Macintosh
File Server (MFS) for Haiku
Version
1.7
Copyright
© 2002-09, SomeGuy Software. All Rights Reserved.
Contents
1 Introduction
1.1 What's supported
1.2 What's not supported
1.2.1 Currently unsupported AFP API's
2 Installation
2.1 Getting MFS to start automatically
2.2 The BeUAM
3 Configuring
MFS
3.1 Managing Users
3.2 Creating a drop-folder
3.3 Setting Permissions
3.4 Setting the Server Name
4 Known issues
5 License
6 Support
7 Disclaimer
8 What's New
1 Introduction
Welcome to
the Macintosh File Server (MFS) for Haiku! This multi-threaded server,
written from the ground up for the BeOS/Haiku, will allow Macintosh
clients to share files with a machine running the Haiku OS. Once MFS is
installed, Mac clients can connect using their native AFP protocol to
shares located on the Haiku machine.
1.1
What's Support
Currently,
MFS implements the AFP 3.2 specification and is compatible with either
Classic MacOS or Mac OS X clients. The only restriction is that the Mac
clients must support AFP over TCP/IP (AFP 2.2 which first appeared in
AppleShare 3.7.4 and later).
As of version 1.7, MFS supports the DHCAST128 user authentication
method (UAM). This means that MacOS X clients can login to MFS using
their own native password encryption implementation. So, there is no
longer a need to enable clear text password support on MacOS X 10.5
systems and no longer a need for the BeUAM which has officially been
deprecated as of this release. Note that with this support, you can now
safely and securely login and change your passwords from any MacOS X
system.
1.2 What's
not supported
There is only
a very rudimentary folder level security system provide in Haiku. You
can only limit access to certain shares between three groups of
users: Administrators, guests and users.See section 3 for a detailed
description on how to configure your folders to restrict/grant access.
AppleTalk
connections are not supported.
1.2.1
Currently unsupported AFP API calls
The following
AFP API calls are not supported in MFS. Note that the absence of all
the API's below does not affect the usability of this server with
Macintosh
clients. The only reason I list these here is in case a developer tries
to write a custom application that attempts to use these calls.
FPOpenDir (not required)
FPDirClose (not required)
FPMapName (irrelevant since BeOS doesn't support users)
FPSetVolParms (irrelevant since BeOS doesn't support a backup
date)
FPDeleteID (don't have too according to spec - not possible with
Be file system)
FPResolveID (don't have too according to spec - not possible with
Be file system)
FPExchangeFiles (not required)
FPGetAuthMethods (irrelevant since BeOS doesn't support users)
FPCatSearch (not required)
FPCatSearchExt (not required)
NOTE:
FPGetDirParms and FPGetFileParms have been deprecated and won't be
supported.
2 Installation
To install
MFS, just double click the installer.sh script from within tracker or
run it from Terminal. It will place all the files in their correct
locations. Specifically, it places the following files:
home/config/bin/afp_server
<--this is the AFP server service
home/config/bin/MacFile
<- this is the configuration utility
home/config/add-ons/Tracker/CreateAfpShare
<- this is a Tracker add-on to easily create new shares
home/config/be/Applications/afp_server
<--link
home/config/be/Preferences/MacFile
<--link
2.1 Getting
MFS to start automatically
As of version
1.6 for Haiku, the install script will automatically configure your
UserBootscript if you choose to do so at installation time.If you did
not choose to have the installer do this, you can either run the
install script again (you won't lose any settings) or follow the
instructions below.
To get MFS to
start automatically on boot, you can manually edit your UserBootScript
file. Just copy the following into your UserBootscript file located in
home/config/boot.
#!/bin/sh
#
SCRIPTS=beos/system/boot
SERVERPATH=home/config/bin
launchscript()
{
if [ -f "/boot/$1" ]
then
. "/boot/$1"
fi
}
start()
{
if [ -f /boot/$1 ]; then
/boot/$1 $2 &
else
echo There is no $1
fi
}
launchscript
$SCRIPTS/Netscript #
start up networking
start
$SERVERPATH/afp_server
2.2 The BeUAM (Deprecated)
The BeUAM is no longer supported as it blocked MacOS X 10.5 clients
from logging into MFS. If you installed it on your Mac system and wish
to remove it, on your Mac, go to
/boot/Library/Filesystems/Appleshare/Authentication and delete the
BeUAM.uamx file. The server no longer offers support for the BeUAM to
clients, so those that do have it installed, even on earlier MacOS X
versions where it worked, will not use it anymore.
3 Configuring MFS
Once MFS is
installed and running, you can use the MacFile preference application
to configure:
1. What directories you are sharing
2. What users have access to your computer via AFP
3. What message (if any) users will see when they log in
4. What name for your computer AFP clients will see
3.1 Managing
Users
MFS provides
a rudimentary user authentication system. With the MacFile preference
application you can allow only certain users to access your AFP shares
by entering user names and passwords. You can also tell MFS who has
admin privileges. Currently, "Admin Privileges" only means that users
are listed as "owners" of the shares. This way, window positions and
listing types are saved between logins. Admins also ALWAYS get full
access to all shares regardless of how you configured the folders using
the method below. If you are not an "Admin", you are basically just a
normal user.
3.2 Creating
a drop-folder
There are
many instances where you may want to create a drop-folder that Mac
clients can drop files into but cannot open or view. To do this in MFS
easily, just name any folder "=DropFolder=" (without the quotes). Users
without admin privileges will not be able to open or view this folder
but can drop files into it. Admins will have full access to the folder.
3.3 Setting
Permissions
MFS uses the
Haiku's filesystem permission attributes to provide at least some
rudimentary directory access control.Specifically, MFS uses the Posix
permissions available in the filesystem to control access for guests
and normal users.
Permissions
are set as in the table below. Normal user permissions are reported to
the Mac client as they are set by the "Group" column. Since groups are
currently not supported in BeOS, we borrow these settings for normal
user access permissions. Guest access is controlled by the settings in
the "Other" column. In the example in Figure 1 below, Users have full
read/write
access to the sample directory and guests have just read only.
|
Owner
|
Group/User
|
Other/Guest
|
Read
|
x
|
x
|
x
|
Write
|
x
|
x
|
|
Execute/View
|
x
|
x
|
x
|
Figure
1. Owners/Users: read/write, Guests: read only
The
execute
access settings are not understood by Macintosh clients, so we use this
setting to determine whether or not Mac clients can view the files in a
particular directory.
Below is an
example of how you would create a drop folder if you don't want to use
the naming convention described in the previous section. In the below
example, users and guests can copy files into a particular directory,
but cannot open it to view it's contents. Note that you do not want to
apply these settings to the root directory of an MFS volume (the shared
folder) otherwise users and guests will not be able to mount the volume.
|
Owner
|
Group/User
|
Other/Guest
|
Read
|
x
|
|
|
Write
|
x
|
x
|
X
|
Execute/View
|
x
|
|
|
Figure
2. Owners: read/write/view, Users/Guests: write only
Admins
continue to have full unrestricted access to all shares and directories
on a particular server. The "Owner" bits are ignored at this time as
their meaning is irrelevant.
3.4 Setting
The Server Name
The AFP spec
allows the use of a separate name for the server from the one that may
be set as the machine/host name. This is lucky for us on Haiku or BeOS
as there is currently no way to set the machine's name or host name
(easily anyway). By default, MacFile will use the hostname of the
machine, but you can set a more unique name via the MacFile preference
application. Just choose Utilities->Set Server Name... from the
preference application menu.
If you wish to revert back to the default system hostname, just press
the "Default" button in the Set Server Name dialog.
4 Known issues
Performance:
With the server hosted on my 1.0 Ghz. Pentium III running Haiku, a 3
Ghz. Intel iMac running Leopard saw throughputs of 2MB/sec. and
4MB/sec. for write and read operations respectively. That's pretty darn
good!
Renaming
files/dirs to long names: For files with long names (longer than 32
characters), you can read them from the server and copy them to the
server. However, you cannot rename an existing file on the server to a
longer name. I don't know why this is, the client stops the action
without even making a request to the server, so this looks like a
client issue.
Tested
Clients: This server has only been tested with MacOS 7.6, 9.2.1, MacOS
X 10.4 & 10.5 clients. Please let me know if any other clients work
(or don't).
There appears
to be a bug in the MacOS X AppleShare client that prevents the changing
of passwords when the password is expired. This is supposed to be
allowed but I cannot find a way around it.
5 License
You may use
MFS for FREE. I wrote MFS because it filled a personal need, I hope
someone else finds it useful too.
6 Support
Report any
bugs or issues to someguysoftware@me.com. I cannot commit to answering
all letters, but I can promise that I will read them all. I also cannot
commit to implementing or fixing every request. I do this on my spare
time and too often "real life" gets in the way.
7 Disclaimer
The term
"Software" refers to the MFS applications, add-ons and documentation.
DISCLAIMER OF
WARRANTY. The Software is provided on an "AS IS" basis, without
warranty of any kind, including without limitation the warranties of
merchantability,
fitness for a particular purpose and non-infringement. The entire risk
as to the quality and performance of the Software is borne by you.
Should the Software prove defective, you and not SomeGuy Software
assume the entire cost of any service and repair. This disclaimer of
warranty constitutes an essential part of the agreement.
LIMITATION OF
LIABILITY. UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, TORT,
CONTRACT, OR OTHERWISE, SHALL SOMEGUY
SOFTWARE OR
ITS SUPPLIERS OR RESELLERS OR DISTRIBUTORS BE LIABLE TO YOU OR ANY
OTHER PERSON FOR ANY INDIRECT, SPECIAL,
INCIDENTAL,
OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT
LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK
STOPPAGE,
COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL
DAMAGES OR LOSSES. IN NO EVENT WILL SOMEGUY
SOFTWARE BE
LIABLE FOR ANY DAMAGES, EVEN IF SOMEGUY SOFTWARE SHALL HAVE BEEN
INFORMED OF THE POSSIBILITY OF SUCH
DAMAGES, OR
FOR ANY CLAIM BY ANY OTHER PARTY.
8 What's New
Version 1.7
Server
- Added support for the DHCAST128 (SSL encryption) user authentication
method (UAM) for login. This means that all MacOS X systems can now
login to MFS using its own native encrypted password authentication.
Supporting this requires that OpenSSL be installed on Haiku systems
running MFS, but it looks like OpenSSL is supplied by default on the
pre-alpha Haiku builds so it should not be an issue for anyone.
- Added support for much more stringent access checking based on user
level (admin, guest, user).
MacFile Configuration
- Added default button in the custom server name dialog. The default
uses the system's hostname.
-
Fixed a bug with the "Save" button in the logon message configuration
box in the MacFile configuration utility.
The BeUAM
-
The installer will now stop sharing the BeUAM installation folder on
systems and replace it with a MacUtilitiesFolder.
- The BeUAM is officially deprecated
as of this release as it actually
blocked MacOS X 10.5 clients from logging into MacFile when installed.
Be sure to remove it from your MacOS X system as per section 2.2 above.
Version 1.6
Server
- Re-factored
a lot of code to stabilize the server in the Haiku environment, mostly
in the networking area.
- Added
support for custom server names (see section 3.4 above).
- Had to
change the name of the easy drop folder name to "=DropFolder=" since
Haiku doesn't appear to like the Tilda key.
MacFile
Configuration
- Re-factored
the configuration UI to accommodate Haiku's default font and make it a
little more resilient to font changes
- No longer
will launch if the afp_server is not running, this prevents a weird UI
state for the end user
- You can now
set a custom server name via Utilities->Set Server Name...
- Fixed a bug
where sending a message to clients didn't always work
CreateAfpShare
Tracker Add-on
-
Re-introduced the Tracker add-on to make sharing new folder shares
easier from within the Tracker
Install
Script
- The
installer will now automatically update the UserBootscript so the
server will launch automatically at startup
- You can now
fully uninstall MacFile by using the same script you used to install it
- Updated for
new files/binaries