User Tools

Site Tools


timemachine

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

timemachine [2013/01/21 10:01]
— (current)
Line 1: Line 1:
-====== File Server with TimeMachine support ====== 
- 
-===== Intro ===== 
- 
-TimeMachine is Apple'​s backup software. ​ It is included with Mac OS X and was introduced with the 10.5 "​Leopard"​ release of Mac OS X. The software is designed to work with the Time Capsule as well as other internal or external drives. TimeCapsule is (among other things) a wireless router with a built in hard drive. TimeCapsule will advertise the hard drive on the network and the TimeMachine on client Macs can use TimeCapsule as a storage. The nicest thing about this is that it works with a minimum of user configuration. 
- 
-Here is how to make your OpenWRT router behave like a Time Capsule. 
- 
- 
-===== USB ===== 
- 
-An external drive will be required, usually connected via USB. Check out [[doc:​howto:​usb.overview]] and [[doc:​howto:​usb.essentials]]. 
- 
-In short, do this: 
- 
-<​code>​ 
-opkg update 
-opkg install kmod-usb-uhci kmod-usb-ohci kmod-usb2 
-insmod usbcore 
-insmod uhci 
-insmod usb-ohci 
-insmod ehci-hcd 
-</​code>​ 
- 
-You may have to reboot. 
- 
-===== GUID support and File System ===== 
- 
-There are two possible types of layout of partitions on the drive, the older MBR and the newer GUID. Contemporary operating systems generally prefer GUID but most also also support MBR. Since version 12.09 (Attitue Adjustment),​ OpenWRT supports mounting GUID-formatted volumes but currently there are no disktools available for managing (i.e. formatting and manipulating partitions) such devices. 
- 
-Should your router die, you will want to plug the external drive to your Mac to recover the data. Pick a filesystem your Mac can at least read or you will need another machine (Linux?) for recovery. We will assume here that Mac's native HFS+ is used as file system but this is not compulsory. Find details under [doc:​howto:​usb.storage]]. ​ 
- 
-  * Plug your external drive into your Mac, lanch the harddisk utility and format as "Mac OS Extended (Journalled)"​ (no uppercase-lowercase options) 
-  * Turn off the disk's journalling by opening Terminal on the Mac and typing <​code>​ /​usr/​sbin/​diskutil disableJournal /​Volumes/<​name_of_volume></​code>​ 
-  * harddisk utility will now display the drive as "Mac OS Extended"​ and lets you re-format it without journalling if you need to 
-  * Before you mount the drive on OpenWRT you may disable writing to it if the disk is not plugged in. Assuming /mnt/shares is your preferred mount point: <​code>​ 
-touch /​mnt/​shares/​USB_DISK_NOT_PRESENT 
-chmod 444 /​mnt/​shares/​USB_DISK_NOT_PRESENT 
-</​code>​ 
-  * Plug the disk into your OpenWRT box and mount the drive. The Mac may have created a hidden extra partition of type FAT which you won't need. Therefore, the partitions you just created start from the second on the device. <​code>​ 
-mount -t hfsplus /dev/sda2 /mnt/shares 
-</​code> ​ 
-  * make sure the file system you just mounted is writeable<​code>​ 
-touch /​mnt/​shares/​testfile 
-</​code>​ 
-  * If an error occurs, check the logs with <​code>​logread</​code>​ to get your volume mounted 
-  * Modify /​etc/​config/​fstab to have the drive automount next time you plug it in. Here is an example entry in fstab:<​code>​ 
-config mount 
- option target /mnt/shares 
- option device /dev/sda2 
- option fstype hfsplus 
- option options rw 
- option enabled 1 
- option enabled_fsck 0 
-</​code>​ 
- 
-===== Users and Groups ===== 
- 
-At least one user password will be required for logging in. Netatalk has different ways of storing passwords, depending on the PAM used. DHX2 ignores /​etc/​netatalk/​afppasswd and uses the information in /​etc/​passwd. It is suggested you create a group with at least one user and assign privileges to the group instead of the user.  
- 
-<​code>​ 
-groupadd timemachine 
-chgrp -R timemachine /mnt/shares 
-adduser -G timemachine user_1 
-passwd user_1 
-</​code>​ 
- 
-Bug #12819 has it that netatalk will look up the user's password in /etc/passwd instead of /​etc/​shadow. Therefore, you must copy the hashed password of user_1 from the latter to the former file. Fields are separated by colons, the password is the second field in both files. After copying, the user's entry in passwd could look like this: 
- 
-<​code>​user_1:​$1$RPZ7VsrM$FsX8dDZ4GTLo3GjI2Uewj/:​1003:​1001:::</​code>​ 
- 
- 
-===== Netatalk ===== 
- 
-Netatalk speaks the Apple File Protocol (AFP) over the network. As of this writing, netatalk 2.2.1-4 is the version of choice. ​ 
- 
-<​code>​ 
-opkg install netatalk 
-/​etc/​init.d/​netatalk enable 
-</​code>​ 
- 
-Netatalk itself is configured via /​etc/​netatalk/​afpd.conf. Find the manpage http://​netatalk.sourceforge.net/​2.2/​htmldocs/​afpd.conf.5.html. All fields of a definition go in one line or you use escaped CRs. Here is one complete sample afpd.conf: 
- 
-<​code>​ 
-"​myShare"​ \ 
--uampath /​usr/​lib/​uams \ 
--uamlist uams_dhx2.so uams_clrtext.so \ 
--nodebug \ 
--nouservol \ 
--icon \ 
--nosavepassword \ 
--mimicmodel RackMac \ 
-</​code>​ 
- 
-The uamlist should mention the DHX2 as the first module so it is tried first. DHX2 is the authentication method of choice for the Mac, although it is not perfectly secure and requires so much computing effort that a login procedure is likely to take about 25 seconds in which your router will be 100% busy. 
- 
-The volumes netatalk will make available are defined in /​etc/​netatalk/​AppleVolumes.default. See the manpage http://​netatalk.sourceforge.net/​2.2/​htmldocs/​AppleVolumes.default.5.html for details. 
- 
-These entries in AppleVolumes.default should do: 
-<​code>​ 
-:DEFAULT: allow:root dbpath:/​mnt/​shares/​AppleDB/​$v options:​upriv ea:ad 
-:​DEFAULT_CNID_SCHEME:​ dbd 
- 
-/mnt/shares Sleeky allow:​root,​@timemachine rwlist:​root,​@timemachine cnidscheme:​dbd options:​searchdb,​tm 
-</​code>​ 
- 
-A little bit of background on the CNID scheme: The AFP protocol mostly refers to files and directories by ID and not by name. Netatalk needs a way to store these ID's in a persistent way. To achieve this several different CNID backends (cdb, dbd and last) are available. The first line of above config file points to a CNID database right on the shared volume. Make sure the DB is located in a safe place, i.e. not in /tmp or /var. The destination directory must also be created and access permissions must be assigned: 
-<​code>​ 
-mkdir /​mnt/​shares/​AppleDB 
-chgrp timemachine /​mnt/​shares/​AppleDB 
-chmod g+rwx /​mnt/​shares/​AppleDB 
-</​code>​ 
- 
-The volume you will share is named "​Sleeky"​ in the above example. ​ 
- 
-Start up netatalk and check the log for errors. 
-<​code>​ 
-/​etc/​init.d/​afpd start 
-logread 
-</​code>​ 
- 
-Open the Finder on your client Mac and connect to your router by hitting COMMAND-K. Enter "​afp:​\\<​your OpenWRT router> as server address in the popup dialog. Authenticate as user_1 with the password you assigned. Again, mind that logging in may take some time. If login is not successful, check the syslog. You may also replace the -nodebug statement in /​etc/​netatalk/​afpd.conf with <​code>​-setuplog "​default log_maxdebug <​logfile>"​ \ </​code>,​ try again and check that log. Should you get a popup on your Mac that complains about the CNID database being corrupt, make sure the group you use for accessing (here:​timemachine) has write permissions all through the CNID database directory: 
- 
-<​code>​chgrp -R timemachine /​mnt/​shares</​code>​ 
- 
-You should now be able to read and write to the shared drive. Note that a file user_1 created may not be deleted by user_2 unless the group has write permissions on the file. For new files, this can be controlled by the UMASK of user_1. 
- 
-===== Avahi ===== 
- 
-Avahi implements a protocol known as Zeroconf or Bonjour to advertise your volume on the network. Netatalk 3.0+ will be able to do its own advertising. 
- 
-<​code>​ 
-opkg install avahi-daemon 
-</​code>​ 
- 
-Avahi is configured via /​etc/​avahi/​avahi-daemon.conf,​ see http://​linux.die.net/​man/​5/​avahi-daemon.conf. At this time, only two lines need editing: 
-<​code>​ 
-host-name WRTCapsule 
-enable-dbus=no 
-</​code>​ 
- 
-The host-name will be displayed on client computers before logging in. Turning off dbus is required to make Avahi read the services files before using dbus to contact Netatalk. ​ 
- 
-What exactly Avahi advertises is controlled via the files in /​etc/​avahi/​services. The netatalk service is defined in afpd.service. 
- 
-Start Avahi and enable its startup when the router bootstraps. 
-<​code>​ 
-/​etc/​init.d/​avahi-daemon start 
-/​etc/​init.d/​avahi-daemon enable 
-</​code>​ 
- 
-Again, theck the log for errors. If everything worked, you should now see your server (WRTCapsule) in a Finder window on the left hand side under "​shared volumes"​. ​ 
- 
-===== Dbus ===== 
- 
-You can also use d-bus for communication between Netatalk and Avahi. Remove the "​use-dbus=no"​ statement from /​etc/​netatalk/​afpd.conf. Avahi will now prefer dbus over the configuration in its system folder. ​ 
- 
-Add one entry in /​etc/​dbus-1/​system.conf to allow Avahi to connect to Dbus: 
-<​code>​ 
- <​policy context="​default"> ​                                       
-    <!-- All users can connect to system bus --> ​                   
-    <allow user="​*"/> ​                                                   ​ 
-                                                                          ​ 
-    <!-- Holes must be punched in service configuration files for  ​ 
-         name ownership and sending method calls --> ​               
-    <deny own="​*"/> ​                                               ​ 
-    <allow own="​org.freedesktop.Avahi"/> ​ <!-- add this line --> 
-    <deny send_type="​method_call"/>​ 
-    ... 
-</​code>​ 
- 
-Find more information on Dbus under http://​linux.die.net/​man/​1/​dbus-daemon-1 (including options for system.conf). 
- 
-Stop netatalk, avahi and dbus and start them in the order dbus - avahi - netatalk. 
- 
-===== Configure TimeMachine ===== 
- 
-You can now use the TimeMachine preferences pane on your client Mac to define your advertised volume as destination drive. TimeMachine will also save your user and password for write access. 
- 
-===== Restore From Your Server ===== 
- 
-If the harddisk of your Mac dies and needs reinstallation through TimeMachine,​ your crippled Mac must first see your OpenWRT box. Boot your Mac with a DVD or similar, open a Terminal and type  
-<​code>​mkdir /​Volumes/​TimeMachine 
-mount -t afp "​afp://<​nslug_ip>/​Sleeky"​ /​Volumes/​Sleeky 
-</​code>​ 
- 
-You can then use TimeMachine to read back all your saved data from the remote drive. 
- 
  
timemachine.1358758868.txt.bz2 · Last modified: 2013/01/21 10:01 (external edit)