Provided by: netatalk_2.0.3-9_i386 bug


       AppleVolumes.default  - Configuration file used by afpd(8) to determine
       the shares made available through Appletalk


       /etc/netatalk/AppleVolumes.default is the configuration  file  used  by
       afpd  to  determine what portions of the file system will be shared via
       Apple Filing Protocol,  as  well  as  their  behaviour.  Any  line  not
       prefixed  with  #  is interpreted. The configuration lines are composed

       path [ volume name ] [ options ]

       The path name must be a fully qualified path name, or a path name using
       either  the  ~  shell  shorthand  or any of the substitution variables,
       which are listed below.

       The volume name is the name that appears in the Chooser ot the "connect
       to server" dialog on Macintoshes to represent the appropriate share. If
       there are spaces in the name,  it  should  be  in  quotes  (i.e.  "File
       Share").  The  volume  name may not exceed 27 characters in length, and
       cannot contain the â€â€™:â€â€™ character.

              Each volume has to be configured on a single line.

       The possible options and their meanings are:

              specify the format of the metadata files,  which  are  used  for
              saving   Mac  resource  fork  as  well.  Earlier  versions  used
              AppleDouble V1, the new default  format  is  V2.  Starting  with
              Netatalk  2.0,  the  scheme  MacOS X uses currently (10.3.x), is
              also supported

              Using adouble:osx is not recommended  for  production  use.  Its
              only  aim  is  to temporarely share eg. FAT32 formatted FireWire
              harddrives written on a Macintosh with  afpd.  Apple’s  metadata
              scheme  lacks  several  essential  features,  so using it on the
              server’s side will break both CNIDs and MacOS 9 compatibility

              The allow option allows the users and groups that access a share
              to  be  specified.  Users and groups are specified, delimited by
              commas.  Groups  are  designated  by  a   @   prefix.   Example:

              The  deny  option specifies users and groups who are not allowed
              access to the share. It follows the same  format  as  the  allow

              set  the  CNID  backend to be used for the volume, default is []
              available schemes: [cdb dbd last]

              Sets the database information to be stored in path. You have  to
              specifiy a writable location, even if the volume is read only.

              specifies   the  mac  client  codepage  for  this  Volume,  e.g.
              "MAC_ROMAN", "MAC_CYRILLIC". If not specified the  setting  from
              afpd.conf  is  inherited.  This  setting is only required if you
              need volumes, where  the  mac  codepage  differs  from  the  one
              globally set in afpd.conf.

              This  allows  multiple  options  to  be  specified  in  a  comma
              delimited format. The available options are:

                     Limit disk size reporting to 2GB. This can  be  used  for
                     older Macintoshes using newer Appleshare clients.

              ro     Specifies  the  share  as  being read only for all users.
                     The .AppleDB directory has to be writeable, you  can  use
                     the -dbpath option to relocate it.

                     Don’t  do :hex translation for dot files. note: when this
                     option gets set, certain file names become illegal. These
                     are  .Parent  and anything that starts with .Apple. Also,
                     dot files created on the unix side are marked  invisible.

                     a  non-zero  return  code  from  root_preexec  closes the
                     volume immediately, preventing clients to  mount/see  the
                     volume in question.

                     a  non-zero  return  code  from  preexec close the volume
                     being immediately, preventing clients  to  mount/see  the
                     volume in question.

              This  option allows you to set a volume password, which can be a
              maximum of 8 characters long (using ASCII  strongly  recommended
              at the time of this writing).

              command  to  be run when the volume is mounted, ignored for user
              defined volumes

              command to be run when the volume is closed,  ignored  for  user
              defined volumes

              command  to  be  run as root when the volume is mounted, ignored
              for user defined volumes

              command to be run as root when the volume is closed, ignored for
              user defined volumes

              Allows  certain  users  and groups to have read-only access to a
              share. This follows the allow option format.

              Allows certain users and groups to have read/write access  to  a
              share. This follows the allow option format.

       veto:[vetoed name]
              hide files and directories,where the path matches one of the ’/’
              delimited vetoed  names.  Matches  are  partial,  e.g.  path  is
              /abc/def/file and veto:/abc/ will hide the file.

              specifies   the   volume   codepage,  e.g.  "UTF8",  "UTF8-MAC",
              "ISO-8859-15". Defaults to "UTF8".


       You can use variables in both volume path and volume name.

       1.     if you specify an unknown variable, it will not get converted.

       2.     if you specify a known variable, but that variable doesn’t  have
              a value, it will get ignored.

       The variables which can be used for substitutions are:

       $b     basename

       $c     client’s ip or appletalk address

       $d     volume pathname on server

       $f     full name (contents of the gecos field in the passwd file)

       $g     group name

       $h     hostname

       $i     client’s ip, without port

       $s     server name (this can be the hostname)

       $u     user name (if guest, it is the user that guest is running as)

       $v     volume name (either ADEID_NAME or basename of path)

       $z     appletalk zone (may not exist)

       $$     prints dollar sign ($)

       When  using  variable  substitution  in the volume name, always keep in
       mind, not to exceed the 27 characters limit

       Using variable substitution when defining volumes

       /home/groups/$g "Groupdir for $g"
       ~ "$f is the best one"

       We define "groupdirs" for each primary group  and  use  a  personalized
       server name for homedir shares.


       The  AFP  protocol mostly refers to files and directories by ID and not
       by name. Netatalk needs a way to store these ID’s in a persistent  way,
       to achieve this several different CNID backends are available. The CNID
       Databases are by default located in the .AppleDB folder in  the  volume

       cdb    "Concurrent  database",  backend is based on Sleepycat’s Berkely
              DB. With this backend  several  afpd  deamons  access  the  CNID
              database  directly.  Berkeley  DB locking is used to synchronize
              access, if more than one afpd process is active  for  a  volume.
              The  drawback  is, that the crash of a single afpd process might
              corrupt the database.

       dbd    Access to the CNID database  is  restricted  to  the  cnid_metad
              daemon  process.  afpd processes communicate with the daemon for
              database  reads  and  updates.  If  built   with   Berkeley   DB
              transactions   the   probability   for  database  corruption  is
              practically zero, but performance can be slower than with cdb

       last   This backend is an exception, in terms of ID  persistency.  ID’s
              are  only  valid for the current session. This is basically what
              afpd did in the 1.5 (and 1.6) versions. This  backend  is  still
              available, as it is useful for e.g. sharing cdroms.

              Warning:  It  is NOT recommended to use this backend for volumes
              anymore, as afpd now relies heavily on a persistent ID database.
              Aliases  will  likely  not  work  and  filename  mangling is not

       Even though ./configure --help might show that  there  are  other  CNID
       backends  available,  be  warned those are likely broken or mainly used
       for testing. Don’t use them unless you know what you’re doing, they may
       be removed without further notice from future versions.


       With OS X Apple introduced the AFP3 protocol. One of the most important
       changes was that AFP3 uses unicode names encoded as  UTF-8  decomposed.
       Previous    AFP/OS    versions    used    codepages,   like   MacRoman,
       MacCentralEurope, etc.

       afpd  needs  a  way  to  preserve  extended  macintosh  characters,  or
       characters  illegal  in  unix  filenames,  when  saving files on a unix
       filesystem. Earlier versions used the the so called CAP  encoding.   An
       extended  character  (>0x7F) would be converted to a :xx sequence, e.g.
       the Apple Logo  (MacRoman:  0XF0)  was  saved  as  :f0.   Some  special
       characters  will  be converted as to :xx notation as well.  ’/’ will be
       encoded to :2f, if -usedots is not specified, a leading dot ’.’ will be
       encoded as :2e.

       This version now uses UTF-8 as the default encoding for names.  Special
       characters, like ’/’ and a leading ’.’ will still be CAP style  encoded

       The  -volcharset  option  will  allow  you  to  select  another  volume
       encoding. E.g. for  western  users  another  useful  setting  could  be
       -volcharset   ISO-8859-15.  apfd  will  accept  any  iconv(1)  provided
       charset. If a character cannot be converted from the  mac  codepage  to
       the  selected volcharset, afpd will save it as a CAP encoded character.
       For AFP3 clients, afpd will convert the UTF-8 character to  -maccharset
       first. If this conversion fails, you’ll receive a -50 error on the mac.

       Note: Whenever you can, please stick  with  the  default  UTF-8  volume


       To  use  a  volume created with an earlier afpd version, you’ll have to
       specify the following options:

       use a 1.x style volume

       /path/to/volume "Volname" adouble:v1 volcharset:ASCII

       In case you used an NLS you could try using a compatible iconv  charset
       for -volcharset.

       use a 1.x style volume, created with maccode.iso8859-1

       /path/to/volume "Volname" adouble:v1 volcharset:ISO-8859-1

       You  should  consider converting old style volumes to the new UTF-8/AD2
       format. The safest way to do this, is to create a new volume  with  the
       default options and copy the files between this volumes with a mac.

       Note:  Using  above  example options will allow you to downgrade to 1.x
       netatalk again.

       Note:  Some  1.x  NLS  files   used   non   standard   mappings,   e.g.
       maccode.iso8859-1.adapted.  This  is not supported anymore. You’ll have
       to copy the contents of those volumes files to a Mac and then  back  to
       the netatalk server, preferably to an UTF-8 volume.


       The  following options should only be used after serious consideration.
       Be sure you fully  understood  the,  sometimes  complex,  consequences,
       before using them.

              The  casefold option handles, if the case of filenames should be
              changed. The available options are:

              tolower - Lowercases names in both directions.

              toupper - Uppercases names in both directions.

              xlatelower - Client sees lowercase, server sees uppercase.

              xlateupper - Client sees uppercase, server sees lowercase.

              This  allows  multiple  options  to  be  specified  in  a  comma
              delimited format. The available options are:

                     If set afpd uses the ID information stored in AppleDouble
                     V2 header files to reduce database load. Don’t  set  this
                     option  if  the  volume  is  modified  by non AFP clients
                     (NFS/SMB/local). Defaults to off.

              crlf   Enables crlf translation for  TEXT  files,  automatically
                     converting  macintosh  line breaks into Unix ones. Use of
                     this option might be dangerous since some older  programs
                     store  binary  data  files as type "TEXT" when saving and
                     switch  the  filetype  in  a  second  step.   Afpd   will
                     potentially   destroy   such   files  when  "erroneously"
                     changing bytes in order to do line break translation.

                     Allows a volume to be  declared  as  being  a  "dropbox."
                     Note  that  netatalk  must  be  compiled  with dropkludge
                     support for this to function.  Warning:  This  option  is
                     deprecated and might not work as expected.

                     Forces   filename   restrictions  imposed  by  MS  WinXX.
                     Warning: This is NOT recommened for volumes  mainly  used
                     by  Macs.  Please  make  sure  you  fully understand this
                     option before using it.

                     This option breaks direct saving to netatalk volumes from
                     some applications, i.e. OfficeX.

                     Forces afpd to not create .AppleDouble directories unless
                     macintosh metadata needs to be written.  This  option  is
                     only useful if you want to share files mostly used NOT by
                     macs,  causing   afpd   to   not   automatically   create
                     .AppleDouble  subdirs containing AD header files in every
                     directory it enters (which will it do by default).

                     In case, you save or change files from  mac  clients,  AD
                     metadata  files  have  to be written even in case you set
                     this  option.  So  you  can’t  avoid  the   creation   of
                     .AppleDouble  directories  and its contents when you give
                     macs write access to a share and they make use of it.

                     Try to avoid noadouble whenever possible.

              nodev  always use 0 for device number,  helps  when  the  device
                     number is not constant across a reboot, cluster, ...

                     don’t  advertise createfileid, resolveid, deleteid calls.

              nohex  Disables :hex translations for anything except dot files.
                     This option makes the â€â€™/’ character illegal.

              prodos Provides compatibility with Apple II clients.

              nostat don’t  stat  volume  path  when enumerating volumes list,
                     useful for automounting or volumes created by  a  preexec

              upriv  use  AFP3  unix  privileges. Become familiar with the new
                     "unix privileges" AFP permissions  concepts  in  MacOS  X
                     before using this option.


       afpd.conf(5), afpd(8)