Toetsenbord layout

Werkgeheugen

Harddisk

Software

Apple:

Virtualisatie (Machines)

sudo chmod 464 /Applications/System Preferences.app/Contents/Info.plist
edit or add KEY "NSUIElement" and change STRING variable to "1".

<key>NSUIElement</key>
<string>1</string>

Software

Linux

OS X

Windows

Links

So, Apple has abandoned the XServe.  There is not 1U product that is available that Apple is making to take its place.  Yeah, I don’t get it either, but whatever.  Apple obviously knows what they are doing at this point.  After failing to convince our network guys to take up precious space in the server room with a Mac Pro tower, I was told that we will be replacing our Mac OS X file servers with 1U Dell servers running Red Hat Linux.  Ok, it’s been a while since I have used Red Hat servers (I’ve used Ubuntu in the recent past) however, I decided that it couldn’t be that much different.  Trouble is, I couldn’t find a straight-forward how-to about setting this up on Red Hat (or CentOS…this is what I used to ensure this was going to work.  Since CentOS is the free implementation of Red Hat, I will refer to it for the remainder of this article).  I wanted to use the AFP (Apple File Protocol)  implementation on CentOS, so I won’t have to change scripts, server connections, and backup programs on all of our Mac clients just to satisfy a new server setup.  Below are the steps I used to achieve this.  My hope is that other people who want to do this same thing, will not have to cobble together information from different sources to do this, and that this article will help them.  This article will take you through the entire process, from server OS install to AFP/Bonjour  configuration.   If you don’t care about server set up, and just need the good stuff, skip to step 11 below.

****WARNING****

This is only meant to be a BASIC GUIDE to set up a CentOS or Red Hat Linux server to replace a Mac OS X file server.  There are some huge security issues not addressed in this guide.  Please use common sense and do your research before you roll this out in an important environment.  This guide ONLY addresses the basics of how to setup a Linux server that caters to the AFP protocol and Macs connecting to it natively.

****End of Warning****

Alright, crack the knuckles.  Let’s get started.

These instructions are tested and verified for CentOS Linux Server edition 6. May work on other Linux distros.

1.) The first step is to visit CentOS.org and download the CentOS 6.  I went with the minimal edition.

http://mirror.mojohost.com/centos/6/isos/

Pick your platform (32-bit or 64-bit) and download the ISO.  Burn the ISO to a CD (not covered in this tutorial, but this information can be easily found via Google or whatever search engine you prefer).

2.) Install CentOS minimal install with CD.

Follow all of the prompts.  For the purposes of this tutorial, I did not install any additional services during the install.

3.) OK, after the install, the network card must be enabled.  They aren’t kidding when they call this a minimal install!

• navigate to /etc/sysconfig/network-scripts/
• vi ifcfg-eth0    ## your network card may be called something else.  Most defaults will be eth0.
• Change ONBOOT=”no” to ONBOOT=”yes” save changes and exit
• ifconfig eth0 up
• service network restart  ## just to make sure your network daemon restarts your eth0 connection.

4.) Alright, now to install some basics

• Install the following with yum (yum install xxxx)
• wget
• sudo
• nano
• ntp
• gcc
• make
• perl
• kernel-headers
• system-config-network-tui

5.) It’s probably a good idea to create a non-root user.  Ubuntu has spoiled me so, I am used to sudoing all of my root commands.  This way, I (usually) never accidentally do anything that I don’t mean to do as root:

• useradd monkeyman
• passwrd monkeyman

6.) Ok, now you need to add your new user to the sudoers file:

• visudo (the /etc/sudoers file must be edited with visudo command)
• Add the following line to the bottom of the file:
• monkeyman ALL=(ALL) ALL

A quick break down of the above line is as follows:

monkeyman : name of user to be allowed to use sudo
ALL : Allow sudo access from any host/IP address
(ALL) : Allow sudo command to be executed as any user.
ALL : Allow all commands to be executed

single domain users:

DOMAIN_NAME\\monkeyuser ALL=(ALL) ALL   ## where “DOMAIN_NAME” is your domain name and “monkeyuser” is the name of a user on your domain.

or a group:

%DOMAIN_NAME\\monkeytribe ALL=(ALL) ALL  ## where “monkeytribe” is the name of a group of users on your Active Directory domain.

note the % sign must be present for group designations.

Got that?  Good.  I hope that is clear enough.  I remember trying to figure some of that out for hours the first time I tried to set it up.
7.) Save the file and exit the editor.

8.) Disable SELinux:

• SELinux is the extra security layer that is utilized by CentOS.  It is really well implemented however, Like-Wise Open will not install with this enabled.  So it’s got to go.
• sudo nano /etc/selinux/config
• set the “SELINUX” status line to disabled.  SELINUX=disabled
• reboot    ## I know, you should be able to just restart a service.  However, SELinux tells you to reboot after turning it off.  As a side note, you could set this setting to “permissive” however, you will get a lot of weird messages when you do certain things.  These messages are only informative, but screw it, they annoy me.  So, I just turn it off.  Security admins, you can start screaming.   I don’t care.  This is just a “brief” how-to, remember?

9.) Once you get rebooted, it’s time to install like-wise open (now called pbis-open), so we can get this bad boy on our domain:

• Look, freaking go to http://www.powerbrokeropen.org/, register and legally get their software.  It’s free, and all you have to give them is a first name, last name, and your email address.  However, for the sake, and out of pity, for those *nix admins that might be reading this at 2 am, who just want to go home, go to sleep, and let their tired, broken hands rest for a few hours, here is the link to get the software:
• wget http://download.beyondtrust.com/PBISO/7.0.4/918/pbis-open-7.0.4.918.linux.x86.rpm.sh
• (this is the current path as of the writing of this article, and may change in the future. Check http://www.powerbrokeropen.org for more information)
• sudo chmod a+x (pbis-open file name)     ## got to get this thing in a state that we can execute it.
• sudo ./(pbis-open file name)     ## and now we install it.
• reboot    ## just do it, OK!  If you want to restart every service that needs restarting, do it and stop complaining!

10.) Ok, once we have PBIS-Open installed, it’s time to join our server to the domain

• sudo domainjoin-cli join DOMAIN_NAME monkeyuser     ## where DOMAIN_NAME is your domain name, and monkeyuser is a user on your domain with admin rights to add machines to your domain.
• success message should appear

11.) Alright, at this point, we should be added to the domain, and have a basic server platform to get what we need done.  Now comes the main part of this article.  Download and install netatalk and avahi (the AFP and Bonjour pieces needed for Macs to see AFP shares on Linux):

• Enable EPEL (Extra Packages for Enterprise Linux)
• (again as current of this writing: sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm)  ## this will add EPEL to your yum repository.
• sudo yum install netatalk     ## this will create the AFP fileserver on your linux server
• sudo yum install avahi.i686  ## this is essentially the open source version of ZeroConf, better known in the Apple world as Bonjour.
• sudo nano /etc/netatalk/afpd.conf
• Uncomment and add this to the bottom of the file:
• – -tcp -noddp -uamlist uams_dhx.so,uams_dhx2_passwd.so -nosavepassword -setuplog “default log_info /var/log/afpd.log”

12.) Time to define your AFP shares:

• sudo nano /etc/netatalk/AppleVolumes.default
• Scroll to the bottom and add the share location:
• In this case, the share is a folder called “Storage” that was created in “/opt/Storage)

# End of File

/opt/Storage “Storage” cnidscheme:dbd

13.) Make services start at boot time.   Netatalk and avahi-daemon will need to be configured to start at boot. Do this with chkconfig:

• sudo chkconfig netatalk on
• sudo chkconfig avahi-daemon on
• reboot

Mac computers should now see a share on the Linux server that it thinks is a natural AFP share, called “Storage”. Be aware that you may have to modify the permissions to your share (in this case “/opt/Storage”) so that users can read and write to it.  In this tutorial, there is no firewall on the server.  However, your sever probably will be using one.  Make sure TCP port 548 is open so Mac clients can see the shares and authenticate correctly.  One more side note, I read somewhere that a space in your AFP share declaration (“Storage Sever” as opposed to “StorageServer” or just plain “Storage”) may cause some strange things with your Mac clients not being able to connect to your AFP share.  I did not experience this, but just something to check if you run into issues.

And that, is just about it. Again, this is just a bare-bones how-to, but hopefully it will get some of you guys and gals where you need to be.  I would not have been able to do this without some how-tos and resources.  I ‘d like to thank the people below for the information that they originally posted, and helped me to cobble enough information to do this on CentOS 6.

Jose would like to thank:

Barry Price:
http://www.barryprice.co.uk/2012/05/04/apple-file-server-on-ubuntu-12-dot-04/

Did this with Ubuntu and gave me an idea where to start for CentOS 6

rathelm:
http://rathelm.wordpress.com/2012/02/03/cent-os6-2-and-netatalk-2-2-0/

pointed me in the right direction for the EPEL packages for CentOS 6

Beyondtrust.com and the people that originally developed Like-Wise Open (now PBIS Open)
http://www.powerbrokeropen.org/

Chris Colotti
http://www.chriscolotti.us/technology/how-to-get-started-with-centos-minimal/

Gave me some direction on getting basic services needed for CentOS.  There is seriously almost nothing on the minimal install!

Happy Installing (and maintaining, and updating, and tweaking, and optimizing, and recovering…)!