Child pages
  • Netatalk
Skip to end of metadata
Go to start of metadata


Netatalk is an open source implementation of the Apple File sharing Protocol (AFP). It supports Time machine and advertising of services with multicast dns (Bonjour in Apple's jargon).

See the netatalk site for more details:

Installation from SFE Repository

There is now a netatalk 2.2.0 package available from the SFE repository.

If you don't have the SFE publisher configured, see this page for how to do it:

Then, netatalk can be installed with the following command:

# pkg install system/library/security/libgcrypt system/network/avahi system/library/netatalk

(It appears that the 'libgcrpyt' and 'avahi' dependencies are missing from the SFE package at present, and these need to be installed before netatalk will run.)


Netatalk 3.0.1 is now in "experemental/SFEnetatalk3" This is still a work in progress, but should work.

Installation from source


The following packages are required to run netatalk:

# pkg install system/library/security/libgcrypt system/network/avahi service/network/dns/mdns

A build environment is required. You will need these packages installed if you don't already have them:

# pkg install developer/illumos-gcc system/library/math/header-math developer/gnu developer/gnu-binutils developer/gnome/gettext

Or for building with gcc-3:

# pkg install developer/gcc/gcc-3 system/library/math/header-math developer/gnu developer/gnu-binutils developer/gnome/gettext


Berkeley DB

Netatalk requires Berkeley DB to be installed. (I have read a few issues with later versions of Berkeley DB, I use 4.7.25 and it works fine.)

Download Berkeley DB from Oracle (there doesn't seem :

$ cd build_unix
$ ../dist/configure --prefix=/usr/local
$ make
# make install

(Note, I chose to install bdb into /usr/local. it's default is "/usr/local/BerkeleyDB.4.7". If you use the default or another location, you will need to pass that to netatalk's configure below.)

Building netatalk

Download netatalk from:

The current stable version is 3.0. For older versions of netatalk, you will need to use the "" authentication module to support Mac OS X 10.7 and later clients. Please check the Netatalk website and mailing lists for more details.

$ ./configure --without-ddp --with-init-style=solaris
$ make
# make install

You may need to add '--with-bdb=/path/to/berkeleydb' if configure can't find it.

Version 3.0 also includes an SMF service for managing netatalk. To activate this, include "--with-init-style=solaris" on the configure line, and then make install will install the service manifest for you.

Running Netatalk

For netatalk to publish it's services using Multicast DNS (Bonjour / ZeroConf / Avahi) you will need to enable these services:

# svcadm enable svc:/network/dns/multicast:default
# svcadm enable svc:/system/avahi-bridge-dsd:default

And start netatalk with this command (for version 3.0 with init-style=solaris):

# svcadm enable svc:/network/netatalk:default

And start netatalk with this command for 2.x versions:

# /etc/init.d/netatalk start

PAM for version 3.0

Netatalk will complain that, while it supports PAM authentication, it can't automatically set up PAM for you on Solaris systems. You'll need to do this manually.

Howto needed: (LDAP/ Actve Directory support for netatalk3 - Interoperability with CIFS AD support?)

Bonjour Avahi/ Zeroconfig for version V.3

Howto needed


Netatalk 3 should configure Avahi/Zeroconfig automatically (assuming the services are running).

"model mimic"ing is not presently working, this is a netatalk bug, which should be fixed in the next update.


Configurations for version 2.x and version >= 3.0 are quite different. Please refer to the netatalk website for more information:

Example Configuration for version 3.0:

All configuration now happens in this one file: /usr/local/etc/afp.conf:
This file must end with a newline or netatalk service would not start (maintenance mode)

; Netatalk 3.x configuration file

; Global server settings
hostname = server-name
zeroconf = yes

time machine = yes
path = /zpool/path/to/TimeMachine
directory perm = 0770
file perm = 0660

Example Configuration for version 2.2:


- -noddp -transall -uamlist -nosavepassword


~ cnidscheme:dbd options:usedots,invisibledots,upriv fperm:0660 dperm:0770
/path/to/TimeMachine "TimeMachine" cnidscheme:dbd options:usedots,invisibledots,upriv,tm fperm:0660 dperm:0770


There has been some mention on the netatalk mailing list of the "nbmand" zfs property causing problems where users can create but not delete files over afp. If you are experiencing this problem, try `zfs set nbmand=off zpool/path/to/file/system`.

Stale PID file: Netatalk 3.x has a default pidfile location of `/var/spool/locks/netatalk`. If the service won't start because of a stale lock file, delete this.

For more information check out the Netatalk web site and mailing lists.


  • No labels


  1. Anonymous

    Problem with OSX 10.7 Lion:
    AFP/ TimeMachine in current netatalk 2.1 is not working
    due to new authentications

    Suggested AFP solution from Jason
    In order to compile DHX2 support in the UAMs of Netatalk 2.2, you have to install the libgcrypt11-dev from apt-get on Nexenta. Once libgcrypt11-dev is installed, Netatalk will compile with DHX2 support and in return will allow computers running Lion to login. (libgcrypt11-dev on OI ??)

    Main problem:
    Future of netatalk 2.2 is undecided


  2. Anonymous

    this lib is on
    maybee someone could add a complete howto

  3. Anonymous

    newest available netatalk version 2.2.0p6 from


    Install it after a su with my online installer (2.2.beta4 or 2.2p6)

    • wget -O - | perl
    • wget -O - | perl

    Manage AFP ZFS-Server via Web-GUI
    Install it ready to run with AFP share management

    • wget -O - | perl

    manage your Server via Browser:


    1. Anonymous

      type error:
      install napp-it web-GUI via

      • wget -O - | perl
  4. Anonymous

    Followed these instructions today using Berkeley 4.7.25 and Netatalk 2.2.0 on a default install of OpenIndiana v148.
    The client machine is running OS X Lion 10.7.1 and seems to be working well (smile)

    avahi and mdns were already installed (can't hurt to run the install command again though) and libgcrypt was also already installed (or you could: # pkg install pkg:/system/library/security/libgcrypt)

    All the instructions went fine. As for the PAM integration bit, user authentication automatically worked, I didn't have to do anything with PAM to make that bit work (at least, for a simple one user setup).

    As for the incomplete configuration bit, the config file you're looking for to add shares is here:

    To add a basic share to that, just add the lines:
    /path/to/share "share label"
    There's more detailed instructions in that file to do all sorts of other stuff.
    (Also, here: )
    Also don't forget to make sure the permissions for the folder are correct!

    Hope this helps someone (smile)

    Ducky (duk242)

  5. Anonymous

    with current OpenIndiana 151a i get the following error when
    installing netatalk 2.2 via the online installer
    wget -O - | perl

    error: checking for AVAHI... configure:
    The pkg-config script could not be found or is too old. Make sure it
    is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config.

    this happens after downloading and unzipping netatalk after:
    ./configure --with-pam --prefix=/usr --sysconfdir=/etc
    make install

    The problem is new to OI 151a (installer works with OI 148)
    If someone has a solution, please comment
    complete OI-installerscript see from line 266

  6. Anonymous

    I had the same problem on Solaris Express 11
    I installed gettext - provides pkg-config
    pkg search -r pkg-config

  7. Anonymous

    I've installed netatalk 2.2.1 by napp-it.
    I can write via console. but I can't wite via finder.
    What's wrong with me??

    1. Anonymous

      forgot to say, client is OSX 10.7.2

      1. Anonymous

        i would try

        -set 777 permission to shared folder
        -set nbmand of the shared ZFS dataset to 0ff
        -connect the share via afp://serverip

  8. Anonymous

    I have two network interfaces and afpd gets advertised only for the first interface.

    How can I setup mDNS to advertise multiple interfaces?