Provided by: netatalk_2.0.3-3ubuntu1_i386 bug


       AppleVolumes.default  - Configuration file used by afpd(8) to determine
       the shares made available through Appletalk


       /etc/netatalk/AppleVolumes.default is the configuration  file  used  by
       afpd  to  determine what portions of the file system will be shared via
       Apple Filing Protocol,  as  well  as  their  behaviour.  Any  line  not
       prefixed  with  #  is interpreted. The configuration lines are composed

       path [ volume name ] [ options ]

       The path name must be a fully qualified path name, or a path name using
       either  the  ~  shell  shorthand  or any of the substitution variables,
       which are listed below.

       The volume name is the name that appears in the Chooser ot the "connect
       to server" dialog on Macintoshes to represent the appropriate share. If
       there are spaces in the name,  it  should  be  in  quotes  (i.e.  "File
       Share").  The  volume  name may not exceed 27 characters in length, and
       cannot contain the â€â€™:â€â€™ character.

              Each volume has to be configured on a single line.

       The possible options and their meanings are:

              specify the format of the metadata files,  which  are  used  for
              saving   Mac  resource  fork  as  well.  Earlier  versions  used
              AppleDouble V1, the new default  format  is  V2.  Starting  with
              Netatalk  2.0,  the  scheme  MacOS X uses currently (10.3.x), is
              also supported

              Using adouble:osx is not recommended  for  production  use.  Its
              only  aim  is  to temporarely share eg. FAT32 formatted FireWire
              harddrives written on a Macintosh with  afpd.  Apple’s  metadata
              scheme  lacks  several  essential  features,  so using it on the
              server’s side will break both CNIDs and MacOS 9 compatibility

              The allow option allows the users and groups that access a share
              to  be  specified.  Users and groups are specified, delimited by
              commas.  Groups  are  designated  by  a   @   prefix.   Example:

              The  deny  option specifies users and groups who are not allowed
              access to the share. It follows the same  format  as  the  allow

              set  the  CNID  backend  to  be  used for the volume, default is
              [:DEFAULT_CNID_SCHEME:] available schemes: [:COMPILED_BACKENDS:]

              Sets  the database information to be stored in path. You have to
              specifiy a writable location, even if the volume is read only.

              specifies  the  mac  client  codepage  for  this  Volume,   e.g.
              "MAC_ROMAN",  "MAC_CYRILLIC".  If not specified the setting from
              afpd.conf is inherited. This setting is  only  required  if  you
              need  volumes,  where  the  mac  codepage  differs  from the one
              globally set in afpd.conf.

              This  allows  multiple  options  to  be  specified  in  a  comma
              delimited format. The available options are:

                     Limit  disk  size  reporting to 2GB. This can be used for
                     older Macintoshes using newer Appleshare clients.

              ro     Specifies the share as being read  only  for  all  users.
                     The  .AppleDB  directory has to be writeable, you can use
                     the -dbpath option to relocate it.

                     Don’t do :hex translation for dot files. note: when  this
                     option gets set, certain file names become illegal. These
                     are .Parent and anything that starts with  .Apple.  Also,
                     dot  files created on the unix side are marked invisible.

                     a non-zero  return  code  from  root_preexec  closes  the
                     volume  immediately,  preventing clients to mount/see the
                     volume in question.

                     a non-zero return code  from  preexec  close  the  volume
                     being  immediately,  preventing  clients to mount/see the
                     volume in question.

              This option allows you to set a volume password, which can be  a
              maximum  of  8 characters long (using ASCII strongly recommended
              at the time of this writing).

              command to be run when the volume is mounted, ignored  for  user
              defined volumes

              command  to  be  run when the volume is closed, ignored for user
              defined volumes

              command to be run as root when the volume  is  mounted,  ignored
              for user defined volumes

              command to be run as root when the volume is closed, ignored for
              user defined volumes

              Allows certain users and groups to have read-only  access  to  a
              share. This follows the allow option format.

              Allows  certain  users and groups to have read/write access to a
              share. This follows the allow option format.

       veto:[vetoed name]
              hide files and directories,where the path matches one of the ’/’
              delimited  vetoed  names.  Matches  are  partial,  e.g.  path is
              /abc/def/file and veto:/abc/ will hide the file.

              specifies  the  volume  codepage,   e.g.   "UTF8",   "UTF8-MAC",
              "ISO-8859-15". Defaults to "UTF8".


       You can use variables in both volume path and volume name.

       1.     if you specify an unknown variable, it will not get converted.

       2.     if  you specify a known variable, but that variable doesn’t have
              a value, it will get ignored.

       The variables which can be used for substitutions are:

       $b     basename

       $c     client’s ip or appletalk address

       $d     volume pathname on server

       $f     full name (contents of the gecos field in the passwd file)

       $g     group name

       $h     hostname

       $i     client’s ip, without port

       $s     server name (this can be the hostname)

       $u     user name (if guest, it is the user that guest is running as)

       $v     volume name (either ADEID_NAME or basename of path)

       $z     appletalk zone (may not exist)

       $$     prints dollar sign ($)

       When using variable substitution in the volume  name,  always  keep  in
       mind, not to exceed the 27 characters limit

       Using variable substitution when defining volumes

       /home/groups/$g "Groupdir for $g"
       ~ "$f is the best one"

       We  define  "groupdirs"  for  each primary group and use a personalized
       server name for homedir shares.


       The AFP protocol mostly refers to files and directories by ID  and  not
       by  name. Netatalk needs a way to store these ID’s in a persistent way,
       to achieve this several different CNID backends are available. The CNID
       Databases  are  by default located in the .AppleDB folder in the volume

       cdb    "Concurrent database", backend is based on  Sleepycat’s  Berkely
              DB.  With  this  backend  several  afpd  deamons access the CNID
              database directly. Berkeley DB locking is  used  to  synchronize
              access,  if  more  than one afpd process is active for a volume.
              The drawback is, that the crash of a single afpd  process  might
              corrupt the database.

       dbd    Access  to  the  CNID  database  is restricted to the cnid_metad
              daemon process.  afpd processes communicate with the daemon  for
              database   reads   and   updates.  If  built  with  Berkeley  DB
              transactions  the  probability  for   database   corruption   is
              practically zero, but performance can be slower than with cdb

       last   This  backend  is an exception, in terms of ID persistency. ID’s
              are only valid for the current session. This is  basically  what
              afpd  did  in  the 1.5 (and 1.6) versions. This backend is still
              available, as it is useful for e.g. sharing cdroms.

              Warning: It is NOT recommended to use this backend  for  volumes
              anymore, as afpd now relies heavily on a persistent ID database.
              Aliases will likely  not  work  and  filename  mangling  is  not

       Even  though  ./configure  --help  might show that there are other CNID
       backends available, be warned those are likely broken  or  mainly  used
       for testing. Don’t use them unless you know what you’re doing, they may
       be removed without further notice from future versions.


       With OS X Apple introduced the AFP3 protocol. One of the most important
       changes  was  that AFP3 uses unicode names encoded as UTF-8 decomposed.
       Previous   AFP/OS   versions    used    codepages,    like    MacRoman,
       MacCentralEurope, etc.

       afpd  needs  a  way  to  preserve  extended  macintosh  characters,  or
       characters illegal in unix filenames,  when  saving  files  on  a  unix
       filesystem.  Earlier  versions used the the so called CAP encoding.  An
       extended character (>0x7F) would be converted to a :xx  sequence,  e.g.
       the  Apple  Logo  (MacRoman:  0XF0)  was  saved  as  :f0.  Some special
       characters will be converted as to :xx notation as well.  ’/’  will  be
       encoded to :2f, if -usedots is not specified, a leading dot ’.’ will be
       encoded as :2e.

       This version now uses UTF-8 as the default encoding for names.  Special
       characters,  like ’/’ and a leading ’.’ will still be CAP style encoded

       The  -volcharset  option  will  allow  you  to  select  another  volume
       encoding.  E.g.  for  western  users  another  useful  setting could be
       -volcharset  ISO-8859-15.  apfd  will  accept  any  iconv(1)   provided
       charset.  If  a  character cannot be converted from the mac codepage to
       the selected volcharset, afpd will save it as a CAP encoded  character.
       For  AFP3 clients, afpd will convert the UTF-8 character to -maccharset
       first. If this conversion fails, you’ll receive a -50 error on the mac.

       Note:  Whenever  you  can,  please  stick with the default UTF-8 volume


       To use a volume created with an earlier afpd version,  you’ll  have  to
       specify the following options:

       use a 1.x style volume

       /path/to/volume "Volname" adouble:v1 volcharset:ASCII

       In  case you used an NLS you could try using a compatible iconv charset
       for -volcharset.

       use a 1.x style volume, created with maccode.iso8859-1

       /path/to/volume "Volname" adouble:v1 volcharset:ISO-8859-1

       You should consider converting old style volumes to the  new  UTF-8/AD2
       format.  The  safest way to do this, is to create a new volume with the
       default options and copy the files between this volumes with a mac.

       Note: Using above example options will allow you to  downgrade  to  1.x
       netatalk again.

       Note:   Some   1.x   NLS   files   used  non  standard  mappings,  e.g.
       maccode.iso8859-1.adapted. This is not supported anymore.  You’ll  have
       to  copy  the contents of those volumes files to a Mac and then back to
       the netatalk server, preferably to an UTF-8 volume.


       The following options should only be used after serious  consideration.
       Be  sure  you  fully  understood  the, sometimes complex, consequences,
       before using them.

              The casefold option handles, if the case of filenames should  be
              changed. The available options are:

              tolower - Lowercases names in both directions.

              toupper - Uppercases names in both directions.

              xlatelower - Client sees lowercase, server sees uppercase.

              xlateupper - Client sees uppercase, server sees lowercase.

              This  allows  multiple  options  to  be  specified  in  a  comma
              delimited format. The available options are:

                     If set afpd uses the ID information stored in AppleDouble
                     V2  header  files to reduce database load. Don’t set this
                     option if the volume  is  modified  by  non  AFP  clients
                     (NFS/SMB/local). Defaults to off.

              crlf   Enables  crlf  translation  for TEXT files, automatically
                     converting macintosh line breaks into Unix ones.  Use  of
                     this  option might be dangerous since some older programs
                     store binary data files as type "TEXT"  when  saving  and
                     switch   the   filetype  in  a  second  step.  Afpd  will
                     potentially  destroy  such   files   when   "erroneously"
                     changing bytes in order to do line break translation.

                     Allows  a  volume  to  be  declared as being a "dropbox."
                     Note that  netatalk  must  be  compiled  with  dropkludge
                     support  for  this  to  function. Warning: This option is
                     deprecated and might not work as expected.

                     Forces  filename  restrictions  imposed  by   MS   WinXX.
                     Warning:  This  is NOT recommened for volumes mainly used
                     by Macs. Please  make  sure  you  fully  understand  this
                     option before using it.

                     This option breaks direct saving to netatalk volumes from
                     some applications, i.e. OfficeX.

                     Forces afpd to not create .AppleDouble directories unless
                     macintosh  metadata  needs  to be written. This option is
                     only useful if you want to share files mostly used NOT by
                     macs,   causing   afpd   to   not   automatically  create
                     .AppleDouble subdirs containing AD header files in  every
                     directory it enters (which will it do by default).

                     In  case,  you  save or change files from mac clients, AD
                     metadata files have to be written even in  case  you  set
                     this   option.   So  you  can’t  avoid  the  creation  of
                     .AppleDouble directories and its contents when  you  give
                     macs write access to a share and they make use of it.

                     Try to avoid noadouble whenever possible.

              nodev  always  use  0  for  device number, helps when the device
                     number is not constant across a reboot, cluster, ...

                     don’t advertise createfileid, resolveid, deleteid  calls.

              nohex  Disables :hex translations for anything except dot files.
                     This option makes the â€â€™/’ character illegal.

              prodos Provides compatibility with Apple II clients.

              nostat don’t stat volume path  when  enumerating  volumes  list,
                     useful  for  automounting or volumes created by a preexec

              upriv  use AFP3 unix privileges. Become familiar  with  the  new
                     "unix  privileges"  AFP  permissions  concepts in MacOS X
                     before using this option.


       afpd.conf(5), afpd(8)