will be using for your nas share. When you run your mkfs on the logical volume are you mounting it as an xfs file system ie
# mkfs.xfs /path/to/share
I’m not using that box anymore. But as I recall, I would likely have used Btrfs directly on the disks, i.e. without LVM.