Debian: Install and configure AFP server

root's picture

This tutorial is debian specific but it could be easily adapted for other linux flavors too.

1. Download the latest version of netatalk from
Current version at the moment of writing this article was 2.2.1.

2. Uncompress it:

core:netatalk# tar jxf netatalk-2.2.1.tar.bz2
core:netatalk# ls -la
total 1203
drwxr-xr-x  4 root root     144 2011-12-21 18:37 .
drwxr-xr-x 21 root root    1536 2011-11-14 15:11 ..
drwxrwxrwx 14 1002 vbox     920 2011-09-06 13:43 netatalk-2.2.1
-rw-r--r--  1 root root 1227602 2011-09-06 14:20 netatalk-2.2.1.tar.bz2
drwxr-xr-x  3 root root     440 2011-12-21 18:26 old
core:netatalk# cd netatalk-2.2.1

3. Build the package as deb file for a better maneuverability.

The following configure options are not mandatory, you can build your package as you want.

core:netatalk-2.2.1# ./configure --build=x86_64-linux-gnu --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --libexecdir=${prefix}/lib/netatalk --disable-maintainer-mode --disable-dependency-tracking --srcdir=. --with-shadow --enable-fhs --with-tcp-wrappers --with-mangling --enable-timelord --enable-overwrite --with-pkgconfdir=/etc/netatalk --with-nls-dir=/usr/share/netatalk/nls --disable-logger --enable-krb4-uam --enable-krbV-uam --with-cnid-dbd-txn --enable-debian --without-xfs --disable-slp --disable-zeroconf --with-ssl-dir --with-cracklib=/var/cache/cracklib/cracklib_dict --enable-pgp-uam --with-ldap=no
core:netatalk-2.2.1# make

At this point, if you just want to install it, just do "make install". If you want to create .deb file, please follow on.
NOTE: use mount commands only if you have your /tmp mounted with noexec,suid

[color=gray]core:netatalk-2.2.1# mount -o remount,exec,suid /tmp[/color]
core:netatalk-2.2.1# checkinstall

checkinstall 1.6.1, Copyright 2002 Felipe Eduardo Sanchez Diaz Duran
           This software is released under the GNU GPL.

The package documentation directory ./doc-pak does not exist. 
Should I create a default set of package docs?  [y]: y
Preparing package documentation...OK

Please write a description for the package.
End your description with an empty line or EOF.
>> AFP Whatever
**** Debian package creation selected ***

This package will be built according to these values: 

0 -  Maintainer: [ root@core ]
1 -  Summary: [ AFP ]
2 -  Name:    [ netatalk ]
3 -  Version: [ 2.2.1 ]
4 -  Release: [ 1 ]
5 -  License: [ GPL ]
6 -  Group:   [ checkinstall ]
7 -  Architecture: [ amd64 ]
8 -  Source location: [ netatalk-2.2.1 ]
9 -  Alternate source location: [  ]
10 - Requires: [  ]
11 - Provides: [ netatalk ]
Enter a number to change any of them or press ENTER to continue:

Installing with make...Installing with install...

========================= Installation results ===========================

======================== Installation successful ==========================

Copying documentation directory...
grep: /var/tmp/tmp.NAguGyPUAd/newfile: No such file or directory

Some of the files created by the installation are inside the build
directory: /usr/src/netatalk/netatalk-2.2.1

You probably don't want them to be included in the package,
especially if they are inside your home directory.
Do you want me to list them?  [n]: n
Should I exclude them from the package? (Saying yes is a good idea)  [y]: y

Copying files to the temporary directory...OK

Stripping ELF binaries and libraries...OK

Compressing man pages...OK

Building file list...OK

Building Debian package...OK

Installing Debian package...OK

Erasing temporary files...OK

Writing backup package...OK

Deleting temp dir...OK


 Done. The new package has been installed and saved to


 You can remove it from your system anytime using: 

      dpkg -r netatalk

[color=gray]core:netatalk-2.2.1# mount -o remount,rw,noexec,nosuid /tmp[/color]

4. Configure netatalk as follows. Modify the path according to your configuration:

core:netatalk-2.2.1# cd /etc/netatalk/
core:netatalk# egrep -v "^$|^#" afpd.conf 
- - transall -uamlist -ipaddr
core:netatalk# egrep -v "^$|^#" AppleVolumes.default
/whatever/directory/you/want TimeMachine allow: cnidscheme:cdb options:usedots,upriv

5. Connect from your mac to the following addess: afp://

1) Launch /Applications/Utilities/Terminal and do:

sudo chmod o+w /Library/Preferences
defaults write /Library/Preferences/ afp_host_prefs_version -int 1

Now restart your computer.
2) From Finder, select an AFP server, or use "Connect To...". This will cause the AFP Client to create the full preferences file
3) Launch Terminal again and do:

sudo defaults write /Library/Preferences/ afp_disabled_uams -array "Cleartxt Passwrd" "MS2.0" "2-Way Randnum exchange"
sudo chmod o-w /Library/Preferences

Now restart your computer.

Note: To add a "DHCAST128" to the disable list, use

sudo defaults write /Library/Preferences/ afp_disabled_uams -array-add "DHCAST128"

Thou shalt not steal!

If you want to use this information on your own website, please remember: by doing copy/paste entirely it is always stealing and you should be ashamed of yourself! Have at least the decency to create your own text and comments and run the commands on your own servers and provide your output, not what I did!

Or at least link back to this website.