Using Linux to provide Macintosh services

By Stew Benedict | Oct 7, 2000 | Print this Page
http://www.enterprisenetworkingplanet.com/netos/article.php/10951_624251_2/Using-Linux-to-provide-Macintosh-services.htm

Linux is a handy piece of glue to tie together a network of disparate machines/OSs. Much work has been done by Linux developers to ensure that Linux machines can coexist with NetWare, the other 'nixes, Windows, and MacOS. In this article, I will outline how to use a Linux box (either an old Intel box or an old Macintosh) to provide file/print/mail services for a network of Macintosh machines. This can even be a headless box with no monitor tucked away in a closet or under a desk and administered remotely.

Why Linux?

There are several reasons to go with a Linux solution. For starters, Linux is free or nearly free. (You can download a distribution from the Web, or pick one up for a few bucks.) Second, it's open source, which means all the source code is available; so, should you want to, you can modify for your needs. Third, you can run Linux on old hardware that may not be up to snuff for your current projects, provided you don't run X. (X is the GUI, windowed environment for Linux, much like Microsoft's Windows or MacOS.) Finally, Linux is known for its stability. Uptimes for Linux servers are usually quite long, measured in months or more, aside from power failures or planned hardware upgrades.

Files and resources

File and print services for Macintoshes are provide by the netatalk package. You can download source code from ftp://ftp.cobaltnet.com/pub/users/asun/release/. If you like RPMs, an RPM for Red Hat-style systems (Red Hat, Mandrake, LinuxPPC, YellowDog Linux) can be downloaded from http://rpmfind.net/. They also have versions for Sparc and Alpha, as well as a SuSE version for ix86.

A number of netatalk RPMs exist, even at rpmfind.net. I know for sure the following ix86 RPM works. I'm hoping the PPC one also works, because it is the same version:

You can also find a netatalk guide at http://thehamptons.com/anders/netatalk. The referenced guide goes into detail about setting up netatalk. There is also an abbreviated guide for the impatient. Some steps in this guide seem unnecessary, so I've omitted them here.

Be careful about the various versions floating around the Web. Two or three that I downloaded did not work properly with shadow passwords, and I could only log in as the "guest" user. The ix86 RPM version mentioned above works fine.

Getting started

In this article, I'm going to assume you've already gotten Linux up and running with networking and that you have downloaded the aforementioned RPM. I will highlight the configuration needed for a basic installation that provides a public, shared area and lets each user access their home directory on the server (Each user will need an account on the Linux server.) In addition, I will show you the configuration file for sharing two networked printers: a Nec Silentwriter 95 B&W postscript printer and an HP693C color inkjet. From these examples, you should be able to expand your services as needed by your organization.

At the Linux kernel level, you will also need to make sure you have Appletalk support either in your kernel or as a module. If it's a module, you can activate it with:

insmod appletalk    (as root)

First there is a config file, /etc/atalk.config, which you can leave as is or edit to give your server a name. By default it gets the Linux server's network name, I edited it like this:

# Appletalk configuration
# Change this to increase the maximum number of clients that can 
connect:
AFPD_MAX_CLIENTS=5
# Change this to set the machine's atalk name:
ATALK_NAME=OmniBook
# Set which daemons to run:
PAPD_RUN=yes
AFPD_RUN=yes
# Control whether the daemons are started in the background
ATALK_BGROUND=yes

As you can see, you can also control the number of clients and which daemons are run. papd is for print services, whereas afpd is file services.

For file services, you need to edit AppleVolumes.default to describe the shares you are making available to the client machines. In addition, because of the way the Macintosh splits files into the data and a resource fork, you need to describe the relationship between extensions and files, so the Macintosh will correctly recognize the files. The included AppleVolumes.system has a number of extensions, described in the following sections.

/etc/atalk/AppleVolumes.default

~                 "Home"
/opt/appleshares        "Apple Group Share"   

This directory should have open rw settings for all users:

chmod gao+rw /opt/appleshares         (as root)

I set the ownership to ftp.users:

chown ftp.users /opt/appleshares     (again as root)

Here is a snippet of /etc/atalk/AppleVolumes.system:

# Last Updated July 8, 1999
# Use at your own risk. No guarantees express or implied.
#
.        "TEXT"  "ttxt"      ASCII Text                     
SimpleText                text/plain

.mf       "TEXT"  "*MF*"      Metafont                       Metafont
.sty      "TEXT"  "*TEX"      TeX Style                      Textures
.psd      "8BPS"  "8BIM"      PhotoShop Document             Photoshop
.pxr      "PXR "  "8BIM"      Pixar Image                    Photoshop
.sea      "APPL"  "????"      Self-Extracting Archive        Self 
Extracting Archive
.apd      "TEXT"  "ALD3"      Aldus Printer Description      Aldus 
PageMaker
.pm3      "ALB3"  "ALD3"      PageMaker 3 Document           PageMaker

You get the picture. This file is quite large and outlines many of the various file types known to an Apple system.

You also need to verify or add the following lines in /etc/services:

rtmp             1/ddp     # Routing Table Maintenance Protocol
nbp             2/ddp     # Name Binding Protocol
echo             4/ddp     # AppleTalk Echo Protocol
zip             6/ddp     # Zone Information Protocol
afpovertcp         548/tcp # AFP over TCP put
afpovertcp          548/udp

You can also make an entry in /etc/afpd.conf if you like, with a welcome message to users logging on:

--loginmesg "Welcome to OmniBook at AYSNet"

When I bought an iMac, I was somewhat surprised to find that printer drivers for Macintoshes are not commonplace. I already owned an HP693C printer that was perfectly functional, but unfortunately, it had no drivers for Macintoshes. Linux and netatalk proved to be a cheap fix in this case. On the Macintosh end, I selected a color Postscript driver for the Color LaserWriter 12/600. I then configured papd to pass this postscript output through ghostscript and convert it to the native pcl language that the HP printer expected. Because Linux, like other Unixes and Macintoshes, considers Postscript to be the traditional print language, most Linux distributions come with a full complement of conversion tools to convert Postscript to native printer formats.

/etc/atalk/papd.conf

Nec Silentwriter 95:\
    :pr=|lpr -Psilentwriter:op=imac:\
    :pd=/etc/atalk/nec95.ppd:

HP DeskJet 693C:\
    :pr=|lpr -PDeskJet:op=imac:\
    :pd=/etc/atalk/claser.ppd:

These printers have already been set up on the Linux side. What we are doing here is telling the papd daemon the name of the .PPD file the Macintosh is going to use as a printer driver, and which Linux print queue to pass the job to. The PPD files can usually be found on your MacOS CD or from the various printer manufacturers' sites. As you can see, I'm user a color laser printer driver for the DeskJet; ghostscript on the Linux side will take care of converting the postscript to the native language the printer wants to see.

Assuming you have a Red Hat-style init setup, you can start the services with:

/etc/rc.d/init.d/atalk start

Give this a few minutes to start up, as atalkd scans your network initially.

Now you're ready to try things out from the Macintosh side. Assuming you already have AppleTalk and TCP/IP configured on the Mac, open the Chooser and choose AppleTalk. You should see the name of your server in the list on the right hand side, as shown in Figure 1.

Figure 1: Select AppleTalk in the Chooser.

Converting PPD files

I had to convert the PPD files from Mac-style text to Unix style, or papd complained about long lines. The Alpha editor on the Macintosh did this job nicely. (This is a powerful programming editor that can be downloaded from ftp://mojo.cs.umd.edu//Alpha/packages/.) You should have already tested Postscript printing to the device from Linux. printtool on Red Hat-based systems is good for setting up and testing printers. You may have to fine-tune some settings on the Mac side as far as fonts, but for the most part you are ready to go.

Select the server and click OK. After a brief verification, you should see the available shares--in this case, Home and Apple Group Share, as shown in Figure 2.

Figure 2: The available shares.

For the group share, you can log in as guest without a password. But for Home, you need to enter your username and password, used on the Linux system (see Figure 3).

Figure 3: Log in with your username and password.

When you're logging in to the group share, your password must be eight characters or less. I also noticed that the Macintosh would pull up my whole name, rather than my username, so I had to overwrite it.

You have the option of mounting the shares automatically at boot, if you desire. Once the share is mounted, you should have a B&W globe and network cable icon on your desktop for the shared folder (see Figure 4). You can unmount by dropping it in the trash.

Figure 4: This icon appears on your desktop when the share is mounted.

To use the printers, select them as needed from the same Chooser menu, as shown in Figure 5.

Figure 5: Select the printer you want to use.

Other services

E-mail services are generally a given with a Linux distribution. To set up multiple mailboxes for your Macintosh users, simply create user accounts on the Linux server (which you have already done if you've set up the users for Appletalk shares) and configure the mail client software to point to the server. You can then queue up the mail on the Linux server and send/receive in batches; or, if you are connected 24/7, send the mail as it is submitted.

Web services are also a given, and with a properly configured Apache Web server, each user can have a shared Web resource on the Linux server. For a user named joemac, the resource would be under http://lserver.mydomain.com/~joemac.The user simply needs to drop a Web page named index.html in his public_html directory on the Linux fileserver, and he can have his own personal Web page.

To enable this functionality under Apache, be sure that the following lines are configured in /etc/httpd/conf/http.conf:

UserDir         public_html 
DirectoryIndex     index.html index.htm

Also be sure the public_html directory under the user's /home has the following permissions:

chmod 755  /home/joemac/public_html

By using ipchains, the Linux server can be the gateway to your Internet connection, allowing multiple users to access the Internet simultaneously through one modem, DSL, or other connection. Ipchains provides masquerading and firewalling so the client machines are protected from intruders. For an additional level of security, a second box should be set up as the firewall/gateway, so the fileserver is also insulated from the net.

Limitations

Currently, Linux does not support the HFS+ filesystem used by MacOS. This is a limitation only if you are trying to access Macintosh partitions from the Linux side. For sharing Linux partitions to Macintoshes, this has no impact.

Some Macintosh hardware does not work well with PPC Linux. In particular, the following models are not recommended, due to the NuBus architecture:

  • Apple Performa/Power Mac 5200, 5300, 6200, 6300
  • Apple Power Mac 6100, 7100, 8100
  • Apple PowerBook 1400, 2300c, 5300
  • Apple Workgroup Server 7150, 8150, 9150
  • Radius 81/100
  • Power Computing's Power 100
  • All 68000, 68020, 68030, and 68040 models

Also, because Apple changes the hardware subtly with each new machine, Linux developers usually have to scramble to keep up with the latest changes. As a result, you may have to wait a few weeks for full support on a brand new machine.

Other tools

VNC stands for the opens source software package Virtual Network Computer. This is an interesting package, along the lines of PCAnywhere or Timbuktu; but it runs on several platforms, including Windows, MacOS, and Linux. This software allows a user or administrator to see and operate the desktop of a machine from a remote location across the network or the Internet. It was developed by ORL, which was subsequently bought by AT&T, but the program has remained open source. I have found it invaluable as a support tool-- it's great to be able to pull up a user's desktop and help them through a problem without having to go to their office.

VNC can be downloaded here: http://www.uk.research.att.com/vnc/. While writing this article, I used it to pull up my Macintosh desktop and do the Mac- side work while writing on my laptop, which served as the Appletalk server.

CrossLinks

Conclusion

I hope this article has given you some insight as to the possibilities of integrating a Linux server into your Macintosh network. For almost no software cost, you can provide a wealth of services to your Macintosh machines, and at the same time learn a little about what the Linux hubbub is all about. If you are uncomfortable with working at the command line, Linux may take a little getting used to; but an increasing number of tools wrap some of the administration of Linux in a GUI. //

Stew Benedict is a systems administrator for an automotive manufacturer in Cleveland, Ohio. He also is a freelance consultant and running or through AYS Enterprises, a company specializing in printed circuit design, MSAccess solutions for the Windows platforms, and utilizing Linux as a low-cost alternative to commercial operating systems and software. He has been using and promoting Linux since about 1994. When not basking in the glow of a CRT, Stew enjoys time with his wife, daughter, and two dogs at his future (not too much longer!) retirement home overlooking Norris Lake in the foothills of the Smokies in Tennessee.